DHIS2 Hosting Proposal
|
|
- Cornelia Farmer
- 6 years ago
- Views:
Transcription
1
2 1 Table of Contents 2 Cloud Consulting & Hosting Cloud Consulting & Hosting includes DHIS2 Hosting features Best-practice installation Uptime and support Reliable backup of database and application Managed upgrade of application versions Updates and patching of operating system and middleware HelpDesk Server resource scaling SSL (encryption) setup Database-level data encryption Application and resource monitoring Global cloud infrastructure for scalability Replication for high availability Scope of Cloud Hosting Services Out of Scope SLAs for Resolution and Response Times Method of assignment and communication Cost Dependencies/Assumption Common Questions for DHIS KNOWARTH Technologies Pvt. Ltd. 2
3 2 Cloud Consulting & Hosting KNOWARTH Cloud Consulting offers customized application and infrastructure management by setting up a secure and scalable cloud platform geared for high-performance. Our Open Source and Managed Cloud services helps organizations develop private, public, or hybrid cloud platforms with accelerated reduction in total cost of ownership (TCO) and complexity associated with the set-up of traditional IT infrastructure. KNOWARTH Cloud Services offers a planned approach to develop, deploy, and manage a cloud platform that addresses IT infrastructure needs such as security, scalability, availability, monitoring, disaster recovery, clustering and replication, automatic and on-demand backups, scheduled and on-demand maintenance. 2.1 Cloud Consulting & Hosting includes Define application architecture and deployment requirements for the web application Initial sizing of hardware/software requirements for cloud hosting Setup the production, staging, QA, and development sites Application and data migration from in-house IT infrastructure to managed infrastructure Setup clustering and replication Go-live support On-going monitoring, backup, and application support as per Service Level Agreements (SLAs) Each environment will be managed by a team of certified engineers. You and your team will benefit from: Ticketing system Single point of contact for escalations System uptime and alerts A team of IT network and application experts A global staff working around the clock 24/7 Certified application and network experts Immediate and proactive response to tickets and monitoring alerts Fast resolution time DHIS2 Installation as per best practices % uptime 24X7 Monitoring 9X5 or 24X7 Support (based on the selected support plan) Reliable backup of database and application Upgrade to newer version of the application Updates & Patch installation Helpdesk Support 2016 KNOWARTH Technologies Pvt. Ltd. 3
4 SSL Encryption setup Database Level Encryption 2.2 DHIS2 Hosting features Best-practice installation Setting up DHIS2 the right way involves installation and configuration of a range of components. Getting this right is time-consuming and requires staff with strong skills in Linux, database systems, web servers and more: With a managed DHIS2 instance from KNOWARTH you will get a DHIS2 instance installed and configured according to best practices Uptime and support The hosting plans come with 24/7 monitoring and support, meaning that if your DHIS2 instance goes down or there is a problem, we are there to help you. We ensure that your system is available, well-performing and that no unnecessary down-time is inflicted on your users Reliable backup of database and application Know the how it feels to lose critical data? The backup service makes sure that your data is always backed up in a secure place - both on your server for easy access as well as on a server located physically somewhere else in case something goes wrong. Choose between backing up your database or the whole server image. Backup files are easy to download from the application console Managed upgrade of application versions DHIS2 is released 4 times per year and adds a lot of useful features every time. The upgrade service makes sure that your instance always runs the latest DHIS2 version. When upgrading it is essential to test and verify that your existing forms, reports and charts continues to work. The backup service enables you to enjoy the latest DHIS2 features without worrying about any issues that might arise in the upgrade process Updates and patching of operating system and middleware The managed DHIS2 instances run on rock-solid Linux operating systems. However, as time goes by it is essential to keep the operating system, Java version and middleware like the web server, servlet container and database up-to-date with the latest security patches. Ignoring to patch your environment will make your system vulnerable for malicious attacks HelpDesk When operating a sophisticated software like DHIS2 it is comforting to know you can rely on KNOWARTH to help you if you get stuck. The help desk service provides you with assistance on technical matters related to your server and DHIS2 software instance. KNOWARTH staff has many years of experience of DHIS2 hosting and configuration KNOWARTH Technologies Pvt. Ltd. 4
