SAS SOLUTIONS ONDEMAND

Size: px
Start display at page:

Download "SAS SOLUTIONS ONDEMAND"

Transcription

1 DECEMBER 4, 2013 Gary T. Ciampa SAS Solutions OnDemand Advanced Analytics Lab Birmingham Users Group, 2013

2

3 OVERVIEW SAS Solutions OnDemand Started in 2000 SAS Advanced Analytics Lab (AAL) Created in 2007 Multiple ASP lines of business, representing over 400 customer sites Marketing, Banking, Financial analytic solutions Health Care, Pharmaceutical & Retail analytic solutions Work in highly regulated industries Experience with large data volumes, demanding batch processing cycles and realtime delivery of content Experience coordinating with executive, business and technical teams Best Practices Data transfer, backup, restore, automation, monitoring and alerting Documented processes and procedures

4 BENEFITS End-to-end solution Software, implementation, mentoring, on-going support, infrastructure in one place unified approach for client Rapid time to value - Solution delivery model provides efficient time to value with the right expert at the right time, while customer focus remains on core strengths Expertise in establishing analytic platforms Data integration, data quality, update and access to large amounts of data in a pristine environment Scalable and secure SOC 2 / SOC 3, SLA gives customer assurance for applications and minimizes resource and scheduling issues Leverage extensive SAS skills as desired On-premise the solution when and if desired

5 Servers Network Storage, backup and restore SAS Data Center Security Encrypted data transfers Change management User account & entitlement management Resource and health metrics - reporting Continuation of business strategy Outages, outage notifications, SLAs IT Support

6 Support for multiple platforms [Linux/x86, Solaris/SPARC, HP-UX (PA-RISC/IA64), AIX, Windows/x86] Scalable Servers (2 to 64 processors), including system resource on-demand services Redundant components or servers are configured for 99% SLA Strict change control enforcement Hardened and baselined at time of deployment Resource and health monitoring (24x7) Hot Fix, Maintenance and Release management Interactive shell access to UNIX systems must be encrypted via SSH or accessed directly from the console HTTP and FTP access encrypted using SSL where appropriate Servers

7 Firewall / DMZ Isolated network Customer approval of all configuration changes Private leased lines (configure multiple or redundant lines) Encrypted VPN (backup network or primary) Network

8 STORAGE AND BACKUP Storage Scalability (1 to 100+TB) RAID protection (Levels 5, 1, 1+0) Remotely mirrored primary warehouse (for data availability and backups) Backup and Restore Encrypted backups of all data (daily, weekly, monthly) Backups performed from secondary data center (for data availability) Archive and restore services available

9 SAS Data Center Located at SAS Corporate Headquarters Fully secure Physical access restricted No external doors or windows All access monitored and reviewed Access to hosted equipment and rooms within the Data Center further restricted to those that require it Staffed 24x7 Full Environmental Controls & Redundancy N+1 cooling N+1 UPS N+1 generators Inert gas fire protection supplemented by preaction water Environmental status monitored Regular preventive maintenance performed

10 Security SOC 2 / SOC 3, SSAE 16 and Safe Harbor certifications Safeguards on regulated data Secure file transfer Data Classification Policy and Clean Desk Program United States Government Compliance

11 Physical Logical Access Log Review All physical hardware (servers, network, racks, backup tapes) protected by electronic locks Firewall / DMZ configured to restrict all traffic which is not approved All system level access logs are summarized and reviewed daily by the information security group. Security Access limited to those that require it (subset of Data Center staff) IDS / IPS services available All logs can be jointly reviewed upon request Cameras record all entries and exits to hosting rooms All users with elevated privileges must be approved Data center physically patrolled Elevated privileges are granted by SUDO or RU to those that not requiring system root or administrator passwords; may be restricted in scope

12 Data Transfer All data transfers are encrypted Support for FTP/S, SFTP, and HTTPS Audit files for transfer quality checks Notifications for file transfers are available All transfers are logged and reports generated Automated and scheduled delivery of data

13 User Account and Entitlement Management Web-based account management Approval required for all account and entitlement changes Historical tracking and auditing provided Self-service facility for forgotten passwords and user names Entitlement reports created on demand

