FileHold Cloud

Image
FileHold Cloud

The FileHold Cloud or hosted solution is attractive to many organizations who lack internal IT resources and want FileHold to manage implementation and support. Cloud deployments can be acquired via a pay per user subscription with the option to cancel at any time. In this program FileHold will provide the server hosting, the software application and any support needed to make the installation successful. The FileHold Cloud can be installed in an Azure cloud hosting facility in your country of choice. Your documents can be retrieved from the cloud with a few simple keystrokes.

FileHold Cloud is enterprise-grade software with a minimum deployment of 5 users. FileHold can scale to thousands of users and store millions of documents. The cost of the FileHold software varies depending on the number of users and optional features purchased, the FileHold Cloud program fees include hosting, backup, and upgrades. The FileHold implementation team has document management expertise and provides complete services including document scanning, workflow set-up, library design, and consulting.

To get a detailed quote on FileHold Azure Cloud subscription contact [email protected].

Microsoft Azure hosting - Always up, always on

The Azure hosting environment consist of an infrastructure of hardware, software, network, and storage resources. These environments handle resource management and automatically manage the lifecycle of a hosted service based on defined requirements. The Azure hosting environments offer a 99% or greater monthly availability which will ensure that a customer gets a highly available application without focusing on the infrastructure. Azure provides automatic OS and service patching, resiliency to hardware failure. Azure and FileHold support a deployment model that enables upgrades to your application with minimal downtime. To learn more about the Azure hosting environment go to https://azure.microsoft.com/en-us/overview.

Image
Filehold Cloud Features
FileHold Cloud Features

About Azure security

With industry-leading compliance and privacy certifications to built-in security controls and unique threat intelligence, Azure has everything you need to identify and protect against rapidly evolving threats.

  • Start with a secure foundation. Reduce costs and complexities with a highly-secure cloud foundation that takes advantage of multi-layered security provided by Microsoft.

  • Streamline your compliance and enable business transformation. Use built-in controls, configuration management tools, implementation and guidance resources, and third-party audit reports to simplify your compliance needs.

  • Detect threats early. Identify new threats and respond quickly with unique services informed by real-time global cyber-security intelligence delivered at cloud scale.

Security and compliance

  • GDPR Compliance. FileHold, through Microsoft, is GDPR-ready. FileHold shares the Microsoft policy on compliance. Azure employs a shared-responsibility model between the customer and Microsoft. Microsoft is responsible for the platform including services offered, and seeks to provide a cloud service that can meet security, privacy, and compliance needs. Customers are responsible for their environment once the service has been provisioned, including their applications, data content, virtual machines, access credentials, and compliance with regulatory requirements applicable to their particular industry and locale. Azure incorporates all the necessary safeguards to ensure GDPR requirements can be satisfied.
  • Data at rest is automatically encrypted server-side. All Managed Disks/Snapshots/Images and new data written to existing Managed Disks are automatically encrypted-at-rest with keys managed by Microsoft. Data in Azure Storage is encrypted and decrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available, and is FIPS 140-2 compliant. Azure Storage encryption is similar to BitLocker encryption on Windows. Encryption doesn't affect performance and it doesn't have any extra cost. Azure Disk Encryption is used to encrypt Windows VM disks. Disk Encryption combines the industry-standard Windows BitLocker feature to provide volume encryption for the OS and the data disks.
  • Security. Microsoft provides a secure VPN to connect to Azure, so any data uploaded to, or downloaded from, Azure is encrypted and all data stored in its cloud instances are encrypted. Microsoft Azure also provides continuous monitoring and threat and incident management.
  • Access Control. GDPR requires access controls to be implemented to limit who can access to personal information. Azure offers these controls and uses Active Directory to allow permissions to be set. Multi-factor authentication can also be added.
  • Audit. Audit controls are also necessary for GDPR compliance. Azure includes detailed logging, so administrators can see who accessed or attempted to access protected health information.
  • Privacy. Policy driven common controls, certification on ISO 27018. There is a dashboard to track how well company is adhering to ISO 2700 and GDPR controls.
  • Breach and Notification Rules. Upon becoming aware of a Security Incident involving PI, Microsoft will report the Security Incident to the emergency contact or administrator(s) of the affected Azure subscriptions. Microsoft will report any information it has developed on PI involved in a security breach within 30 days after discovery of the breach.
  • Antivirus Scanning. Azure offers free real-time protection via anti-malware. It's built the same as Microsoft Security Essentials with Windows Defender. It runs in the background without human intervention. Alerts are given when known malicious or unwanted software tries to install itself or run on our Azure systems. However, FileHold has no control of what gets uploaded by the customer and no way of knowing if the AV is in place will catch problems.

