Attachment – Applications

PRIVATE AND CONFIDENTIAL

Attachment – Applications

Applications hosted by Customer (On-Premises)
1. Server Management
  1. Access to the server will be required for management
    1. Active Directory Domain Admin Account (where applicable)
    2. Local Administrator Account
    3. Application Admin Account
    4. Server Rack Key Access
    5. RDP Access
2. Application Management
  1. Application knowledge based should be provided by Application Provider
  2. Application APIs should be made available by Application Provider
3. Security Management
  1. Role Based Access Control where Application allows.
  2. Endpoint Protection should be installed on the server hosting the application.
  3. Patches and Upgrades should be performed monthly.
  4. Audit and Syslogging should be enabled where Application allows
4. Backup and Restoration
  1. Daily/Weekly Backups should be enabled.
  2. Offsite backups should be enabled.
5. Application Support
  1. Licenses with Application Provider should be valid and renewed.
  2. Application invoices should be retained for license validation.
  3. Contact email and number should be available for support escalations.
Applications hosted by Customer (Cloud)
1. Server Management
  1. Access to the cloud server will be required for management
    1. Local Administrator Account
    2. Application Admin Account
    3. RDP Access
2. Application Management
  1. Application knowledge based should be provided by Application Provider
  2. Application APIs should be made available by Application Provider
3. Security Management
  1. Role Based Access Control where Application allows.
  2. Endpoint Protection should be installed on the server hosting the application.
  3. Patches and Upgrades should be performed monthly.
  4. Audit and Syslogging should be enabled where Application allows
4. Backup and Restoration
  1. Daily/Weekly Backups should be enabled.
  2. Offsite backups should be enabled.
5. Application Support
  1. Licenses with Application Provider should be valid and renewed.
  2. Application invoices should be retained for license validation.
  3. Contact email and number should be available for support escalations.
Applications hosted by 3rd-Party (On-Premises)
1. Server Management
  1. Access to the server will be managed by 3rd Party
  2. Access will be granted to 1Cyber on case-by-case basis as required through escalation.
2. Application Management
  1. Application will be managed by 3rd Party.
3. Security Management
  1. Role Based Access Control will be managed by 3rd Party.
  2. Endpoint Protection will be managed by 3rd Party.
  3. Patches and Upgrades will be managed by 3rd Party.
  4. Audit and Syslogging will be managed by 3rd Party.
4. Backup and Restoration
  1. Daily/Weekly Backups will be managed by 3rd Party.
  2. Offsite backups will be managed by 3rd Party.
5. Application Support
  1. Licenses with Application Provider should be valid and renewed.
  2. Application invoices should be retained for license validation.
  3. Contact email and number should be available for support escalations.
Applications hosted by 3rd-Party (Cloud)
1. Application Management
  1. Application knowledge based should be provided by Application Provider
  2. Application APIs should be made available by Application Provider
2. Security Management
  1. Role Based Access Control where Application allows.
  2. Endpoint Protection will be managed by Application Provider.
  3. Patches and Upgrades will be managed by Application Provider.
  4. Audit and Syslogging will be managed by Application Provider.
3. Backup and Restoration
  1. Daily/Weekly Backups will be managed by Application Provider.
  2. Offsite backups will be managed by Application Provider.
4. Application Support
  1. Licenses with Application Provider should be valid and renewed.
  2. Application invoices should be retained for license validation.
  3. Contact email and number should be available for support escalations.