- 06 Aug 2024
- 8 Minutes to read
- Print
- DarkLight
Decisions Cloud Hosted Guide
- Updated on 06 Aug 2024
- 8 Minutes to read
- Print
- DarkLight
Benefits
Decisions' cloud deployment solutions have become a preferred choice for many customers over hosting their own servers. Our offerings provide a range of flexible options that deliver compelling benefits:
- Uptime guarantees
- Fewer barriers to troubleshooting complex issues
- Access to premium support services
- Managed upgrades for seamless access to the latest features, usability improvements, integrations, and App Store tools
- No downtime during license renewals each year
Hosting Architecture
We provide cloud hosting services through our Single Tenant SaaS Architecture, which is powered by Azure. This architecture ensures our customers receive a dedicated infrastructure tailored to their needs. Our Cloud Hosting option guarantees that none of our customers share a server or Decisions database. Instead, we offer a personalized hosting solution with a server and Decisions database exclusively for your company's use. This approach provides the highest security, flexibility, and scalability to meet customers' requirements.
Security
Data Storage
Decisions stores all designer configurations related to workflows, rules, integrations, and user interfaces on the Database Server created during installation. External data coming into the process will not be stored unless the customer directs it to be stored. Decisions generally does customer data, which is transferred or stored at the client's direction in their System(s) of record.
Data Retention
We understand that different customers may have unique needs and requirements for data retention, and we aim to provide the flexibility to accommodate those needs. We do not perform any cleanup or deletion of data unless explicitly requested by the customer. This means there is no specific time frame or length for which customer data can be stored on our servers. As a result, customers have full control over their data and can choose to keep it stored on our servers for as long as they need it. It is important to note that we take data privacy and security very seriously and have implemented measures to ensure the safety and integrity of customer data at all times.
Backup Practice
All client machines undergo off-site versioned backups every night, ensuring data security. Additionally, physical servers are imaged both weekly and monthly for comprehensive protection.
To maintain efficiency, the backup processes are staggered to initiate nightly, starting on Saturdays and Sundays at 9:00 PM ET. Furthermore, we conduct daily backups of Virtual Machine images, providing real-time data recovery options.
For safeguarding against security threats, Decisions uses a system designed to alert and prevent malicious attacks across all hosted environments. Client backups are kept and retained in the unfortunate event of a security incident or breach.
Backup Storage Locations
Environment | Backup Strategy | Backup Frequency |
---|---|---|
Customer Production Public Cloud | Virtual Machine Data and Databases via Azure Cloud | Daily for 1 Month Monthly for 1 Year Database 35-Day PITR Backups |
Customer Development Public Cloud | Virtual Machine Data and Databases via Azure Cloud | Daily for 6 Months |
Access
Decisions has implemented extensive permission capabilities to ensure user access to the Application Layer is restricted based on privilege. All users can be configured with granular permissions.
Roles | Access Description |
---|---|
Decisions Cloud Operations Team | Given at the client's discretion. For cloud-hosted, it is recommended that access to the application layer would be granted/restricted to appropriate IT or Support services personnel. |
Client Team | Access to the App can be managed through our native account services or through a 3rd party IDP such as Active Directory, Okta, or others. |
Securing an Installation
During installation, countering security risks and potential attacks on the instance or environment is crucial. Implementing security measures and protocols ensures data protection and a strong defense against threats throughout the application's lifecycle.
Decisions support several ways to secure an installation, including
- Installing with Windows Integrated Security Credentials
- Secure cookies
- Enabling HTTP Strict Transport Security (HSTS)
- Displaying exception details
- Excluding specific file extensions
- Protecting against cross-frame scripting and/or clickjacking
- Hiding the Server name from the Response Headers
Scalability
We provide vertical and horizontal scaling options, including clustered environments and load balancers, so you can easily handle increased traffic and processing requirements.
Reliability
Compliance
We are PCI/DSS certified and SOC2 Type 2 with HIPAA certified. We are committed to continuously improving our services. We are targeting HITRUST by Q4 of 2024. With our certifications, you have peace of mind knowing that your data is secure and protected.
Uptime Percentage
Our uptime guarantee is governed by the terms and conditions of the contract. Uptime is measured over each calendar month during the Term, with any unavailability due to an Exception excluded from the calculation. To ensure transparency and clarity, Exceptions are fully defined in the Decisions Master Services Software License Agreement.
Customer | Percentage |
---|---|
Standard | 99.5% |
Enterprise Production Clusters | 99.9% |
Disaster Recovery
In case of any natural disaster or emergency that may cause an interruption in our services, we are fully prepared to continue our operations in a timely manner.
Our approach to disaster recovery involves a three-phase plan. In the first eight hours, we aim to provide our clients with crucial information regarding the status of their systems and services. This information will be gathered from our cloud providers and relayed to clients quickly. In the next eight hours, we will focus on rebuilding servers and restoring backed-up data to ensure that our clients' systems are up and running again as soon as possible.
Finally, during the last eight hours, we will thoroughly test and validate the reinstalled systems to ensure they function correctly. This will enable us to hand over the systems to our clients for functional verification with the confidence that their services are fully restored and ready to use.
Performance
Instrumentation and Monitoring
- Our System health is monitored by third-party tools, which alert us when certain parameters are breached. This includes metrics such as increased memory consumption over time, spikes in memory that may cause Decisions Service failure, and disk space storage issues.