14 Resource and Health Metrics: Reporting Real-time alerting for server and application availability Resource utilization metrics for CPU, memory, disk Resource availability metrics for applications including (SAS, HTTP and FTP). Monthly reports on server availability Real-time access to resource utilization metrics

15 Change Management All servers and network configurations are baselined at time of production deployment All changes must go through change management All changes must be approved except in the case of emergencies which are approved post-change Reports on all changes can be produced upon request

16 Continuation of Business Strategy Corporate wide strategy (refer to Plans and procedures aimed at protecting SAS s key assets and continuing its critical business functions in the event of threats such as natural disasters, pandemics, power outages, computer viruses or terrorist attacks Within SAS COB program, the Emergency Operations Command (EOC) framework operates as an Incident Command Structure (ICS) for managing disaster events from a corporate perspective EOC and the Executive Management Team are responsible for declaring a disaster and activating SAS company-wide Response teams and Business Resumption (BR) teams EOC teams include: Emergency Response (life / safety and facilities evacuation) Facilities Response Communications Response (internal and external) Business Resumption Information Technology Response Data safeguarding is included in all SAS Solutions OnDemand hosted solutions Additional services can be negotiated

17 Outages, Outage Notifications and Service Level Agreements SAS performs standard scheduled outages Monthly outages are performed during the 3rd weekend of the month. Facilities and preventative maintenance outages which may impact services are scheduled at least 3 weeks in advance with customer approval Application outages are scheduled and approved by the customer Outage Notifications Customers are notified at least 3 days in advance of all scheduled outages unless otherwise requested and approved by the customer Facilities outage notifications are sent 3 weeks in advance including preventative maintenance tasks Unscheduled outages are communicated to the customer as soon as reasonably possible. SAS Solutions OnDemand maintains a minimum of 99% uptime outside of scheduled outages

18 FOR MORE INFORMATION, CONTACT: SAS SOLUTIONS /

1 Data Center Requirements

1 Data Center Requirements 1 Data Center Requirements The following are MassDOT s standard Data Center requirements. 1.1 Data Center General Requirements 1.1.1 The CSC Operator shall furnish, or contract with a third-party provider

More information

WHITE PAPER. Title. Managed Services for SAS Technology

WHITE PAPER. Title. Managed Services for SAS Technology WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive

More information

What can the OnBase Cloud do for you? lbmctech.com

What can the OnBase Cloud do for you? lbmctech.com What can the OnBase Cloud do for you? lbmctech.com The OnBase Cloud by Hyland When it comes to cloud deployments, experience matters. With experience comes more functionality, long tracks of outstanding

More information

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored the onbase cloud ONBASE CLOUD // Experience Matters The OnBase Cloud by Hyland When it comes to cloud deployments, experience matters. With experience comes more functionality, an established history of

More information

University of Pittsburgh Security Assessment Questionnaire (v1.7)

University of Pittsburgh Security Assessment Questionnaire (v1.7) Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided

More information

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated

More information

WHITE PAPER. Solutions OnDemand Hosting Overview

WHITE PAPER. Solutions OnDemand Hosting Overview WHITE PAPER SAS Title Solutions OnDemand Hosting Overview ii Contents Overview... 1 Cary 1 (US) Facility Specifications...2 Cary 2 (US) Facility Specifications (SAS New Cloud Computing Center)...3 Charlotte

More information

Continuity of Business

Continuity of Business White Paper Continuity of Business SAS Continuity of Business initiative reflects our commitment to our employees, to our customers, and to all of the stakeholders in our global business community to be

More information

Data Storage, Recovery and Backup Checklists for Public Health Laboratories

Data Storage, Recovery and Backup Checklists for Public Health Laboratories Data Storage, Recovery and Backup Checklists for Public Health Laboratories DECEMBER 2018 Introduction Data play a critical role in the operation of a laboratory information management system (LIMS) and

More information

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY

SERVICE DESCRIPTION MANAGED BACKUP & RECOVERY Contents Service Overview.... 3 Key Features... 3 Implementation... 4 Validation... 4 Implementation Process.... 4 Internal Kick-Off... 4 Customer Kick-Off... 5 Provisioning & Testing.... 5 Billing....

More information

The Common Controls Framework BY ADOBE

The Common Controls Framework BY ADOBE The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.

