top of page
Color logo with background.png
Contaminated Land Worksite

How EnviroAutomate is built,
hosted, secured, and operated

Technology and Architecture

How EnviroAutomate is built, hosted, secured, and operated

EnviroAutomate is purpose-built environmental software, not a general-purpose tool with a skin. This page summarises how the platform is built, where your data lives, how we protect it, and how we keep it running. If you need a single artefact for your vendor file, the full Technology FAQ is available on request.

Where your data lives

 

All client data is hosted on Amazon Web Services in the Asia Pacific (Sydney) region (ap-southeast-2). Your data remains in Australian AWS data centres. We do not replicate or process client data outside Australia.

How the platform is built

 

EnviroAutomate runs on enterprise-grade managed cloud infrastructure:

  • Cloud platform: Amazon Web Services in Australia

  • Application framework: ASP.NET Core

  • Database: managed PostgreSQL on AWS

  • Runtime: a containerised application on serverless containers

  • Storage and messaging: managed object storage and managed queues for asynchronous processing

  • Email: transactional email through a managed email service

We name product categories on this page rather than specific service SKUs. The full Technology FAQ (available on request) lists the named AWS services and configuration detail that procurement and security reviewers typically want for a vendor file.

High availability and fault tolerance

 

EnviroAutomate is designed to keep running through component failures without operator intervention:

  • The application and database are deployed across multiple AWS availability zones with automatic failover

  • A managed application load balancer distributes traffic across healthy instances

  • Failed containers are automatically replaced

  • The managed database automatically fails over to a standby replica

  • Blue/green deployment keeps users uninterrupted during releases, with automatic rollback if a release fails health checks

Disaster recovery and backups

  • Recovery Point Objective in production: 5 minutes

  • Recovery Time Objective in production: 60 minutes

  • Automated database backups run daily and are retained for 35 days, with point-in-time recovery at any point within that 35-day window

  • Continuous transaction log backups run every 5 minutes

  • File storage versioning is enabled, giving full history of file changes

  • All backups are encrypted at rest

Encryption

 

  • In transit, all connections use HTTPS with TLS 1.2 or higher as the minimum accepted protocol

  • HTTP is automatically redirected and HTTP Strict Transport Security (HSTS) is enforced at the load balancer

  • At rest, database storage, file storage, and message queues are encrypted with AES-256

  • Encryption keys are managed by AWS Key Management Service

  • EnviroAutomate does not hold or rotate keys directly

Access, identity, and tenant isolation

 

  • Multi-factor authentication is enforced for all platform users

  • No user can sign in without a second factor

  • Single Sign-On via SAML 2.0 integrates with enterprise identity providers (Microsoft Entra ID, Okta, Google Workspace, and other SAML-compatible systems), letting your users access EnviroAutomate with corporate credentials

  • Tenant isolation is enforced at the application and data layer

  • Every query is automatically scoped to the requesting tenant, so one client's projects, sites, and analytical results are never visible to another

  • Tenant isolation is validated by a dedicated suite of automated tests that must pass before any code is deployed

  • Least-privilege access governs every internal role, both inside the application and inside our AWS environment

  • Production database deletion protection is enabled

Application security

  • A managed web application firewall with OWASP-aligned rule sets covers SQL injection, cross-site scripting, path traversal, IP reputation filtering, known-bad-input blocking, and rate limiting

  • Continuous threat detection runs across our AWS accounts, monitoring for unauthorised access attempts, compromised credentials, and anomalous activity

  • The application runs in private subnets with no direct internet exposure, and network security groups restrict traffic between components

  • Sensitive credentials are stored in a dedicated managed secrets service, never in source code or configuration files

Service availability

We target 99.5% uptime for production environments. We do not currently offer financial service credits. What we do provide is comprehensive monitoring, automated alerting, documented incident response procedures, and an architecture designed for redundancy and automatic failover. If we ever miss the target over a sustained period, we will tell you directly rather than discover it through an SLA dispute.

Monitoring, logging, and incident detection

  • Application and infrastructure monitoring tracks performance, error rates, query health, and queue depth, with automatic alarms when thresholds are exceeded

  • Distributed tracing provides end-to-end visibility of requests across services

  • Application and security logs are retained for 1 year, supporting compliance reviews and incident investigation

  • Web application firewall logging captures every inspected request for security analysis

  • Automated alerts route to the operations team immediately when issues are detected, and critical exceptions are escalated by email

  • Dead-letter queues capture failed background jobs for human review rather than silently dropping them

Software quality and release engineering

 

  • Every code change is automatically built and tested through continuous integration; if any test fails, the build is rejected and deployment is blocked

  • Our continuously growing automated test suite, currently over 9,000 tests, covers data integrity, tenant isolation, security and authorisation, scientific calculations, import and export pathways, and full report-generation approval tests where generated Word output is compared character-by-character against pre-approved baselines

  • Database-level tests run against a real PostgreSQL instance inside Docker containers that mirror production, catching issues that simplified test databases would miss

  • We typically deploy small batches of changes multiple times per week using blue/green deployment, with automatic rollback if health checks fail

AI features

 

EnviroAutomate includes three categories of AI-powered features designed to reduce repetitive work for environmental consultants. All three operate on data already in EnviroAutomate, are tenant-scoped, and are designed for human review before any AI-assisted output is used in a final deliverable.

  1. The AI Assistant is a conversational assistant embedded in the platform; it can look up your sites, projects, fieldwork, and analytical data, and propose actions on your behalf, and very action that writes data requires explicit human approval

  2. AI Assessment Review provides automated review of report types, flagging potential issues and producing structured review outputs to reduce manual checking time

  3. AI Report Generation is AI-assisted drafting of sections within client reports, based on your project data and investigation findings; it is currently live for Preliminary Site Investigation (PSI) and Data Usability Review (DUR), with more report types in the roadmap

All AI processing occurs within Australian AWS regions. Customer inputs and outputs are not used to train foundation models.

For details about our human-in-the-loop and approval-gated actions design, see our AI safety posture. For data residency, model provider details, and AI-specific controls, see AI data and residency.

Data integration

  • Excel imports and exports use standardised templates

  • REST APIs handle programmatic data submission and retrieval

  • Webhooks provide real-time event notification

  • We support ESDAT data imports

  • Bespoke migration tools are developed where required to bring historical data into EnviroAutomate (e.g. where historical data is in Excel files)

Compliance posture

 

  • EnviroAutomate's security controls are designed to ISO 27001 standards

  • We rely on AWS's underlying ISO 27001, SOC 2, and PCI DSS certifications for the infrastructure layer

  • Formal EnviroAutomate certification is a roadmap item

  • We comply with the Australian Privacy Act 1988 and the Notifiable Data Breach scheme

For our full security posture, including subprocessors, encryption detail, incident response, and vulnerability disclosure, see the Trust overview page.

Want the detail?

 

Procurement and security reviewers can request the full Technology FAQ, which names specific AWS services, configuration detail, and the long-form answers behind the summary above.

bottom of page