Difference between revisions of "Startup FAQ"
old>Admin |
|||
| (37 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
== Requirements == | |||
TS recommends using hosted cloud servers, but on prem setup is also possible. | |||
Read about [[Requirements]] if you want to install your own server. | |||
== Data handling == | == Data handling == | ||
=== Storage and backup === | |||
You can choose between | You can choose between | ||
* On premisis ( | * On premisis (customer location) | ||
* Cloud hosting | * Cloud hosting | ||
Cloud hosting will be handled on AWS | Cloud hosting will be handled on Amazon Web Services Europe (AWS) datacenters in either Ireland or Sweden. | ||
Backup is done to segregated triple redundant storage | Backup is done to segregated triple redundant storage | ||
* | * Nightly for 2 months | ||
* Monthly for | * Monthly for 2 years | ||
=== | === Access and ownership === | ||
Data in the systems belongs to exclusively to the customer. | |||
TS support will in some cases need to access data under non-disclosure obligations. | |||
=== GDPR compliance and retention === | |||
The platform contains everything needed for GDPR compliance in your systems. | |||
A data processing agreement will be issued to your organization automatically | Using workflow automation automatic deletion or anonymization can be set up: This should be configured in accordance with your data retention and privacy policy. | ||
A data processing agreement will be issued to your organization automatically. | |||
== Security == | == Security == | ||
=== Authentication === | |||
Authentication is based on username/password. | Authentication is based on username/password. | ||
| Line 32: | Line 39: | ||
* IP address of callers | * IP address of callers | ||
Single | ==== Single sign on (option) ==== | ||
Single sign on integration is included for | |||
* ADFS | * ADFS | ||
* LDAP (and AD) | * LDAP (and AD) | ||
* Google, Azure, Facebook, LinkedIn | * Google, Azure, Facebook, LinkedIn | ||
==== Authorization | A group membership synchronization exists for | ||
* ADFS | |||
* LDAP | |||
==== Anonoumous users (option) ==== | |||
External users can access data via the following methods | |||
* Create new records: Public link | |||
** Services can be protected by a CAPTCHA test | |||
* Edit existing records: Specific link sent to user | |||
** Links can expire after certain amount of time | |||
=== Authorization === | |||
User permissions are granted via inheritable group membership | User permissions are granted via inheritable group membership | ||
| Line 49: | Line 68: | ||
* Bulk operations | * Bulk operations | ||
=== Encryption === | |||
Transport encryption is based on SSL via HTTPS policies | Transport encryption is based on SSL via HTTPS policies | ||
* Cloud hosting includes option for free SSL certificates | |||
Storage encryption is best handled via operating system measures | Storage encryption is best handled via operating system measures | ||
| Line 56: | Line 76: | ||
* Windows: Bitlocker | * Windows: Bitlocker | ||
Passwords are hashed using BCrypt algorithm. | |||
=== Protection === | |||
Platform complies with all requirements in OWASP level 2 | Platform complies with all requirements in OWASP level 2 | ||
* Hacking: SQL injection, XSS, CSRF | * Hacking: SQL injection, XSS, CSRF | ||
| Line 65: | Line 85: | ||
== Requirements == | == Requirements == | ||
=== Languages === | |||
Frontend can run multiple languages | Frontend can run multiple languages simultaneously. | ||
* Preconfigured languages | |||
** English | |||
** Danish | |||
* Other languages can be setup in the backend | |||
Backend language is English | |||
=== Software === | |||
==== User clients==== | ==== User clients ==== | ||
A modern browser is needed | A modern browser is needed | ||
* Chrome | * Chrome | ||
| Line 82: | Line 104: | ||
To use certain features an office suite will be needed (any version later than 2010) | To use certain features an office suite will be needed (any version later than 2010) | ||
==== Servers ==== | ==== Servers (option) ==== | ||
On | ''Cloud hosting servers will not require any additional software'' | ||
On premises installations will need | |||
* Java 7+ | * Java 7+ | ||
* MySQL 5+ | * MySQL 5+ | ||
* Servlet engine | * Servlet engine | ||
=== Technical skills === | |||
==== Normal user ==== | |||
Users will need no special training for basic usage. | |||
Some users may require ½ day training, for learning advanced features such as: | |||
* Reporting and personal views | |||
* Bulk data handling (import/export) | |||
==== Developer (option) ==== | |||
''This role is optional for customers wanted to develop applications inhouse.'' | |||
In order to build and maintain applications 1 day of training is needed. | |||
==== Administrators (option) ==== | |||
''This role is optional for customers using on premisis hosting.'' | |||
Perfom platform maintenance upgrade requires very little skill, as the software is self-upgrading | |||
# Stop service | |||
# Copy archieve | |||
# Start service | |||
== Licenses == | == Licenses == | ||
==== Anonoumous users | === Normal users === | ||
Only '''active''' users are paid for, down to a minimum of 5. | |||
All users using a specific interface is counted as a single user license (1 SUL). | |||
A service can be configured in order to automatically deactivate inactive users. | |||
=== Anonoumous users === | |||
Anonymous users are paid for per '''active''' interface (access to a solution): | |||
* All users using a specific interface is counted as a single user license (1 SUL). | |||
* Solutions can support multiple anonymous users via multiple interfaces | |||
=== Light users === | |||
Some users will only cost a fraction of a normal user license (SUL) | Some users will only cost a fraction of a normal user license (1/4 SUL) | ||
* Only read access | * Only read access | ||
* Infrequent users | * Infrequent users | ||
* Simple solutions | * Simple solutions | ||
Latest revision as of 19:47, 8 November 2024
Requirements
TS recommends using hosted cloud servers, but on prem setup is also possible.
