Performance features SaaS operation

(1)

Performance features

SaaS operation

(2)

Performance features

SaaS operation / Valid as of 08 April 2013 2

Fabasoft Distribution GmbH, A-4020 Linz, 2013

These documents are strictly confidential. Transmission and presentation of these documents alone does not establish any rights to our software, our services or service results or other proprietary rights.

Any passing on, publication or reproduction is prohibited. For the sake of convenience this document does not make use of gender-specific terms. Any terms shall refer to both women and men for the purposes of equal treatment.

(3)

2.1Security _____________________________________________________________________ 6 2.2Data security _________________________________________________________________ 8 2.3High availability _______________________________________________________________ 8 2.4Response time behaviour _______________________________________________________ 9 2.5Multi-client capability ___________________________________________________________ 9 2.6Scalability __________________________________________________________________ 10 2.7Transparency _______________________________________________________________ 10

(4)

Hardware and software environment

1.1 Applied hardware and software environment

Because of high requirements on the data processing centre, the entire hardware and software environment is designed for high availability, high reliability, simple scalability, high security and easy maintenance.

The following components, which were implemented for the operation of contracted software products, are illustrated in an overview chart:

Internet

Data center 1

Database server

Application server farm ... Backup server Backup data center Data center 2 Load balancer Database server File server Application server farm

... Firewall

Load balancer

File server

Reference work station

Firewall

The contracted software products are operated in a total of three computer centres. Two active computer centres (computer centre 1 and computer centre 2) are located at two different locations. The backup computer centre is collocated with computer centre 1.

(5)

Active computer centres

Both active computer centres are located at two separate locations. These locations are separated by a distance of approximately 2 km. Both computer centres are equipped with redundant climate control systems and redundant network infrastructures. In the event of a power interruption, the uninterruptible power supply at computer centre 1 can supply adequate power to the equipment for up to 15 minutes. Computer centre 2 has an uninterruptible power supply with a connected diesel emergency power generator, which supplies power to the equipment during longer power

interruptions.

Backup computer centre

The backup server and tape library for securing all data are operated in the backup computer centre. The backup computer centre is equipped with its own access control, redundant climate control systems and network infrastructure, and emergency power supply.

The applied components are described in the following:

 Reference workstation

The reference workstation is connected to the Internet via a network connection independent of saas.fabasoft.com. The availability of saas.fabasoft.com, as well as the fulfilment or non-fulfilment of contractual warranties in the software product information, is checked from the reference workstation.

The reference workstation is equipped with the following hardware configuration:

o Intel Pentium Dual-Core Processor 2.5 GH

o 2 GB RAM

The following software products are used on the reference workstation:

o Microsoft Windows XP Professional SP3

o Microsoft Internet Explorer 7.0

o Adobe Reader 9.1

o Microsoft Office 2007 SP1

o Fabasoft Folio 2013 Spring Release (Fabasoft Folio Plug-in)

o Fabasoft app.telemetry 2013 Spring Release

 Firewall

The firewall protects the entire environment against unwanted access from the Internet. Access to saas.fabasoft.com is only permitted via HTTPS (TCP port 443).

 Load distributor

The load distributor balances incoming requests across the application servers in the application server farm.

 Application server farm

The application server farm consists of several application servers. Processing logic is calculated on the application servers, and the display (HTML) for the web browser is also generated there. In addition, the application server is responsible for format conversion (with OpenOffice.org, for example). Special application servers also perform user authentication.

 Database server

(6)

 Backup server

A current, complete database is kept constantly on the backup server. The backup server and tape drives also perform a backup on backup tapes.

 Archive system

The archive system is responsible for write-protected archiving of content and is operated at both locations. Archived contents are replicated between locations.

1.2 Prerequisite hardware and software environment

The customer must operate a certification centre for the issuance of digital certificates. The customer bears sole responsibility for the security of issued certificates and/or the certification centre.

If there is a failure in the Internet connection, firewall or load distributor on saas.fabasoft.com, the network components used by the customer (especially proxy servers) must support the automatic failover on public IP addresses that are still available.

Moreover, every registered user must be provided with a workstation that complies with the requirements of Fabasoft Folio Compliance (see http://www.fabasoft.com/folio/saas/spi ).

