DECEMBER 4, 2013 Gary T. Ciampa SAS Solutions OnDemand Advanced Analytics Lab Birmingham Users Group, 2013
OVERVIEW SAS Solutions OnDemand Started in 2000 SAS Advanced Analytics Lab (AAL) Created in 2007 Multiple ASP lines of business, representing over 400 customer sites Marketing, Banking, Financial analytic solutions Health Care, Pharmaceutical & Retail analytic solutions Work in highly regulated industries Experience with large data volumes, demanding batch processing cycles and realtime delivery of content Experience coordinating with executive, business and technical teams Best Practices Data transfer, backup, restore, automation, monitoring and alerting Documented processes and procedures
BENEFITS End-to-end solution Software, implementation, mentoring, on-going support, infrastructure in one place unified approach for client Rapid time to value - Solution delivery model provides efficient time to value with the right expert at the right time, while customer focus remains on core strengths Expertise in establishing analytic platforms Data integration, data quality, update and access to large amounts of data in a pristine environment Scalable and secure SOC 2 / SOC 3, SLA gives customer assurance for applications and minimizes resource and scheduling issues Leverage extensive SAS skills as desired On-premise the solution when and if desired
Servers Network Storage, backup and restore SAS Data Center Security Encrypted data transfers Change management User account & entitlement management Resource and health metrics - reporting Continuation of business strategy Outages, outage notifications, SLAs IT Support
Support for multiple platforms [Linux/x86, Solaris/SPARC, HP-UX (PA-RISC/IA64), AIX, Windows/x86] Scalable Servers (2 to 64 processors), including system resource on-demand services Redundant components or servers are configured for 99% SLA Strict change control enforcement Hardened and baselined at time of deployment Resource and health monitoring (24x7) Hot Fix, Maintenance and Release management Interactive shell access to UNIX systems must be encrypted via SSH or accessed directly from the console HTTP and FTP access encrypted using SSL where appropriate Servers
Firewall / DMZ Isolated network Customer approval of all configuration changes Private leased lines (configure multiple or redundant lines) Encrypted VPN (backup network or primary) Network
STORAGE AND BACKUP Storage Scalability (1 to 100+TB) RAID protection (Levels 5, 1, 1+0) Remotely mirrored primary warehouse (for data availability and backups) Backup and Restore Encrypted backups of all data (daily, weekly, monthly) Backups performed from secondary data center (for data availability) Archive and restore services available
SAS Data Center Located at SAS Corporate Headquarters Fully secure Physical access restricted No external doors or windows All access monitored and reviewed Access to hosted equipment and rooms within the Data Center further restricted to those that require it Staffed 24x7 Full Environmental Controls & Redundancy N+1 cooling N+1 UPS N+1 generators Inert gas fire protection supplemented by preaction water Environmental status monitored Regular preventive maintenance performed
Security SOC 2 / SOC 3, SSAE 16 and Safe Harbor certifications Safeguards on regulated data Secure file transfer Data Classification Policy and Clean Desk Program United States Government Compliance
Physical Logical Access Log Review All physical hardware (servers, network, racks, backup tapes) protected by electronic locks Firewall / DMZ configured to restrict all traffic which is not approved All system level access logs are summarized and reviewed daily by the information security group. Security Access limited to those that require it (subset of Data Center staff) IDS / IPS services available All logs can be jointly reviewed upon request Cameras record all entries and exits to hosting rooms All users with elevated privileges must be approved Data center physically patrolled Elevated privileges are granted by SUDO or RU to those that not requiring system root or administrator passwords; may be restricted in scope
Data Transfer All data transfers are encrypted Support for FTP/S, SFTP, and HTTPS Audit files for transfer quality checks Notifications for file transfers are available All transfers are logged and reports generated Automated and scheduled delivery of data
User Account and Entitlement Management Web-based account management Approval required for all account and entitlement changes Historical tracking and auditing provided Self-service facility for forgotten passwords and user names Entitlement reports created on demand
Resource and Health Metrics: Reporting Real-time alerting for server and application availability Resource utilization metrics for CPU, memory, disk Resource availability metrics for applications including (SAS, HTTP and FTP). Monthly reports on server availability Real-time access to resource utilization metrics
Change Management All servers and network configurations are baselined at time of production deployment All changes must go through change management All changes must be approved except in the case of emergencies which are approved post-change Reports on all changes can be produced upon request
Continuation of Business Strategy Corporate wide strategy (refer to http://www.sas.com/corporate/continuity.pdf) Plans and procedures aimed at protecting SAS s key assets and continuing its critical business functions in the event of threats such as natural disasters, pandemics, power outages, computer viruses or terrorist attacks Within SAS COB program, the Emergency Operations Command (EOC) framework operates as an Incident Command Structure (ICS) for managing disaster events from a corporate perspective EOC and the Executive Management Team are responsible for declaring a disaster and activating SAS company-wide Response teams and Business Resumption (BR) teams EOC teams include: Emergency Response (life / safety and facilities evacuation) Facilities Response Communications Response (internal and external) Business Resumption Information Technology Response Data safeguarding is included in all SAS Solutions OnDemand hosted solutions Additional services can be negotiated
Outages, Outage Notifications and Service Level Agreements SAS performs standard scheduled outages Monthly outages are performed during the 3rd weekend of the month. Facilities and preventative maintenance outages which may impact services are scheduled at least 3 weeks in advance with customer approval Application outages are scheduled and approved by the customer Outage Notifications Customers are notified at least 3 days in advance of all scheduled outages unless otherwise requested and approved by the customer Facilities outage notifications are sent 3 weeks in advance including preventative maintenance tasks Unscheduled outages are communicated to the customer as soon as reasonably possible. SAS Solutions OnDemand maintains a minimum of 99% uptime outside of scheduled outages
FOR MORE INFORMATION, CONTACT: SAS SOLUTIONS HTTP://WWW.SAS.COM/SOLUTIONS/ / www.sas.com