On occasion, we have had queries regarding the location, storage, backup, and security of our hosted solution.
The following article is designed to address the following queries:
- Where will my data be stored?
- Who manages the servers?
- Who owns the ClockOn database?
- What are the data backup policies and frequency?
- In the event of a server failure, what are the options for data recovery?
- Can I run my own backups?
- What is the approach for scheduled downtime?
- SLA relating to hosted system uptime?
- Will there be any compensation in the event that the uptime SLA is breached?
- Is there a description of the hosted architecture available?
- How can my data be accessed?
- What are the network requirements for the hosted solution?
- Are there any mandatory installation files required to use ClockOn remotely?
- Does the hosted solution comply with certified industry standards?
- In the event of an issue, are audit logs available for review?
- What privacy and security measures are in place for ClockOn hosting?
- Are we able to run our own security audits using 3rd party providers?
- Will my data be on a shared infrastructure?
- Can I return to an on-premise installation if desired?
Where will my data be stored?
Our hosted data service is provided by PIP Total IT Solutions, primarily located in Melbourne Australia.
Who manages the servers?
The ClockOn team has primary management on these servers. For additional support, our team will contact the PIP team on your behalf.
Who owns the ClockOn database?
As with self-hosted customers, the customer retains all legal ownership of the database and can request the information as needed. Please be aware that this does not extend to access to the data using the ClockOn program and that a ClockOn license will be required if the program interface is to be used.
What are the data backup policies and frequency?
Our hosted servers are backed instant basis through an agreement with PIP, in conjunction with this we also take daily copies of all customer data back to our local office, which is then stored offsite for additional redundancy.
All onsite and offsite backups are encrypted and password-secured and are retained for 10 days.
In the event of a server failure, what are the options for data recovery?
In the event of an issue where the server where your database is located has a major issue, we can handle this by requesting your server image to be set up on another system to bring it up online, this can usually be actioned within shortly after we have been made aware of an issue.
In the event that this is not possible, we also have the option to use our onsite backup to establish a temporary solution to allow access to your database. As a worst-case scenario, our team can install the database on a system at your local site.
Can I run my own backups?
No, as a user, you have no local access to the database and as such the option for you to take a local copy backup of your database is not available.
What is the approach for scheduled downtime?
Outages are scheduled out of hours where possible, customers will be informed via email prior to the outage with the type and expected duration.
SLA relating to hosted system uptime?
PIP hosting provide a 99.9995% service availability as they have measured over any 12-month period, however, at this time is currently no guaranteed SLA for system uptime from ClockOn, however, our team strives to provide the best possible service. If difficulties are experienced our team can be contacted on our support line by submitting a Support Request through our knowledge base.
We also have systems in place for remote monitoring to ensure that the ClockOn program continues to be responsive.
Will there be any compensation in the event that the uptime SLA is breached?
No, at this time we do not have a policy in place to compensate customers due to server downtime.
Is there a description of the hosted architecture available?
PIP hosting provides server-based Windows machines installed on an infrastructure designed to ensure maximum uptime using the VMware VSphere Enterprise system, this allows the systems to maintain connectivity even in the event of an individual server failure. While this is being resolved the redundant systems will kick in to avoid downtime.
Each of the hosted clusters runs a minimum of 5 head servers that are designed to all run to less than 50% capacity, this leaves a margin of at least 2 servers to cater for the load in the event of an issue.
In relation to the SAN (Storage Area Network) infrastructure, PIP uses Datacores’ SANsymphony. This provides a high-performance, robust, data storage method with high redundancy.
Active SAN arrays are run providing a continuously synchronised system between two completely separate SAN arrays ensuring that even if one fails there will be no loss of data at the application level.
How can my data be accessed?
The ClockOn database is accessed in the same way as if it was self-hosted, by using the ClockOn client application for admin functions. For employee self-service access we have the ClockOn Webportal and GO applications.
The team at ClockOn can assist you with the connection details for your Icon setup once your system is ready for use.
What are the network requirements for the hosted solution?
This greatly depends on the size of the database and the time that the company has been with ClockOn, however, our recommendation is that where possible a fixed internet line be used as mobile technologies can introduce other issues due to high their inherent network latency depending on the area that they are used from.
Are there any mandatory installation files required to use ClockOn remotely?
The files required to run ClockOn in a remote environment are the same as if it is running locally, this includes the ClockOn Client installer.
The installer will also check the system and install any prerequisites required to run the application, these include:
When a customer elects to move to hosting and their database has been shifted, the support team will advise them on their connection details for the icon setup.
Does the hosted solution comply with certified industry standards?
Yes, the ClockOn hosted solution adheres to the globally recognised ISO 27001 industry standards.
Also as part of the ATO's requirement, and for additional data security, we also enforce Multi-Factor Authentication for all hosted databases.
In the event of an issue, are audit logs available for review?
Yes, as is available in the desktop version, changes in the system are recorded and accessible through the ClockOn Audit logs. if help is required with interpreting this information please log a ticket by submitting a Support Request through our knowledge base system.
What privacy and security measures are in place for ClockOn hosting?
The database is only accessible via our secured remote client, and access is restricted through the use of a username and password combination. in conjunction with this, a requirement for 2-factor authentication is in place for all hosted clients where the connecting user has access to view any sensitive information.
In conjunction with this, all drives that contain customer information are encrypted using BitLocker, and traffic is encrypted for transit.
Are we able to run our own security audits using 3rd party providers?
As part of ClockOn's security policy, 3rd party operators are not privy to connecting to our servers and as such will not be permitted to conduct local security audits on our setups.
Will my data be on a shared infrastructure?
As per our standard design, clients who request hosting will be placed on a shared server.
If desired customers can be placed on a dedicated system at a higher hosting cost.
Can I return to an on-premise installation if desired?
Yes, the database itself is identical and if you choose to you can elect to request our team to transfer your database to a system to act as your self-hosted ClockOn server.