• No results found

EmpLive Technical Overview

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "EmpLive Technical Overview"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

Version 1.6

Updated 27/08/2015

(2)

2

Legal Notice

Copyright © WFS: A WorkForce Software Company. All Rights Reserved.

(3)

Table of Contents

Introduction ...2

WFS: A WorkForce Software Company ...2

Partners ...2 Technology ...3 System Requirements ...4 Infrastructure ...4 Data Centre ...5 Security ...5 Network Security ...6 Communication Security ...6 Web Application ...6

Biometric Terminal Data ...6

Software Security ...6 Operating System ...6 Web Application ...6 Database Access ...6 User Authentication ...7 Password Management ...7

Single Sign-On (SSO) ...7

Privacy ...7

Privacy Standards ...7

Internal Security and Privacy Policy ...7

Employment Security Checks ...7

Company Information Security and Privacy Policy ...7

Performance and Monitoring ...8

Redundancy and Disaster Recovery ...8

(4)

2

Introduction

WFS: A WorkForce Software Company

WFS: A WorkForce Software Company (WFS Australia) is a leading provider of cloud-based workforce management solutions for Australian and New Zealand employers. The company’s EmpCenter® and EmpLive® suites enable organisations to automate time and attendance, streamline absence and leave management, optimise staff rostering, gain real-time visibility into labour costs and productivity, and mitigate the risks of employee fatigue. EmpCenter is an enterprise-grade software suite that provides total workforce coverage and simpli¬fies labour compliance for large and multinational employers. EmpLive (previously sold as RosterLive) offers powerful functionality that can be rapidly deployed in small to midsized organisations.

Based in Sydney, WFS Australia pairs local expertise with the strength and stability of a global provider. More than 250 Australian and New Zealand companies rely on WFS Australia solutions today.

For more information, visit www.wfsaustralia.com or call +61 2 8399 1688.

Partners

(5)

Technology

EmpLive is a cloud-based system that utilises proven technology to provide a robust workforce management solution. WFS Australia customers’ have the reassurance and confidence that the supporting system architecture is backed by well-known names in IT – Microsoft® Corporation and Dell.

EmpLive is designed and built using Microsoft® technologies: .NET Framework, SQL Server, Windows Server and SQL Reporting Services. We have chosen the Microsoft® .NET Framework above other competitive web technologies for a number of reasons:

y Maturity and Flexibility: The .NET framework is a full object oriented and flexible developing platform utilising more than 20 other CTS-compliant languages. In that sense, it is truly interoperable with existing programmers’ skills, improving re-usability and reducing complexity. These make the developed applications easily maintainable and accelerate support and service.

y Integration and Scalability: .NET Framework 4.5 provides a new level of internal and external secure

communication through Windows Communication Foundation providing a “unified programming model for building service-oriented applications” to interface with 3rd party services using standard protocols such as RPC and SOAP.

y Security: E-commerce and enterprise data applications can effectively use the in-built comprehensive range of security and cryptography libraries of the .NET Framework.

y Web Application Framework: The ASP.NET framework, used to build dynamic web applications and services provides the developers the tools to easily create a sophisticated and robust web solution. The advanced debugging environment shortens the development cycle and allows developers to rapidly build and deploy applications. Also, because ASP.NET is a pre-compiled solution it provides performance benefits over other script-based technologies.

y Community Support: Widespread usage of the .NET Framework by the development community provides a large number of technical resources available on the market globally. This makes developing using the .NET Framework the logical solution of choice by many well-known organisations.

y Brand Assurance: The .NET platform is backed and strongly supported by Microsoft®. The community also provides a significant number of developing tools.

To mitigate the risk of product failure, EmpLive is deployed on the latest Microsoft® Windows servers and uses Microsoft® SQL Server as its database engine.

Another key technology employed by EmpLive is SQL Reporting Services. This technology is a proven standard solution for designing, managing and delivering scalable reports via the Web and embedded in enterprise applications. SQL Reporting Services provides EmpLive users the following benefits:

y Cost effective development: Reports can be rapidly designed and deployed.

y Exporting: Provide native support to export onto PDF and Excel.

y Future Proofing: Backed by the Microsoft® brand.

(6)

4

System Requirements

Using EmpLive requires a computer with the following:

y An internet connection

y A modern browser enabled with JavaScript, cookies and SSL

Note that EmpLive supports the current and previous major releases of Internet Explorer, Chrome, Firefox and Safari.

Infrastructure

EmpLive is deployed in a private cloud. There is dedicated power, network and hardware infrastructure allocated exclusively for all the EmpLive customers. EmpLive runs on a multitenant environment where a single instance of the software serves multiple customers.

Primary

(7)

Data Centre

EmpLive operates from the Equinix SY3 IBX (International Business Exchange) in Alexandria, NSW. The data centre has been functionally designed to meet the Tier 3 requirements of the TIA-942 standard. Features include:

y Multiple active power and cooling distribution paths

y Redundant components, and is concurrently maintainable, providing 99.982% availability

y ISO27001 certified

y Accredited “green” building which has achieved a Gold rating in the LEED ratings of the US Green Building Council.

y Approved by AGIMO (The Australian Government Information Management Office) to be a data centre for federal government information.

Security

WFS Australia understands that data availability, confidentiality and integrity are key to our customer’s operational success. We invest significant resources to continually monitor, audit, and upgrade our security infrastructure and processes as new standards are developed and accepted.

Physical Security

The customer data is hosted in a world class data centre, Equinix IBX Centre. These facilities provide the following support:

y Staffed 24 hours a day, 365 days a year

y 24x7x365 CCTV recordings

y Access by appointment only, with sign in procedure and visual confirmation by trained security officers

y Access control (man traps) and biometric readers at all main entry points

y Security features, equipment and procedures enabling staff to track the whereabouts of anyone in IBX at anytime

y Customer caged areas

For more information on the Equinix data centre go to:

(8)

6

Network Security

The customer data is hosted by WFS Australia and placed in a restricted access network.

y Perimeter firewalls guarantee only valid IPs and ports are allowed access to the network.

y A third party network monitoring tool continuously scans the network and provides real time alerts.

y WFS Australia monitors and analyses security logs to proactively identify security threats.

Communication Security

Web Application

All communication between the user and the EmpLive, ESS and ClockLive web applications is encrypted through Secure Socket Layer (SSL) via the HTTPS protocol. Note that all requests are sent through the secure SSL channel, not just the login information.

A premium SSL certificate is deployed in the ESS web application providing extended validation, green address bar, 128-bit minimum to 256-bit encryption and vulnerability assessment. This premium SSL certification is powered by Verisign, the most trusted industry-leading SSL provider used by the world’s largest financial institutions. The premium SSL certificate is available to customers for their EmpLive web application on request.

Biometric Terminal Data

The biometric information captured during the enrolment process and authentication is encrypted and kept within the ACTAtek terminal itself and not transmitted anywhere else. For additional security, WFS Australia recommends that the external IP or URLs allocated by the client for the biometric terminals use the HTTPS protocol.

Software Security

Operating System

During the scheduled maintenance times, the latest security patches available are applied. This ensures that operating system vulnerabilities cannot be used to gain unauthorised access to WFS Australia.

Web Application

WFS Australia tests all code for security vulnerabilities before release. Third-party application vulnerability threat assessments are conducted on a monthly basis.

Database Access

(9)

User Authentication

Password Management

Users are authenticated with a username and password combination. Following the ISO 27001 guidelines for password management, EmpLive passwords must include:

y a minimum length of eight characters

y a lower case character (a-z), a capital character (A-Z), a numeric character (0 – 9) and a special character (@ # $ & / +)

Customer based settings are also available to assist with password expiry reminders, password recycle thresholds to avoid password reuse and lock out mechanisms for multiple login failures.

Single Sign-On (SSO)

Single-sign on integration is available with both the EmpLive and ESS web applications. SSO is achieved using SAML 2.0 supporting both Identity Provider (IdP) initiated and Service Provider (SP) initiated sequences.

Privacy

Privacy Standards

WFS Australia complies with the Australian Privacy Act and confidential standards by ensuring:

y Customer data is secure and accessible by the customer when required

y When sharing data with integrated systems only the data required is collected and transferred

y Sensitive data such as passwords are stored encrypted with a one-way hash WFS Australia also observes Microsoft security best practices.

Internal Security and Privacy Policy

Employment Security Checks

All WFS Australia employees must submit a police check and at least 2 referees are contacted during the employment process. Access to WFS Australia systems and data is granted on a need to see basis with limited access given until the employee’s probation period ends.

Company Information Security and Privacy Policy

Employees are responsible for adhering to security and privacy policies and for escalating violations to those policies. The Company Information Security & Privacy policy covers:

y Logical Security – security measures for accessing electronic information resources through logical means e.g. via software or network controls, procedural controls relating to password management, security of data, communications security and reduction of risks from computer viruses software.

y Physical Security – security measures for controlling access to electronic information through physical means; physical access control and procedural controls which restrict access to computer systems and information.

y Staff Policies – security measures with respect to associate acceptable use of technology resources and other organisational issues such as contractor and vendor access.

(10)

8 y Escalation Procedures – steps to report a policy violation.

y Disaster procedures – ensuring business continuity.

Performance and Monitoring

The production environment is monitored and setup with email and SMS alerts to the WFS Australia Team to ensure quick response time to urgent issues. Multiple monitoring systems are setup to ensure multilayer coverage across critical components of the environment:

y Network monitoring

y Server monitoring

y Database monitoring

y Application monitoring

WFS Australia also monitors server health and application login response time for any changes in baseline configuration. The diagram below is results from recent monthly usage of EmpLive. It shows an average browser page load time of 3.73 seconds for an average browser throughput of 116 ppm (pages per minute).

Redundancy and Disaster Recovery

All application servers and database servers have redundant hardware. WFS Australia has multiple high speed internet connections via independent upstream providers for redundancy. A fully redundant network design has been adopted to eliminate a single point of failure all the way through the network to each server. Routing infrastructure consists of redundant border routers and switches coupled with redundant core routers and switches. Edge switches located in each rack utilise redundant hand o s from the core switches. We also maintain a disaster recovery facility situated on an alternate power grid.

Database Availability

(11)

Backups

To ensure data availability and recovery, WFS Australia performs regular database backups and stores them on disks maintained at separate locations.

Daily full and transactional database backups are retained up to 3 months to enable data recovery to a specified point in time.

Fortnightly application and database backups. These backups are copied across redundant servers and a disk based backup appliance for quick restoration.

Monthly application and database backups are retained up to 7 years for data recovery and auditing.

Recovery

In case of a database failure, the EmpLive application automatically redirects its connection information to the redundant database server. The redundant database server synchronously mirrors the live database server, and thus no data loss is incurred during the failover. In case of an application failure, the EmpLive application is redeployed to a redundant application server.

Operational Policies

Change Management

WFS Australia adheres to documented Change Management Procedures. All changes require security impact assessments, testing, customer notice period assessment, and approval from the Change Approval Board. The Change Approval board consists of the WFS Australia management team and company executives as required.

Capacity Management

The production environment is monitored daily using several tools to assist with capacity management: disk space, memory, application and database performance, etc. The application usage and infrastructure performance is reviewed quarterly to ensure that the load is distributed evenly to amongst the pool of servers and that our resources are used in the most efficient manner. Infrastructure improvement tasks maybe scheduled after a quarterly review if necessary.

Incident Management

Incident and problem detection and management procedures are set out in the company’s software security and privacy policy, in summary:

y In the event of a suspected breach of security or privacy, or unauthorised disclosure of customer data, the Development Manager and General Manager will be immediately notified.

y The response to the breach will be to deny further exposure and to quickly restore services.

y The incident team will assess the risk and determine the appropriate response.

y The incident team will determine who needs to be notified about the Incident.

(12)

References

Download now ( PDF - 12 Page - 763.99 KB )

Related documents

Hosted Solution Provider Achieves Percent Uptime While Supporting Rapid Growth

The database servers run Windows Server 2008 R2 Enterprise and Microsoft SQL Server 2008 Enterprise data management software, and SQL Server Reporting Services is used

Installation & Configuration Guide Version 1.0. TekSIP Route Server Version Installation & Configuration Guide

TekSIP Route Server uses built-in Microsoft Access database by default.. If you plan to use a Microsoft SQL Server database, create database and “Routes” table

David Tongs Lecture Notes Qft

Post on particle physics by david tongs notes are intended to me and is qft lectures on particle physics forums instead of the need for various courses.. Assume any case, textbook for

Models HP IMC MPLS VPN Software Module with 50-node E-LTU

•Microsoft SQL Server 2008 Service Pack 3 (Windows only) •Microsoft SQL Server 2008 R2 Service Pack 2 (Windows only) •Microsoft SQL Server 2012 Service Pack 2 (Windows only)

BSI-DSZ-CC for

The evaluation of the product Database Engine of Microsoft SQL Server 2008 R2 Enterprise Edition and Datacenter Edition (English) x64, Version

How to License Microsoft Dynamics GP 2013 and Microsoft Dynamics NAV

Licenses for additional software that may be required for the solution—such as Microsoft Windows Server, Microsoft SQL Server, and Microsoft SharePoint Server—and their

Sage CRM Technical Specification

Product Version License Requirement Application Server Microsoft Windows 2000 Server Or Microsoft Windows Advanced Server 2000 Or Microsoft Windows 2003 Server Or Microsoft Windows

CONSOLIDATING SERVERS WITH THE DELL POWEREDGE R720 RUNNING MICROSOFT WINDOWS SERVER 2012 AND MICROSOFT SQL SERVER 2012

A Principled Technologies test report 12 Consolidating servers with the Dell PowerEdge R720 running Microsoft.. Windows Server 2012 and Microsoft SQL Server 2012