2 Service Levels

2.1 Security

ISO 9001

The Fabasoft Group has been ISO 9001 certified since February 2002. ISO 9001 is an international standard that provides guidelines for the design of processes within a company and describes the entire quality management system on a model basis. This is meant to ensure that customers receive the quality they expect. Quality in this context means that the customer's requirements are met to the highest possible degree. The norm adheres to the following eight principles:

 Customer focus

 Leadership

 Involvement of people

 Process approach

 System approach to management

 Continual improvement

 Factual approach to decision making

 Mutually beneficial supplier relationships

At Fabasoft, the introduction of a quality management system, followed by annual audits by external auditors, means transparent processes, faster recognition of weak points, and clarity in terms of expertise and accountability. A dynamic continual improvement process guarantees constant further development in Fabasoft's quality and security.

ISO 27001

Fabasoft has been ISO 27001 certified since July 2007. ISO Standard 27001 is an internationally recognised standard for evaluating the security of IT environments. The scope of Fabasoft's certification specifies the requirements for complete information security management regarding all IT and business processes and all sensitive company information.

Fabasoft, in its capacity as a service provider, has sensitive business-related customer data. The confidentiality and accessibility of information are therefore important prerequisites for successful business operations and form the foundation of cooperation based on trust.

For our customers, ISO 27001 certification means compliance with clearly specified technical, security-related standards and the Fabasoft computer centre Service Levels defined by these standards.

(7)

Regular internal audits, as defined by ISO 27001 processes and measures, are the basis for the further development of internal IT security standards the continual adjustment to changing contexts and tasks.

The high requirements of the ISO certification are audited on a yearly basis and extended for another year if the audit is successful. The catalogue of requirements, which consists of approximately 130 measures, contains for example instructions regarding data protection, information handling, backup, recovery and risk assessment.

Security at the application level

All communications via the Internet are encrypted. Access to saas.fabasoft.com is only possible via a digital certificate issued by the customer. Data security is reflected in the application itself by means of a proven ACL concept.

Security at the network level

To prevent attacks on unmonitored ports, the firewalls for saas.fabasoft.com only accept HTTPS data traffic on TCP port 443. Network security is increased further by address translation technology.

Physical security

All computer centres are equipped with alarm systems that immediately alert law enforcement if there is an unauthorised attempt to enter a facility. Computer centres are also equipped with video surveillance and early fire detection systems. Admission to the computer centres is limited of course to authorised employees only.

Future prospects

Fabasoft is planning on expanding its service offerings in the software-as-a-service area. As an initial step, Fabasoft will therefore undergo an audit for revision security to be conducted by an external auditor up to the end of the financial year 2009/2010 (up to 31 March 2010). Fabasoft will also undergo an SAS 70 Type II certification process by the end of the financial year 2009/2010.

Revision security

The term revision security refers primarily to an audit-proof type of archiving for electronic archive systems. Such a system is oriented towards an understanding of revision in a business context, one that pertains to data and information that must or should be archived. In terms of electronic

archiving, revision security relates to both the technical components and the entire solution. The essential features of a revision-safe archiving system are:

 Contents are stored unchanged (in the original) and in a forgery-proof manner,

 Contents can be found with a search

 All actions in the archive are logged for reasons of traceability.

A revision-safe system must offer the user the option of ensuring compliance with company policy on data security and data protection over the useful life of the archive.

Archive systems or sales applications, or document management systems with connected archive systems, are typically audited on site individually for each company in individual certification processes. An overall certification for complete systems or components of hardware and software systems is not possible, particularly as the individual use, quality of processes and information, and secure operation are all essential factors in a certification.

SAS 70 Type II

(8)

SaaS operation / Valid as of 08 April 2013 8 An external auditor from the service provider prepares such a report. Because the SAS 70 report discloses the service provider's control systems, it is possible for the outsourcer to examine the service provider's implemented methodologies so that the outsourcer may achieve the necessary level of security and ensure that services are performed with the necessary care.

The SAS 70 standard differentiates between two types of audits and the SAS 70 report that results from an audit:

 SAS 70 Type I confirms the description of the service provider's internal control system at a specific point in time and contains the summarised results from an independent auditing firm.

 The objective of SAS 70 Type II is to comprehensively test the internal control system - in addition to a pure description of this system - and to evaluate its efficacy in detail. The audit takes place over a period of six months. The SAS 70 Type II report therefore contains the external audit firm's opinion on the service provider's control systems, a description of the control points and controls, information on the audit periods, a description of the auditing method, and a statement on the efficacy of the controls.

2.2 Data security

Metadata and contents are stored during the operation of the contracted software.

Metadata

The metadata are stored in a relational database system on database servers. The database servers are operated as a failover cluster with two cluster nodes. There is a cluster node in each of the two active computer centres. The data on the database servers are mirrored synchronously between both computer centres.

