Security and Reliability |
 
|
Security and Reliability |
|
As cloud computing is still relatively new, many prospective users often express concerns over the security and reliability of the cloud platform. This section should help to alleviate some of those concerns, but if you have any further questions, please contact Wood via sw.support@woodplc.com.
•Any data which you upload to the cloud platform is encrypted in transit between your web browser and the cloud machine.
•The data on the cloud machine itself is not encrypted, but when you terminate your session, the machine is destroyed and any data added or created by you on the local drives is destroyed. The storage associated with an active session is known as ephemeral storage, because it reverts to its initial state once the user session has finished. The maximum time limit for each user session is 72 hours, after which point the session will automatically terminate, and all data on the cloud machine is automatically deleted at that point.
•Data stored in a 'Home Folder’ is encrypted at rest and persists after you have logged off from the portal. Each user account comes with its individual persistent storage, which is not visible to other users.
•The systems administrator in Wood has administrative privileges on the cloud platform, and therefore has access to the files which all users have placed in their Home Folders. This is a necessary prerequisite associated with establishing the cloud platform for each customer organisation. However, Wood undertakes never to view or download any customer data under any circumstances.
•Each customer organisation retains the intellectual property rights over their data. Wood fully respects these ownership and confidentiality rights. The situation is similar in some respects to the technical support service provided for desktop software licenses - customers are often required to submit sample input files to allow our technical support team to investigate issues with software models. Data received in this manner is treated confidentially and securely by Wood.
•The cloud service provider actively monitors the machines in your fleet (how many are in use, how many are available etc.). The number of hours spent on active sessions is also continually monitored. This is necessary to facilitate accurate billing.
•Wood's systems administrator can see who is logged on from your organisation, but cannot see what any individual user is doing on their cloud machine.
•Wood undertakes never to perform any form of data analytics whatsoever on customer files.
Ideally it should happen very rarely but cloud service providers can experience unplanned outages, service disruptions and outright downtime. Naturally this lies outside of Wood’s control, but we have contingency plans in place.
•The cloud platform service provided to your organisation is covered by a service level agreement between Wood and the cloud service provider. The cloud service provider targets a monthly up-time percentage of at least 99.9%.
•Regarding the permanent storage, the 'Home Folders' are designed for high durability. The files are redundantly stored on multiple devices across a minimum of three data centres in a geographical region. This service is designed to sustain concurrent device failures by quickly detecting and repairing any lost redundancy, and they also regularly verify the integrity of your data using check-sums. The cloud service provider assumes responsibility for this aspect.
•In the unlikely event of prolonged unavailability of the cloud server, Wood can provide alternative solutions:
oAs a first option, Wood would look to establish a similar capability in a different region of the cloud if possible.
oAlternatively, replacement desktop licenses may be provided at short notice. For example, if you have 5 authorised users on a cloud platform which offers a 32-CPU machine, Wood can provide a temporary replacement 5-user network license with 32-CPUs enabled. The license entitlements can be authorised via an internet connection, avoiding any time consuming set up of on-site security dongle. Note however that the customer organisation would need to have the necessary hardware available locally to replicate, or partially replicate, the computational power available via the cloud platform. Replacement desktop licenses have a one-week duration after which point they will expire.
•Finally, software users are advised to maintain a copy of their Flexcom input files on a local desktop machine. If the cloud server were to collapse during an active user session and the temporary storage lost completely, the user would still be able to reproduce the Flexcom output files in a subsequent cloud session.