VMsources Secure Cloud SLA applies to (scope) outages related to cloud infrastructure including Compute, Storage and Network components of your Secure Cloud. Reasonable maintenance to be performed during mutually-agreed upon maintenance windows and outside of production hours, will not be factored into downtime calculations and will not result in remediation.

Downtime that is the result of client-initiated Change Management, where that Change Management request was correctly implemented by VMsources will not be factored into Downtime.

Services provided by vendors outside the scope of the Secure Cloud SLA, such as ISP and Hosting facility, are covered directly by those vendors SLA, and remediation/credit will be provided as a direct pass-through from the vendor where and when justified.

• ISP: https://www.cogentco.com/files/docs/network/performance/global_sla.pdf
• Hosting (CoreSite 100% Guarantee): https://www.coresite.com/about/why-coresite

VMsources bills in advance for Secure Cloud, and any remediation/credit due will be automatically applied to the next months invoice. If you think that you are due remediation/credit for outages that are on your invoice, please call for an adjustment.

• Business Continuity Terms
• Disaster Recovery DRaaS
• Fully Managed Backups
• Secure Offsite Backup
• True Offline Backup
• Fixed Cost S3 Backup

Business Continuity FAQ:

• • We charge for actual space used by Backups or Replicas at some of the lowest rates in the industry.
  • We have Veeam Backup and Replication available as SaaS/Rental so you pay only for what you use, while you are using it.

1. 1. The local Backup, the offsite Backup, and the Replica.
   2. Two (2) devices are the local backup repository and the offsite backup repository.
   3. The one (1) copy offsite is either the Replica VM or the offsite Backup.

Business Continuity Terms

3-2-1 Rule

• Three (3) copies of protected Data on at least two (2) different storage devices with one (1) copy located at a secure remote location such as VMsources Secure Cloud

Antivirus

• Antivirus products continually scan for known Virus Signatures on protected systems.
• Antivirus systems can not protect against new vectors (Signatures) which have not been published by the Antivirus vendor.

Auditing and Compliance

• Auditing and Compliance are the processes by which facilities and systems are compared against known standards by Qualified Auditors who then create reports which certify the facility or system is in Compliance with the standards used, or make note of exceptions.

Backup

• A Backup is an indexed archive of systems and data, usually compressed, and which needs to be Restore(d) prior to accessing the archived data.

Backup Copy

• A Backup Copy job sources a (usually) Incremental Backup and copies the data to an alternate location. Backup Copy jobs are the normal source for Offsite Backup(s) and have the advantage of being non-disruptive if it takes many hours to transfer data to an Offsite location such as VMsources Secure Backups.

Backup Repository

• A random-access storage system which can be used as the primary target of a Backup.

Best Effort

• Best Effort represents resources which are not reserved or pre-assigned and may not be available in the event of greater than normal demands on Infrastructure, such as during a large regional Disaster event.

CDP

• Continuous Data Protection (CDP) is near-synchronous Replication of data from source to target.

Cloud Computing

• Cloud Computing provides ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Compute Resources

• The resources required by the active state of a computing system while it is powered on (CPU and RAM).

CPU

• Central Processing Unit (CPU) provides logic, controls I/O and performs all calculations based on information stored in RAM.

Datacenter

• A secure and audited location where Cloud Computing resources are housed.

Disk/vDisk/HDD

•  computer Disk (AKA: vDisk, Virtual Disk, Hard Disk, HDD, SSD) is a non-volatile, random-access storage system on which data is stored.

DR

• Disaster Recovery (DR) is the notion of how an Organization would recover following a Disaster such as physical loss of data (such as in a Fire), logical loss of data (such as in a Ransomware Event) or temporary loss of data (such as during a power outage).

DRaaS

• Disaster Recovery as a Service (DRaaS) is a combination of Service Levels which includes at least Secure Backup and Replication.

DR Plan

• A Disaster Recovery Plan is the written and documented procedure for an organization to recover during / following a disaster.

DR Test

• A Disaster Recovery Test is the execution of the DR Plan sufficient to demonstrate that the Organization could recover following a disaster.

Endpoint Protection

• Endpoint Protection differs from Antivirus in that it looks for specific behaviors which represent suspicious activity on protected systems. When discovered, Endpoint Protection will isolate (“quarantine”) systems until reviewed by an authorized administrator.

• Some Endpoint Protection platforms are comprehensive enough to be considered to be complete Antivirus replacement, while others need to be used in conjunction with traditional Antivirus systems.

Failover

• The process by which Replicated VMs are powered on and prepared for use using alternate resources, such as at a DRaaS Datacenter.

Full Backup

• A Full Backup is an archive of protected data and systems which can exist on its own, without any other supporting files.

