Schedule a Call

Infrastructure & Resilience

Frequently asked questions about our infrastructure and resilience

What steps does Pinpoint take to ensure its systems are reliable and resilient?

Pinpoint’s processes, product, and infrastructure are designed to ensure redundancy, seamless failover, and the prevention of single points of failure.

Pinpoint offers a 99.5% uptime SLA, and our agreements with our customers outline service credits that we offer in case of an extended downtime. Historically, our actual uptime has been between 99.99% and 99.999%, and you can see our recent uptime data here.

How does Pinpoint ensure outages due to component failure do not occur?

Our infrastructure providers use a minimum of N+1 redundancy to power, network, and HVAC services.

The underlying technology of our application leverages primary node hot standbys with write-ahead logs being backed up to a secondary data centre that can also be used in the event of a large-scale failure impacting the entire database cluster.

How does Pinpoint ensure all my data is backed up and can be restored in case of a disaster?

The underlying technology of our application leverages primary node hot standbys with write-ahead logs being backed up to a secondary data centre that can also be used in the event of a large-scale failure impacting the entire database cluster.

Point-in-time backups of the production environment are also taken every 2 hours, encrypted, and stored in a separate data centre using a separate cloud service provider for added contingency. These backups adhere to the WORM (Write Once, Read Many) model and are held for 30 days.

What does Pinpoint do to monitor its systems?

Our application and all associated infrastructure are monitored on a 24×7 basis. We use a variety of tools to monitor our systems, including:

  • Intrusion detection and prevention: This provides real-time security monitoring, response, access logging, and the ability to enforce detection rules while proactively notifying our team of any abnormal service requests.
  • Infrastructure monitoring provides monitoring and alerting for CPU, Memory, Server Load, Disk space etc. These let us know if we’re experiencing issues with our underlying infrastructure.
  • Application performance monitoring (APM) provides code-level distributed tracing allowing us to detect and resolve issues efficiently, as well as optimise application performance.
  • Application Security Management (ASM) allows us to manage application security risk with continuous, real-time monitoring of vulnerabilities and threats
  • Real User Monitoring (RUM) provides insight into the application’s frontend performance from the perspective of real users

How does Pinpoint let customers know of any issues and keep them updated?

Pinpoint displays our real-time status and historical status here: https://status.pinpoint.support/

On the same page, you can also subscribe to updates so you will know if any issues come up.

Where is data stored?

Data is stored in our production infrastructure, split across our two hyperscale cloud service partners (AWS and Digital Ocean) across three data centre locations (Amsterdam, Dublin and London).

All data centres have been accredited under at least ISO/IEC 27001:2023 or ISO/IEC 27001:2013 and SOC 1,2.

What's Pinpoint's uptime commitment?

Pinpoint offers a 99.5% uptime SLA, and our agreements with our customers outline service credits that we offer in case of an extended downtime. Historically, our actual uptime has been between 99.99% and 99.999%, and you can see our recent uptime data here.

How does Pinpoint comply with secure development best practices?

We have a documented Software Development Life Cycle (SDLC) and Secure Development policy in place that defines the tools and processes we use when developing our solution, aligned to industry standards and best practices such as the OWASP Top 10.

Our Secure Development Policy sets out our process for risk assessment in the development process, the risk treatment methodology, how we secure our development environment, secure engineering principles and minimum security standards that must be complied with (e.g. OWASP Top 10).

All changes to the codebase are developed in line with our secure engineering principles, and the associated code and all changelog information is tracked via branch in our version control system.

Prior to deployment, every code change goes through a process of manual code review as well as a suite of automated tests. SAST is used in our CI pipeline and automated testing must be passed in order for us to deploy.

How often is there planned downtime for system upgrades?

All upgrades to systems are hot deployed so there is no downtime during routine system upgrades.

Security & Privacy at Pinpoint

See our full list of related resources about how we keep your data secure.