For Australia January 2018

Similar documents
For USA & Europe January 2018

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

InterCall Virtual Environments and Webcasting

What can the OnBase Cloud do for you? lbmctech.com

SysAid Technical Presentation. Phone (Toll-Free US): Phone: +972 (3)

TB+ 1.5 Billion+ The OnBase Cloud by Hyland 600,000,000+ content stored. pages stored

Security and Compliance at Mavenlink

AWS continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.

CAMPUSPRESS TECHNICAL & SECURITY GUIDE

Automate sharing. Empower users. Retain control. Utilizes our purposebuilt cloud, not public shared clouds

KantanMT.com. Security & Infra-Structure Overview

The professional IT management platform

The Nasuni Security Model

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

Custom hosting solutions orchastrated for your needs.

Awareness Technologies Systems Security. PHONE: (888)

SIEMLESS THREAT DETECTION FOR AWS

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SCALEFAST COMMERCE CLOUD INFRASTRUCTURE

FUJITSU Backup as a Service Rapid Recovery Appliance

WHITE PAPER. Header Title. Side Bar Copy. Header Title 5 Reasons to Consider Disaster Recovery as a Service for IBM i WHITEPAPER

Cloud FastPath: Highly Secure Data Transfer

SECURITY PRACTICES OVERVIEW

Vendor Security Questionnaire

Document Sub Title. Yotpo. Technical Overview 07/18/ Yotpo

BeBanjo Infrastructure and Security Overview

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

Layer Security White Paper

SECURITY STRATEGY & POLICIES. Understanding How Swift Digital Protects Your Data

Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Maintain Data Control and Work Productivity

Five Key Considerations for Selecting Cloud Recovery Services

ALERT LOGIC LOG MANAGER & LOG REVIEW

PCI DSS Compliance. White Paper Parallels Remote Application Server

CogniFit Technical Security Details

A company built on security

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

CTS performs nightly backups of the Church360 production databases and retains these backups for one month.

WORKSHARE SECURITY OVERVIEW

epldt Web Builder Security March 2017

White Paper The simpro Cloud

Custom cloud hosting for your Sitecore Experience Platform.

WHITE PAPER: BEST PRACTICES. Sizing and Scalability Recommendations for Symantec Endpoint Protection. Symantec Enterprise Security Solutions Group

Twilio cloud communications SECURITY

Best Practices in Securing a Multicloud World

Acronis Hybrid Cloud Architecture Unified Centralized Data Protection Web-based User Interface Deployed On-premises or in the Cloud.

Identifying Workloads for the Cloud

Ensuring business continuity with comprehensive and cost-effective disaster recovery service.

SECURITY AND DATA REDUNDANCY. A White Paper

CAPABILITY STATEMENT

From Single File Recovery to Full Restore: Choosing the Right Backup and Recovery Solution for Your Cloud Data

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

There are also a range of security and redundancy systems designed to improve the speed, reliability, stability and security of the simpro Cloud.

MYOB Advanced SaaS. Why choose MYOB Advanced? Fact Sheet. What is MYOB Advanced SaaS?

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Intermedia s Private Cloud Exchange

DHIS2 Hosting Proposal

Leading Investment Management Software Firm Slashes Infrastructure Costs, Maximizes Application Availability ATTENTION. ALWAYS.

Information Security Policy

Security Information & Policies

Projectplace: A Secure Project Collaboration Solution

Accelerating the HCLS Industry Through Cloud Computing

TRACKVIA SECURITY OVERVIEW

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

MigrationWiz Security Overview

Advanced Architectures for Oracle Database on Amazon EC2

PretaGov Australia SaaS Hosting with Fully Managed Services, Support and Maintenance

Security Principles for Stratos. Part no. 667/UE/31701/004

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

OptiSol FinTech Platforms

HPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack

Cyber security tips and self-assessment for business

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

Information Security at Veritext Protecting Your Data

CoreMax Consulting s Cyber Security Roadmap

Core Services for ediscovery Perfection

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Sage Data Security Services Directory

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Hybrid Cloud for Business Communications

Data Protection for Cisco HyperFlex with Veeam Availability Suite. Solution Overview Cisco Public

P a g e 1. Teknologisk Institut. Online kursus k SysAdmin & DevOps Collection

Cisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures

Disaster Recovery and Business Continuity

Cloud Services. Introduction

DELL POWERVAULT MD FAMILY MODULAR STORAGE THE DELL POWERVAULT MD STORAGE FAMILY

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Security. ITM Platform

The Lighthouse Case Management System

GoAnywhere MFT System Architecture Guide. For High Availability, Scaling, and Performance