Contents

The contents are stored directly from the application servers to the file servers. The application server writes simultaneously to both file servers in both active computer centres.

A full online backup of the database is performed once per day. The saved data are stored on both database servers and on the backup server. In addition, all three computer centres maintain a constant record of the database with "log shipping" at intervals of 15 minutes maximum. After a full database backup, there is a daily full backup of contents on the backup server.

Once a week, the most current backup is stored on backup tapes with the aid of tape robots. In this procedure (disk to disk to tape), the backup tapes serve as the second level of security and are stored in a secure location after the backup is complete.

All hard disk configurations are currently performed on the basis of RAID 5 arrays, and one so-called hot spare disk is used per RAID 5 array.

The customer is responsible for checking content stored in saas.fabasoft.com for software viruses, worms, Trojan horses or other malicious software code.

2.3 High availability

Fabasoft operates the contracted software products in computer centres in a highly available configuration.

Every load distributor has its own public IP address. If a load distributor, firewall or Internet

connection fails, the web browser automatically switches over to the second public IP address of the load distributor that is still available. There is at least one operational load distributor in both active computer centres.

The load distributor tests the application servers for availability and functionality at regular intervals. Incoming requests are only forwarded by the load distributor to correctly functioning application servers. There is at least one application server per customer operating in both active computer centres.

(9)

The database servers are operated as a failover cluster with two cluster nodes. There is a cluster node in each of the two active computer centres. The data on the database servers are mirrored synchronously between both active computer centres.

The contents stored on the file servers are saved one file server at each of the active computer centres.

The computer centres are in operation 7 days a week, 24 hours a day, 52 weeks a year. There is a distinction made between core hours and off-peak hours at the computer centres in terms of operational availability. Core hours are on Austrian workdays (Monday to Friday) between 8:00 am and 6:00 pm; the rest of the time is considered off-peak hours.

Two variations are planned in terms of computer centre availability:

1. 99.7% availability in core hours per observation period (quarter) and customer 2. 99.0% availability in off-peak hours per observation period (quarter) and customer Announced maintenance windows are excluded in availability calculations. The availability of saas.fabasoft.com is measured on the reference workstation.

The following windows of time are reserved for maintenance operations:

 12:00 am Saturday to 7:00 am Monday.

 In urgent cases and upon announcement, maintenance will be done in off-peak hours. These reserved windows of time are only used as necessary for maintenance work. If maintenance work is required, this will be announced at www.fabasoft.com/folio/saas/trust.

A report on the availability of saas.fabasoft.com is prepared for each customer per observation period (quarter) and is provided electronically to the customer at the end of the quarter at

www.fabasoft.com/folio/saas/trust.

2.4 Response time behaviour

Response time behaviour for all incoming queries is measured directly on the load distributors at saas.fabasoft.com with the aid of Fabasoft app.telemetry software telemetry. An HTTP request that originates from a web browser qualifies as a query. The size of a query refers to the total sum of the query size and the answer to that query.

saas.fabasoft.com is designed for the following load per user:

 average size of a query (HTTP request): 100 KB

 Maximum document size: 100 MB

 Maximum number of queries (HTTP requests) per user per week: 5,000

For 97 percent of queries (HTTP requests), response time should be less than one second. A report on the response time behaviour of saas.fabasoft.com is prepared for each customer per observation period (quarter) and is provided electronically to the customer at the end of the quarter at www.fabasoft.com/folio/saas/trust.

2.5 Multi-client capability

saas.fabasoft.com is characterised by its multi-client capability. All of our customers share the basic components, such as for example the computer centre infrastructure, network infrastructure, load distributors and physical servers.

(10)

2.6 Scalability

All components that are necessary for the operation of the contracted software products are scaled when necessary in a simple way. Load distributors and the application server farm perform scaling adjustments by adding additional load distributors or application servers. The database and file servers also perform scaling adjustments by adding additional servers and simultaneously partitioning the data.

2.7 Transparency

Customers can call up information on the usage behaviour of their registered users on

saas.fabasoft.com in terms of response time behaviour, maintenance work, availability, and reports on compliance with Service Levels and the customer's utilised storage volumes, at

www.fabasoft.com/folio/saas/trust.

Future prospects - data extraction

It will be possible to provide customer data stored in the computer centre to the customer, for an additional fee. Metadata for business objects are provided in XML format and documents are rendered in their original format. The data extraction will be provided to the customer on LTO4 tape drives.