5 2.2.7 Server resource scaling Often you will start with a small DHIS2 instance where you build and test your system. When system adoption increases you will need more server resources to handle the load. The resource scaling service lets you scale when you need it and pay for only what you need SSL (encryption) setup In today's Internet environment setting up SSL (as in HTTPS and encryption) is an absolute must for applications like DHIS2 which requires users to log in with a username and password. The SSL service provides your server with a trusted SSL certificate which will keep the private information of your users secure Database-level data encryption When dealing with sensitive and personally identifiable information in the DHIS2 tracker component, keeping the data secure and the maintaining data confidentiality is of outmost importance. The database-level data encryption service provides a strong last line of defense against attacks, meaning data will not be compromised even if someone gains access to your database Application and resource monitoring Monitoring resource utilization, application performance and operational health is essential for keeping your system running smoothly Global cloud infrastructure for scalability Deploying large organizations with operations in many countries on several continents comes with a few challenges. The global could infrastructure service helps you to provide your users with high availability in multiple time zones and high scalability to cater for increased load which follows improved adoption of the system Replication for high availability Want to make sure your system can handle high loads and constant up-time? We can set up your DHIS2 instance with web-server replication, meaning that if one server goes down, your instance is still available. It also means that we can add new servers to increase capacity during periods where demand is high KNOWARTH Technologies Pvt. Ltd. 5
6 2.3 Scope of Cloud Hosting Services KNOWARTH will cover following areas for Cloud Consulting Services: Defining deployment architecture includes installation and configuration of DHIS2 Setup of Development, QA, and Production servers Setup Clustering, Replication Setup CDN (if required) Code deployment on Production servers Go-Live Support Server and Application hosting and upgrade support, as directed by Client Monitoring of servers/applications related to infrastructure through Monitoring System Managing of servers/applications related to infrastructure Patch installation for packages used for servers Auto backup of Server, Application & Database Daily with Retention of 7 days Optimization of Server, Application and Database for better performance Helpdesk Services including Ticketing System Global Cloud Infrastructure for Scalability SSL (encryption) setup SSL certificate has to be purchased by Client separately Database-level encryption (if required) 2.4 Out of Scope The following are out of scope for Cloud Hosting Services: Application Maintenance/Development/Enhancements. DBA activities Data Migration, Validation & Cleaning Troubleshooting of any Third-party application, Interfaces etc. Issues found with application when production deployment is carried out or rolled back 2016 KNOWARTH Technologies Pvt. Ltd. 6
7 3 SLAs for Resolution and Response Times While there are no hard and fast ways to accurately pinpoint the resolution times as they range from 2 hours to 2 weeks, KNOWARTH can offer the following as a guideline: (Mail Support) IST Business Hours (10:00am to 6:00pm) Severity Acknowledgement Receipt (1) Target Resolution (2) Final Resolution (3) Critical 2 Hours 1 Business day 5 Business day High 4 Hours 2 Business day 10 Business day Medium 4 Hours 3 Business day 15 Business day Low 4 Hours 4 Business day 30 Business day (Phone Support) 24/7 For Critical Issues Severity Acknowledgement Receipt (1) Target Resolution (2) Final Resolution (3) Critical 4 Hours 1 Business day 5 Business day 1) Acknowledge Receipt means the time by which KNOWARTH must respond to the Incident reporter acknowledging receipt of the Incident. 2) Target Resolution means the target time for KNOWARTH to resolve the Incident and or deliver a temporary patch/fix KNOWARTH Technologies Pvt. Ltd. 7
8 3.1 Method of assignment and communication Initial Assignment will always be via . It can be on phone for critical issues. Assignment shall contain the following necessary information to adequately process and prioritize issue handling: Detailed Problem Description Environment in which encountered Application Information Application Name, URL etc. Error message Item Priority per the priorities defined elsewhere in this document Other useful information (Screenshot, Logs, etc.) 4 Cost Details Cost/Month Remarks ($) Shared GB HDD Space, 4 GB Ram, 2 core, 1 DB Schema, 1 site Dedicated (Option1) GB HDD Space, 4 GB Ram, 2 core, Unlimited Schema, Unlimited Sites Dedicated (Option2) GB HDD Space, 8 GB Ram, 2 core, Unlimited Schema, Unlimited Sites 4.1 Dependencies/Assumption Any Software cost would be bared by Client KNOWARTH Team will work from off-shore office in Ahmedabad SSL Certificate purchase Domain Name Admin Access to required servers/systems/services as and when required to carry out smooth operations 2016 KNOWARTH Technologies Pvt. Ltd. 8