AWS SECURITY AND COMPLIANCE QUICK REFERENCE GUIDE

ITIL Intermediate Service Operation Certification Exam Training - Brochure

Clearswift Hosting Options

Security White Paper. Midaxo Platform Krutarth Vasavada

THE WORLD S BEST- CONNECTED DATA CENTERS EQUINIX MIDDLE EAST & NORTH AFRICA (MENA) Equinix.com

Security Note. BlackBerry Corporate Infrastructure

The Common Controls Framework BY ADOBE

Windows Server The operating system

Transcription:

For Australia January 2018

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 2 This document covers three aspects of SysAid Cloud: Datacenters Network, Hardware, and Software Components Disaster Recovery Plan The technical details in this document refer specifically to SysAid Cloud in Australia. SysAid - Your Sensible Cloud Solution SysAid takes customer data recovery very seriously. We minimize risk, ensure business continuity, and carefully select a hosting plan to ensure the highest standards in our disaster recovery plans (DRP). We ve got every scenario covered! Your data is always protected by firewalls that adhere to the highest standards. Our DRP gives you the peace of mind that your business requires. Datacenters SysAid Cloud is hosted in third-party state-of-the-art datacenters. AU-AWS is hosted on one availability zone in Sydney with Amazon Web Services (SSAE-16 TYPE II certified, ISO 27001 compliant, HIPAA compliant, PCI compliant, and more).

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 3 Network, Hardware, and Software Components Environment Diagram DNS Load Balancer Application Servers AWS Aurora

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 4 DNS Using AWS (Amazon Web Services) Route 53, we are able to point requests to our main load balancer. Each account points to the load balancer as long as it operates properly and will automatically fail over to any of the other two load balancers in case the primary one fails. Firewalls All servers are protected by strict security policies defined in AWS. In addition, each server is also protected with another layer of a software firewall. Load Balancer Using high-availability load balancing technology, we are continuously checking application servers health and are forwarding requests to the least busy application server at a given time. In case an application server fails, the load balancer is configured to alert our team of engineers and prevent forwarding any request to the downed application server. Application Servers The application servers that are used to operate SysAid run on Apache Tomcat. Each instance runs N+1 application server nodes, which are spread across three availability zones so that the instance can remain operational even if any application node or availability zone is failing. Database Servers SysAid is storing most data (except some configuration and attached files) in an AWS Aurora database in our Sydney datacenter. Aurora delivers up to five times the throughput of standard MySQL running on the same hardware and is the most reliable infrastructure to date. Aurora scales automatically, which means that our databases grow as your storage needs grow. It's also a fully managed service so AWS provides us with monitoring, security patches, and overall maintenance.

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 5 Shared Storage A designated server is used to manage the shared storage for all the servers in the environment. It holds all files uploaded to the application (attachments) and some configuration files (customized reports, translation, customized HTML files, images, etc.). These shared files are replicated every 15 minutes to a second server, so at worst case scenario 15 minutes of data loss may occur (while a more realistic scenario is that the lost data should be recoverable at a later time). Host Hardware SysAid Cloud is running on virtual machines running 64-bit Amazon Linux AMI (based on Red Hat Enterprise Linux). Each guest is made with enough resources to fulfil its purpose (e.g. application servers are running with plenty of CPU power and highspeed SSD hard drives). All components are redundant in three availability zones, so even if Amazon is experiencing complete datacenter failure, the remaining two availability zones should remain functional and no disturbance should be noticed. SysAid Cloud Security ISO 27001 dictates that AWS data centers are secured with the highest standards and monitored regularly. To read more about Amazon s security, please refer to AWS Security Center. Network Security Data servers are protected by a firewall to ensure that no unauthorized traffic can reach the servers. Access to the servers is restricted to approved IP addresses and requires a private key authentication.