More information

AppPulse Point of Presence (POP)

AppPulse Point of Presence (POP) AppPulse Point of Presence Micro Focus AppPulse POP service is a remotely delivered solution that provides a managed environment of Application Performance Management. AppPulse POP service supplies real-time

More information

INFORMATION SECURITY- DISASTER RECOVERY

INFORMATION SECURITY- DISASTER RECOVERY Information Technology Services Administrative Regulation ITS-AR-1505 INFORMATION SECURITY- DISASTER RECOVERY 1.0 Purpose and Scope The objective of this Administrative Regulation is to outline the strategy

More information

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds EXECUTIVE BRIEF SHAREBASE BY HYLAND Automate sharing. Empower users. Retain control. With ShareBase by Hyland, empower users with enterprise file sync and share (EFSS) technology and retain control over

More information

Version v November 2015

Version v November 2015 Service Description HPE Quality Center Enterprise on Software-as-a-Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Quality Center Enterprise

More information

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC

More information

VMware vcloud Air SOC 1 Control Matrix

VMware vcloud Air SOC 1 Control Matrix VMware vcloud Air SOC 1 Control Objectives/Activities Matrix VMware vcloud Air goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a

More information

IBM SmartCloud Notes Security

IBM SmartCloud Notes Security IBM Software White Paper September 2014 IBM SmartCloud Notes Security 2 IBM SmartCloud Notes Security Contents 3 Introduction 3 Service Access 4 People, Processes, and Compliance 5 Service Security IBM

More information

Application Lifecycle Management on Softwareas-a-Service

Application Lifecycle Management on Softwareas-a-Service Service Description HPE Application Lifecycle Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Application

More information

Document Sub Title. Yotpo. Technical Overview 07/18/ Yotpo

Document Sub Title. Yotpo. Technical Overview 07/18/ Yotpo Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Certified Information Systems Auditor (CISA)

Certified Information Systems Auditor (CISA) Certified Information Systems Auditor (CISA) 1. Domain 1 The Process of Auditing Information Systems Provide audit services in accordance with IT audit standards to assist the organization in protecting

More information

SERVICE DESCRIPTION MANAGED FIREWALL/VPN

SERVICE DESCRIPTION MANAGED FIREWALL/VPN Contents Service Overview.... 3 Key Features... 3 Service Features... 3 Responsibilities... 5 Additional Services.... 5 Implementation... 6 Validation... 6 Implementation Process.... 6 Customer Kick-Off...

More information

April Appendix 3. IA System Security. Sida 1 (8)

April Appendix 3. IA System Security. Sida 1 (8) IA System Security Sida 1 (8) Table of Contents 1 Introduction... 3 2 Regulatory documents... 3 3 Organisation... 3 4 Personnel security... 3 5 Asset management... 4 6 Access control... 4 6.1 Within AFA

More information

locuz.com SOC Services

locuz.com SOC Services locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security

More information

AWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.

AWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Security Practices Freshservice Security Practices Freshservice is online IT service desk software that allows IT teams of organizations to support their users through email, phone, website and mobile.

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

emarketeer Information Security Policy

emarketeer Information Security Policy emarketeer Information Security Policy Version Date 1.1 2018-05-03 emarketeer Information Security Policy emarketeer AB hereafter called emarketeer is a leading actor within the development of SaaS-service

More information

IBM Security Intelligence on Cloud

IBM Security Intelligence on Cloud Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients

More information

SECURITY & PRIVACY DOCUMENTATION

SECURITY & PRIVACY DOCUMENTATION Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive

More information

7.16 INFORMATION TECHNOLOGY SECURITY

7.16 INFORMATION TECHNOLOGY SECURITY 7.16 INFORMATION TECHNOLOGY SECURITY The superintendent shall be responsible for ensuring the district has the necessary components in place to meet the district s needs and the state s requirements for

More information

Trust Services Principles and Criteria

Trust Services Principles and Criteria Trust Services Principles and Criteria Security Principle and Criteria The security principle refers to the protection of the system from unauthorized access, both logical and physical. Limiting access

More information

Total Security Management PCI DSS Compliance Guide

Total Security Management PCI DSS Compliance Guide Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to

More information

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below

More information

Internal Audit Report DATA CENTER LOGICAL SECURITY

Internal Audit Report DATA CENTER LOGICAL SECURITY Internal Audit Report DATA CENTER LOGICAL SECURITY Report No. SC 12 06 June 2012 David Lane Principal IT Auditor Jim Dougherty Principal Auditor Approved Barry Long, Director Internal Audit & Advisory

More information

2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.