- Our standard hosting location is US East unless stated otherwise in the contract. Availability at other locations may be subject to additional costs.
Support
Responsibility Matrix
Application Layer | Responsibly Part | Uptime Guarantee |
---|---|---|
Custom Application Layer | Customer | N/A |
General Application Layer | Decisions | N/A |
OS/Application Server Management | Decisions/Customer | 99.95% |
Hosting Infrastructure/Networking | Customer IT/OPS | N/A |
Availability
At Decisions, we take pride in our commitment to delivering exceptional customer service. We have implemented a reliable and efficient communication protocol that ensures Licensees can access our support team 24/7. We offer multiple channels for submitting, modifying, and canceling support requests, making it easy for you to get the assistance you need when you need it. We aim to ensure that your experience with Decisions is always positive and that you feel confident in our ability to provide the support you require to keep your business running smoothly.
Response Time
Severity | Standard Contract | Enterprise Contract |
---|---|---|
Critical | < 4 Hours | < 1 Hour |
High | < 1 Business Day | < 1 Business Day |
Medium | < 2 Business Day | < 1 Business Day |
Low | < 2 Business Day | < 1 Business Day |
Maintenance Schedules
The Operations Team handles upgrades and system/infrastructure level patching during regularly scheduled maintenance periods.
We make every reasonable effort to provide advance notice for planned outages. Our monthly maintenance schedule follows this cadence:
- Third Saturday of every month for non-production between 1 AM-5 AM based on Server Timezone.
- First Saturday of every month for production between 1 AM-5 AM based on Server Timezone.
The Cloud Ops Team will send maintenance alerts for general maintenance, while your Customer Success Manager will send alerts for unscheduled maintenance.
Decisions Version Management
Every business has unique needs when managing its operations and workflows. We offer MT SAAS hosting, which allows you to manage a version of Decisions customized specifically for your instance.
To ensure that customers have a smooth upgrade experience, we follow the software development life cycle (SDLC) best practices. This means we upgrade lower environments and thoroughly test them before scheduling a production upgrade. By doing this, we can detect and address any issues early on, which helps prevent critical production issues from occurring during the upgrade process.
We take pride in providing our customers with a reliable and efficient hosting solution that meets their requirements. Our MT SAAS hosting service allows you to have complete control over your instance of Decisions, ensuring that it is customized to your unique business needs. With our careful approach to upgrades, you can trust that we will always prioritize the stability and security of your production environment.
Managing Custom Domain and SSL Certificates
HTTPS Communication and Custom Domains
Decisions requires using HTTPS communication without any exceptions. For customers who choose to employ custom domains, it is essential to furnish a PFX certificate for each unique URL.
SSL Certificate Monitoring and Renewal
Decisions monitors the status of SSL expiration and takes the initiative to solicit renewed certificates for custom domains with a lead time of up to 30 days. However, it's important to note that Decisions is not accountable for any delays in the renewal of certificate(s) for a custom domain(s). Customers who require assistance in provisioning custom domain PFX certificates are advised to engage their Customer Success Manager (CSM) or contact the Support Team.
DNS Configuration and IP Address Changes
Customers who choose to utilize custom domains must be responsible for managing the public DNS configurations for those domains. Decisions will promptly inform customers about any modifications to public IP addresses linked with these systems/services.
Uptime and DNS Resolution
Although we actively oversee the domains of hosted services, it's important to note that Decisions cannot be held accountable for any disruptions in uptime or outages resulting from public DNS resolution problems or changes related to a custom domain.
Cloud Operations Monitoring
Monitored Parameters
Monitoring practices are pivotal to maintaining System reliability, performance, and security. This section lists the elements our monitoring framework observes, ensuring a proactive approach to addressing potential issues.
Monitored Aspect | Parameters Checked |
---|---|
Server Availability | Monitors website status by sending HTTP requests to URLs and assessing responses to ensure online presence and correct functioning. |
Host Machine Failures | Monitoring is configured to send critical alerts for any downed Production machines, ensuring prompt attention to failures. |
High Memory | Monitors servers for high memory usage. A check is run every minute; the IT team gets an email alert if usage exceeds 90% for 15 mins. Persistent high usage for 8 hours automatically generates an IT ticket. |
High CPU | Monitors servers for high CPU usage. Email alert triggered if CPU exceeds 90% for 15 mins, signaling review by the IT team. |
Server Disk Space | All servers are configured to check if the available disk space becomes less than 10%. The alerts are sent to the IT team to review what is taking up space and free/increase disk space as required. |
Network Disk Space | Sends IT alerts if free space falls below 100 GB, ensuring sufficient storage availability. |
SQL Disk Space | Sends IT alerts if free space on the Production server's databases goes below 10%, preventing potential data issues. |
Exclusions
While comprehensive monitoring is crucial, not every parameter may be monitored due to various factors such as technical limitations, operational priorities, or privacy concerns. For instance, issues like trouble resetting passwords, Flow errors, or inability to access specific folders, while significant to the end-users, might not be tracked due to their relatively lower impact on the overall system stability and security.
Instead, the monitoring focuses on critical metrics directly impacting performance, security, and availability. This approach allows us to allocate resources effectively and focus attention where it matters most, ultimately enhancing the overall operational resilience of the cloud environment.