Architecture
Serverless and Fully Managed Services Our infrastructure is built on Amazon Web Services (AWS), utilizing serverless and fully managed services that allow us to focus on delivering innovative features
Last updated
Serverless and Fully Managed Services Our infrastructure is built on Amazon Web Services (AWS), utilizing serverless and fully managed services that allow us to focus on delivering innovative features
Last updated
We are proud to have completed and passed the AWS Foundational Technical Review, which further attests to our dedication to maintaining the highest standards in security, access control, and overall infrastructure management.
We primarily use AWS Lambda for our compute platform, complemented by other serverless offerings like DynamoDB, API Gateway, and S3.
Our database is powered by AWS Aurora, a fully managed relational database service that offers exceptional performance, scalability, and availability, while reducing the overhead of traditional database administration.
By leveraging serverless technologies and managed services, we transfer more of the shared responsibility to AWS and its top-tier engineering teams, which allows us to concentrate on bringing you the best features at a rapid pace.
We take data security seriously. All data within our platform is encrypted, both in transit and at rest, safeguarding your sensitive information at all times.
Our commitment to protecting your data is a top priority, providing you with peace of mind.
Our access control policies are designed to provide stringent security measures.
Each user is granted the specific permissions required for their tasks, ensuring a streamlined and secure environment.
In addition, we maintain comprehensive logs of any access to customer data, promoting transparency and accountability.
The serverless technologies we employ ensure that much of the redundancy is managed by AWS. Our database cluster is deployed across multiple physical locations, providing fault tolerance and high availability.
We take hourly backups and store them at alternative locations, retaining them for 7 days, while daily backups are kept for 30 days, offering further protection against data loss.
When using TilliT Edge connected to a SCADA or PLC, the Edge will have two Ethernet ports. One will be connected to the source system and need the OPC-UA port to be opened by the firewall. The second will be connected to the internet and will need outgoing ports 443, 8443, and 8883. These are outgoing ports so that external access can be blocked. TilliT Edge will read every minute the configured tags and publish an MQTT message to the cloud.
Users will use one of the four different clients: Web browser desktop, Mobile app, Excel Add-in, and ODATA connector. The web clients and Excel Add-in will authenticate using AWS Cognito Service. This will provide a token that is used to execute REST calls. The ODATA service for Excel and Power BI can be operated using Basic Authentication sent over the encrypted TLS. All access from the internet is protected by AWS Cloudfront that provides encryption and DDoS attack protection.
