K2_Cloud_Service_Policies.pdf - K2 CLOUD – SERVICE POLICIES...

This preview shows page 1 - 6 out of 35 pages.

The preview shows page 4 - 6 out of 35 pages.
K2 CLOUDSERVICEPOLICIES5/17/2019
K2 CLOUD – SERVICE POLICIES© 2019 SOURCECODE TECHNOLOGY HOLDINGS, INC.1TABLE OF CONTENTS1INTRODUCTION...............................................................................................................42ONBOARDING JOURNEY..................................................................................................43ROLES..............................................................................................................................53.1CUSTOMER ROLES.............................................................................................................................................................53.2 K2 SERVICE PROVIDER ROLES.....................................................................................................................................64PRE-REQUISITES AND REQUIREMENTS.............................................................................75K2 CLOUD SERVICES.........................................................................................................85.1INCLUDED SERVICES.......................................................................................................................................................85.2ADD-ON AND ADDITIONAL COST SERVICES......................................................................................................115.3EXCLUDED SERVICES....................................................................................................................................................125.4 SERVICE REGIONS...........................................................................................................................................................136SERVICE AVAILABILITY...................................................................................................146.1OVERALL SERVICE AVAILABILITY.........................................................................................................................146.2TOTAL AVAILABLE MINUTES PER MONTH........................................................................................................146.3DOWNTIME MINUTES..................................................................................................................................................146.4SCHEDULED MAINTENANCE.....................................................................................................................................146.4.1 SCHEDULED MAINTENANCE NOTIFICATION...............................................................................................146.5UNSCHEDULED MAINTENANCE..............................................................................................................................156.5.1 UNSCHEDULED MAINTENANCE NOTIFICATION.........................................................................................156.6SERVICE LEVEL REMEDY POLICY...........................................................................................................................156.7SERVICE LEVEL EXCLUSIONS....................................................................................................................................166.8NETWORK BANDWIDTH AND LATENCY.............................................................................................................177TECHNICAL SUPPORT.....................................................................................................178HIGH-LEVEL ARCHITECTURE...........................................................................................179DATA INTEGRATION......................................................................................................189.1STANDARD DATA INTEGRATION OPTIONS.......................................................................................................189.2DATA INTEGRATION SECURITY..............................................................................................................................1910SECURITY...................................................................................................................1910.1ACCESS CONTROL........................................................................................................................................................2010.1.1SYSTEM HARDENING...........................................................................................................................................2010.1.2SYSTEM AND APPLICATION ACCESS CONTROL, USER AND PASSWORD MANAGEMENT.......20
K2 CLOUDSERVICE POLICIES© 2019 SOURCECODE TECHNOLOGY HOLDINGS, INC.210.2INFRASTRUCTURE SECURITY................................................................................................................................2010.3AUTHENTICATION......................................................................................................................................................2110.4AUTHORIZATION.........................................................................................................................................................2110.4.1SYSTEM ACCESS AND APPLICATION AUTHORIZATION........................................................................2110.4.2INTEGRATION-SPECIFIC AUTHORIZATION................................................................................................2310.5 NETWORK TRAFFIC SECURITY..............................................................................................................................2310.5.1DATA TRANSPORT ENCRYPTION...................................................................................................................2410.5.2NETWORK AND FIREWALLS.............................................................................................................................2510.5.3ISOLATION AND SEGREGATION......................................................................................................................2510.6DATA SECURITY............................................................................................................................................................2510.6.1TRANSIENT DATA.................................................................................................................................................2510.6.2BACKUP DATA.........................................................................................................................................................2610.6.3CUSTOMER DATA OWNERSHIP.......................................................................................................................2610.7MOBILE DEVICE SECURITY.....................................................................................................................................2610.8SECURITY INCIDENT RESPONSE..........................................................................................................................2610.8.1 COMPUTER SECURITY INCIDENT MANAGEMENT TEAM (CSIMT)....................................................2610.8.2INCIDENT RESPONSE PLAN..............................................................................................................................2710.9SECURITY CERTIFICATES AND DETAILS..........................................................................................................2810.9.1ISO 27001:2013......................................................................................................................................................2810.9.2SOC 2 TYPE 2...........................................................................................................................................................2811INCIDENT RESPONSE...................................................................................................2911.1DEFINITIONS..................................................................................................................................................................2911.1.1INCIDENT..................................................................................................................................................................2911.1.2DISASTER..................................................................................................................................................................2911.1.3RECOVERY POINT OBJECTIVE (RPO)............................................................................................................2911.1.4RECOVERY TIME OBJECTIVE (RTO)...............................................................................................................2911.2HIGH AVAILABILITY AND REDUNDANT INFRASTRUCTURE..................................................................2911.2.1NETWORK.................................................................................................................................................................2911.2.2APPLICATION SERVERS......................................................................................................................................3011.2.3DATABASE SERVERS............................................................................................................................................3011.3DISASTER RECOVERY AND DATA RESTORATION STRATEGY................................................................3011.3.2SERVICE LEVELFAILOVER AND DISASTER RECOVERY.....................................................................3011.3.3DATA BACKUP AND RESTORE STRATEGY...................................................................................................3011.3.4SERVICE LEVELDATA BACKUP....................................................................................................................3011.4 MEASUREMENT AND MONITORING....................................................................................................................3112CHANGE MANAGEMENT.............................................................................................3112.1SERVICE-INITIATED CHANGES..............................................................................................................................3112.2.1K2 SOFTWARE UPDATES....................................................................................................................................3212.2.2STAGGERING K2 SOFTWARE UPDATES.......................................................................................................32
K2 CLOUDSERVICE POLICIES© 2019 SOURCECODE TECHNOLOGY HOLDINGS, INC.312.3CUSTOMER-INITIATED CHANGES........................................................................................................................3213ACCEPTABLE USE POLICY............................................................................................3314SUSPENSION AND TERMINATION POLICY....................................................................3314.1TERMINATION OF SERVICE....................................................................................................................................3314.1.1TERMINATION OF TRIAL ENVIRONMENTS................................................................................................3314.2SUSPENSION OF SERVICE........................................................................................................................................3414.3CUSTOMER DATA OWNERSHIP RIGHTS...........................................................................................................34
K2 CLOUDSERVICE POLICIES© 2019 SOURCECODE TECHNOLOGY HOLDINGS, INC.41INTRODUCTIONK2 Cloud is a cloud-based, hosted Platform-as-a-Service (PaaS) offering that provides K2 software andsupporting components as a service(the “Service”) whichallows K2 customers who prefer a “cloud first”strategy to utilize a cloud-based service, in which software and associated maintenance operations canbe licensed as a comprehensive service managed by K2. With K2 Cloud, K2 provides and maintains the

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 35 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Spring
Professor
N/A
Tags
K2 Cloud, SERVICE PROVIDER ROLES

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture