EmpLive Technical Overview
|
|
- Arlene Fletcher
- 8 years ago
- Views:
Transcription
1 Version 1.6 Updated 27/08/2015 Support: support@wfsaustralia.com Website: wfsaustralia.com
2 Legal Notice Copyright WFS: A WorkForce Software Company. All Rights Reserved. By receiving this information, you agree to keep this information confidential. It may not be duplicated in any way without the express written consent of WFS: A WorkForce Software Company, except that you are given permission to duplicate it in electronic or printed form for the purpose of distribution for evaluation of our software. Distribution should be limited to those employees and/or consultants who are directly involved in evaluating our solution. 2
3 Table of Contents Introduction... 2 WFS: A WorkForce Software Company... 2 Partners... 2 Technology... 3 System Requirements... 4 Infrastructure... 4 Data Centre... 5 Security... 5 Network Security... 6 Communication Security... 6 Web Application... 6 Biometric Terminal Data... 6 Software Security... 6 Operating System... 6 Web Application... 6 Database Access... 6 User Authentication... 7 Password Management... 7 Single Sign-On (SSO)... 7 Privacy... 7 Privacy Standards... 7 Internal Security and Privacy Policy... 7 Employment Security Checks... 7 Company Information Security and Privacy Policy... 7 Performance and Monitoring... 8 Redundancy and Disaster Recovery... 8 Database Availability... 8 Backups... 9 Recovery... 9 Operational Policies... 9 Change Management... 9 Capacity Management... 9 Incident Management
4 Introduction WFS: A WorkForce Software Company WFS: A WorkForce Software Company (WFS Australia) is a leading provider of cloud-based workforce management solutions for Australian and New Zealand employers. The company s EmpCenter and EmpLive suites enable organisations to automate time and attendance, streamline absence and leave management, optimise staff rostering, gain real-time visibility into labour costs and productivity, and mitigate the risks of employee fatigue. EmpCenter is an enterprise-grade software suite that provides total workforce coverage and simpli fies labour compliance for large and multinational employers. EmpLive (previously sold as RosterLive) offers powerful functionality that can be rapidly deployed in small to midsized organisations. Based in Sydney, WFS Australia pairs local expertise with the strength and stability of a global provider. More than 250 Australian and New Zealand companies rely on WFS Australia solutions today. For more information, visit or call Partners At WFS Australia, we work closely with several highly respected companies to bring the best workforce management solution to the market and are proud to highlight these partnerships. 2
5 Technology EmpLive is a cloud-based system that utilises proven technology to provide a robust workforce management solution. WFS Australia customers have the reassurance and confidence that the supporting system architecture is backed by well-known names in IT Microsoft Corporation and Dell. EmpLive is designed and built using Microsoft technologies:.net Framework, SQL Server, Windows Server and SQL Reporting Services. We have chosen the Microsoft.NET Framework above other competitive web technologies for a number of reasons: y Maturity and Flexibility: The.NET framework is a full object oriented and flexible developing platform utilising more than 20 other CTS-compliant languages. In that sense, it is truly interoperable with existing programmers skills, improving re-usability and reducing complexity. These make the developed applications easily maintainable and accelerate support and service. y Integration and Scalability:.NET Framework 4.5 provides a new level of internal and external secure communication through Windows Communication Foundation providing a unified programming model for building service-oriented applications to interface with 3rd party services using standard protocols such as RPC and SOAP. y Security: E-commerce and enterprise data applications can effectively use the in-built comprehensive range of security and cryptography libraries of the.net Framework. y Web Application Framework: The ASP.NET framework, used to build dynamic web applications and services provides the developers the tools to easily create a sophisticated and robust web solution. The advanced debugging environment shortens the development cycle and allows developers to rapidly build and deploy applications. Also, because ASP.NET is a pre-compiled solution it provides performance benefits over other script-based technologies. y Community Support: Widespread usage of the.net Framework by the development community provides a large number of technical resources available