SunFish SaaS Services


The emergence of cloud computing solutions has decoupled IT based solutions from high upfront investment and in-house complexity of building and managing IT infrastructures. Software as a Service (SaaS), as one of the cloud computing solution forms, provides business applications completely hosted by the provider. Services are readily accessible to business users within reach of the internet.

DataOn offers its SunFish HR Professional and Enterprise editions as well as its SunFish ERP as SaaS solutions. In this scenario the HR solution is hosted at DataOn’s data center and offered at minimal one time set up and affordable monthly costs, which are backed by a team of dedicated, experienced and well-trained professionals that provide deployment consulting during set up, monthly support, software and hardware maintenance, backups, etc. While offering significant benefits regarding affordability, speed of deployment, no headaches managing IT infrastructure and maintenance, DataOn understands that SaaS solutions come with concerns regarding solution security, data loss, and downtime. The following sections outline the services DataOn provides to ensure data center security, software solution security, and data backup.

IT Infrastructure Management and Maintenance Services

With the provision of SunFish HR and ERP as a SaaS solution, DataOn does not just sell a software product but complete software application hosting, support and ongoing maintenance services. Although customers appreciate the benefits of shifting the cost and management of IT infrastructure and maintenance to the vendor, in the eye of most customers, this freedom comes at the price of controlling their own code, availability of the product, security and downtime concerns. DataOn addresses these concerns with a great security infrastructure and includes multiple components in its package that ensure high availability expectancy, and minimize unexpected downtime.


1. Service Delivery Protection and Availability

To ensure high availability of the IT infrastructure and SunFish application and minimal downtime, DataOn provides hosting for its solution in managed data center facilities that include the following services:

• Multi power sources, UPS and power generator backup
• 24 hour data center site monitoring
• Redundant Internet Connection (International and Local Exchange)
• Fire Suppression System (FM-200)
• Fully raised floors
• Warm Recovery Server
• Disaster Recovery Center
• Single point of contact for technical support

When it comes to managing System, Application and Data Availability, DataOn includes planned maintenance and updates to system components, including hardware upgrades and operating system maintenance; application and Data Level Backup; and backup transfer to Warm Recovery Server and Disaster Recovery Center in its SaaS package. To prevent data loss, DataOn applies following principles:

• Redundancy at storage level
• Full and Incremental Backup, including transactional log backup and recovery purposes
• Backup retention for archival and recovery purposes
• Application and Data Level Recovery Testing


2. Data Privacy and Security

DataOn ensures data privacy and security in a multi- tenancy environment by employing multiple layers of protection and advisories to meet customer’s security expectations. These layers cover areas host, network, application and data and include security maintenance for all involved third party components as well. SunFish SaaS has been tested to countermeasure more prevalent attacks on application services including Cross Site Scripting and Injection Attacks. To make sure customer data are private and secure, DataOn applies the below outlined techniques in their respective areas:

a. Multi-Tenancy Data Isolation

  • Application level isolation
  • Database level isolation 
  • Transaction and Data Session Isolation 
  • Hostname and Application URL Isolation 
  • Same level of isolation on warm recovery server

b. Physical Site Security Management

  • 24 hour CCTV monitoring and recording 
  • Biometric site access control 
  • Locked Cabinets 
  • Hardened server start-up configuration

c. Data Transport and Storage Encryption

  • HTTP and HTTPS Protocol for Web Delivery 
  • Server Level and Client Level Certificate Authentication 
  • Network Address (IP) Restriction
  • Virtual Private Connection (Additional)
  • Additional Authentication per directory/object level
  • Encryption at data level per SunFish native configuration, including compression and encryption at backup copies

d. Host Threats Management

  • Updated Antivirus and AntiMalware
  • Least Privilege on Application Engine and Database Services account provision
  • Account Management Policy
  • Remote Access Policy
  • Operator Access Control List
  • Patch Management Policy
  • Logon Audits (success and failure)

e. Application and Data Threats Management

  • Application Engine Hardening and Patching
  • Application Engine Level Filtering
  • HTTP Protocol Attacks
  • TCP/IP Protocol Attacks
  • Application Control
  • Data Authorization
  • Function Authorization
  • Group/Role Management
  • User Account and Password Policy
  • Tokenized User Session management
  • SQL Injection Control
  • Cross Site Scripting Control
  • Cross Site Request Forgery Control
  • File Upload Security Filtering
  • Audit Trail for Administrative Functions
  • Dangerous Functions Filter (Sandboxing)

f. Network Threats Management

  • Network and Host Firewall, including inbound and outbound connections
  • Network Intrusion Detection System
  • Network Access Throttling and Tarpitting

 

 

 

 

 

 

 


3. IT Service Performance Management

DataOn strives to keep its infrastructure and equipment is optimally functioning. For this reason, DataOn conducts continuous application, database and server performance monitoring and promotes improvement when and where applicable. Alerts and Sensors are deployed centrally to prevent disruption and performance bottlenecks. Following services are provided to ensure that all hosted components are performing at a high level:

• Single Point of Contact for Performance Issues
• Application Services Monitoring and Alerts
• Data Transport Level Compression
• Application Engine Level Performance Tuning
• Database Engine Level Performance Tuning
• Application and Database Computing Power Sandboxing (Separate Application and Database Server)
• Robust computing power provisioning for scalability

 

4. IT Service Configuration Management

Throughout its history, DataOn has provided solutions to small, medium and large corporations each with a different uniqueness and complexity in requirements regarding IT equipment and service management, system and data ownership, system change approval, or for their development, staging and production instances. With the good configuration management structures, DataOn has in place, it can extend these environments from on premise installation customers to customers running on SaaS, or managed collocation. Following services are included in DataOn’s configuration management:

• Application and Database Versioning and Packaging
• System Configuration backup for Replication and Recovery purposes
• System Wide Configuration Access Control and Approval Policy
• Consulting on technical delivery components, options for custom configuration
• Multi operating platform migration, for example Windows and Linux environment