Infrastructure Built for Speed and Compliance
Modern, certified cloud infrastructure — so we can ship secure updates fast without compromising on the controls health services expect.
The Stack
| Layer | Approach | Why It Matters |
|---|---|---|
| Compute | Containers (Docker) | Consistent, auditable, portable across regions and providers. |
| Orchestration | Render today; ECS Fargate for AWS | Managed and scalable — no server patching on your side. |
| Database | PostgreSQL | ACID-compliant, row-level security, point-in-time recovery. |
| Caching | Redis | Performance and resilience with graceful degradation. |
| Secrets | Provider-native (AWS Secrets Manager, Render env) | No secrets in code. Rotation managed by the provider. |
Two Production Paths
Global Default
Render · ap-southeast-1
APAC-optimised, low latency for Australian and New Zealand users.
- • Low latency across APAC including Australia and NZ
- • SOC 2 Type II certified (Render)
- • ISO 27001 certified (Render)
- • Singapore PDPA — strong regional data protection
- • APP 8 compliant via contract and technical safeguards
Australian Option
AWS · ap-southeast-2 (Sydney)
For organisations that require data on Australian soil.
- • Data and compute in Australia — AWS Sydney
- • IRAP-assessed infrastructure
- • SOC 2 Type II and ISO 27001 (AWS)
- • ISO 27017 / 27018 cloud security (AWS)
- • Same application, same security model — different region
Security at Every Layer
Encryption at Rest
AES-256 for databases and sensitive storage. AWS Sydney uses KMS-backed encryption.
Encryption in Transit
TLS 1.2+ enforced on all connections. HSTS applied where applicable.
Secrets Management
No secrets in code — ever. AWS Secrets Manager on Sydney; Render env globally.
Access Control
RBAC, SSO, and MFA enforced. Least-privilege service accounts.
See also: Data Residency · Compliance
Ready to see IRIS in action?
Start a free trial, try the live demo, or book a guided walkthrough with our team.
Or email us at office@intelligentroster.com