Skip to main content
All CollectionsIT & Security
Infrastructure & Security Overview
Infrastructure & Security Overview

This article is intended to provide a high-level overview of the Lablogs platform infrastructure.

Chad Hartz avatar
Written by Chad Hartz
Updated over a week ago

Cloud-based Solution

Lablogs is a cloud-based web solution that requires no servers, installation or infrastructure maintenance by your IT team.

Lablogs utilizes AWS' "Infrastructure-as-a-service" offerings to achieve a scalable and secure solution. More can be read about AWS' offerings here: https://aws.amazon.com/solutions/ .

Electronic Lab Logs Inc. does not own or maintain any on-premise servers to support our solution. By allowing AWS to provision and maintain all physical infrastructure, we can achieve a more scalable and secure solution to benefit our customers.

Redundancy

All EC2 and RDS instances are hosted in a minimum of 2 availability zones (usually more) to ensure minimum downtime in the event of an outage. EC2 Auto Scaling Groups are configured for multiple availability zones, and if one instance or zone becomes unavailable, traffic will automatically be routed to another instance.

RDS Aurora MySQL Database

All production database instances are clustered and contain multiple readers in different availability zones. Nightly backups are taken, and stored across different zones. All databases have "encryption at rest" enabled, are located in a private subnet, and are not publically available.

For non-SSO implementations, passwords are hashed using an SHA256 encryption algorithm before being stored, to ensure they cannot be used maliciously.

Document Storage

Lablogs utilizes S3 to store any documents you attach. More can be read on amazon s3 here https://docs.aws.amazon.com/AmazonS3. Public access to this bucket is disabled. Document access is controlled through our API via REST and a valid Access Token is required to add, view or remove any documents.

If a document is successfully uploaded to S3, any revisions (including delete actions) are kept for 6+ months in the event that is is removed or updated by mistake.

SSL/TLS

Only SSL-encrypted traffic is allowed to reach the Application Load Balancer and public subnet (Only port 443 is enabled within the routing rules). A valid SSL certificate is configured (*.lablogs.co) and being used for all web traffic that originates from the application.

Operating Systems

Amazon Linux 2 64bit OS Docker image for Web and Worker EC2 instances, which are patched regularly.

Languages and Frameworks

  • Angular Web framework.

  • Node 16/Express API layer.

  • MySQL Database engine.

Routine patches and Vulnerability scans are conducted.

SSO Integration is available

Lablogs supports SAML-based identity federation with most Identity Providers. When implemented, your Lab's IT department controls basic user access to the system. MFA, Password reset rules, etc. are all controlled through your Identity provider.

You can read more about the steps to configure SSO integration below:

http://help.lablogs.co/en/articles/6408311-lablogs-co-sso-configuration-settings

Please contact our implementations team to get started.

Did this answer your question?