Frequently Asked Questions



Similar documents
Enterprise level security, the Huddle way.

SysAid IT On-Demand Architecture Including Security and Disaster Recovery Plan

SaaS Security for the Confirmit CustomerSat Software

Backup as a Service. Service Definition. G-Cloud VI. Information Security Management System

Secure, Scalable and Reliable Cloud Analytics from FusionOps

A COMPLETE GUIDE HOW TO CHOOSE A CLOUD-TO-CLOUD BACKUP PROVIDER FOR THE ENTERPRISE

Platform as a Service

Version: Page 1 of 5

SHARPCLOUD SECURITY STATEMENT

White Paper How Noah Mobile uses Microsoft Azure Core Services

Achta's IBAN Validation API Service Overview (achta.com)

EmpLive Technical Overview

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

How To Protect Your Cloud Computing Resources From Attack

TSM Backup Service. Standard Service Level Agreement

Hosting Services VITA Contract VA AISN (Statewide contract available to any public entity in the Commonwealth)

Hosted SharePoint: Questions every provider should answer

Amazon Relational Database Service (RDS)

Service Level Agreement for Windows Azure operated by 21Vianet

Computer Visions Course Outline

For windows erver, Which edition of Windows server 2008 is required ( i. e. Web / Standard / Enterprise )?? Kindly suggest.

Active Directory Infrastructure Design Document

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Why is Redundancy Important?

How To Run A Modern Business With Microsoft Arknow

Installation Guide. SafeNet Authentication Service

IBM G-Cloud Microsoft Windows Active Directory as a Service

WEAVEonline: Technical FAQs

Designing a Data Solution with Microsoft SQL Server 2014

InsightCloud. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

Service Desk as a Service

Deploy App Orchestration 2.6 for High Availability and Disaster Recovery

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS

AUTOMATED DISASTER RECOVERY SOLUTION USING AZURE SITE RECOVERY FOR FILE SHARES HOSTED ON STORSIMPLE

Orchestration. Replicate to Azure capacity (100 GB) Guaranteed recovery time objective (RTO) $54 / instance. $16 / instance

Data Storage That Looks at Business the Way You Do. Up. cloud

TABLE OF CONTENTS THE SHAREPOINT MVP GUIDE TO ACHIEVING HIGH AVAILABILITY FOR SHAREPOINT DATA. Introduction. Examining Third-Party Replication Models

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

RL Solutions Hosting Service Level Agreement

Security Information & Policies

High Availability with Postgres Plus Advanced Server. An EnterpriseDB White Paper

OpenStack Private Cloud Hosting in an Tier 3 Data Centre. G-Cloud Lot 1 IaaS

SysAid Cloud Architecture Including Security and Disaster Recovery Plan

WELKOM Cloud met Azure

AppSense Environment Manager. Enterprise Design Guide

Cloud Technology Platform Enables Leading HR and Payroll Services Provider To Meet Solution Objectives

Projectplace: A Secure Project Collaboration Solution

Microsoft SQL Server Security and Auditing Clay Risenhoover ISACA North Texas April 14,

Security and Managed Services

Configuring and Deploying a Private Cloud 20247C; 5 days

Implementing Microsoft Azure Infrastructure Solutions

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Course 20465C: Designing a Data Solution with Microsoft SQL Server

SERVICE SCHEDULE INFRASTRUCTURE AND PLATFORM SERVICES

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Cloud Vendor Evaluation

ADMINISTERING MICROSOFT SQL SERVER DATABASES

Configuring and Deploying a Private Cloud

Our Server Support. Looking after your servers giving you peace of mind. Document Version Revision Date Feb 2015

Williamson County Technology Services Technology Project Questionnaire for Vendor (To be filled out withprospective solution provider)

Fully Managed Secure Data Sharing (a cloud service)

Questions for Vermont Hosting RFI

Our Cloud Offers You a Brighter Future

Administering Microsoft SQL Server Databases

How To Run A Cloud Based Data Centre

Course 20462C: Administering Microsoft SQL Server Databases

G-Cloud 6 Service Definition DCG Cloud Disaster Recovery Service

Failover Manager for WhatsUp Gold v16.0 Quick Start Guide

Online Backup Service Definition

SmartImpact MS Dynamics CRM. Support Service Definition

Server Virtualization Cloud Partner Training Series

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD)

Backup. ServiceWorks Backup Service Description

Client Security Risk Assessment Questionnaire

OPEN FOR EDUCATION. CampusNet - Managed Hosting services for Higher Education

Administering Microsoft SQL Server Databases

Things You Need to Know About Cloud Backup

The Education Fellowship Finance Centralisation IT Security Strategy

Implementing Microsoft Azure Infrastructure Solutions

Security Policy JUNE 1, SalesNOW. Security Policy v v

How To Get A Cloud Security System To Work For You

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER

CLOUD SERVICE SCHEDULE

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Implementing a Microsoft SQL Server 2005 Database

Alliance Key Manager Solution Brief

BeBanjo Infrastructure and Security Overview

Administering Microsoft SQL Server Databases

SNAP WEBHOST SECURITY POLICY

Transcription:

Frequently Asked Questions Page 1 Instsanda FAQs v1.2

Instanda FAQs Contents Hosting, Security, Monitoring and Management... 3 Where is Instanda hosted?... 3 What is the hosting datacentre compliance?... 3 What is the server-level security?... 3 What is the application-level security?... 3 How is customer data secured and how do we ensure customers only have access to their own data?... 4 How are the Instanda systems monitored?... 4 What are the SLAs?... 4 Data Management, Backup and Disaster Recovery... 5 Where does customer data reside?... 5 What is the Instanda policy for data retention?... Error! Bookmark not defined. How do we comply with the UK regulations and Data Protection Act?... Error! Bookmark not defined. Subject Access Requests... Error! Bookmark not defined. Storing data outside the EU... Error! Bookmark not defined. Restricted data access... Error! Bookmark not defined. Cookies... Error! Bookmark not defined. Data Breaches... Error! Bookmark not defined. How is data backed up and what DR capability does Instanda have including failover?... 5 What about my data if I leave Instanda?... Error! Bookmark not defined. Software Escrow... 6 Terminology overview: Customer = Instanda s customer Agent/salespeople = users of the system Customers/Public = members of the public who wish to purchase insurance Page 2 Instsanda FAQs v1.2

Hosting, Security, Monitoring and Management Where is Instanda hosted? The Instanda platform is hosted on the Microsoft Azure platform, specifically the platform-as-aservice components. The primary EU datacentre is in Dublin (Ireland), with failover capability at the Amsterdam (Netherlands) datacentre. The primary North American datacentre is xx with failover capability at yy. What is the hosting datacentre compliance? We use the Azure hosting platform which has a high level of compliance with all the major standards, including ISO/IEC 27001, UK G-Cloud; HIPAA BAA; EU Model Clauses; PCI DS, SSE16 and Cloud Security Alliance. Full details are available here: http://azure.microsoft.com/engb/support/trust-center/compliance/ What is the server-level security? Platform security updates are automatically applied by the Azure platform, no manual management is required. Access to the servers and services is via strong password and the Azure console. All access is limited by the inbuilt Microsoft Azure firewall and restricted to specific IP addresses. Additional security can be added through the Azure portal as required, however this is unusual given the inherent high security set-up within Azure architecture. What is the application-level security? All customer data is stored within the secure SQL Server database. No data is stored as files, and no data is stored on the web-server hard drives. Customer logins are secured using the standard Asp.Net SQL Membership Provider Agent/salespeople logins are bespoke. Passwords are encrypted and stored hashed and salted in the database, so no-one can view them. Strong passwords are required and validated as such upon entry. Agents/salespeople cannot view other Agents/salespeople s data unless it is explicitly requested through change Control and once approved still has to be enabled by the customer. SSL is used for all communications. Credit card information is not stored within the Instanda system. Reports can only be downloaded by a logged-in customer using HTTPS. There is a manual approval process for new customers. An Instanda support user must approve each registration. Password strength is checked using minimum and special character restrictions. System updates are installed automatically using Microsoft Azure platform. Page 3 Instsanda FAQs v1.2

How is customer data secured and how do we ensure customers only have access to their own data? Information available via a client request. How are the Instanda systems monitored? The Instanda platform is monitored at two critical levels: Infrastructure and Application 1) Infrastructure level monitoring: The Instanda platform is hosted on the Microsoft Azure PaaS (Platform-as-a-Service) which is provided as a highly available service with built-in continuity across these service tiers. All the hardware and hosted platform infrastructure is taken care of by Microsoft. It is availability-backed by replicas and uptime SLAs (see What are the SLAs below for further information). The platform is near-zero maintenance that includes automatic software patching using new technology that does not need to stop and start underlying platforms. 2) Application level monitoring: Instanda use a comprehensive set of tools to monitor the uptime and performance of the Instanda platform. Instanda constantly monitor the availability of the website and track the uptime. The Instanda platform is made up of a number critical parts. Automated monitoring and alerting systems constantly check system uptime, availability and functional operations. One of these tests checks external access to the Instanda platform every minutes from over 50 locations worldwide. The Instanda platform code has been specifically written to monitor code execution performance. Also, the activity of customer users is logged and monitored. If any issues are detected or any performance thresholds exceeded, alerts are immediately sent to the Service Desk and Application Support Resolver Group to investigate and take action. This comprehensive monitoring allows Instanda to produce comprehensive reports detailing availability and performance. What are the SLAs? The Instanda platform is designed and delivered to ensure the highest levels of operation and availability. If performance issues arise they will fall into one of three categories: 1) External network and DNS: This refers to the public Internet or the customer/agent network. F2X is not responsible for any Instanda performance issues attributed to latencies in the public Internet of customer s connection to the public Internet. 2) Instanda Application: This refers to the Instanda software platform. 3) Azure Hosting: This refers to the Microsoft Azure platform. Page 4 Instsanda FAQs v1.2

Data Management, Backup and Disaster Recovery Where does customer data reside? Instanda is aligned to the architectural principles of Azure. This includes the Active Geo-Replication feature which provides data redundancy within the same Microsoft Azure region. All Instanda and customer data is stored within a database, and this is asynchronously replicated to up to four different servers. Each continuous copy is referred to as an online secondary database. The primary database replicated committed transactions to each online secondary database. While the secondary databases might be slightly behind the primary database, the online secondary data is guaranteed to always be transactionally consistent with the changes committed to the primary database. The benefit of this Active Geo-Replication is that it provides database-level disaster recovery. For customers based in the EU, data will always remain in the EU. These are currently the Microsoft Azure datacentres located in Dublin (Ireland) and Amsterdam (Netherlands). For customers based in other regions such as USA or APMEA, there are separate instances of Instanda hosted in Microsoft Azure datacentres specific to that region and data will remain in that region. How is data backed up and what DR capability does Instanda have including failover? Azure provides comprehensive safeguards to mitigate data, platform and hosting failures. The Azure platform is highly available. Up to four copies of data are made for durability and availability. So if a rack or server goes down customer data is always available and accessible. Microsoft provide a 99.99% SLA for storage. Also, all data is asynchronously copied to another datacenter that s at least 400 miles away. Customers can be sure that every piece of data stored in the Azure environment is available as well as protected against regional disasters (called geo-replication). In the case of the Dublin datacentre, all data is replicated to the Amsterdam datacentre. In the event of any DR scenario in the DC1 (Dublin datacentre, services can be available in the Amsterdam datacentre DC2 (see also Where does my data reside above) Page 5 Instsanda FAQs v1.2

In additional to the DR provision provide by the Azure hosting environment, at the application level F2X also carry out additional measures for Instanda: Nightly database backups are taken every day Copies of the live system code is stored in the SVN In the event of a DR scenario the Instanda team have the capability to re-deploy new webservers from the code stored in the SVN, and the nightly database backup can be restored to the database server. A new environment can therefore be provisioned and data restored quickly, potentially within an hour. Software Escrow We understand that some customers want additional assurance that provides protection in the event of a supplier failure. Escrow is the secure storage of information which includes the software source code plus associated material. This is held by a trust third-party who will release that material if conditions are met. Software escrow is based on a legal agreement between Instanda, a customer and the escrow agent. This agreement contains a set of critical release clauses that enable a customer to access critical intellectual property. A software escrow service is available for Instanda and customers can elect to enrol into this agreement. Additional levels of Escrow services are available on request and at client cost. Page 6 Instsanda FAQs v1.2