9 5 Common Questions for DHIS2 For each question, we have responded with one of the following answers: Included ( Incl ) Available at an additional cost to be arranged ( Add ) Not available (Unavailable) This is the responsibility of the organization, not the provider, but it is possible to do within the features of the shared hosting price (Possible) And of course Yes or No, or details where applicable. Security question Data Collection 1. What, if any, data is collected by 3rd parties (e.g., via cookies, plug-ins, ad networks, web beacons etc.)? Network Operations Center Management and Security 1. Does the provider perform regular penetration testing, vulnerability management, and intrusion prevention? 2. Are all network devices located in secure facilities and under controlled circumstances (e.g. ID cards, entry logs)? 3. Are backups performed and tested regularly and stored offsite? 4. How are these backups secured? Disposed of? 5. Are software vulnerabilities patched routinely or automatically on all servers? Data Storage and Data Access 1. Where will the information be stored and how is data at rest protected (i.e. data in the data center)? 1. Will any data be stored outside Canada? 2. Is all or some data at rest encrypted (e.g. just passwords, passwords and sensitive data, all data) and what encryption method is used? 2. How will the information be stored? If the cloud application is multi-tenant (several districts on one server/instance) hosting, how is data and access separated from other customers? Responses 1. ( Incl ) DHIS2 uses cookie to store user session, permission and organization data in browser. We cannot ensure the security of such data in scenarios when third party plugins are installed on the user browser. 1. ( Incl ) Done when initial setup is done. 2. ( Incl ) Done when initial setup is done. For more details, (aws.amazon.com/security/) 3. ( Incl ) We would take backup of 3 days. Restoration testing would be done once in a month. Backup would be available across various zones of US. 4. ( Incl ) Security & Disposing are part of administration. 5. ( Incl ) All infrastructure level patches will be done on monthly cycle for minor patches. For major patches it would be informed to customer before patching it Not available (Unavailable). It will be hosted & stored in N. Virginia. 2. ( Incl ) All data will be encrypted by changing one configuration of application. 2. We wouldn t suggest multi-tenant solution as it has security flaws. 3. This is the responsibility of the organization, not the provider, but it is possible to do within the features of the shared hosting price (Possible) 4. a) ( Incl ) It will be taken care for Hosting & Support team KNOWARTH Technologies Pvt. Ltd. 9
10 3. Are the physical server(s) in a secured, locked and monitored environment to prevent unauthorized entry and/or theft? 4. How does the provider protect data in transit? e.g. SSL, hashing? 5. Who has access to information stored or processed by the provider? 1. Does the provider perform background checks on personnel with administrative access to servers, applications and customer data? 2. Does the provider subcontract any functions, such as analytics? (this includes Google Analytics) 3. What is the provider s process for authenticating callers and resetting access controls, as well as establishing and deleting accounts? 6. If client or other sensitive data is transferred/uploaded to the provider, are all uploads via SFTP or HTPPS? Data and Metadata Retention 1. How does the provider assure the proper management and disposal of data? 1. The provider should only keep data as long as necessary to perform the services to the organization. 2. How will the provider delete data? 1. Is data deleted on a specific schedule or only on termination of contract? Can your organization request that information be deleted? What is the protocol for such a request? 3. You should be able to request a copy of the information maintained by the provider at any time. 4. All data disclosed to the provider or collected by the provider must be disposed of by reasonable means to protect against unauthorized access or use. 5. Upon termination of the contract, the provider should return all records or data and properly delete any copies still in its possession Development and Change Management Process 1. Does the provider follow standardized and documented procedures for coding, configuration management, patch installation, and change b) DHIS2 platform allows various integration like Google Maps. Limited data is being exposed to such parties when using/leveraging features implemented in such platforms. c) Support team will have super user credentials. So, based on request, L1 support staff will be able to use super admin credentials to manage users account. 5. This is the responsibility of the organization, not the provider, but it is possible to do within the features of the shared hosting price (Possible) 1. Yes. Upon termination of services data would be deleted depending on requirement of backup to be transferred Generally, it happens to be on termination of contract. Until without prior written approval from business owner hosting team never deletes data. 3. Until without prior written approval from business owner hosting team can provide copy of data anytime. 4. Yes. Policy can be setup for the process to dispose. 5. Yes 1. Yes, for configuration management, patch installation & change management of server. We will follow DHIS2 coding standard. 2. Yes, on quarterly basis KNOWARTH Technologies Pvt. Ltd. 10