2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo. Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third

More information

Altius IT Policy Collection Compliance and Standards Matrix

Altius IT Policy Collection Compliance and Standards Matrix Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions

More information

Cloud Services. Introduction

Cloud Services. Introduction Introduction adi Digital have developed a resilient, secure, flexible, high availability Software as a Service (SaaS) cloud platform. This Platform provides a simple to use, cost effective and convenient

More information

Inventory and Reporting Security Q&A

Inventory and Reporting Security Q&A Inventory and Reporting Security Q&A General Q. What is Inventory Reporting, Collection, and Analysis? A. Inventory Reporting, Collection, and Analysis is a tool that discovers, collects, and analyzes

More information

QuickBooks Online Security White Paper July 2017

QuickBooks Online Security White Paper July 2017 QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a

More information

CTS performs nightly backups of the Church360 production databases and retains these backups for one month.

CTS performs nightly backups of the Church360 production databases and retains these backups for one month. Church360 is a cloud-based application software suite from Concordia Technology Solutions (CTS) that is used by churches of all sizes to manage their membership data, website, and financial information.

More information

Data Security & Operating Environment

Data Security & Operating Environment Data Security & Operating Environment Version 1.0, Summer 2018 Last updated: June 21, 2018 https://www.kintone.com/contact/ Contents 1. Service Level Objective (SLO)... 1 2. Availability and Reliability...

More information

Security. ITM Platform

Security. ITM Platform Security ITM Platform Contents Contents... 0 1. SaaS and On-Demand Environments... 1 1.1. ITM Platform configuration modes... 1 1.2. Server... 1 1.3. Application and Database... 2 1.4. Domain... 3 1.5.

More information

White Paper The simpro Cloud

White Paper The simpro Cloud White Paper The simpro Cloud White Paper The simpro Cloud Executive Summary... 1 Cloud Overview... 1 Global Data Centre Network... 2 Cloud Architecture... 3 Primary Objectives... 3 Data Security... 4 Certification

More information

TECHNICAL INFRASTRUCTURE AND SECURITY PANOPTO ONLINE VIDEO PLATFORM

TECHNICAL INFRASTRUCTURE AND SECURITY PANOPTO ONLINE VIDEO PLATFORM TECHNICAL INFRASTRUCTURE AND SECURITY PANOPTO ONLINE VIDEO PLATFORM CONTENTS Introduction... 3 Architecture... 3 Hardware and Software... 3 Panopto Components/Prerequisites... 3 Amazon Server Locations...

More information

CLIQ Remote - System description and requirements

CLIQ Remote - System description and requirements CLIQ Remote - System description and requirements 1. Introduction CLIQ Remote - Access at a distance CLIQ Remote is an electromechanical lock system with an additional level of security and flexibility,

More information

EMC DATA DOMAIN OPERATING SYSTEM

EMC DATA DOMAIN OPERATING SYSTEM EMC DATA DOMAIN OPERATING SYSTEM Powering EMC Protection Storage ESSENTIALS High-Speed, Scalable Deduplication Up to 31 TB/hr performance Reduces requirements for backup storage by 10 to 30x and archive

More information

Safeguarding Cardholder Account Data

Safeguarding Cardholder Account Data Safeguarding Cardholder Account Data Attachmate Safeguarding Cardholder Account Data CONTENTS The Twelve PCI Requirements... 1 How Reflection Handles Your Host-Centric Security Issues... 2 The Reflection

More information

BLACKLINE PLATFORM INTEGRITY

BLACKLINE PLATFORM INTEGRITY BLACKLINE PLATFORM INTEGRITY Security, Availability, and Disaster Recovery Your Trusted Partner for Financial Corporate Performance Management BlackLine is a leading provider of cloud software that automates

More information

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY PRIMARY AGENCY: SUPPORT AGENCIES: Savannah-Chatham Metropolitan Police Department Armstrong-Atlantic Campus Police Department Bloomingdale

More information

Global Platform Hosting Hosting Environment Security White Paper

Global Platform Hosting Hosting Environment Security White Paper Global Platform Hosting Hosting Environment Security White Paper Contents January, 2010 2 Introduction 2 Physical Security 3 Environmental Controls 3 Network Security 4 System Security 5 Remote Management

