Priceless Reliability
Winmill hosts eMembership in our high-availability data center. We focus on the hardware, software, operating systems, security patches, system monitoring, bandwidth, backups… while you focus on your core business.
We host hundreds of applications for clients ranging from small local unions to massive commercial banks. Our data center maintains SOC 1 (SSAE18/ ISAE3402), SOC 2, HIPAA, and PCI DSS compliance. It is fully audited, highly redundant and vigorously secured.
Because eMembership is internet based, authorized users can access it anytime, from anywhere. We make sure that it is running 24/7. Access it from the office, home, airport or hotel room. Job stewards can access it from a job site using an iPad or mobile phone. Your data at your fingertips, whenever you need it.
Welcome to a world where you’ll no longer worry if your server is secure, or if your backup ran last night. Welcome to the cloud. Welcome to eMembership.
Managed Services Support
Winmill provides all managed services necessary to ensure that eMembership servers remain operational and highly available. Recovery from hardware failures, environmental control failures, and application server failures is included at no additional charge.
Security
Winmill utilizes state-of-the-art clustered firewalls as the first line of defense against Internet-based attacks. The clustered configuration provides a high level of up-time and resiliency to failure. If one firewall fails in a cluster, the other firewall automatically takes over in less than 3 seconds.
Our infrastructure is designed to be highly secure, and is managed by our team of certified security engineers. Besides using high-end firewalls, we constantly monitor web traffic, database activity and application activity to proactively prevent unauthorized access. We build security into every level of the application architecture.
Our data center maintains SOC 1 (SSAE18/ ISAE3402), SOC 2, HIPAA, and PCI DSS compliance.
We perform application vulnerability scans on our eMembership system (both dynamic and static code scanning), as well as code reviews. Our cyber security and data center department is overseen by a CISSP and CISA certified Director who works very closely with our software development department; these departments have collectively constructed a secure coding methodology and Secure DevOps infrastructure that ensures security is built into our applications from the ground up. All data is encrypted in transit, and any PII data (including SSN) is encrypted at rest. Although we process credit cards, we use third party processors such as authorize.net or EPN to do so; we do not store credit card numbers in our systems.
Base Architecture
As part of the base architecture for the eMembership hosting environment, Winmill provides the following:
- 1Redundant Power – Power is backed up by redundant generators and redundant UPS systems.
- 2Redundant switching – Redundant gigabit switches prevent a single point of failure in the network architecture.
- 3IP Addresses – Winmill provides all necessary public and private IP addresses.
- 4Monitoring – Winmill provides 24/7 automated monitoring of the eMembership servers. Monitoring includes system health, URL availability and bandwidth usage.
- 5Internet Bandwidth – Winmill provides 1 megabit per second to the Internet from the hosting facility, metered at the 95th percentile. The connection to the Internet is redundant to ensure no single point of failure.
- 6Emergency Contacts – Winmill provides emergency contact information for use in the case of application problems.
- 7Systems Support – Winmill, in concert with our facility provider, keeps the hosting facility staffed 24/7 to ensure that client applications are functioning correctly. If there is a problem that causes an application outage, onsite staff will be able to immediate address the issue.
- 8Environment – Redundant HVAC, and massively redundant high speed peering connection to the Internet backbone.
- 9Physical Security – 24/7 manned facility. Physical security requiring multiple combinations of swipe cards, fingerprint scanners, facial geometry scanners, locked cages and cabinets.
Servers
Winmill provides all servers in the hosting facility to run eMembership. Servers are upgraded every 3-4 years at no additional charge. Winmill assumes full responsibility for maintaining server hardware. We provide 24/7 monitoring of the operating system and hardware. We are responsible for all operating system upgrades and patches.
Application Architecture
eMembership is built in Microsoft .NET, runs on a Windows application server and uses a Microsoft SQL server database. Winmill maintains licenses for all requisite operating systems, web servers and database servers.
We apply security patches and hot fixes to the application itself, the .NET framework and the SQL Server database.
Data Backups
Winmill backs up all client files and databases to an electronic vault located in an offsite location. Each night, a backup of the key server data is created and the data vaulting service encrypts and copies the data offsite.
“Working with Winmill’s eMembership team was a pleasure. The team was efficient and pleasant, and eager to make sure we built the database into something useful for us. Taking an ‘out of the box’ template and building it to work for our Local was exactly what we needed.”
”eMembership has enabled us to run our operations and to engage with our members in ways we never thought possible. It supports our membership team, finance team, organizers, field reps and executives, saving us valuable time and increasing collaboration across our staff. We didn’t think we would find a vendor that could accommodate our highly specific set of requirements, but the Winmill team has exceeded our expectations every step of the way.”