11 management for all servers involved in delivery of contracted services? 2. Are practices regularly audited? 3. Does the provider notify the organization about any changes that will affect the security, storage, usage, or disposal of any information received or collected directly from the organization? Availability 1. Does the provider offer a guaranteed service level? 2. What is the backup-and-restore process in case of a disaster? 3. What is the provider s protection against denialof-service attack? Audits and Standards 1. Does the provider provide the organization the ability to audit the security and privacy of records? 2. Have the provider s security operations been reviewed or audited by an outside group? 3. Does the provider comply with a security standard such as the International Organization for Standardization (ISO), the Payment Card Industry Data Security Standards (PCI DSS)? Test and Development Environments 1. Will 'live' client data be used in non-production (e.g. test or development, training) environment? 2. Are these environments secure to the same standard as production data? Data Breach, Incident Investigation and Response 1. What happens if your online service provider has a data breach? 2. Do you have the ability to perform security incident investigations or e-discovery? If not, will the provider assist you? For example, does the provider log end user, administrative and maintenance activity and are these logs available to the organization for incident investigation? 3. Yes it would be informed where security, storage, usage or disposal policy & process are updated or affected. 1. Yes. 99.9%. It would also depend on hosting provider which we may might not be guarantee. 2. Yes - There wold be hot-cold disaster where from backup systems can be restore, with chances of losing data up to certain hours. 3. Yes We would have two different modules in web server to take care of this Yes Can be worked out depending on the details to be audited Yes Can be done Not available (Unavailable) However it is available from the hosting provider. 1. Depending on client agreement and setup, it varies. We strongly suggest to have production environment different from staging, QA and dev instance. 2. Yes. Might have to temporary allow access to debug in case of issues. 1. It can be rectified; however, we would suggest to have third party security testing done so both parties are on same page based on report. 2. Yes. We can provide assistance for security incidents if happened including application logs if for administrative and maintenance activities, if application supports KNOWARTH Technologies Pvt. Ltd. 11
Managed Security Services - Endpoint Managed Security on Cloud
Services Description Managed Security Services - Endpoint Managed Security on Cloud The services described herein are governed by the terms and conditions of the agreement specified in the Order Document
More informationVersion v November 2015
Service Description HPE Quality Center Enterprise on Software-as-a-Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Quality Center Enterprise
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationInformation Security Policy
Information Security Policy Information Security is a top priority for Ardoq, and we also rely on the security policies and follow the best practices set forth by AWS. Procedures will continuously be updated
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationMagento Enterprise Edition Customer Support Guide
Magento Enterprise Edition Customer Support Guide April 2017 magento.com/support 2017 Magento, Inc. All rights reserved. Thank You for using Magento Enterprise Edition Customer support is a vital part
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationVersion v November 2015
Service Description HPE Project and Portfolio Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Project and
More informationA company built on security
Security How we handle security at Flywheel Flywheel was founded in 2012 on a mission to create an exceptional platform to help creatives do their best work. As the leading WordPress hosting provider for
More informationESSENTIAL, QUALITY IT SUPPORT FOR SMALL AND MEDIUM BUSINESSES
ESSENTIAL, QUALITY IT SUPPORT FOR SMALL AND MEDIUM BUSINESSES YOUR OWN IT DEPARTMENT AT A FRACTION OF THE COST// Hand over the day-to-day management and responsibility of your IT so you can focus on what
More informationSECURITY PRACTICES OVERVIEW
SECURITY PRACTICES OVERVIEW 2018 Helcim Inc. Copyright 2006-2018 Helcim Inc. All Rights Reserved. The Helcim name and logo are trademarks of Helcim Inc. P a g e 1 Our Security at a Glance About Helcim
More informationIBM Security Intelligence on Cloud
Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients
More informationApplication Lifecycle Management on Softwareas-a-Service
Service Description HPE Application Lifecycle Management on Software-as-a- Service Version v2.0 26 November 2015 This Service Description describes the components and services included in HPE Application
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the
More informationService Description: Software Support
Page 1 of 1 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software
More informationWHITE PAPER- Managed Services Security Practices
WHITE PAPER- Managed Services Security Practices The information security practices outlined below provide standards expected of each staff member, consultant, or customer staff member granted access to
More information2.4. Target Audience This document is intended to be read by technical staff involved in the procurement of externally hosted solutions for Diageo.
