Simplicity Server, Environment, Support & Maintenance.
To build success you need to have solid foundations.
Support and maintenance is an integral part in ensuring a successful implementation. Following are recommended tasks and processes for your support and maintenance strategy. These tasks are not intended to be a complete list of all support and maintenance jobs and procedures that should be performed in your environment but a check list to ensure that you have a considered management plan in place..
Simplicity Support & Maintenance - Topics Index
Backups
All Simplicity databases should be backed up nightly.
Back-up logs should be kept to track when and what data has been backed up.
Validation of the backup and recovery strategy should be tested on a regular basis.
Back to Topics Index.
Change Controls
There is a formalised process for publishing changes through from development to test and also from test to production. The individual making the changes will vary based on the scope of the changes. This is a role performed by the back office or development team with the appropriate team members involved.
Appropriate documentation should be created for any change requests. It is recommended that formalised test plans are created and signed off for all change controls.
Simplicity has a case management system to manage the change control workflow. If you have this Simplicity module then this may be an appropriate tool to allow you to manage this process.
Back to Topics Index.
Data Management
Client data access should be restricted to the actual data itself and not physical media. Policies should be in place to ensure data is not written to physical media unless required. Only individuals requiring access to perform their daily functions should be granted access to the data.
All backups, production, test and development databases should be catalogued.
If physical media that holds copies of client data needs to be destroyed a low level format should be performed on the media. Where this cannot be successfully completed due to hardware failure the media should be physically destroyed.
Simplicity servers should be assembled to a build specification and be appropriately serviced. Client customer data or commercial information should be removed from any media, such as a hard drive, prior to it being passed onto a third party employed to resolve any hardware/software faults.
Where company laptops are serviced by third parties it is recommended that they are returned with an original disk image to the third party for servicing so there is no risk of unauthorised data being removed.
Back to Topics Index.
Database Management and Maintenance Tasks
Database maintenance is an important part in ensuring you are getting optimal performance from your database. Following are common tasks and processes you can incorporate into your database maintenance strategy. These tasks are not intended to be a complete list of all jobs that should be performed in your environment but a check list to ensure that you have a considered database management plan in place.
• Index fragmentation checks and maintenance.
• Identification of missing and unused indexes.
• Distribution statistics maintenance.
• Database backup, restoration and verification tasks.
• Correction of usage statistics.
• Recycling of SQL Server logs.
• Tracking of failed database login attempts.
• Identification of T-SQL statements that require possible optimisation.
• Collection of growth and storage usage statistics for database files and objects.
• Collection of SQL Server and windows performance counters.
• Detection and remedy of “Blocking Events”.
• Collection of uptime statistics.
• Collection and review of service pack levels.
• Identification and alerting of SQL Agent Job status or failures.
• Identification of Simplicity scheduled job statuses.
Back to Topics Index.
Disaster Recovery Plan
A disaster recovery plan for your Simplicity environment should be reviewed annually or when any major infrastructure changes occur.
Testing of database restoration processes should occur on a regular basis.
In the event of a disaster mission critical services should be restored across all implementations as a priority followed by non-critical services and websites.
Back to Topics Index.
Encryption
Secure protocols like SSL, SSH/SFTP should be used to protect data during transmission. SQL data should also be transmitted over an encrypted channel.
The Simplicity application may be configured to make use of your organisations AD authentication. This user must then also be granted permission via the Simplicity user maintenance application for a connection attempt to be successful. The additional security of a user’s pin/password can also be added.
Back to Topics Index.
Firewall
Firewall protection must be implemented for all Simplicity networks to protect them from unauthorised external access.
The firewalls should be regularly tested and reviewed.
Back to Topics Index.
Incident Handling and Escalation Procedures
Account directors should always be available should an incident occur that requires immediate action. Escalation processes should be in place to ensure the right people are notified within the shortest possible timeframe so appropriate courses of action can be taken.
Back to Topics Index.
Logging/Auditing/Monitoring
Windows servers should have logging enabled for events as deemed appropriate. SQL Server logging enabled as deemed appropriate. Basic audit logging of entity record changes are logged within the Simplicity database. Extended logging can be provided as required for client implementations.
Information captured in the audit logs should be appropriate for the client needs. It is often basic information as this is considered to be the minimal amount required to serve the purpose for logging.
Audit logs are stored locally on the host or stored centrally in the client’s database where appropriate.
Logs should be reviewed on a frequency as deemed appropriate.
Logs stored within the client database should be archived on a rotation and archived as appropriate.
Back to Topics Index.
Physical Security
All data centres hosting the Simplicity environment must provide an appropriate level of security. This will typically include industry standard security measures such as perimeter security gates, 24hr security guards, video surveillance, security swipe cards plus biometric security, security doors, man trap isolation room and locked racks to which only authorised personal have access keys.
The data centre should be in a controlled environment with air conditioning and temperature monitoring, multiple power feeds, backup power sources and multiple upstream data feeds.
Back to Topics Index.
Remote Access
Remote access should only be granted to users where this is required to enable them to perform their required daily tasks.
All staff remotely accessing Simplicity services should follow the same restricted access process and have all access logged.
Remote access should be controlled using appropriate security protocols where access is required for staff members to perform their daily tasks.
Where remote access is no longer required then remote access privileges should be revoked along with any associated access tokens or devices.
Back to Topics Index.
Security Policy
Security should be actively administered to meet your organisations security policy requirements.
This should include security rights, password policies, termination of employment or contract processes to name a few.
Back to Topics Index.
System Administration
The environment that has been provisioned for your Simplicity implementation should be built to a standard configuration to ensure products and services perform to required standards. This configuration should be well documented and reproducible.
System Administrators and SQL DBAs should monitor updates, security packs and hotfixes. On their recommendation these fixes once tested may then be rolled out across the Simplicity servers. Failure to adequately test these on the development or test environments prior to application may have catastrophic results if first applied to a production environment before being this provisional testing is performed.
Backups should always be performed prior to any update, security pack or hotfix being applied.
Back to Topics Index.
Third Party Access
The Simplicity product and its components are completely insular. No part of the product or its services is outsourced to another vendor.
Back to Topics Index.
Virus Protection
Anti-virus and malware solution should be implemented to cover all server systems and desktop systems that connect to production environments. Production mail systems may have an additional level of real-time content scanning. All disks on all productions servers should be scanned as part of a structured maintenance schedule.
Anti-virus software and virus definition files should be updated daily.
To ensure no malware is passed on to clients and their customers, anti-virus and malware software should be installed on all workstations that will be interacting with client data.
Back to Topics Index.
Help & Support