on the market globally. This makes developing using the.net Framework the logical solution of choice by many well-known organisations. y Brand Assurance: The.NET platform is backed and strongly supported by Microsoft. The community also provides a significant number of developing tools. To mitigate the risk of product failure, EmpLive is deployed on the latest Microsoft Windows servers and uses Microsoft SQL Server as its database engine. Another key technology employed by EmpLive is SQL Reporting Services. This technology is a proven standard solution for designing, managing and delivering scalable reports via the Web and embedded in enterprise applications. SQL Reporting Services provides EmpLive users the following benefits: y Cost effective development: Reports can be rapidly designed and deployed. y Exporting: Provide native support to export onto PDF and Excel. y Future Proofing: Backed by the Microsoft brand. EmpLive depends on Dell PowerEdge Rack Servers. Dell s servers were selected for their reliability, time-tested designs and the latest innovative technologies. Combining the above mentioned technologies along with compliance to best patterns and practices and verified development methodologies, EmpLive keeps development lifecycle more technically and financially effective. 3
6 System Requirements Using EmpLive requires a computer with the following: y An internet connection y A modern browser enabled with JavaScript, cookies and SSL Note that EmpLive supports the current and previous major releases of Internet Explorer, Chrome, Firefox and Safari. Infrastructure EmpLive is deployed in a private cloud. There is dedicated power, network and hardware infrastructure allocated exclusively for all the EmpLive customers. EmpLive runs on a multitenant environment where a single instance of the software serves multiple customers. Primary Data Centre Disaster Recovery Data Centre 4
7 Data Centre EmpLive operates from the Equinix SY3 IBX (International Business Exchange) in Alexandria, NSW. The data centre has been functionally designed to meet the Tier 3 requirements of the TIA-942 standard. Features include: y Multiple active power and cooling distribution paths y Redundant components, and is concurrently maintainable, providing % availability y ISO27001 certified y Accredited green building which has achieved a Gold rating in the LEED ratings of the US Green Building Council. y Approved by AGIMO (The Australian Government Information Management Office) to be a data centre for federal government information. Security WFS Australia understands that data availability, confidentiality and integrity are key to our customer s operational success. We invest significant resources to continually monitor, audit, and upgrade our security infrastructure and processes as new standards are developed and accepted. Physical Security The customer data is hosted in a world class data centre, Equinix IBX Centre. These facilities provide the following support: y Staffed 24 hours a day, 365 days a year y 24x7x365 CCTV recordings y Access by appointment only, with sign in procedure and visual confirmation by trained security officers y Access control (man traps) and biometric readers at all main entry points y Security features, equipment and procedures enabling staff to track the whereabouts of anyone in IBX at anytime y Customer caged areas For more information on the Equinix data centre go to: 5
8 Network Security The customer data is hosted by WFS Australia and placed in a restricted access network. y Perimeter firewalls guarantee only valid IPs and ports are allowed access to the network. y A third party network monitoring tool continuously scans the network and provides real time alerts. y WFS Australia monitors and analyses security logs to proactively identify security threats. Communication Security Web Application All communication between the user and the EmpLive, ESS and ClockLive web applications is encrypted through Secure Socket Layer (SSL) via the HTTPS protocol. Note that all requests are sent through the secure SSL channel, not just the login information. A premium SSL certificate is deployed in the ESS web application providing extended validation, green address bar, 128-bit minimum to 256-bit encryption and vulnerability assessment. This premium SSL certification is powered by Verisign, the most trusted industry-leading SSL provider used by the world s largest financial institutions. The premium SSL certificate is available to customers for their EmpLive web application on request. Biometric Terminal Data The biometric information captured during the enrolment process and authentication is encrypted and kept within the ACTAtek terminal itself and not transmitted anywhere else. For additional security, WFS Australia recommends that the external IP or URLs allocated by the client for the biometric terminals use the HTTPS protocol. Software Security Operating System During the scheduled maintenance times, the latest security patches available are applied. This ensures that operating system vulnerabilities cannot be used to gain unauthorised access to WFS Australia. Web Application WFS Australia tests all code for security vulnerabilities before release. Third-party application vulnerability threat assessments are conducted on a monthly basis. Database Access Database access is strictly controlled and requires prior authorisation by our Change Approval Board. Database access is audited monthly. 6
9 User Authentication Password Management Users are authenticated with a username and password combination. Following the ISO guidelines for password management, EmpLive passwords must include: y a minimum length of eight characters y a lower case character (a-z), a capital character (A-Z), a numeric character (0 9) and a special character (@ # $ & / +) Customer based settings are also available to assist with password expiry reminders, password recycle thresholds to avoid password reuse and lock out mechanisms for multiple login failures. Single Sign-On (SSO) Single-sign on integration is available with both the EmpLive and ESS web applications. SSO is achieved using SAML 2.0 supporting both Identity Provider (IdP) initiated and Service Provider (SP) initiated sequences. Privacy Privacy Standards WFS Australia complies with the Australian Privacy Act and confidential standards by ensuring: y Customer data is secure and accessible by the customer when required y When sharing data with integrated systems only the data required is collected and transferred y Sensitive data such as passwords are stored encrypted with a one-way hash WFS Australia also observes Microsoft security best practices. Internal Security and Privacy Policy Employment Security Checks All WFS Australia employees must submit a police check and at least 2 referees are contacted during the employment process. Access to WFS Australia systems and data is granted on a need to see basis with limited access given until the employee s probation period ends. Company Information Security and Privacy Policy Employees are responsible for adhering to security and privacy policies and for escalating violations to those policies. The Company Information Security & Privacy policy covers: y Logical Security security measures for accessing electronic information resources through logical means e.g. via software or network controls, procedural controls relating to password management, security of data, communications security and reduction of risks from computer viruses software. y Physical Security security measures for controlling access to electronic information through physical means; physical access control and procedural controls which restrict access to computer systems and information. y Staff Policies security measures with respect to associate acceptable use of technology resources and other organisational issues such as contractor and vendor access. y Incident Response the process for managing security breaches. 7
10 y Escalation Procedures steps to report a policy violation. y Disaster procedures ensuring business continuity. Performance and Monitoring The production environment is monitored and setup with and SMS alerts to the WFS Australia Team to ensure quick response time to urgent issues. Multiple monitoring systems are setup to ensure multilayer coverage across critical components of the environment: y Network monitoring y Server monitoring y Database monitoring y Application monitoring WFS Australia also monitors server health and application login response time for any changes in baseline configuration. The diagram below is results from recent monthly usage of EmpLive. It shows an average browser page load time of 3.73 seconds for an average browser throughput of 116 ppm (pages per minute). Redundancy and Disaster Recovery All application servers and database servers have redundant hardware. WFS Australia has multiple high speed internet connections via independent upstream providers for redundancy. A fully redundant network design has been adopted to eliminate a single point of failure all the way through the network to each server. Routing infrastructure consists of redundant border routers and switches coupled with redundant core routers and switches. Edge switches located in each rack utilise redundant hand o s from the core switches. We also maintain a disaster recovery facility situated on an alternate power grid. Database Availability SQL Server database mirroring is used to increase database availability. Database mirroring transfers transaction log records directly from one server to another and can quickly fail over to the redundant server. 8
11 Backups To ensure data availability and recovery, WFS Australia performs regular database backups and stores them on disks maintained at separate locations. Daily full and transactional database backups are retained up to 3 months to enable data recovery to a specified point in time. Fortnightly application and database backups. These backups are copied across redundant servers and a disk based backup appliance for quick restoration. Monthly application and database backups are retained up to 7 years for data recovery and auditing. Recovery In case of a database failure, the EmpLive application automatically redirects its connection information to the redundant database server. The redundant database server synchronously mirrors the live database server, and thus no data loss is incurred during the failover. In case of an application failure, the EmpLive application is redeployed to a redundant application server. Operational Policies Change Management WFS Australia adheres to documented Change Management Procedures. All changes require security impact assessments, testing, customer notice period assessment, and approval from the Change Approval Board. The Change Approval board consists of the WFS Australia management team and company executives as required. Capacity Management The production environment is monitored daily using several tools to assist with capacity management: disk space, memory, application and database performance, etc. The application usage and infrastructure performance is reviewed quarterly to ensure that the load is distributed evenly to amongst the pool of servers and that our resources are used in the most efficient manner. Infrastructure improvement tasks maybe scheduled after a quarterly review if necessary. Incident Management Incident and problem detection and management procedures are set out in the company s software security and privacy policy, in summary: y In the event of a suspected breach of security or privacy, or unauthorised disclosure of customer data, the Development Manager and General Manager will be immediately notified. y The response to the breach will be to deny further exposure and to quickly restore services. y The incident team will assess the risk and determine the appropriate response. y The incident team will determine who needs to be notified about the Incident. y An Incident Report will be created documenting the breach or disclosure, steps taken to resolve, and recommended risk mitigation plans for the future. 9
12 Rostering Time & Attendance Award Interpretation Leave Management Employee Self Service Cloud-based workforce management wfsaustralia.com BR-002-WFS-AU
<cloud> Secure Hosting Services
Global Resources... Local Knowledge Figtree offers the functionality of Figtree Systems Software without the upfront infrastructure investment. It is the preferred deployment solution for organisations
More informationTOP SECRETS OF CLOUD SECURITY
TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3
More informationEnterprise level security, the Huddle way.
Enterprise level security, the Huddle way. Security whitepaper TABLE OF CONTENTS 5 Huddle s promise Hosting environment Network infrastructure Multiple levels of security Physical security System & network
More informationSecurity Information & Policies
Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER
More informationSecure, Scalable and Reliable Cloud Analytics from FusionOps
White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationEnterprise Workforce Management Solutions
Enterprise Workforce Management Solutions The EmpCenter Suite Automate All Labour Policies, for All Workers Large employers have complex labour policies and compliance concerns, all of which can differ
More informationDATA SECURITY POLICY. Data Security Policy
Data Security Policy Contents 1. Introduction 3 2. Purpose 4 3. Data Protection 4 4. Customer Authentication 4 5. Physical Security 5 6. Access Control 6 7. Network Security 6 8. Software Security 7 9.
More informationSHARPCLOUD SECURITY STATEMENT
SHARPCLOUD SECURITY STATEMENT Summary Provides details of the SharpCloud Security Architecture Authors: Russell Johnson and Andrew Sinclair v1.8 (December 2014) Contents Overview... 2 1. The SharpCloud
More informationTechnical specifications
Technical specifications PhD Manager is built on the Haplo open source platform. The Haplo platform provides a flexible database tailored to storing information about the activities in complex organisations.
More informationIT Architecture Review. ISACA Conference Fall 2003
IT Architecture Review ISACA Conference Fall 2003 Table of Contents Introduction Business Drivers Overview of Tiered Architecture IT Architecture Review Why review IT architecture How to conduct IT architecture
More informationCBIO Security White Paper
One Canon Plaza Lake Success, NY 11042 www.ciis.canon.com CBIO Security White Paper Introduction to Canon Business Imaging Online Canon Business Imaging Online ( CBIO ) is a cloud platform for Canon s
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationIBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
More informationTroux Hosting Options
Troux Hosting Options Introducing Troux Hosting Options Benefits of a Hosted Troux Environment...3 Convenience...3 Time-to-Value...3 Reduced Cost of Ownership...3 Scalability and Flexibility...3 Security...4
More informationFMCS SECURE HOSTING GUIDE
FMCS SECURE HOSTING GUIDE October 2015 SHG-MNL-v3.0 CONTENTS INTRODUCTION...4 HOSTING SERVICES...4 Corporate Secure Hosting... 4 Hosting Partner... 4 Hosting Location... 4 Physical Security... 4 Risk and
More informationGiftWrap 4.0 Security FAQ
GiftWrap 4.0 Security FAQ The information presented here is current as of the date of this document, and may change from time-to-time, in order to reflect s ongoing efforts to maintain the highest levels
More informationSaaS Security for the Confirmit CustomerSat Software
SaaS Security for the Confirmit CustomerSat Software July 2015 Arnt Feruglio Chief Operating Officer The Confirmit CustomerSat Software Designed for The Web. From its inception in 1997, the architecture
More informationIBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]
IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationTENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4
TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6 TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4 Cloud services (Data Centre) and related Functional requirement Cloud services as a Control
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationBlue Jeans Network Security Features
Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users
More informationProjectManager.com Security White Paper
ProjectManager.com Security White Paper Standards & Practices www.projectmanager.com Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for
More informationCollaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%
Security overview Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the
More informationTONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1
TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 Table of Contents 1. Operational Security 2. Physical Security 3. Network
More informationGTS Software Remote Desktop Services
GTS Software Remote Desktop Services RemoteApp client requirements and hosting environment details CONTENTS Introduction... 2 Client requirements... 2 RD Web Access... 2 Distributed RDP or MSI packages...
More informationwww.novell.com/documentation Server Installation ZENworks Mobile Management 2.7.x August 2013
www.novell.com/documentation Server Installation ZENworks Mobile Management 2.7.x August 2013 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of this
More informationGuardian365. Managed IT Support Services Suite
Guardian365 Managed IT Support Services Suite What will you get from us? Award Winning Team Deloitte Best Managed Company in 2015. Ranked in the Top 3 globally for Best Managed Service Desk by the Service
More informationLas Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM
Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active
More informationSecurity Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1
JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us
More informationWeb Plus Security Features and Recommendations
Web Plus Security Features and Recommendations (Based on Web Plus Version 3.x) Centers for Disease Control and Prevention National Center for Chronic Disease Prevention and Health Promotion Division of
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationUse of Exchange Mail and Diary Service Code of Practice
Use of Exchange Mail and Diary Service Code of Practice Introduction This code of practice outlines the support mechanisms in place for the security of the Exchange mail and diary service. References are
More informationCHIS, Inc. Privacy General Guidelines
CHIS, Inc. and HIPAA CHIS, Inc. provides services to healthcare facilities and uses certain protected health information (PHI) in connection with performing these services. Therefore, CHIS, Inc. is classified
More informationFrequently Asked Questions
Frequently Asked Questions Page 1 Instsanda FAQs v1.2 Instanda FAQs Contents Hosting, Security, Monitoring and Management... 3 Where is Instanda hosted?... 3 What is the hosting datacentre compliance?...
More informationWhitepaper. Security Best Practices for Evaluating Google Apps Marketplace Applications. Introduction. At a Glance
Whitepaper Security Best Practices for Evaluating Google Apps Marketplace Applications At a Glance Intended Audience: Security Officers CIOs of large enterprises evaluating Google Apps Marketplace applications
More informationCloud Vendor Evaluation
Cloud Vendor Evaluation Checklist Life Sciences in the Cloud Cloud Vendor Evaluation Checklist What to evaluate when choosing a cloud vendor in Life Sciences Cloud computing is radically changing business
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationFormFire Application and IT Security. White Paper
FormFire Application and IT Security White Paper Contents Overview... 3 FormFire Corporate Security Policy... 3 Organizational Security... 3 Infrastructure and Security Team... 4 Application Development
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More information<workers> Online Claims and Injury Management
Global Resources... Local Knowledge With over 30 years experience in workers compensation, our claims management systems have been adopted by Self-Insured Organisations, Third Party Administrators and
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationInteract Intranet Version 7. Technical Requirements. August 2014. 2014 Interact
Interact Intranet Version 7 Technical Requirements August 2014 2014 Interact Definitions... 3 Licenses... 3 On-Premise... 3 Cloud... 3 Pulic Cloud... 3 Private Cloud... 3 Perpetual... 3 Self-Hosted...
More informationPROTECTING YOUR VOICE SYSTEM IN THE CLOUD
PROTECTING YOUR VOICE SYSTEM IN THE CLOUD Every enterprise deserves to know what its vendors are doing to protect the data and systems entrusted to them. Leading IVR vendors in the cloud, like Angel, consider
More informationBlackBerry Enterprise Server for Microsoft Exchange. Version: 5.0 Service Pack: 4. Upgrade Guide
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 4 Upgrade Guide Published: 2014-01-16 SWD-20140116175501016 Contents 1 Overview: BlackBerry Enterprise Server...7 2 Planning
More informationKeyfort Cloud Services (KCS)
Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationSecurity & Infra-Structure Overview
Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions... 4
More informationSalesforce & HIPAA Compliance
An ecfirst Case Study: Salesforce & HIPAA Compliance Salesforce Provides the Tool, You Are Responsible for Compliance 2014 All Rights Reserved ecfirst TABLE OF CONTENTS EXECUTIVE SUMMARY... 3 WHAT IS SALESFORCE?...
More informationBusiness process efficiency is improved with task management, alerts, notifications and automated process workflows.
UNCLASSIFIED 23/02/2015 v3.3 Cobweb Hosted SharePoint 3.0 Service Description Cobweb Hosted SharePoint is a web-based document collaboration tool that helps you maximise productivity in a truly flexible,
More informationASP Technology & Security Overview
ASP Technology & Security Overview J. J. Keller & Associates Company Profile Year Founded: 1953 Corporate Location: Neenah, Wisconsin, USA Number of Employees: Over 1200 Type of Business: Safety, Regulatory
More informationCloud Security: An Independent Assessent
Cloud Security: An Independent Assessent A Quantix White Paper Dec 2010 Call us on: 0115 983 6200 Visit us on-line at: www.quantix-uk.com E-mail us at : enquiries@quantix-uk.com Why are people concerned
More informationIT SERVICE MANAGEMENT FAQ
IT SERVICE MANAGEMENT FAQ Version: 1.3 Date: February 2011 Page 1 Table of Contents 1.0 Introduction... 3 2.0 Data Stewardship... 4 2.1 Where is the data stored?... 4 2.2 Who controls the data?... 4 2.2
More informationWoodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview
Houghton Mifflin Harcourt - Riverside (HMH - Riverside) is pleased to offer online scoring and reporting for Woodcock-Johnson IV (WJ IV) and Woodcock-Muñoz Language Survey Revised Normative Update (WMLS-R
More informationWhy SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?
SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several
More informationSUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
More informationCA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam
CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as
More informationHealthcare Compliance Solutions
Privacy Compliance Healthcare Compliance Solutions Trust and privacy are essential for building meaningful human relationships. Let Protected Trust be your Safe Harbor The U.S. Department of Health and
More informationVendor Questionnaire
Instructions: This questionnaire was developed to assess the vendor s information security practices and standards. Please complete this form as completely as possible, answering yes or no, and explaining
More informationCopyright http://support.oracle.com/
Primavera Portfolio Management 9.0 Security Guide July 2012 Copyright Oracle Primavera Primavera Portfolio Management 9.0 Security Guide Copyright 1997, 2012, Oracle and/or its affiliates. All rights reserved.
More informationOur Cloud Offers You a Brighter Future
Our Cloud Offers You a Brighter Future Qube Global Software Cloud Services are used by many diverse organisations including financial institutions, international service providers, property companies,
More informationTable of Contents. Page 1 of 6 (Last updated 30 July 2015)
Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational
More informationAutodesk PLM 360 Security Whitepaper
Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationMIGRATIONWIZ SECURITY OVERVIEW
MIGRATIONWIZ SECURITY OVERVIEW Table of Contents Introduction... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Database Level Security... 4 Network Security...