Diageo Third Party Hosting Standard 1. Purpose This document is for technical staff involved in the provision of externally hosted solutions for Diageo. This document defines the requirements that third
More informationON SCHEDULE TERMS AND CONDITIONS (September 23rd 2018)
By using On Schedule web application you are making an agreement with us, code fish, according to the current terms and conditions at the time of use. Upon the terms and conditions changing you will be
More informationCloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017
Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017 Disclaimer The following is intended to outline our general product direction. It is intended for information purposes only, and
More informationMaintenance Plan MAINTENANCE PLAN JOLA USA. 68 Jay Street Brooklyn, New York JolaUSA.com.
Maintenance Plan 1 Bridging the Gap JOLA USA 68 Jay Street Brooklyn, New York 11201 agalante@jolausa.com JolaUSA.com MAINTENANCE PLAN Maintenance Plan 2 About We allocate a set number of hours per month,
More informationENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE
ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE INTRODUCTION In line with commercial industry standards, the data center used by EndNote employs a dedicated security team to protect our
More informationVirtual Server Service
ITS Service Level Agreement February 2016 Virtual Server Service What is a Virtual Server? A virtual server (also known as a virtual machine ) is a server that runs on shared physical equipment. Usually,
More informationPTS Customer Protection Agreement
PTS Customer Protection Agreement Revised: July 26, 2017 Thank you for choosing as your IT provider. Customer s Network environments with the most success have an in-house Network Administrator or someone
More informationOUR CUSTOMER TERMS CLOUD SERVICES - INFRASTRUCTURE
CONTENTS 1 ABOUT THIS PART... 2 2 GENERAL... 2 3 CLOUD INFRASTRUCTURE (FORMERLY UTILITY HOSTING)... 2 4 TAILORED INFRASTRUCTURE (FORMERLY DEDICATED HOSTING)... 3 5 COMPUTE... 3 6 BACKUP & RECOVERY... 8
More informationNS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments. Hunter Downey, Cloud Solution Director
NS2 Cloud Overview The Cloud Built for Federal Security and Export Controlled Environments Hunter Downey, Cloud Solution Director Why Organizations are investing in the Cloud Pressure on IT and business
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationCAMPUSPRESS TECHNICAL & SECURITY GUIDE
CAMPUSPRESS TECHNICAL & SECURITY GUIDE CAMPUSPRESS 2 WHAT IS IN THIS GUIDE? TABLE OF CONTENTS INTRODUCTION... 3 HOSTING... 5 DATACENTERS & HOSTING REGIONS... 6 BACKUPS AND DISASTER RECOVERY... 8 RELIABILITY
More informationNORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers
Identify Protect Detect Respond Recover Identify: Risk Assessments & Management 1. Risk assessments are conducted frequently (e.g. annually, quarterly). 2. Cybersecurity is included in the risk assessment.
More informationSAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION 2. SERVICE DEFINITION. 2.1 Service Overview. 2.2 Standard Service Features APPENDIX 2
APPENDIX 2 SAFECOM SECUREWEB - CUSTOM PRODUCT SPECIFICATION 1. INTRODUCTION This document contains product information for the Safecom SecureWeb Custom service. If you require more detailed technical information,
More informationSECURITY DOCUMENT. 550archi
SECURITY DOCUMENT 550archi Documentation for XTM Version 10.3 Published by XTM International Ltd. Copyright XTM International Ltd. All rights reserved. No part of this publication may be reproduced or
More informationDocument Sub Title. Yotpo. Technical Overview 07/18/ Yotpo
Document Sub Title Yotpo Technical Overview 07/18/2016 2015 Yotpo Contents Introduction... 3 Yotpo Architecture... 4 Yotpo Back Office (or B2B)... 4 Yotpo On-Site Presence... 4 Technologies... 5 Real-Time
More informationData Security & Operating Environment
Data Security & Operating Environment Version 1.0, Summer 2018 Last updated: June 21, 2018 https://www.kintone.com/contact/ Contents 1. Service Level Objective (SLO)... 1 2. Availability and Reliability...
More informationSecurity. ITM Platform
Security ITM Platform Contents Contents... 0 1. SaaS and On-Demand Environments... 1 1.1. ITM Platform configuration modes... 1 1.2. Server... 1 1.3. Application and Database... 2 1.4. Domain... 3 1.5.
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More information1 Data Center Requirements
1 Data Center Requirements The following are MassDOT s standard Data Center requirements. 1.1 Data Center General Requirements 1.1.1 The CSC Operator shall furnish, or contract with a third-party provider
More informationCORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION
CORPORATE GLOBAL ROAMING PRODUCT SPECIFICATION 1. INTRODUCTION This document contains information on the Corporate Global Roaming service. If you require more detailed technical information, please contact
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationThe following security and privacy-related audits and certifications are applicable to the Lime Services:
LIME SECURITY, PRIVACY, AND ARCHITECTURE Last Updated: September 26, 2016 FinAccel s Corporate Trust Commitment FinAccel (FinAccel Pte Ltd) is committed to achieving and maintaining the trust of our customers.
More informationManaged Administration Service (MAS): Hitachi ID Password Manager
Managed Administration Service (MAS): Hitachi ID Password Manager 2018 Hitachi ID Systems, Inc. All rights reserved. Contents 1 Introduction 1 2 Managed Administration Service (MAS) 1 2.1 Hitachi ID Systems
More informationTRACKVIA SECURITY OVERVIEW
TRACKVIA SECURITY OVERVIEW TrackVia s customers rely on our service for many mission-critical applications, as well as for applications that have various compliance and regulatory obligations. At all times
More informationWHITE PAPER. Title. Managed Services for SAS Technology
WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive
More informationQUALITY IT SUPPORT TAILORED FOR NOT FOR PROFITS
QUALITY IT SUPPORT TAILORED FOR NOT FOR PROFITS WORKING TOGETHER FOR THE COMMUNITY// F1 Solutions is committed to providing positive change in our community. That is why we offer more than a service, it
More informationService Description: Software Support
Page 1 of 6 Service Description: Software Support This document describes the service offers under Cisco Software Support. This includes Software Support Service (SWSS), Software Support Basic, Software
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationNetworks - Technical specifications of the current networks features used vs. those available in new networks.
APPENDIX V TECHNICAL EVALUATION GUIDELINES Where applicable, the following guidelines will be applied in evaluating the system proposed by a service provider: TABLE 1: HIGH LEVEL COMPONENTS Description
More informationDue Diligence March 2018 Page 1 of 6. Company
Page 1 of 6 Company Company details Services offered Selectapension Limited, Selectapension House, Eridge Road, Crowborough, East Sussex, TN6 2SL, 01892 669494, www.selectapension.com. Registered in England
More informationTECHNICAL INFRASTRUCTURE AND SECURITY PANOPTO ONLINE VIDEO PLATFORM
TECHNICAL INFRASTRUCTURE AND SECURITY PANOPTO ONLINE VIDEO PLATFORM CONTENTS Introduction... 3 Architecture... 3 Hardware and Software... 3 Panopto Components/Prerequisites... 3 Amazon Server Locations...
More informationAltius IT Policy Collection
Altius IT Policy Collection Complete set of cyber and network security policies Over 100 Policies, Plans, and Forms Fully customizable - fully customizable IT security policies in Microsoft Word No software
More informationSERVICE DESCRIPTION MANAGED BACKUP & RECOVERY
Contents Service Overview.... 3 Key Features... 3 Implementation... 4 Validation... 4 Implementation Process.... 4 Internal Kick-Off... 4 Customer Kick-Off... 5 Provisioning & Testing.... 5 Billing....