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 6 Server OS Security All OS or other back-end patches are applied immediately for security patches and in 1 5 days for non-security patches. Full security audits of the server logs are performed on a periodic basis. Application Security SysAid is (optionally or forcibly) accessible via HTTPS to ensure that data in-transit is secure. Regular and thorough application security testing is performed at all stages of development to ensure that the application interface can t be exploited. A complete vulnerability assessment (including penetration tests) on the live environment is periodically performed by external security experts. Data for each customer is stored in its own database, ensuring that there is no data leakage. Human Factor Security Access to the servers is restricted to the server administrators, an approved representative of the support team, and an approved representative of the development team (access is revoked if no longer necessary). In no cases do any of these administrators look at actual customer-entered data without the express written consent of the customer. Server logins are reviewed daily. Any changes made to the cloud environment follow a predefined change process, including approvals, as specified by ITIL best practices.

SysAid Cloud Architecture Including Security and Disaster Recovery Plan 7 Data Integrity and Continuity All components of the system are redundant, so that no single component is a single-point-of-failure. All data is continuously replicated between the three availability zones, to ensure that your data is always safe and that your business processes can continue uninterrupted even in the midst of a crisis. All data is backed up on a daily basis; backups are stored in AWS S3 in the relevant region. The DRP is fully tested on a periodic basis to ensure successful failover upon request. SysAid follows ITIL best practices for problem management to ensure than any incidents that affect service are thoroughly investigated and don t recur. Disaster Recovery Plan SysAid Cloud is hosted on two different availability zones. With almost all components available on each availability zone, most failures should go unnoticed to the users. Scenario 1: Application Server Failure Description: The application server terminates or loses connection to the database. Actions: The load balancer will identify that the application server is failing and will automatically remove it from the application cluster. All other application servers should continue serving users requests. Aside from the automated procedure, the DevOps team will be notified and will focus on fixing the failing application server. Potential Downtime: Between none and 30 seconds. Downtime applies only to some of the users (the ones that were redirected to the failing application server). Potential Loss of Data: None. No data is stored on the application server, except the users sessions (loss of users sessions may require users to authenticate again).

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 8 Scenario 2: Database Node Unreachable Description: The application server loses connection to the database cluster. Actions: The database cluster will identify that a database node is failing and will automatically redirect connections from the application server to a redundant database node. Aside from the automated procedure, the DevOps team will be notified and will focus on fixing the failing database server. Potential Downtime: Between none and 1 second. Potential Loss of Data: Data entered during the time it took the cluster to realize the database server was down might be lost. In such a case, SysAid should show an error message indicating that the data was not saved. Scenario 3: Complete Datacenter (Availability Zone) Failure Description: The entire datacenter (availability zone) terminates or loses connection to the other availability zones. Actions: In essence, even if all the above scenarios occur simultaneously, the DNS will redirect all requests to the application servers on the remaining availability zones. Additionally, the database cluster will work from the remaining availability zones and all connections will be redirected accordingly. Aside from the automated procedure, the DevOps team will be notified and will focus on fixing the failing application server. Potential Downtime: Between none and 30 seconds. Potential Loss of Data: None. No data is stored on the application server, except the users sessions (loss of users sessions may require the users to authenticate again).

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 9 About SysAid Technologies SysAid Technologies Ltd. is a leading provider of IT Service Management (ITSM) solutions that integrate all of the essential IT tools into one service desk. Available as a cloud-based or onpremises solution, SysAid's ITIL-certified software streamlines day-to-day IT activities so that administrators can deliver fast and comprehensive support. Founded in 2002 by Israel Lifshitz, SysAid Technologies serves a constantly growing user base of over 100,000 IT admins in more than 140 countries worldwide, and is available in 42 languages. With scalable solutions for organizations of all sizes, from SMBs to Fortune 500 corporations, SysAid is deployed at companies in multiple industries. At the forefront of service excellence, SysAid is committed to delivering first-rate technical support, providing a wide range of services and training initiatives. Our customers, beginners and advanced users alike, benefit from personalized web demonstrations, free webinars, training programs, and onsite professional services. We believe that keeping up with the times does not have to mean more complex or costly solutions. True to SysAid's trademark of simplicity, we guarantee to uphold our commitment of providing an ease-of-use experience that will simplify the ever-complicated tasks of the IT professional. SysAid has offices in Israel, Australia, Brazil, and the United States. For more information, please visit www.sysaid.com.

www.sysaid.com SysAid Cloud Architecture Including Security and Disaster Recovery Plan 10 www.sysaid.com Tel. Australia: +61 (2) 8073-5023 info@sysaid.com facebook.com/sysaidit twitter.com/sysaid linkedin.com/company/sysaidtechnologies-ltd youtube.com/user/sysaidit plus.google.com/+sysaid

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback