Click. Schedule. Relax.



Similar documents
Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Security Policy JUNE 1, SalesNOW. Security Policy v v

Making the leap to the cloud: IS my data private and secure?

IBX Business Network Platform Information Security Controls Document Classification [Public]

Woodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview

A Checklist for Software as a Service (SaaS) Vendors and Application Service Providers

Online Backup by Mozy. Common Questions

Why You Should Consider Cloud- Based Archiving. A whitepaper by The Radicati Group, Inc.

RL Solutions Hosting Service Level Agreement

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

Hosted Exchange. Security Overview. Learn More: Call us at

How Remote Data Backups, Inc. Helps Health Care Providers become HIPAA Compliant

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Colocation Hosting Primer Making the Business and IT Case for Colocation

Remote Data Backups Systrust Certified Data Security Solution

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Apptix Online Backup by Mozy

Best Practices For Department Server and Enterprise System Checklist

The Advantages of Using a CatN Data Centre

Supplier Security Assessment Questionnaire

The data which you put into our systems is yours, and we believe it should stay that way. We think that means three key things.

ProjectManager.com Security White Paper

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

10 Ways to Avoid Ethics Dangers in the Cloud

Toronto Public Library Disaster Recovery recommended safeguards and controls

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

Security & Infra-Structure Overview

ASP Technology & Security Overview

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM

Five keys to a more secure data environment

SITECATALYST SECURITY

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Birst Security and Reliability

SaaS Security for the Confirmit CustomerSat Software

Which Backup Option is Best?

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

<cloud> Secure Hosting Services

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

join.me architecture whitepaper

VIRGINIA STATE UNIVERSITY RISK ANALYSIS SURVEY INFORMATION TECHNOLOGY

White paper. SAS Solutions OnDemand Hosting Overview

EAaaS Cloud Security Best Practices

CLOUD IN MOTION QUESTIONS EVERY LIFE SCIENCES COMPANY SHOULD ASK BEFORE MOVING TO THE CLOUD. FRANK JACQUETTE, JACQUETTE CONSULTING, INC.

Stable and Secure Network Infrastructure Benchmarks

MOVING INTO THE DATA CENTRE: BEST PRACTICES FOR SUCCESSFUL COLOCATION

How To Backup Your Hard Drive With Pros 4 Technology Online Backup

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

How To Protect Your Data From Being Hacked

Perceptive Software Platform Services

Why web-based? Web-based software, referred to as Software as a Service (SaaS) has many advantages to locally hosted applications:

Brochure Achieving security with cloud data protection. Autonomy LiveVault

Fax

An Overview of the SaskTel Hosted Contact Centre Solution Design and Delivery Principles, and Core Architecture

BOWMAN SYSTEMS SECURING CLIENT DATA

Directed Circuits Meet Today s Security Challenges in Enterprise Remote Monitoring. A White Paper from the Experts in Business-Critical Continuity TM

Why cloud backup? Top 10 reasons

REMOTE BACKUP-WHY SO VITAL?

WHY YOU SHOULD CONSIDER CLOUD BASED ARCHIVING.

SmartHIPAA! 5 simple and inexpensive tips to protect patient information

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

CBIO Security White Paper

Which Backup Option is Best?

SVA Backup Plus Features

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

Understanding Sage CRM Cloud

Risk Assessment Guide

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

BroadData Unified Meeting Security Whitepaper v4.2

Three Things to Consider Before Implementing Cloud Protection

Whitepaper - Security e-messenger

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Retention & Destruction

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

Troux Hosting Options

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

Secure Your Source Code and Digital Assets

OVERVIEW. IQmedia Networks Technical Brief

Online Backup Solution Features

Network Documentation Checklist

GTS Software Remote Desktop Services

Sophisticated Password Policy

A Guide to Choosing the Right Data Backup Solution for your School. March 2015.

Secure Data Hosting. Your data is our top priority.

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

5 Critical Considerations for. Enterprise Cloud Backup

Understanding Financial Cloud Services

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Electronic Payment Works

eztechdirect Backup Service Features

Introduction. Ease-of-Use

GoToMyPC. Remote Access Technologies: A Comparison of GoToMyPC and Microsoft Windows XP Remote Desktop

Things You Need to Know About Cloud Backup

SNAP WEBHOST SECURITY POLICY

All can damage or destroy your company s computers along with the data and applications you rely on to run your business.

Evolved Backup Features Computer Box 220 5th Ave South Clinton, IA

Which Backup Option is Best?

Outsourcing Your Corporate

The Practice of Internal Controls. Cornell Municipal Clerks School July 16, 2014

Transcription:

Reliability and Security Reliability and Security: Twelve Essential Questions to Ask Online Employee Scheduling Providers about Reliability and Security 2003 ScheduleSource, Inc. All rights reserved.

Table of Contents Introduction Question 1: Where is my employee scheduling data physically located? Question 2: How safe, physically, is my employee scheduling data? Question 3: How safe, electronically, is my employee scheduling data? Question 4: Will my employee scheduling data be backed up? Question 5: Is it safe for my scheduling data to travel over the Internet? Question 6: Will I always be able to gain access to my schedules? Question 7: Will the online employee scheduling provider be able to stay in business? Question 8: Will the employee scheduling application run efficiently on my equipment? Question 9: How will the online scheduling provider prevent other customers from gaining access to my data? Question 10: How do my schedulers and employees get into the system? Question 11: Can I integrate the online employee scheduling application with other internal applications? Question 12: Is the online employee scheduling application scalable? Learn more 1 2 2 3 4 4 5 5 6 6 7 7 8 8 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com

Introduction Introduction Subscribing to an online employee scheduling application has many advantages over purchasing the application outright and installing it on your equipment (no large up-front purchasing cost, no installation fee, no upgrade fees, no hardware to purchase, very little IT support, etc.). However, because your data is stored off-site and all access to the data occurs over the Internet, there are reliability and security concerns (the employee scheduling application becomes unavailable at the vendor s site, loss of scheduling data by the vendor, theft of data by competitors, loss of privacy of confidential data through compromised security, etc.) that must be addressed prior to entering into a service level agreement with an online employee scheduling provider. This paper presents a checklist of essential reliability and security issues that should be addressed before selecting an online employee scheduling provider. The ScheduleSource response to each item on the checklist is included in the discussion of the item. 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 1

Questions 1, 2 Question 1 Is my employee scheduling data in a physically secure environment? If the online employee scheduling provider is running the application from a major co-location vendor, then your data is protected by security measures of the co-location vendor. This is why it is important that the co-location vendor have documented security measures in place and visible from their web site. The worst case scenario is that the application provider is avoiding the cost of co-location by running the application on a server located in a non-secure site, such as underneath an employee s desk. ScheduleSource houses all data on physically secure servers in locked cages located at Inflow, (www.inflow.com), a major co-location vendor. Inflow offers customers an outsourced alternative that is secure, redundant and fully managed. Core services include co-location, network management and managed security services. Question 2 What measures should be in place to protect my employee scheduling data? The building should have restricted access through a locked reception area and physical identification should include the surrender of a driver s license and a sign in register to record any visit to the data center. In addition, the servers should be stored in locked cages behind locked doors controlled 24x7 by the network operations center (NOC.) The physical security of your data should also be supported by application uptime services. These services include multiple power grids, multiple external power generators, multiple Tier 1 legs to the Internet, the conversion from AC to DC and then back to AC to remove electrical surges and spikes, and a non-liquid fire suppression system. A secure infrastructure is key to a successful business. With the rapidly changing world of network security and the ever-increasing incidents of hackers, worms, viruses, employee sabotage and more, you need the best security possible to protect your organization. 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 2

Questions 2, 3 Question 2, continued What measures should be in place to protect my employee scheduling data? It takes more than a firewall. Companies need experts who are certified and highly trained in the latest network security products and services. Experts who know how to build a solution that best protects networks, and who are available 24-hours a day, seven days a week. Inflow provides a team that is focused and highly skilled at delivering unsurpassed service and first-class security to its organization." from www.inflow.com. Inflow also provides 24x7 monitored restricted access points, locked cages for the ScheduleSource servers, video camera monitoring of the building, a 100% guaranteed uptime to the ScheduleSource servers, flexible bandwidth based upon demand, sensitive smoke detectors throughout the facility with nonliquid fire suppression, two independent power generators besides two independent power grids, and an AC to DC to AC conversion to eliminate surges and spikes in the electrical system. Question 3 How safe, electronically, is my employee scheduling data? The employee scheduling data should be stored in co-location facilities that offer 24x7 managed firewalls to keep the data safe from competitors and hackers. In addition, the employee scheduling application should have internal security measures in place that monitor and protect customer data from being electronically compromised or stolen. All ScheduleSource data is located behind an on-site firewall that is managed 24 x7 for security purposes. In addition, ScheduleSource has internal security measures in place the continually monitor access to the application. 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 3

Questions 4, 5 Question 4 Can my employee scheduling data be lost? Your data can be lost forever if the online employee scheduling provider does not have regularly scheduled daily backups in place as well as incremental backups at regular intervals throughout the day. A comprehensive backup plan allows your data to be restored if the provider s application fails or a hardware failure causes irreparable damage to your data. You should make sure that the data is backed up at frequent intervals so it can be restored with a minimum loss of data. The backup tapes should be stored offsite and you should be clearly identified as the legal owner of all the scheduling data that you have entered into the application. In addition, you should be able to download your employee scheduling data to your equipment for secondary backup purposes. Ask the vendor to provide details on how you can backup the data on your computer. Each ScheduleSource customer has their data backed up every day with incremental backups every four hours throughout the day. These backups are stored on multiple systems (including tape) for redundancy in both storage device and geographic location (on-site / off-site). In addition, the customer is the owner of all scheduling data that they have entered. Their data may be downloaded to their PC in a format that can be read by spreadsheet or database programs for a local copy of their schedules.. Question 5 Is my employee scheduling data safe traveling across the Internet? All communication to and from any online scheduling application should be encrypted through Secure Sockets Layer (SSL). If the vendor is using SSL, then the web address needed to access the online application will begin with HTTPS. In addition, a locked lock icon will appear in the web browser frame. If the online employee scheduling provider isn't using encryption, the privacy of your data is at risk. ScheduleSource delivers fully encrypted Web pages to each customer using Secure Sockets Layer (SSL). 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 4

Questions 6, 7 Question 6 Will I always be able to gain access to my schedules? While no online employee scheduling provider can guarantee that a customer will always be able to access the application, they can take steps to guarantee a high percentage of up-time. Inflow provides multiple power grids, external auxiliary power generators, multiple high speed connections to the Internet, 24 x 7 managed servers, and failsafe server load balancing that allows ScheduleSource to guarantee 99% monthly uptime to its customers. Question 7 Will the online employee scheduling provider be able to stay in business? In choosing an online employee scheduling provider, one should carefully consider the past record of the provider. How long have they been in business? Are they new to the market? Do they have a large customer base of established companies? Does the price seem reasonable, or too cheap to meet the cost of adequate service? Do their claims seem reasonable? These are factors that will indicate if the provider will be able to provide the service year after year. The last thing you want to happen is the provider closes up shop in the middle of the night leaving you and your employees without access to your schedules. Available since 1999, ScheduleSource was the first employee scheduling application on the Internet. We have established a large base of customers who provide repeat business through our subscription model. The customer base continues to grow at a steady pace and the number of successfully scheduled shifts exceeds 35 million. The ScheduleSource subscription cost provides the level of service described in this paper 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 5

Questions 8, 9 Question 8 Will the employee scheduling application run efficiently on my equipment? Nothing is more frustrating than sitting and waiting for a response from an online employee scheduling application. Slow response time can be caused by inefficient programming, only one or two gateways to the Internet, or slow access time caused by a limited delivery system. When searching for an online employee scheduling provider, you should ask about the delivery of the application. Is it running on a fast T1 line or, is it accessed through a slower DSL line or, worse yet, a dial up modem? Any online employee scheduling application under consideration should be running on a T1 line to provide adequate response time. In addition, the employee scheduling application provider should have access to multiple gateways to the Internet and they should be monitoring the gateways to always deliver the fastest access to the customer. The ScheduleSource employee scheduling application is accessed from a T1 line and with access to 5 Tier 1 Internet providers. It is monitored 24x7 to always provide the customer with the fastest access time. In addition, ScheduleSource was developed using efficient and fast source code that allows ScheduleSource achieve high performance, even over dial-up access. Question 9 Can other customers of the application provider see my data? Your data can be at risk if application provider does not build logical fences between the data sets. ScheduleSource logically separates each customer s data with the application code handling the customer s data isolation. 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 6

Questions 10, 11 Question 10 Will unauthorized persons gain access to the online employee scheduling application? A data security model for online employee scheduling should not allow users into the application unless they can pass multiple layers of authentication. In addition, different levels of access should be available to differentiate between authorized users. Access to a ScheduleSource customer account requires a business code, a user name and a password. The scheduler with administrative privilege can also set different levels of access to ScheduleSource. For example, one scheduler may only have access to the Employee section of ScheduleSource while another may have access to both the Employee section and the Reports section, but neither have access to the Schedule section. Question 11 Can I integrate the online employee scheduling application with my other internal applications, such as payroll? Online employee scheduling applications reside offsite and are delivered to the customer over the Internet. Integrating the employee scheduling application with onsite customer applications can be challenging. Fortunately, the emergence of XML as the standard for integrating and sharing data with different applications over the Internet makes it easy to securely pass data between onsite and offsite applications. An acceptable online employee scheduling will be able to give XML access to the customer s employee schedules for integration with internal applications. ScheduleSource has an API developed that uses XML to allow customers to integrate employee schedules with other enterprise applications 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 7

Question 12, Learn More Question 12 Is the online employee scheduling application scalable? " ScheduleSource was the first online employee scheduling application and has been Will the employee scheduling application be able to accommodate future growth in the customer base and still maintain the same level of service to existing customers? For example, what happens if the provider gathers another 5,000 employees to schedule? Will the application still perform efficiently for existing customers? These concerns are mitigated by having the application running on a server cluster of multiple machines with 24 x7 managed load-balancing across the cluster. This approach allows exceptional service efficiency to be maintained, even with rapid growth in the customer base, by simply adding additional servers to the cluster. ScheduleSource maintains a server cluster with multiple servers responding to a load balancer that is constantly monitoring the cluster for the server that is "least busy." ScheduleSource has been able to scale from accounts with less than 10 employee to accounts with over 1600 employees with no degradation in the level of service to other customers. collecting a large base of established customers since 1999. The customer base continues to grow at a steady pace and the number of successfully scheduled shifts exceeds 30 million." Learn more Contact us now to learn how ScheduleSource can help you begin realizing immediate returns on your investment. Call us at 1.800.340.0763 or visit us at www.schedulesource.com. Our friendly, knowledgeable staff will be happy to answer your questions in minute detail. Indeed, our passion is helping executives and managers alike achieve success through workforce optimization. 2003 ScheduleSource, Inc. All rights reserved. www.schedulesource.com 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information