More informationv February 2016
Service Description HPE Application Performance Management on Software-as-a- Service v2.1 20 February 2016 This Service Description describes the components and services included in HPE Application Performance
More informationOne Hospital s Cybersecurity Journey
MAY 11 12, 2017 SAN FRANCISCO, CA One Hospital s Cybersecurity Journey SanFrancisco.HealthPrivacyForum.com #HITprivacy Introduction Senior Director Information Systems Technology, Children s Mercy Hospital
More informationHP Application Lifecycle Management. Upgrade Best Practices
HP Application Lifecycle Management Upgrade Best Practices Document Release Date: October 2010 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationQuickBooks Online Security White Paper July 2017
QuickBooks Online Security White Paper July 2017 Page 1 of 6 Introduction At Intuit QuickBooks Online (QBO), we consider the security of your information as well as your customers and employees data a
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationUNCLASSIFIED. Mimecast UK Archiving Service Description
UNCLASSIFIED 26/05/2016 v2.3 Mimecast UK Email Archiving Service Description Mimecast UK Email Archiving, provides businesses with a secure, scalable cloud-based message archive. It s designed to significantly
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationObject Storage Service. Product Introduction. Issue 04 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 04 Date 2017-12-20 HUAWEI TECHNOLOGIES CO., LTD. 2017. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationRADIAN6 SECURITY, PRIVACY, AND ARCHITECTURE
ADIAN6 SECUITY, PIVACY, AND ACHITECTUE Last Updated: May 6, 2016 Salesforce s Corporate Trust Commitment Salesforce is committed to achieving and maintaining the trust of our customers. Integral to this
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationSecurity and Compliance at Mavenlink
Security and Compliance at Mavenlink Table of Contents Introduction....3 Application Security....4....4....5 Infrastructure Security....8....8....8....9 Data Security.... 10....10....10 Infrastructure
More informationAppPulse Point of Presence (POP)
AppPulse Point of Presence Micro Focus AppPulse POP service is a remotely delivered solution that provides a managed environment of Application Performance Management. AppPulse POP service supplies real-time
More informationThe Common Controls Framework BY ADOBE
The Controls Framework BY ADOBE The following table contains the baseline security subset of control activities (derived from the Controls Framework by Adobe) that apply to Adobe s enterprise offerings.
More informationSAS SOLUTIONS ONDEMAND
DECEMBER 4, 2013 Gary T. Ciampa SAS Solutions OnDemand Advanced Analytics Lab Birmingham Users Group, 2013 OVERVIEW SAS Solutions OnDemand Started in 2000 SAS Advanced Analytics Lab (AAL) Created in 2007
More informationRyan KS office thesee
SERVERR and WORKSTATION REMOTE MANAGEMENT SERVICES Ryan Dental Systems Dental Computer Systems Support and Sales 303 2 nd Street, PO Box 194, Inland NE 68954 5506 SW 31stPh: 402-461-5575 Terrace Topeka
More informationIPM Secure Hardening Guidelines
IPM Secure Hardening Guidelines Introduction Due to rapidly increasing Cyber Threats and cyber warfare on Industrial Control System Devices and applications, Eaton recommends following best practices for
More informationInterCall Virtual Environments and Webcasting
InterCall Virtual Environments and Webcasting Security, High Availability and Scalability Overview 1. Security 1.1. Policy and Procedures The InterCall VE ( Virtual Environments ) and Webcast Event IT
More informationEpicor ERP Cloud Services Specification Multi-Tenant and Dedicated Tenant Cloud Services (Updated July 31, 2017)
Epicor ERP Cloud Services Specification Multi-Tenant and Dedicated Tenant Cloud Services (Updated July 31, 2017) GENERAL TERMS & INFORMATION A. GENERAL TERMS & DEFINITIONS 1. This Services Specification
More informationGLOBAL PAYMENTS AND CASH MANAGEMENT. Security
GLOBAL PAYMENTS AND CASH MANAGEMENT Security The Bank aims to provide you with a robust, reliable and secure online environment in which to do business. We seek to achieve this through the adoption of
More informationService Manager. Ops Console On-Premise User Guide
Service Manager powered by HEAT Ops Console On-Premise User Guide 2017.2.1 Copyright Notice This document contains the confidential information and/or proprietary property of Ivanti, Inc. and its affiliates
More informationData Center Operations Guide
Data Center Operations Guide SM When you utilize Dude Solutions Software as a Service (SaaS) applications, your data is hosted in an independently audited data center certified to meet the highest standards
More informationAbout HP Quality Center Upgrade... 2 Introduction... 2 Audience... 2
HP Quality Center Upgrade Best Practices White paper Table of contents About HP Quality Center Upgrade... 2 Introduction... 2 Audience... 2 Defining... 3 Determine the need for an HP Quality Center Upgrade...
