Meeting Management Solution Technology and Security Overview 10012 N. Dale Mabry Hwy Suite 115 Tampa, FL 33618 800-274-5624 Ext 702
Technology SaaS Software as a Service is offered as well. Client may choose this option where Novusolutions will provide all hosting for the software. The client has unlimited meeting types under this license as well as unlimited users. Our Cloud Computing partner is Amazon Cloud based Web Services, http://aws.amazon.com/. They offer world class cloud computing solutions with full 24 X 7 backup and reliable infrastructure designed for today s complex computing challenges. Amazon Hosting NovusAGENDA Application runs on EC2 servers. http://aws.amazon.com/ec2/ Backups are run daily and stored on Amazon S3 http://aws.amazon.com/s3/ Security A True Cloud Based Solution NovusAGENDA runs on the largest, most robust cloud infrastructure in the world, Amazon Web Services. Our security protocol is designed to meet or exceed standards set by Center for Digital Government Best Practices Guide for Cloud and As-a-Service Procurements. (http://www.govtech.com/library/papers/best-practice-guide-for-cloud-and-as-a-service- Procurements.html) This guide, built upon the collaborative work of state and local government and industry executives, outlines and explains the changes needed for more flexible and agile procurement processes. Virtual Servers Every aspect of NovusAGENDA runs on virtual Microsoft servers. The virtual environment provides unmatched fault tolerance by distributing all aspects of the computing process (CPU, RAM, Storage, Network Connectivity) across multiple physical devices. This ecosystem insures there is no single (or double) point of failure for any part of the system providing uptimes in excess of 99.95%. Virtual Private Cloud All NovusAGENDA virtual servers run in separate, secure cloud called a Virtual Private Cloud (VPC). The VPC provides advanced security features through security groups and network access control lists to enable inbound and outbound filtering at the instance level and subnet level. In addition, all data is stored with restricted access so that it s only accessible from instances in our VPC.
Secure Access to all NovusAGENDA servers, firewalls, load balancers, and storage is restricted by both user access list and IP address. This combination insures only authorized employees of Novusolutions have access to these resources. In addition, 100% of customer data is stored in an individual SQL Server database. This approach insures all at rest data is securely stored in a central location. Task Optimized Instances NovusAGENDA runs Microsoft Internet Information Services (IIS) and Microsoft SQL Server. All NovusAGENDA IIS servers run on instances of virtual servers optimized for maximum network throughput and balanced CPU and memory. This configuration maximizes application response time while accommodating thousands of simultaneous users. All NovusAGENDA SQL Servers run on virtual servers optimized for maximum memory. This configuration insures rapid database response times while managing hundreds of thousands of data requests. Scalability Utilizing the full power of the virtual server environment provides NovusAGENDA with stunning scalability. Server resources can be added by increasing capacity for an individual virtual server or by adding additional virtual servers. Sophisticated load balancers continually monitor network traffic and server load and make adjustments to resources accordingly. The result is an infinitely scalable infrastructure able to adapt to all requirements. Monitoring All NovusAGENDA servers are continually monitored by a dedicated system. NovusAGENDA technicians are immediately notified of any performance or system related issues. All historical monitoring data is retained so complex or intermittent issues can be analyzed using detailed technical information over the prior two months. Full Control Novusolutions maintains root level control of all servers. This access level enables complete control of every aspect of the servers insuring all monitoring and maintenance is completed according to our policies. Full control allows Novusolutions to maintain an environment configured specifically to meet the technical needs of NovusAGENDA without any compromise. Data Storage and Backups All customer data is redundantly stored across multiple devices over multiple facilities to provide durability and uptime in excess of 99.99%. In additional to redundant storage all customer data is backed-up on a customer-by-customer basis nightly to a separate region to insure your data is always safe and always available. Each individual customer has two weeks of daily backup data available so an individual customer s data can be restored to a specific day in the rare case of data corruption. Multi-zone Flexibility
NovusAGENDA can be hosted in any number of geographic zones throughout the United States. This zone-based architecture allows for increased fault tolerance in the rare instance of a zonewide outage. It also enables the flexibility to locate instances of NovusAGENDA closer to the geographic location of customers in a particular region for increased performance. Disaster Recovery Effective disaster recovery requires contingency plans for hardware, software, and data. Amazon Web services provides a redundant hardware platform distributed across multiple geographic zones to virtually eliminate the possibility a single disaster would disable the hardware infrastructure. All server software is built from a master image enabling any server to be rebuilt in less than 20 minutes. Server images are stored across multiple geographic zones to insure availability in the rare instance of a zone-wide failure. All customer data is natively stored across multiple devices and multiple zones so data durability exceeds 99.999999999%. Data Export All data stored within NovusAGENDA remains the property of the individual customer. Data, at any time, can be exported from NovusAGENDA to a local resource. Large data exports can be completed quickly and easily with the assistance of the Novusolutions staff. Semi-annual large scale exports are included at no extra charge as part of your annual contract. Third Party Access to Data At no point does any third party have access to customer data. Data is not shared with any third parties at any time. Any legal or governmental requests for data are coordinated with the knowledge and cooperation of the individual customer who is the target of the request. User Access Log NovusAGENDA logs all user log ins with username, time and date of each log in. This information is available to anyone with Sys Admin rights. In addition IIS records IP address of all users on log in and that information can be provided to any client on request. It is not available inside NovusAGENDA. User Model System Admins can create roles, groups, departments and add users. Roles define the rights that users have throughout the process. Roles are assigned to groups. A group can have more than one role assigned to it. Groups are added to departments and once a group is assigned to a department that group cannot be assigned to another department. Users are assigned to groups. Users can be assigned to multiple groups. Based on the group the user is in, the user receives the rights defined by the roles assigned to the group. The best sequence is to create the necessary roles, then groups, then departments, and then add the users. Roles can belong to multiple groups. Users can belong to multiple groups. Groups can ONLY belong to one department. Once a group is assigned to a department it is not available to be chosen in another department.
An item is sent through the workflow by departments. Any member of a group that is in the department, with the necessary rights, can act according to their rights. The first user to act will act on behalf of that department at that step in the workflow. The system will capture the individual user name and when an action is taken. The history tab will tell you which user acted on an item.