More information

Altius IT Policy Collection Compliance and Standards Matrix

Altius IT Policy Collection Compliance and Standards Matrix Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions

More information

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our

More information

Intermedia. CX-E Cloud Hosting Provider. Introduction. Why Intermedia for CX-E Cloud? Cost of Ownership

Intermedia. CX-E Cloud Hosting Provider. Introduction. Why Intermedia for CX-E Cloud? Cost of Ownership CX-E Cloud Hosting Provider Intermedia Introduction AVST has selected Intermedia as the cloud provider for our hosted CX-E Cloud offering. Intermedia delivers an enterprise-grade cloud infrastructure that

More information

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains

More information

RFP Questions Guideline For Data Center Buyers

RFP Questions Guideline For Data Center Buyers RFP Questions Guideline For Data Center Buyers Rev: 00W0052015 1 P a g e This guideline document is a supporting download for our webinar titled 5 RFP Questions Data Center Buyers Must Ask a Provider and

More information

Altius IT Policy Collection

Altius IT Policy Collection Altius IT Policy Collection Complete set of cyber and network security policies Over 100 Policies, Plans, and Forms Fully customizable - fully customizable IT security policies in Microsoft Word No software

More information

BME CLEARING s Business Continuity Policy

BME CLEARING s Business Continuity Policy BME CLEARING s Business Continuity Policy Contents 1. Introduction 1 2. General goals of the Continuity Policy 1 3. Scope of BME CLEARING s Business Continuity Policy 1 4. Recovery strategies 2 5. Distribution

More information

Compliance and Privileged Password Management

Compliance and Privileged Password Management Introduces Compliance and Privileged Password Management [ W H I T E P A P E R ] Written by Kris Zupan, CEO/CTO e-dmz Security, LLC April 13, 2007 Compliance and Privileged Password Management Overview

More information

Version v November 2015

Version v November 2015 Service Description HPE Project and Portfolio Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Project and

More information

There are also a range of security and redundancy systems designed to improve the speed, reliability, stability and security of the simpro Cloud.

There are also a range of security and redundancy systems designed to improve the speed, reliability, stability and security of the simpro Cloud. The simpro Cloud Executive Summary The simpro Cloud environment is an enterprise-grade cloud network designed specifically to host simpro s software offerings in an easy to use and reliable platform. simpro

More information

University of Hawaii Hosted Website Service

University of Hawaii Hosted Website Service University of Hawaii Hosted Website Service Table of Contents Website Practices Guide About These Practices 3 Overview 3 Intended Audience 3 Website Lifecycle 3 Phase 3 Begins 3 Ends 3 Description 3 Request

More information

Data Security and Privacy Principles IBM Cloud Services

Data Security and Privacy Principles IBM Cloud Services Data Security and Privacy Principles IBM Cloud Services 2 Data Security and Privacy Principles: IBM Cloud Services Contents 2 Overview 2 Governance 3 Security Policies 3 Access, Intervention, Transfer

More information

enalyzer enalyzer security

enalyzer enalyzer security enalyzer enalyzer security A documentation that provides an in depth description, that can be read as is, or forwarded to IT departments demanding more technical information. Copenhagen, May 2018 www.enalyzer.com

More information

Opengear Technical Note

Opengear Technical Note ) 0 FO U N D Y FastIron Workgroup X N E T WO R K S C o n s o le L in k 0 P o w e r F F F F 0 0 0 0 0 0 S Y T R P S S T A T D U P L X S P E E D M O D E 0 0 -Port Standard KVM Switch Model B00-00 0 0 C at

More information

Online Services Security v2.1

Online Services Security v2.1 Online Services Security v2.1 Contents 1 Introduction... 2 2... 2 2.1... 2 2.2... 2 2.3... 3 3... 4 3.1... 4 3.2... 5 3.3... 6 4... 7 4.1... 7 4.2... 7 4.3... 7 4.4... 7 4.5... 8 4.6... 8 1 Introduction

More information

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control

More information

IBM Case Manager on Cloud

IBM Case Manager on Cloud Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the

More information

IT CONTINUITY, BACKUP AND RECOVERY POLICY

IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY IT CONTINUITY, BACKUP AND RECOVERY POLICY Effective Date May 20, 2016 Cross- Reference 1. Emergency Response and Policy Holder Director, Information Business Resumption

More information

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi

Internet of Things. The Digital Oilfield: Security in SCADA and Process Control. Mahyar Khosravi Internet of Things The Digital Oilfield: Security in SCADA and Process Control Mahyar Khosravi makhosra@cisco.com Critical infrastructures worldwide not ready to battle cyber attacks, claims new study.