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationPCI DSS Reporting WHITEPAPER
WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts
More informationSERVICES BRONZE SILVER GOLD PLATINUM. On-Site emergency response time 3 Hours 3 Hours 1-2 Hours 1 Hour or Less
SERVICE SUMMARY ITonDemand provides four levels of service to choose from to meet our clients range of needs. Plans can also be customized according to more specific environment needs. SERVICES BRONZE
More informationQuickBooks Online: Security & Infrastructure
QuickBooks Online: Security & Infrastructure May 2014 Contents Introduction: QuickBooks Online Security and Infrastructure... 3 Security of Your Data... 3 Access Control... 3 Privacy... 4 Availability...
More informationTOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series
TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE ebook Series 2 Headlines have been written, fines have been issued and companies around the world have been challenged to find the resources, time and capital
More informationCyber Security for NERC CIP Version 5 Compliance
GE Measurement & Control Cyber Security for NERC CIP Version 5 Compliance imagination at work Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security Management Controls...
More informationIBM Connections Cloud Security
IBM Connections White Paper September 2014 IBM Connections Cloud Security 2 IBM Connections Cloud Security Contents 3 Introduction 4 Security-rich Infrastructure 6 Policy Enforcement Points Provide Application
More informationBlackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security
Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document
More informationUNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1
UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,
More informationXerox Mobile Print Cloud
September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United
More informationSINGTEL BUSINESS - PRODUCT FACTSHEET MANAGED CLOUD SERVICE (SINGTEL IAAS)
SINGTEL BUSINESS - PRODUCT FACTSHEET MANAGED CLOUD SERVICE (SINGTEL IAAS) SingTel Managed Cloud Service delivers greater flexibility, security, cost efficiency and convenience. Looking for a way to reap
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationCloudDesk - Security in the Cloud INFORMATION
CloudDesk - Security in the Cloud INFORMATION INFORMATION CloudDesk SECURITY IN THE CLOUD 3 GOVERNANCE AND INFORMATION SECURITY 3 DATA CENTRES 3 DATA RESILIENCE 3 DATA BACKUP 4 ELECTRONIC ACCESS TO SERVICES
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationPREMIER SUPPORT STANDARD SERVICES BRONZE SILVER GOLD
SERVICE SUMMARY ITonDemand provides four levels of service to choose from to meet our clients range of needs. Plans can also be customized according to more specific environment needs. PREMIER SUPPORT
More informationInformation Technology Solutions
Managed Services Information Technology Solutions A TBG Security Professional Services Offering LET TBG MANAGE YOUR INFRASTRUCTURE WITH CONFIDENCE: TBG S INTEGRATED IT AUTOMATION FRAMEWORK PROVIDES: Computer
More informationSecurity April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services
Security April 2015 Secure cloud solutions with guaranteed UK data sovereignty. Solving the data security challenge with our enhanced private and hybrid cloud services This paper enables discussion around
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationAttachment D System Hardware & Software Overview & Recommendations For IRP System
Attachment D System Hardware & Software Overview & Recommendations For IRP System Submitted by Explore Information Services, LLC Table of Contents Table of Contents...2 Explore IRP Configuration Recommendations...3
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationSCOPE OF SERVICE Hosted Cloud Storage Service: Scope of Service
Hosted Cloud Storage Service: Scope of Service 1. Definitions 1.1 For the purposes of this Schedule: Access Account is an End User account with Data Storage requiring authentication via a username and
More informationInternet Content Provider Safeguards Customer Networks and Services
Internet Content Provider Safeguards Customer Networks and Services Synacor used Cisco network infrastructure and security solutions to enhance network protection and streamline compliance. NAME Synacor
More informationWhite Paper: Librestream Security Overview
White Paper: Librestream Security Overview TABLE OF CONTENTS 1 SECURITY OVERVIEW... 3 2 USE OF SECURE DATA CENTERS... 3 3 SECURITY MONITORING, INTERNAL TESTING AND ASSESSMENTS... 4 3.1 Penetration Testing
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More information