Additional resources

GDPR Whitepaper: https://gallery.technet.microsoft.com/How-Azure-Can-Help-788a4979

GDPR compliance best practices: https://www.microsoft.com/en-us/trust-centre/privacy/gdpr-overview

On-premise vs Cloud comparison

FileHold Feature Description On Premise   Hosted
Traditional server-based software that is installed in your infrastructure and maintained by your local IT resources X  
Installed on a hosting "Cloud" service and not installed or maintained by IT resources   X
Share documents across multiple offices, companies, and public X X
Securely stores documents X X
Store all document types in a central repository X X
Search instantly to retrieve documents X X
Accessible via the rich desktop client and web browser X X
Microsoft Office integration X X
Work online or offline X X

Microsoft Active Directory synchronization requirements

  • Static IP
  • Firewall that supports a dedicated tunnel
  • Firewall that supports IKE V1 or V2

Client workstations

See the system requirements for client workstations.

Cloud-based document management system FAQs

Yes, The FileHold Azure Cloud is a complete IT and hosting solution.

Yes, each installation is in the customers country of choice.

Yes, there are very easy document export tools available.

Yes. This includes any type of device (laptop, tablet, smartphone) that has access to the internet.

Yes a customer can make their own hosting arrangements and provide a server that meets FileHold server requirements. The customer is responsible for managing this environment and not FileHold.

A cloud customer can choose to move the system to an in-house server if circumstances change. Read a case study on moving to the cloud and back.

Cloud backup FAQs

Yes, the Azure Recovery Services Vaults are set to be locally-redundant. Additional information about the Azure RSVs can be read here: https://docs.microsoft.com/en-us/azure/backup/backup-azure-recovery-services-vault-overview

Backups are performed daily. In the graphic below, a typical set of backups and retention for a customer’s application server in FileHold Cloud is shown. There is a quick Snapshot taken for the server for the last 2 days and 14 days of application consistent backups stored in the vault. There is one monthly for 12 months and yearly for 10 years. This particular example has 11 months of restore points under that retention scheme.

Image
Azure restore points

Customers do not have direct access to the backups. FileHold will need to restore the backup for you for a nominal cost. The backups are stored in a Recovery Services Vault under our Azure tenant.  If you would like a copy of the backups please see the information below on Offsite Exports.

There is no option to export a backup out of the Recovery Services Vault. Instead, FileHold offers an offsite export of the two VHDs that make up the application server (main application server and repository) and an export of the Microsoft SQL backups. There is a $500 per incident fee for this service. A FileHold technician will temporarily take the application server offline in order to make the download available and then bring the Cloud server back online. Customers often choose this export of backup data on semi-annual basis for disaster recovery peace of mind.

With these VHD backups, a VM in Hyper-V can be setup and both disks can be attached. The Microsoft SQL databases can also be attached.

FileHold has two stages of deletion. In the first stage, the soft delete stage, an administrator can retrieve the file from the FileHold "recycle bin". Documents can be in the soft delete stage for up to 1000 days. If the document moved into the second stage, the permanent delete stage, documents can no longer be recovered from the recycle bin. In this case, the FileHold Cloud support team would need to recover the document from a backup. There would be a professional service fee in the event that a file needed to be recovered from a Cloud backup.