+3

XTRF Summit - Everyday Risk Management

Marcin Jakubowski 5 months ago in Something Else updated by mark 4 months ago 5

I have been asked to carry out the Friday presentation about "Everyday Risk Management - Data and Business Continuity" at XTRF Summit.

I'm a maintenance manager at XTRF, responsible for our Cloud infrastructure and ISO 27001 compliance. I though that instead of sharing our "success story", as it is often done on such events, I could address your actual issues.

Do you have any questions for me? Are there any particular issues related to this topic that I should discuss? What would you like to hear about?

+1

Even though I will not be present, I would appreciate more admin rights as a cloud customer. When we self-hosted XTRF, we were able to revoke licenses (kick out inactive users) and set idle timeouts. These actions are not possible as cloud users, but are very useful to properly manage our floating licenses.

Furthermore, I would appreciate an uptime monitor for our cloud instance. We had that set up when we self-hosted. The monitor was connected to an alert system that notified the admin as soon as the XTRF instance was down for more than a minute. This allowed the admin to act before the complaint emails came in, which creates unnecessary correspondence for the PMs.

+1
we were able to revoke licenses (kick out inactive users)

I took a look at this issue, and this should be fixed in next 8.3 release.

and set idle timeouts

This is already possible since 8.3.10: https://xtrf.userecho.com/communities/4/topics/1564-8310

I would appreciate an uptime monitor for our cloud instance.

Obviously we have one, but for our internal needs. It shows a 0% unplanned downtime for this year for your instance, so I think there is no need to worry about complaints. If you need such tool for yourself, I recommend checking https://uptimerobot.com/ as we are not currently planing to open our monitoring system.

+1

Thanks, Marcin, for the precise answers. Since you have an uptime monitor for your cloud customers, can I suggest you make it available as part of your Self Service Portal for cloud customers? Not only does it provide much appreciated transparency to us as customers, but that way we don't have to go looking for our own separate solutions for information you already have available. That customer service would make our lives easier.

I fully agree here. We have had times when we couldn't access XTRF and being able to access to an uptime monitor would help us know what type of errors we need to troubleshoot before contacting you all.

+1

Regrettably, I will also not be there. However, I would love to see a presentation that outlines 


1) How XTRF ensures no unauthorized access to client business data 

2) Best security protocol practices for users to implement on our end

3) Best security practices for working with linguists

4) Strategies for communicating with clients about XTRF security issues


This is just off the top of my head. But I'd love to learn more about these... It's a topic that always comes up for us.