Read about Requirements if you want to install your own server.
Data handling
Storage and backup
You can choose between
- On premisis (customer location)
- Cloud hosting
Cloud hosting will be handled on Amazon Web Services Europe (AWS) datacenters in either Ireland or Sweden.
Backup is done to segregated triple redundant storage
- Nightly for 2 months
- Monthly for 2 years
Access and ownership
Data in the systems belongs to exclusively to the customer.
TS support will in some cases need to access data under non-disclosure obligations.
GDPR compliance and retention
The platform contains everything needed for GDPR compliance in your systems.
Using workflow automation automatic deletion or anonymization can be set up: This should be configured in accordance with your data retention and privacy policy.
A data processing agreement will be issued to your organization automatically.
Security
Authentication
Authentication is based on username/password.
Optionally 2-factor authentication can be set up using af mix of
- SMS sent to phone
- IP address of callers
Single sign on (option)
Single sign on integration is included for
- ADFS
- LDAP (and AD)
- Google, Azure, Facebook, LinkedIn
A group membership synchronization exists for
- ADFS
- LDAP
Anonoumous users (option)
External users can access data via the following methods
- Create new records: Public link
- Services can be protected by a CAPTCHA test
- Edit existing records: Specific link sent to user
- Links can expire after certain amount of time
Authorization
User permissions are granted via inheritable group membership
Authorization schemes
- Field level control
- State model
- Data ownership
Additionally special roles can be assigned
- Administrator (backend)
- Bulk operations
Encryption
Transport encryption is based on SSL via HTTPS policies
- Cloud hosting includes option for free SSL certificates
Storage encryption is best handled via operating system measures
- Linux: LUKS
- Windows: Bitlocker
Passwords are hashed using BCrypt algorithm.
Protection
Platform complies with all requirements in OWASP level 2
- Hacking: SQL injection, XSS, CSRF
- Password policies
Requirements
Languages
Frontend can run multiple languages simultaneously.
- Preconfigured languages
- English
- Danish
- Other languages can be setup in the backend
Backend language is English
Software
User clients
A modern browser is needed
- Chrome
- Mozilla firefox
- Microsoft edge
To use certain features an office suite will be needed (any version later than 2010)
Servers (option)
Cloud hosting servers will not require any additional software
On premises installations will need
- Java 7+
- MySQL 5+
- Servlet engine
Technical skills
Normal user
Users will need no special training for basic usage.
Some users may require ½ day training, for learning advanced features such as:
- Reporting and personal views
- Bulk data handling (import/export)
Developer (option)
This role is optional for customers wanted to develop applications inhouse.
In order to build and maintain applications 1 day of training is needed.
Administrators (option)
This role is optional for customers using on premisis hosting.
Perfom platform maintenance upgrade requires very little skill, as the software is self-upgrading
- Stop service
- Copy archieve
- Start service
Licenses
Normal users
Only active users are paid for, down to a minimum of 5.
A service can be configured in order to automatically deactivate inactive users.
Anonoumous users
Anonymous users are paid for per active interface (access to a solution):
- All users using a specific interface is counted as a single user license (1 SUL).
- Solutions can support multiple anonymous users via multiple interfaces
Light users
Some users will only cost a fraction of a normal user license (1/4 SUL)
- Only read access
- Infrequent users
- Simple solutions