Technical Features, Security and Continuity of the Novohit Cloud Managed Cloud Service
Definitions
Introduction
The Novohit Managed Cloud has the following features, which are an additional layer to the Novohit General Security and Continuity Features and are complemented by the Novohit SBUM (Support, Backups, Updates and Monitoring Service).
Novohit Cloud Instances
Instances are Linux-based Virtual Machines (VM) running on virtualized hardware. Each instance is unique, independent and dedicated. In general, instances have these characteristics:
- Rocky Linux 8 Operating System
- Located in the United States or Canada
- SSD disks (with NVMe option) with sufficient capacity to run Novohit without limitation.
- Between 4 and 32 Intel or AMD CPUs (Processors)
- Between 8GB and 256GB RAM
- Additional weekly automatic imaging in addition to SBUM agreement
- Bandwidth 6TB, virtually unlimited
- Static IP
Certifications
The Private Cloud single-tenant platform has the following certifications:
- SOC 1 Type II
- SOC 2 Type II audited by Ernst & Young LLP
- ISO/IEC 27001:2013 audited by ISO/IEC
- Cloud Security Alliance CSA Self-Assessment audited by Cloud Security Alliance
Continuity
The Cloud's Service Level Agreement (SLA) is 99.99% guaranteed:
- Private Cloud platform features are redundant and certified.
- Novohit's General Security and Continuity Features
Security
In addition to the Novohit Software Level Security schemes, the Cloud platform offers the following infrastructure:
- Implementation of all protocols that guarantee the certifications awarded and listed in the Certifications section.
- Restriction of physical access to datacenter facilities, according to the security features of the certifications mentioned above.
- Inbound Port Closure through Firewall or Firewall rules are based on the network and stateful control. Firewalls block all traffic that is not expressly allowed by the following rule. In general the allowed inbound rule is port 443 TCP or 1194 UDP on IPv4. In cases of VPN connections, only the corresponding VPN port is enabled.
- Connection to the server for administration tasks by Novohit with 3 levels of authentication and via DMZ proxy, access to which is reserved for specialized Novohit personnel with credential control. No third party access.
- Optional: Connection through VPN for access to the INTERNAL PLATFORM by Users. Requires coordination and is evaluated on a case-by-case basis.
Auditing and Monitoring
Active Monitoring: In addition to the Novohit Software Alerting scheme and the Zabbix-based SBAM service
monitoring scheme, the Novohit Cloud service has an additional monitoring layer that collects metrics on resource usage at the instance level and alerts on specific metrics such as abnormal CPU, RAM, Bandwidth and Disk Usage with integrated notifications to our help desk with alerts for our staff to be aware and track the operational health of the instance.
For more details on auditing, monitoring, vulnerability and penetration testing activities, see the Auditing and Monitoring section of Novohit's General Security and Continuity Features.
Independent Audits:
In addition to the Random Audits for Cloud instances, the following audits are associated with the certifications mentioned in the Certification section.
For more details, see the Novohit General Security and Continuity Features Audit and Monitoring SectionInventory of Information Assets
Novohit maintains the inventory of all data centers, data backup centers and operational instances. You can request a copy of the active inventory from the responsible person: MSc. Miguel Valderrama Weinmann, admin [@] novohit [.] com or by submitting a ticket at help.novohit.com, Administration Department.
Please
consider that a Server has a life time when it has a better performance
after that time it is more prone to fail. See On-Premises Server Lifetime.
Related Articles
Novohit General Security & Continuity Features
Definitions Go to: https://help.novohit.com/portal/en/kb/articles/universal-commercial-terms-novohit Introduction For all Novohit instances, whether on private On-premises servers or in the Cloud, Novohit has the following security features. Novohit ...Automatic Thermal Printers on CLOUD Server with VPN
Installation Requirements for Automatic Thermal Printers on CLOUD Server If your connection to Novohit is Cloud, a special VPN connection is required. This is because Novohit is "outside" of your company's LAN and in order for Novohit to print ...On-Premises Server vs Cloud Service - How, Why and When to choose local servers or migrate to the cloud
Novohit is a 3rd Generation ERP Suite, on a Web platform on a Linux architecture, PostgreSQL, PHP, Java, Actionscript and HTML5. Like any Web technology, it can be implemented on local servers (On Premises) or in the Cloud. Here are the details about ...Novohit Backup - Data Backups
Novohit performs incremental backups every day after the audit, these incremental backups are stored on our secure Cloud servers for an indefinite period of time. In case of hard disk failure or local server failure, we make the backup available to ...Remote Support via Novohit Assist
On some occasions, our staff may request access to the PC, mobile or Touch work on a computer to perform specific configurations on the PC device to verify that the local connections are adequate. For this, Novohit uses Novohit Assist, a ...