The Ostara CAFM software is classified as “SaaS” (Software as a Service), a software delivery model where software and associated data are centrally hosted in the cloud. This approach has become an increasingly common delivery model for many business applications, including Microsoft Office 365. There are a number of benefits to this approach, and “SaaS” has been incorporated into the strategy of most leading enterprise software companies. One of the biggest advantages of this approach is the potential to reduce IT support costs by outsourcing hardware and software maintenance and support to the SaaS provider.
There are a number of benefits to this approach, for enterprises looking to employ any type of SaaS, and in particular, CAFM software. Firstly, there are practically zero internal IT requirements with SaaS, and therefore a zero cost of ownership, as the software is managed by the provider. The significant result of this for clients is the seamless upgrade process as part of the ongoing subscription charge. Because these upgrades typically occur more frequently and therefore incrementally than on-premises solutions, they have significantly reduced testing and end user acceptance and training costs. In addition, the storing of data through the SaaS model allows for the inclusion of improved disaster recovery, and increased tolerance for minor network interruptions. Ostara also offers integrated external access management, ensuring that clients can manage who can access the Ostara platform.
Protection of customer data from all types of misuse and/or loss is at the forefront of our protection strategy. Ostara takes all reasonable steps to minimize the risk of data loss and equipment failure by maintaining critical applications and preventing unnecessary system downtime.
The data, as highlighted is protected via the Ostara Backup strategy. In addition, the real-time mirroring of all databases provides an added element of security for the customer’s data. A secure FTP site is available, which can be home to a nightly backup of the customer’s specific data to allow for download of the customer’s full data set should it be required.
Cisco firewalls are in place to ensure no unauthorised access is permitted to the Ostara network. User access to data is defined by the client and restricted via the role policies of the application.
The application is encrypted to 128-bit encryption, and all passwords are stored using a one-way salted hash
As well as complying with the Data Protection Act (1998), Ostara has policies in place to ensure customer data is not passed on, and strict areas of demarcation exist within the system to ensure access to data is granted only on a profile/permission basis.
The system is segregated to ensure one client’s data is kept separate from another. All data is stored using a unique client identifier. This key is used for all data requests to guarantee that incorrect data is not transmitted. The key is only provided upon successful application login.
The software runs in an isolated environment, with limited access to invasive infrastructure on the machine it is installed on.
Any documentation uploaded into the system is virus checked prior to making that document available to a user to download.
Data penetration testing is regularly carried out on both the infrastructure and the website.
Ostara has been developed using this architecture to allow all data and system interaction to be restricted behind a service boundary. This means that it becomes almost irrelevant to the consumer how data is persisted behind this boundary, as long as it is.
This abstraction offers a much more scalable model and has become most popular in blue chip organisations following the increased adoption of technologies like Microsoft’s Web Services, REST, WCF and RMI.
Because of this clear boundary, the support requirements fall mainly on the company hosting the service; it is the service provider who determines the server’s power, redundancy, backup strategies and other such IT infrastructure issues.
A system utilising a SOA is simply a window on the data and no business critical information is held anywhere except within the services boundary. In the event of a catastrophic client machine failure or loss, the client can simply plug in another machine, point at the service and resume activity.
Sometimes described as SaaS (Software as a Service), this delivery model allows a reduction in support costs by essentially outsourcing the risks associated with software projects to the company providing the service.