More information

Fully managed Cloud-based business software solution

Fully managed Cloud-based business software solution ABT Online Software-as-a-Service (SaaS) ABT Pronto Xi Integrated Solutions Fully managed Cloud-based business software solution abtonline.com.au ABT Online Software-as-a-Service (SaaS) ABT Pronto Xi Integrated

More information

Windows Server Security Best Practices

Windows Server Security Best Practices University Information Technology Services Windows Server Security Best Practices Page 1 of 13 Initial Document Created by: 2009 Windows Server Security Best Practices Committee Document Creation Date:

More information

DHIS2 Hosting Proposal

DHIS2 Hosting Proposal www.knowarth.com 1 Table of Contents 2 Cloud Consulting & Hosting... 3 2.1 Cloud Consulting & Hosting includes... 3 2.2 DHIS2 Hosting features... 4 2.2.1 Best-practice installation... 4 2.2.2 Uptime and

More information

InterCall Virtual Environments and Webcasting

InterCall Virtual Environments and Webcasting InterCall Virtual Environments and Webcasting Security, High Availability and Scalability Overview 1. Security 1.1. Policy and Procedures The InterCall VE ( Virtual Environments ) and Webcast Event IT

More information

Asset Bank - Shared Hosting. Service Description

Asset Bank - Shared Hosting. Service Description Asset Bank - Shared Hosting Service Description Date: 12th December 2016 Version: Status: d19 Released Introduction This document describes Bright Interactive s Shared Hosting Service, the hosting environment

More information

Information Technology General Control Review

Information Technology General Control Review Information Technology General Control Review David L. Shissler, Senior IT Auditor, CPA, CISA, CISSP Office of Internal Audit and Risk Assessment September 15, 2016 Background Presenter Senior IT Auditor

More information

SECURITY DOCUMENT. 550archi

SECURITY DOCUMENT. 550archi SECURITY DOCUMENT 550archi Documentation for XTM Version 10.3 Published by XTM International Ltd. Copyright XTM International Ltd. All rights reserved. No part of this publication may be reproduced or

More information

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control

More information

Cisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures

Cisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures Cisco Meraki Privacy and Security Practices List of Technical and Organizational Measures Introduction Meraki takes a systematic approach to data protection, privacy, and security. We believe a robust

More information

NETWORK DESIGN: MEDICAL FACILITY J.P. MARSHALL THOMAS ASHEY ROHAN GOTHWAL JENNIFER COLMAN SAMUEL CHERRY

NETWORK DESIGN: MEDICAL FACILITY J.P. MARSHALL THOMAS ASHEY ROHAN GOTHWAL JENNIFER COLMAN SAMUEL CHERRY NETWORK DESIGN: MEDICAL FACILITY J.P. MARSHALL THOMAS ASHEY ROHAN GOTHWAL JENNIFER COLMAN SAMUEL CHERRY Table of Contents Executive Summary 3 Written Description 4 Network Policies. 6 Security Policy.

More information

SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. 2.2 Standard Service Features APPENDIX 2

SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. 2.2 Standard Service Features APPENDIX 2 APPENDIX 2 SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION This document contains product information for the Safecom SecureWeb Custom service. If you require more detailed technical information,

More information

Security Fundamentals for your Privileged Account Security Deployment

Security Fundamentals for your Privileged Account Security Deployment Security Fundamentals for your Privileged Account Security Deployment February 2016 Copyright 1999-2016 CyberArk Software Ltd. All rights reserved. CAVSEC-PASSF-0216 Compromising privileged accounts is

More information

CogniFit Technical Security Details

CogniFit Technical Security Details Security Details CogniFit Technical Security Details CogniFit 2018 Table of Contents 1. Security 1.1 Servers........................ 3 1.2 Databases............................3 1.3 Network configuration......................

