Our Partners close more business.

Use these powerful resources to win more business, faster, with less effort.  
Call 877-411-2220 x121 for personal support with any opportunity.

RESET SEARCH

Hosting Quote Estimator

GET a FREE Sandbox or Trial Environment NOW

How To Use This Tool:  

To find answers to common RFP and RFI questions, select a tag, or, search for terms like "security", "performance", etc.  You will find common questions and answers grouped together in one record.  Follow the tag links to refine your search.  Supporting downloads and documentation are available, below.

Please login to obtain download access to additional supporting documentation.  Registered users can also contribute to the database.  You can request access by Contacting Us.

Supporting Documents

Please note that assets with generic thumbnail require login for access.  If you require access please Contact Us.

Name  Size 
Omegabit - Why Hosting Liferay is like Airplanes 29MB
Omegabit Brochure.pdf 5.7MB
Omegabit Disaster Recovery PlanTOC.pdf 206k
Omegabit employee-handbookTOC.pdf 158k
Omegabit Generic SOW-SLA_GENERIC_for_PDF.pdf 2.5MB
Omegabit Information Security Questionnaire 2.1.docx 178k
Omegabit IT Security TOC.pdf 270k
Omegabit IT_DisasterRecoveryPlan_2.3-detailed-preened.pdf 470k
Omegabit Org Chart6-17.pdf 16k
Omegabit PerformanceOpt16-17.pdf 158k
Omegabit Security16-17.pdf 210k
Omegabit Value Proposition.pptx.pdf 3.6MB
SOC 2 Type 2 - Digital West - 2016 - FINAL-1.pdf 958k
Why Omegabit Liferay Hosting.pdf 762k
 

© Omegabit LLC, 2023

Enter a Search Phrase or Select a Tag


Content with tag contingency planning .

Event and Incidence Response

Q:

Is there a plan for Incident Response?

Do you employ an automated mechanism to integrate audit review, analysis, and reporting process to support incident response, continuous monitoring, contingency planning, and audit?


A:

This is documented in Omegabit Disaster Recovery Handbook, Section 1.1 to 1.4 and Section 2.3 ref: Omegabit Disaster Recovery Plan TOC

We consider any intrusion to be a "Severity I" class event.  Which, per our SLA requires a response time of <2hrs.  In reality, our 24x7 operations staff will respond to any Severity I event the instant it is detected.  I've attached  boiler-plate/generic copy of our SLA and am happy to produce a named/completed version for a given stack if of benefit (this one calls out "sticker" and a la carte pricing and is OK to share as-is).  


In the event of any detected incident, including known breach or ongoing security intrusion, performance degradation, major change in performance profile, etc., notice is provided to the customer as soon as practical. Typically, within minutes provided we are not actively triaging and providing emergency responding to the issue.  We consider the ownership of security related issues to be a joint-responsibility along with the application sponsor.  Because, in many cases the risk may be specific to the customer's implementation of the portal, and we must be in communication with the owner to permanently resolve the issue if not to triage and block it, temporarily.  A 24hr point of contact with the customer is preferred for emergency incident notification, which can include email and telephone contact depending on severity and customer preference.

 

Yes, for specific audit log event analysis we use a combination of tools including but not limited to Splunk and Dynatrace SaaS; additional software subscription and fees apply for a dedicated implementation of reporting facilities for Client use and self-reporting.


No comments yet. Be the first.
7/14/17 disaster recovery incident response disaster recovery plan audit review contingency planning