Grandfather-Son (GFS) Backup

• Long-term retention of full backups on a schedule (Weekly, Monthly, Yearly).

Hardened / Immutable Repository

• Veeam Hardened / Immutable Repositories are tested and proven by Cohasset Associates meeting the requirements for non-rewritable, non-erasable storage as specified by SEC 17a-4(f), FINRA 4511(c) and CFTC 1.31(c)-(d) – WORM Equivalency.

Hypervisor

• A platform which draws resources from its physical host hardware and allocates those resources to VMs which run as independent and isolated systems.

Incremental Backup

• An Incremental Backup utilizes one Full Backup followed by successive increments of the data which contain only the portion that has changed since the preceding Incremental Backup. When a Restore is needed, the restoration process requires the last Full Backup plus all the Incremental Backups until the point of restoration.

MFA

• Multifactor Authentication (MFA) is a process which requires external validation, in addition to the username/password combination. The most common form of MFA is 2FA (2 Factor Authentication) which sends a “push” notification or uses a hardware hey in addition to the username/password combination to validate users.

Offsite

• To a geographically separated location, usually with a minimum distance requirement of 100 KM., but possibly much more depending on: Power Grids, Flood areas, Geologic earthquake zones and much more.

Onsite

• To the same location as active Workloads and mission-critical data.

Pool

• Shared resources, such as IP addresses, CPU, RAM and Disk which are assigned Best Effort.

RAM

• Random Access Memory (RAM) stores volatile data which can be accessed and changed frequently while a computer system is powered on.

Replication / Replica

• Replication provides a ready-to-run (immediately accessible) Replica copy of a Virtual Machine at an alternate location. The primary advantage of Replication is that Replicated systems require no Restore prior to being accessible.

Restore

• The process of extracting data from a Backup and placing that data in a location where it is accessible. The Restore process is often time-consuming, depending on the format of data and systems used.

Restore Points

• A Restore Point is the state protected by a Backup Job each time it runs.

Retention Policy

• Retention Policy is the number of Restore Points which will be kept.

RPO

• Replication Point Objective is the time between Replication cycles that occurs in Asynchronous Replication. When met, the RPO is the maximum period of data loss to be expected.

RTO

• Recovery Time Objective (RTO) is the amount of time for systems to be functional after a disaster, including the time required to update public DNS and other service pointers. RTO can vary from just a few minutes for DRaaS protected systems to many hours for systems which need to be restored from Secure Offsite Backup

S3 Object Storage

• S3 Object Storage systems may be deployed to retain bulk or long-term Backups which were created targeting a random-access repository. S3 Object Storage is not suitable for random-access or transactional data, and cannot be used as the first generation of a Full Backup or Incremental Backup because it does not support the locking and sharing mechanisms needed to maintain a single, accurately updated version of a file. 

Can you rely on your vendors to honor their Service-Level Agreements to the letter?  Or do you often encounter resistance and hedging when initiating an SLA claim?

We think SLAs should be easy to understand, and even easier to remediate.  That's why we offer an unparalleled SLA, which we guarantee is more client-centric than any other SLA offered by any Cloud Compute provider--including the Big Cloud!

With most providers, Four Nines is the goal and you only achieve real remediation at Two Nines (AKA: 99% or 1.68 hours downtime) and even when it's obvious, you still have to apply for service credits, which require you document the outages to the never-fulfillable satisfaction of the provider!.

Our Secure Cloud SLA applies to (scope) outages related to cloud infrastructure including Compute, Storage and Network components of your vCloud. Reasonable maintenance to be performed during mutually-agreed upon maintenance windows and outside of production hours, will not be factored into downtime calculations and will not result in remediation.

NOTE: Downtime that is the result of client-initiated Change Management, where that Change Management request was correctly implemented by VMsources will not be factored into Downtime.

NOTE: Services provided by vendors outside the scope of the vCloud SLA, such as ISP and Hosting facility, are covered directly by those vendors SLA, and remediation/credit will be provided as a direct pass-through from the vendor where and when justified.

• ISP: https://www.cogentco.com/files/docs/network/performance/global_sla.pdf
• Hosting (CoreSite 100% Guarantee): https://www.coresite.com/about/why-coresite

Organizations need to enjoy complete trust with their vendors. We are so confident in the quality of our services that we are making a bold offer: 90 Days Free! Simply contact us for a quote and we'll get you set-up with 2160 hours of free services, including all of the Concierge support and assistance from the VMsources Team that we include for all of our clients.

Cloud Security relies on order, but that order must come from the intelligent application of principles and standards, as opposed to the endless creation of highly specific rules. 

Let our team will assist your team in understanding the principals of ITSM Cloud Security and Vulnerability Management at a fundamental level.

Download our Intellegent Security PDF: View PDF