Platform architecture
MoveData runs on Amazon Web Services (AWS) infrastructure across multiple regions. The platform uses small, independent services that respond to events to move data from fundraising platforms into Salesforce.
This article covers the infrastructure, security controls, data management, and operational practices behind the platform. For how these components fit together from a Salesforce perspective, see Architecture overview.
Audience
This article is for Salesforce administrators and technical stakeholders who need to understand MoveData's cloud infrastructure for security reviews, compliance assessments, or architectural planning.
Architectural principles#
MoveData's platform is built on four core principles:
- Cloud-native design — all services run as managed AWS resources, with no on-premises dependencies.
- Infrastructure as Code — all infrastructure is defined and deployed using AWS-native tooling. This ensures consistency and auditability.
- Multi-region high availability — services run across multiple AWS regions in an active-active setup to maximise uptime. Active-active means both regions handle traffic at the same time, so if one goes down, the other takes over.
- Zero-touch operations — automated scaling, failover, and recovery reduce the need for manual work.
Core infrastructure#
| Component | Detail |
|---|---|
| Hosting platform | Amazon Web Services (AWS) |
| Architecture pattern | Microservices (small, independent services) with event-driven processing |
| Deployment model | Multi-region active-active |
| Infrastructure management | Infrastructure as Code (AWS-native tooling) |
| Scaling | Auto-scaling with queue-based asynchronous processing |
| Load distribution | Managed load balancing across service instances |
Security architecture#
For a broader view of MoveData's security posture, including policies and certifications, see Security overview.
Data protection#
| Control | Implementation |
|---|---|
| Encryption in transit | TLS (Transport Layer Security) for all communications |
| Encryption at rest | AES-256-GCM encryption via AWS KMS (Key Management Service) |
| Key management | Automated key rotation using AWS KMS and Secrets Manager |
| Access control | Role-based access control (RBAC) with least-privilege policies. Each person can only access what their role requires. |
| Multi-factor authentication | Required for all critical systems |
Network security#
- Environment isolation — production and non-production environments are fully separated.
- Network monitoring — all network traffic and access patterns are monitored continuously.
- Vulnerability management — automated scanning using AWS security services and GitHub Dependabot catches known weaknesses early.
Compliance and auditing#
| Standard | Status |
|---|---|
| CSA STAR Level 1 | Certified |
| Salesforce Security Review | Continuous (AppExchange requirement) |
| GDPR | Compliant |
| Audit trail | Complete logging of all platform operations |
| Policy review | Annual |
For details on MoveData's legal and privacy policies, see MoveData Legal.
Data management#
Storage#
| Aspect | Detail |
|---|---|
| Primary database | Multi-site replicated with automated backups |
| Notification storage | Distributed storage with built-in redundancy |
| Data retention | 90-day hard limit — notification data is automatically deleted after 90 days |
| Backup frequency | Daily automated backups |
| Backup storage | Cross-region for disaster resilience |
| Recovery | Point-in-time recovery supported |
90-day data retention
MoveData automatically deletes notification data after 90 days. If you need to retain or export notification data for auditing or compliance purposes, ensure you have a process in place before this window expires.
Data processing#
- Customer isolation — each customer's data is kept separate, even on shared infrastructure.
- Scalable processing — services scale up or down automatically to handle changing workloads.
- Validation — MoveData validates data and handles errors at every processing stage.
Operational practices#
Development and deployment#
- Git-based version control with mandatory peer review for all changes.
- Automated testing at unit, integration, and security-scan levels.
- CI/CD (Continuous Integration/Continuous Deployment) pipelines with rollback capabilities.
- All changes go through staging environments before production deployment.
Monitoring and alerting#
- Real-time metrics collection across all services.
- Automated alerting on anomalies and threshold breaches.
- Machine-learning-powered log analysis for early issue detection.
- Capacity management and trend monitoring.
Business continuity#
| Capability | Detail |
|---|---|
| Availability model | Multi-region active-active |
| Failover | Automated |
| Data replication | Real-time across regions |
| Disaster recovery testing | Annual |
| Backup schedule | Daily, with cross-region storage |
| Recovery model | Point-in-time recovery |
Salesforce-side monitoring
For monitoring integration activity within your Salesforce org, including notification statuses and execution logs, see Salesforce architecture.
Related articles#
- Architecture overview — how MoveData's Salesforce components fit together
- Salesforce architecture — managed package structure, pipelines, and customisation framework
Other resources#
- Cloud Security Alliance assessment — summary of MoveData's CSA STAR listing
- Security overview — security policies, certifications, and compliance details
- MoveData Legal — privacy policy, terms of service, and data processing agreements