Architecture Overview
Discover how Testlify’s advanced IT security measures safeguard your sensitive information against unauthorized access, phishing attacks, data breaches, and new threats.
Chat infrastructure for secure conversational assessments
Accessing conversational assessments is made easy for candidates via any modern browser with Testlify’s secure chat infrastructure. With security features in place, candidate data is processed and protected while connecting to secure servers for file sharing, code writing, compiling, and interaction with Testlify’s chatbot, Ada. Our chat infrastructure is composed of several elements:
Secondary data storage servers
Secondary elements of a conversation with Testlify’s chatbot, which improve the user experience or aid in the overall conversation, are called metadata. This includes files submitted by the user and proctoring information gathered during the assessment. Specific storage services are allocated based on function and format. Storage servers equipped with sync support and version history are assigned to relevant data such as coding editors utilized during the chat.
Database for primary conversation data
Testlify stores the primary conversation data, including vital assessment information for administering the test and scoring the candidate’s performance, in a MySQL-backed database service that is sharded and replicated as necessary to meet performance and high availability demands.
Database for organizational information
Testlify stores organization information, such as assessment data, customizations, settings, and secure candidate authentication information, in a MySQL-backed database service that is sharded and replicated as necessary to meet performance and high availability requirements.
Metadata management servers
Text: Metadata servers are responsible for processing, cleaning, and serving the secondary data collected during assessments.
Chat servers for automated data processing
Testlify’s chat servers are designed to automatically scale during concurrent conversational assessments. They handle the data processing, data synchronization, and logic for all primary data collected during assessments.
Auto-scale compiler services
Testlify supports over 30 programming languages in its conversational assessments, and to enable concurrent code execution and compilation functionality for candidates, a separate service dedicated to supporting code compilers is employed. Testlify’s compiler services are maintained on an auto-scale infrastructure.
Dashboard/ App infrastructure
Testlify offers a user-friendly dashboard accessible through web and mobile clients or third-party applications that are integrated through our APIs. Our secure servers ensure that recruiters can access and manage their candidate pipeline, test library, candidate scorecards, and invites. Our dashboard infrastructure is composed of several components:
Metadata storage servers: Testlify uses dedicated storage services to store different types of secondary data collected during the conversational assessment, such as proctoring information and user-submitted files. This metadata is used to generate scorecards and is stored based on function and format.
Chat databases: Primary chat information is stored in a MySQL-backed database service that is sharded and replicated to ensure high availability and performance. This information is used to score candidates’ performance and is reported in real-time to recruiters.
Organization databases: Testlify stores organization information in a MySQL-backed database service for access management, assessment storage, and administration purposes. These databases are also sharded and replicated to meet high availability and performance requirements.
Secondary app servers: Testlify’s secondary app servers automate recruiters’ workflows with tasks such as scheduling and running automated notifications, monitoring conversational assessments, ending unended sessions, and canceling unused invites. Customizable sub-services ensure recruiters can use their credits and send reminder emails to inactive candidates and custom test request email notifications.
Primary app servers: Testlify’s primary app servers are built to scale automatically based on recruiters’ usage. They are responsible for data processing, data synchronization, and data access. These servers ensure security at every level and can only be accessed based on users’ roles and permissions.
Ensuring secure practices
Our engineering team continuously works to innovate and implement secure practices throughout every layer of our applications. Here are some common segments:
Data centers: Testlify production systems are housed in third-party data centers and managed service providers in the United States. Third-party service providers manage physical, environmental, and operational security controls, while Testlify ensures the logical, network, and application security of our infrastructure.
Encryption: Testlify encrypts data at rest using 256-bit Advanced Encryption Standard (AES) and uses Secure Sockets Layer (SSL)/Transport Layer Security (TLS) for data transfer. This creates a secure tunnel protected by 128-bit or higher AES encryption, ensuring that data in transit between Testlify clients and our servers remains secure.
Certificate pinning: Testlify uses certificate pinning to guard against skilled hackers who may try to spy on your activity. This extra check ensures that the service you’re connecting to is genuine and not an imposter.
Perfect forward secrecy: Testlify implements perfect forward secrecy to ensure that private SSL keys cannot be used to decrypt past Internet traffic, adding an extra layer of protection to encrypted communications.
Key management: Testlify’s key management infrastructure is designed with operational, technical, and procedural security controls, ensuring that key generation, exchange, and storage are decentralized for secure processing.