BasicGov operates on Salesforce.com's internationally respected Force.com Platform. Our clients benefit from high performance and reliability, and the Force.com Platform offers levels of data security, scalability and integration characteristic of the most sophisticated IT solutions available.

This performance comes at a very affordable price: all that is needed to run BasicGov is an Internet connection and web browser.

Details

Performance you can count on

• Salesforce.com has three service centers across North America, operating with dedicated, carrier-class bandwidth and multigigabit IP transit for external customer traffic.
• Identical customer data replication at all three centers ensure that performance and service levels are not affected if operations fail over to a backup data center.

Your data is always available

• All networking components, SSL accelerators, load balancers, web servers and application servers are configured in a redundant configuration. All customer data is stored on a database served by a database server cluster for redundancy. All customer data is stored on carrier-class disk storage using RAID disks and multiple data paths. Each night, all customer data, up to the last committed transaction, is automatically backed up to a primary tape library. Backup tapes are immediately cloned to verify their integrity, and the clones are moved to secure, fire-resistant, off-site storage on a regular basis.
• If the Salesforce.com production facilities are unavailable, Salesforce.com has an agreement with a third party to obtain access to a geographically remote disaster recovery facility – along with required hardware, software and Internet connectivity. Salesforce.com has disaster recovery plans in place and tests them in its QA environment each quarter and off-site with the third-party provider each year.

Security you can trust

• Physical Security. Salesforce.com's production equipment is located in Sunnyvale, California at a facility that provides 24-hour physical security, palm print and picture identification systems, redundant electrical generators, redundant data center air conditioners, and other backup equipment designed to keep servers continually up and running.
• Perimeter Defense. The network perimeter is protected by multiple firewalls and monitored by intrusion detection systems sourced from industry-leading security vendors. In addition, Salesforce.com monitors and analyzes firewall logs to proactively identify security threats. Salesforce.com also contracts with a third-party security firm that proactively monitors security configurations for changes, vulnerabilities, and errors and regularly conducts vulnerability threat assessments including penetration tests.
• Data Encryption. Salesforce.com uses the strongest encryption products to protect customer data and communications, including 128-bit VeriSign SSL Certification and 1024-bit RSA public keys. The lock icon in the browser indicates that data is fully shielded from access while in transit.
• User Authentication. Users access Salesforce only with a valid username and password combination, which is encrypted via SSL while in transmission. Users are prevented from choosing weak or obvious passwords. An encrypted session ID cookie is used to uniquely identify each user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals.
• Application Security. A robust application security model prevents one Salesforce.com customer from accessing another's data. This security model is reapplied with every request and enforced for the entire duration of a user session.
• Internal Systems Security. Inside of the perimeter firewalls, systems are safeguarded by network address translation, port redirection, IP masquerading, non-routable IP addressing schemes, and more. The specific details of these features are proprietary.
• Operating System Security. Salesforce.com enforces tight operating system-level security by using a minimal number of access points to all production servers. Operating system accounts are protected with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols and processes.
• Database Security. Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is restricted to a limited number of points, and production databases do not share a master password database.
• Server Management Security. All data entered into the Salesforce application by a customer is owned by that customer. Salesforce.com employees do not have direct access to production equipment, except where necessary for system management, maintenance, monitoring and backups. Salesforce.com does not currently use any managed service providers, and the company's systems engineering team provides all system management, maintenance, monitoring and backups.

A multitenant platform that can grow with you

• All users and applications share a single, common infrastructure and code base that is centrally maintained. Customers share the same physical instance and version of an application. Individual deployments of those applications occupy virtual partitions rather than separate physical stacks of hardware and software. These partitions store the metadata that defines each organization's business rules, fields used, custom objects and interfaces to other systems.
• Three state-of-the-art data centers feature carrier-class bandwidth and the latest infrastructure already configured to serve more than a million subscribers. Salesforce's true multitenant architecture provides the same functionality to all customers, large and small.

Integrated

• Your application can have programmatic access to the secure Salesforce platform via the Saleforce web services API. Overview of operations include: Login, query, and update. Connections are secure and users are authenticated via username, password and security token.
• Synchronous updates can be made through the API via standards:
  • SOAP 1.1 compliant
  • WSDL 1.1 compliant
  • WS-I Basic Profile 1.1 compliant
  • Asynchronous messaging is available via: HTTP/S and X.509 Certificates

More resources

Questions about SaaS
Trust.salesforce.com
Multitenant Platforms – The Key to On-Demand Success
Salesforce Enterprise Integration Series – Overview (multimedia presentation)
Creating Applications with the Force.com Platform
Apex Code - First On-Demand Programming Language