More information

v February 2016

v February 2016 Service Description HPE Application Performance Management on Software-as-a- Service v2.1 20 February 2016 This Service Description describes the components and services included in HPE Application Performance

More information

Data Center Operations Guide

Data Center Operations Guide Data Center Operations Guide SM When you utilize Dude Solutions Software as a Service (SaaS) applications, your data is hosted in an independently audited data center certified to meet the highest standards

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

Symantec Reference Architecture for Business Critical Virtualization

Symantec Reference Architecture for Business Critical Virtualization Symantec Reference Architecture for Business Critical Virtualization David Troutt Senior Principal Program Manager 11/6/2012 Symantec Reference Architecture 1 Mission Critical Applications Virtualization

More information

Information Technology

Information Technology Information Technology Company Profile 2 About Training Solutions Enterprise Solutions Infocan Infocan was established in 1989 with the mission of providing quality, professional, effective and practical

More information

BUSINESS CONTINUITY. Topics covered in this checklist include: General Planning

BUSINESS CONTINUITY. Topics covered in this checklist include: General Planning BUSINESS CONTINUITY Natural and manmade disasters are happening with alarming regularity. If your organization doesn t have a great business continuity plan the repercussions will range from guaranteed

More information

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential

More information

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved. April 14, 2016 You Might Know Us As. 2012 2014 2 TierPoint Corporate Overview TierPoint Data Center Footprint* TierPoint Key Statistics Employees: 870 Markets: 24 Data Centers: 38 Total Raised Floor: 599,000

More information

Business Continuity and Disaster Recovery. Pennsylvania Emergency Management Agency (PEMA) Satellite Warning System/Rapid Notification Network

Business Continuity and Disaster Recovery. Pennsylvania Emergency Management Agency (PEMA) Satellite Warning System/Rapid Notification Network Business Continuity and Disaster Recovery Pennsylvania Emergency Management Agency (PEMA) Satellite Warning System/Rapid Notification Network Executive Summary Too often emergency management communication

More information

Juniper Vendor Security Requirements

Juniper Vendor Security Requirements Juniper Vendor Security Requirements INTRODUCTION This document describes measures and processes that the Vendor shall, at a minimum, implement and maintain in order to protect Juniper Data against risks

More information

The simplified guide to. HIPAA compliance

The simplified guide to. HIPAA compliance The simplified guide to HIPAA compliance Introduction HIPAA, the Health Insurance Portability and Accountability Act, sets the legal requirements for protecting sensitive patient data. It s also an act

More information

Server Security Procedure

Server Security Procedure Server Security Procedure Reference No. xx Revision No. 1 Relevant ISO Control No. 11.7.1 Issue Date: January 23, 2012 Revision Date: January 23, 2012 Approved by: Title: Ted Harvey Director, Technology

More information

Cloud-Based Data Security

Cloud-Based Data Security White Paper Cloud-Based Data Security SaaS-built Galileo collects and analyzes customized performance data efficiently, on-demand, via a secure Internet connection. About Galileo Created by the ATS Group,

More information

Data Processing Amendment to Google Apps Enterprise Agreement

Data Processing Amendment to Google Apps Enterprise Agreement Data Processing Amendment to Google Apps Enterprise Agreement The Customer agreeing to these terms ( Customer ) and Google Inc., Google Ireland, or Google Asia Pacific Pte. Ltd. (as applicable, Google

More information

Standard: Data Center Security

Standard: Data Center Security Standard: Data Center Security Page 1 Executive Summary The university data centers provide for the reliable operation of SJSU s computing systems, computing infrastructure, and communication systems.

More information

Cloud Security Whitepaper

Cloud Security Whitepaper Cloud Security Whitepaper Sep, 2018 1. Product Overview 3 2. Personally identifiable information (PII) 3 Using Lookback without saving any PII 3 3. Security and privacy policy 4 4. Personnel security 4

More information

AUTHORITY FOR ELECTRICITY REGULATION

AUTHORITY FOR ELECTRICITY REGULATION SULTANATE OF OMAN AUTHORITY FOR ELECTRICITY REGULATION SCADA AND DCS CYBER SECURITY STANDARD FIRST EDITION AUGUST 2015 i Contents 1. Introduction... 1 2. Definitions... 1 3. Baseline Mandatory Requirements...

More information