Skillsoft Cloud Operations (CO) Services Percipio Hosted ...

[Pages:29]Skillsoft Cloud Operations (CO) Services Percipio

Hosted in the US

Revision History

Date

Version

Description

7/15/2017 5/7/2019 2/10/2020 5/6/2020 7/7/2021

1.0

Description of the Cloud Operations and the Private Cloud

1.1

Updates to backup/Restore

1.2

Data Protection at rest

1.3

AWS Migration/Hosting

1.4

Annual review and updates

Table of Contents

Revision History Introduction Percipio Application Description Percipio - application architecture PII and other user data Enhanced Learning Synchronized Assistant (ELSA)

Author

Cloud Ops. Cloud Ops. Cloud Ops. Cloud Ops Cloud Ops

1 6 6 8 9 9

1

Load Balancing

10

AWS Hosting

10

Network Device Control

10

Description of the network, routers, switches, firewalls

10

Control Program Management

11

Restart and recovery procedures

11

Restriction on system access

11

System documentation

11

Protection from unauthorized access

11

Data Protection Procedures

12

Data Protection at Rest

12

Overall backup strategy

12

Backup Schedule

13

Backup Media Retirement

14

Backup Verification

14

Data Recovery

14

Restoration Requests

14

Incident Management

15

Slowness in Applications Performance

15

Security Breach Management

15

Process for communicating back to customers

15

Systems Recovery from a Service Affecting Event

15

Hardware Failure

15

Application Malfunction

16

Network Loss

16

Impaired Application Performance (i.e., latency)

16

Trusted Recovery

16

2

Disaster Recovery

16

Compliance with Standard Architecture

16

Change Management - Roles and Responsibilities

17

System Configuration - Management

17

Change Process, Testing and Approval Process

18

Configuration and Security Specification

18

Con figuration Control

18

Security, Accounts and Password Management

18

Password Management

18

Password Expiry

18

Password Length and Complexity

19

Password Protection

19

Physical Security Description

19

Environment - Security Description

19

Systems - Security Description

19

Personnel - Security Management

19

Employee Laptops and Mobile devices encryption

20

Access to the Private Cloud Environment

20

Remote Access to the Private Cloud Environment

20

Third Party Annual Penetration Test

20

Vendor, Technology and Platform Disclosure

21

Planned System Maintenance

21

Emergency Maintenance

21

Maintenance Schedule

21

Security Management

22

Wireless in the office

22

Production Code ? Change Control

22

3

Product Development

22

QA Processes

22

Qualif ication Processes

22

Software Rollout into Production

23

Patch Management and Version Management

23

SW Engineering ? Change Control

23

SW Engineering Process

23

Access to Source Code

23

Software Release Process

23

Patch Management ? Process Description

24

Software

24

Security and Network Devices

24

Account Controls

24

Access to Systems

24

Access Management

24

Boundary Def enses

24

Firewalls

24

Intrusion Detection Prevention (IDP)

25

Intrusion Prevention System (IPS)

25

Connection to the Public Internet

25

Audit Trail Protection

25

Logs Management

25

Report to customers regarding a security violation incident

25

Data Retention and Protection

26

Customers' Data - Storage

26

Customers' Data - Protection

26

Password Storage

26

4

End- User Access Methods

26

Personnel management

26

Roles and Responsibilities

26

Employee Background Checks

27

Dedicated Cloud Operations Team

27

Expertise Description

27

Personnel Training

28

Capacity Management

28

Third Party Service Providers

28

Fastly

28

Accredible

28

Practice Labs

28

5

Introduction

Skillsoft offers Percipio via the Software as a Service (SaaS) Model. Percipio is accessible via the web alleviating the complexities involved in managing a web application that must be accessible over the Internet worldwide, 24/7/365.

The SaaS model our customers' IT Management no longer needs to worry about:

?

Hardware costs

?

Software Licensing costs

?

Application monitoring

?

Creation of in-house expertise to support the eLearning solution

?

Dealing with application and content upgrades

?

Allocation of IT staffing to perform recurring maintenance

?

Security management for the application

?

Backup/Restore management

?

Augmentation of helpdesk staffing

Skillsoft Cloud Operations (CO) have developed policies and processes to ensure application performance while maintaining the highest security standards. Following, is the description of these processes and the overall Cloud Operations services provided by Skillsoft. For companies that are restricting the IP addresses that can be accessed from within the company, Skillsoft will provide a range of IP addresses that will have to be open for the Percipio application to work properly. More information on the IP ranges can be provided by the Account Team that supports the customer account.

Percipio Application Description

Percipio is a web application developed on Micro Services architecture. The application uses Amazon Elastic Kubernetes Service (EKS), Docker containers, Kafka, Kubernetes, PostgreSQL databases, and Cassandra database for reporting and analytics and other technologies that are popular in the Micro Services Architecture. The Percipio application uses Java and Ruby at its core. The application uses the PostgreSQL database to store various configuration parameters as well as student credentials and student progress records. Customers are segregated in the PostgreSQL database by an organization key unique to each organization.

6

Percipio application uses multi-tenancy by unique identifier. All Customers use the same database and schema, but the rows of the table have a unique OrgID which is used in retrieving data for an organization. Within an organization there is a unique UserID which is used (in certain cases) to further filter the data to a single user.) The unique identifiers are generated using the UUID v4 format () ? These identifier are randomly generated by software libraries complying with RFC4122 (). The chances of guessing one of them is next to zero ()

7

Percipio - application architecture 8

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download