NNT Software as a Service (SaaS) FAQs
Define Security as a Service (SaaS):
SaaS is a method of software delivery that allows data to be accessed from any device with an Internet connection and web browser. NNT will host and maintain the servers, databases and the application as if it were running in your own data center.
Biggest differences between on-premise and SaaS?
- On-Premise: software is typically purchased through a perpetual license, meaning buyers own the license to the software and operate it on-premise. As part of this model customers also pay a per year cost in maintenance and support fees.
- SaaS: end users do not host the software, and instead, outsource their IT responsibilities to NNT to maintain the software.
What are the key benefits of SaaS?
- Flexible payment options: organizations no longer have to purchase software or hardware and are now able to spread out the costs over time.
- Faster time-to-value: rapid deployment and implementation of the software solutions.
- Ease of use and accessible anywhere: organizations have the ability to access the application from any PC console from any location.
- Scalability: enables businesses to easily expand for future IT needs and requirements at a moment's notice
-
Security: all updates and upgrades are managed; pre-existing disaster
recovery protocols are in place to manage potential system failures
How does pricing for SaaS compare with on-premise?
SaaS allows buyers to pay an annual or monthly subscription fee, which includes software license, support, and most other fees.
On-premise considerations when hosting your own software application include but are not limited to the expensive things like:
- Hardware and OS licenses, Hardware Refresh and Scaling, Monitoring, Patching, Bandwidth, Facilities including Power and Cooling, Application/ Database Management, Process Management for Configuration Management, Change Management, Release Management, Deployment and technical HR resources, Security Logging and Management, and more.
Are there any hosting requirements and/or certifications necessary to comply with NIST and other regulatory compliance standards?
The NNT hosting platform meets the standards set forth by most regulatory standards for IT systems and management.
What kind of audits do NNT's SaaS solutions undergo?
The NNT hosting datacenters undergo annual SAES Audits along with other audits which meet or exceed most audit requirements required by the most highly regulated industries.
Where are SaaS solutions from NNT hosted?
Eastern U.S. and Western U.S. - Geographically diverse datacenters using hyper-convergence technology that delivers world-class server performance and with high-availability.
What is the support model like for a SaaS solution?
NNT SaaS services provide 24 x7 x 365 support for the hosting availability of the application and service.
SaaS makes sense for smaller companies, but how does it work within a larger enterprise?
Actually, larger enterprises often have a solid understanding of the cost per server to host on-prem and understands the cost savings and economics of utilizing a SaaS-based solution.
Does the NNT solution utilize a VPN for secure communication between hosting facility and customer?
This is not required as the NNT change tracker SaaS supports Https 256 bit encryption for the communication with devices and the server clients. However, in some cases, a VPN may be requested or required and NNT SaaS solution can include a VPN option.
Is there a single tenant hosting option separated from that of other customers?
The NNT SaaS solution can provide a single tenant install.
Who manages the application on the backend and what policies are in place to thwart insider breaches?
NNT SaaS option includes the security management of the systems and applications running the NNT solution. The hosting uses proven best practices in Cybersecurity utilizing the best of breed security solutions including NNT Change Tracker, patching, server hardening, IDS, firewalls, SEIM, along with configuration, change, and release management practices to ensure complete system integrity and a secure computing is intact at all times.
Can NNT provide Service Organization Control (SOC) 1 and/or 2 Reports, related to design and effectiveness of financial reporting controls?
Yes, the NNT SaaS can provide the necessary and required documentation.
What level of technical support is included in NNT's SaaS service level agreement (SLA)?
NNT's SLA includes 24x7x365 support with a minimum 99% guarantee of uptime.
Does NNT scan and/or test for vulnerabilities in our SaaS, and if so, how quickly are any identified vulnerabilities remediated?
We routinely scan for vulnerabilities on a monthly basis.
How and when will NNT notify me about any scheduled maintenance?
NNT will provide a scheduled maintenance window for non-emergency patches and a target outage window not to exceed 2-hours for emergency maintenance and patching.
Do you have a documented process for how system, application, and data backups are performed?
Yes, NNT provides no less than 1-day full backup retention and restoration with options to shorten backup frequency to as short as 1-hour.
How do you secure access to your data facilities where customer data will be stored?
NNT offers encrypted access via either SSH or VPN.
Is there a disaster recovery (DR) strategy in place? How frequently is it tested?
Yes, a DR plan is in place and is tested annually.