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationFor USA & Europe January 2018
For USA & Europe January 2018 www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 2 This document covers three aspects of SysAid Cloud: Datacenters Network, Hardware,
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationTotal Cost of Ownership: Benefits of ECM in the OpenText Cloud
Total Cost of Ownership: Benefits of ECM in the OpenText Cloud OpenText Managed Services brings together the power of an enterprise cloud platform with the technical skills and business experience required
More informationCloud Services. Introduction
Introduction adi Digital have developed a resilient, secure, flexible, high availability Software as a Service (SaaS) cloud platform. This Platform provides a simple to use, cost effective and convenient
More informationPretaGov Australia SaaS Hosting with Fully Managed Services, Support and Maintenance
PretaGov Australia SaaS Hosting with Fully Managed Services, Support and Maintenance Introduction to PretaGov PretaGov operates a Government Community Plone CMS (content management system) SaaS Cloud exclusively
More informationWHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution
WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. We have been
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationManaged Services Rely on us to manage your business services
Managed Services Rely on us to manage your business services Your business relies on a number of interconnected systems used by different departments from HR, Marketing, Sales and IT. Keeping all these
More informationInformation Security Practices
3 Phillip Street, 13-03 Royal Group Building, Singapore 048693 www.trustsphere.com Information Security Practices TrustSphere Pte Ltd Co Reg No. 200614342Z Contents 1 Physical security... 4 2 Network security...
More informationMICROSOFT APPLICATIONS
MICROSOFT APPLICATIONS MICROSOFT SOFTWARE SOLUTIONS THE EFFECTIVE WAY TO DELIVER MICROSOFT APPLICATIONS The Microsoft Office suite of applications are a business essential; one that is used each and every
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationService Description CloudCore
CloudCore TITLE: CloudCore DOCUMENT REF NO: QMS REC117 DESCRIPTION: Service description for the CloudCore service. OWNER / AUTHORITY: QMS / ISMS DOCUMENT CROSS REFERENCE: Director of Product and Service
More informationIBM SmartCloud Notes Security
IBM Software White Paper September 2014 IBM SmartCloud Notes Security 2 IBM SmartCloud Notes Security Contents 3 Introduction 3 Service Access 4 People, Processes, and Compliance 5 Service Security IBM
More informationData Storage, Recovery and Backup Checklists for Public Health Laboratories
Data Storage, Recovery and Backup Checklists for Public Health Laboratories DECEMBER 2018 Introduction Data play a critical role in the operation of a laboratory information management system (LIMS) and
More informationMinfy MS Workloads Use Case
Contents Scope... 3 About CUSTOMER... Error! Bookmark not defined. Use Case Description... 3 Technical Stack... 3 AWS Architecture... Error! Bookmark not defined. AWS Solution Overview... 4 Risk Identified
More informationCHOOSING A RACKSPACE HOSTING PLATFORM
SERVICE OVERVIEW CHOOSING A RACKSPACE HOSTING PLATFORM AN OVERVIEW OF RACKSPACE SERVICE OFFERINGS April 19, 2018 TABLE OF CONTENTS Rackspace has amassed nearly two decades of hosting experience, and along
More informationSolution Pack. Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Managed Database Service Selections and Prerequisites Subject Governing Agreement Term DXC Services Requirements Agreement between DXC and Customer
More informationInformation Technology Procedure IT 3.4 IT Configuration Management
Information Technology Procedure IT Configuration Management Contents Purpose and Scope... 1 Responsibilities... 1 Procedure... 1 Identify and Record Configuration... 2 Document Planned Changes... 3 Evaluating
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationThe 11-point checklist for SMB Microsoft Azure Cloud users
The 11-point checklist for SMB Microsoft Azure Cloud users ONTENTS Back-up and Recovery Encryptions Auto-Scaling Syncing data Security and Compliance Cloud Inventory & Cost Tracking Scheduling Policies
More informationhcloud Deployment Models
hcloud Deployment Models Drew Dietrich Director, Oracle Managed Cloud Services 1 The Safe Harbor The following is intended to outline our general product direction. It is intended for information purposes
More informationWEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM
SECURITY ANALYTICS WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM BLAZING PERFORMANCE, HIGH AVAILABILITY AND ROBUST SECURITY FOR YOUR CRITICAL WEB APPLICATIONS OVERVIEW Webscale is a converged multi-cloud
More informationVMware vcloud Air SOC 1 Control Matrix
VMware vcloud Air SOC 1 Control Objectives/Activities Matrix VMware vcloud Air goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a
More informationUniversity of Colorado
University of Colorado Information Technology Services 2007 CU-Boulder Restricted Data System Security Requirements Table of Contents 1 GE ERAL COMPLIA CE... 1 2 ETWORK SECURITY... 1 3 PROTECT STORED DATA...
More informationDeploy. A step-by-step guide to successfully deploying your new app with the FileMaker Platform
Deploy A step-by-step guide to successfully deploying your new app with the FileMaker Platform Share your custom app with your team! Now that you ve used the Plan Guide to define your custom app requirements,
More information