Service resilience
Over the last 5 years, our cloud services have maintained an average uptime of 99.98%. That said, it is still essential to understand the impact of a possible interruption on you. Our cloud services have three main functions:
-
Product configuration
-
Microsoft Graph notification subscription and relay service
License validation and product configuration are both one-off actions performed when a user signs in for the first time to map their drives. As such, an outage would have to coincide with this exact moment for there to be an issue. If it occurs, the user will experience a temporary delay in accessing their mapped drives. OneDrive, SharePoint Online and Teams will all remain accessible via a browser; however, the affected user's mapped drives will not appear until our cloud services are back online. Drive mapping would not be affected if our cloud services experienced an outage while you or your users were already signed on.
The Microsoft Graph notification subscription and relay service is an ongoing process rather than a one-off action. If an outage were to occur during your online session, Cloud Drive Mapper (CDM) will stop receiving silent notifications from Microsoft Graph. These silent notifications alert CDM to changes in folders or files in Microsoft 365. An outage could result in a temporary delay between the local file system and Microsoft 365. However, CDM is not wholly vulnerable to outages of this kind as it also has an in-built system of triggering delta-checks for changes in the cloud. This happens based on internal timers and in response to different cues.
CDM is a robust solution built on a highly available architecture that has been designed in alignment with the Azure Well-Architected Framework. Key aspects of its architecture include the following:
Geographic architecture and high availability
CDM’s highly available architecture is based on service dispersion across three Azure geographic territories, which include Europe, the United Kingdom, and the United States. Each territory contains two paired Azure regions (for example, North Europe and West Europe). Each region contains at least one Availability Zone comprising physically separate data centers with their own infrastructure (independent power, cooling, and networking). The use of layered geography and resilient clustering helps minimize the impact of infrastructure failure.
Data classification and replication strategy
Architecturally, data is classified into two categories: personal data and system/application data (non-personal). Personal data remains in the territory of origin and is replicated within the same territory to provide redundancy whilst maintaining sovereignty. System data is geo-replicated across territories without restriction.
As a service provider, IAM Cloud is a Data Processor; we ingest and process a minimal amount of personal data supplied by you (the Data Controller) to support our services. The CDM cloud service itself does not process or store personal data.
For more information, see Your personal data.
Traffic management and fault tolerance
CDM and Iris (our centralized admin portal for CDM and other IAM Cloud products) communicate with our cloud services via Azure Front Door (AFD). When you interact with our cloud service, AFD evaluates which regional instance is healthy and closest to you, and routes traffic accordingly. If a region becomes unhealthy, AFD automatically reroutes traffic to another active region. This latency and health-based routing provides protection against infrastructure disruption and outage within Azure.
Operational monitoring and continuity testing
An extensive suite of monitoring capabilities provides real-time information on the health of our service components. If performance, availability, or latency deviates from expected parameters, alerts are generated for our Operations team to investigate and respond.
We reinforce CDM’s High Availability architecture with regular business continuity and disaster recovery testing. This includes validation and measurement of its geo-replication, failover, and database recovery capabilities.
Service resilience is a key priority for our organization. As part of this focus, we are exploring ways for CDM to continue operating for a defined period even if its cloud services become unavailable. We will keep you updated as we make further progress.
