Frequently Asked Questions

From H2Know-how Manual

What are the software requirements for using H2knOw-how?

H2knOw-how is a fully cloud-based platform built on the exciting features found in modern browsers. All you need to use H2knOw-how is one of the browsers shown below:

  • Google Chrome - latest (Recommended)
  • Internet Explorer 10+
  • Mozilla Firefox - latest version

What does the monthly service fee cover?

The monthly service fee covers platform maintenance, data storage, data backup, and standard email and telephone support during normal working hours (Monday through Friday 8 am to 5 pm). We will endeavour to answer queries as quickly as possible and all questions will be responded to in the same day with an estimate of time to complete if applicable. A few examples of typical response times are shown below:

  • User question on functionality < 1 day
  • Layer layout change – 1-2 days
  • Asset data attribute field addition – 1-2 days
  • Bug report – depending on complexity and severity it will usually be included in our weekly release. If it hinders standard functionality we will make all effort to release a bug fix or consult on an alternative methodology within 1 day.
  • Funded feature Request – 1 week (depending on the complexity)

The monthly Fee is subject to change depending on the addition of advanced user modules and level of support required. The platform use, including confidentiality of data, is based on our standard Terms of Use.

Where does H2knOw-how store my data ?

All data hosted by H2knOw-how is stored online and kept in the Amazon Web Services (AWS) secure cloud computing environment. We currently utilise AWS data centres in Sydney and Ireland with the capability to replicate into any world wide zone as required. The AWS environment that hosts the H2knowhow services maintains multiple certifications for its data centers, including ISO 27001 compliance, PCI Certification, and SOC reports. For more information about their certification and compliance, please visit the AWS Security website and the AWS Compliance website.

Who owns the data stored in H2knOw-how ?

All data hosted for each client is solely owned by the client unless the data (i) was in the public domain prior to the time of disclosure; (ii) becomes publicly available other than through unauthorised disclosure; (iii) is already in the possession of us free of any obligation of confidentiality at the time of disclosure; or (iv) is independently developed by us.

We will not disclose any confidential information to any third party without obtaining prior consent. More confidentiality information is available in our standard Terms of Use.

Is the data secure ?

We take security seriously here at H2knOw-how. Every person and organisation using our service expects their data to be secure and confidential. We understand how important the responsibility of safeguarding this data is to our customers and work to maintain that trust.

User Security

User data in H2knOw-how is logically segregated by account and role based access rules. User accounts have unique usernames and passwords. H2knOw-how issues a session cookie for authenticated users. This cookie does not include the password of the user. All user passwords are salted and hashed.

Physical Security

All H2knOw-how systems are hosted on Amazon Web Services (AWS), which is a highly secure world class cloud computing platform.

Network Security

Our system architecture follows industry best practice, with only our web tier accessible on the public internet. Application & Database servers are inaccessible from the internet. Communication between servers is firewalled on a least privilege necessary basis. Management of these servers is restricted to our VPN.

Application Security

We follow industry best practice for Web application security. All public web applications are SSL secured, and access tokens are generated securely by IdentityServer3. Our key employees are trained in Web Application security and auditing. Our domain has an A rating from the Qaulys SSL test

Security Testing

Our application undergoes penetration testing for the typical classes of vulnerability.

How is the data backed up ?

All data stored online by H2knOw-how is kept in the AWS secure cloud computing environment. AWS will use commercially reasonable efforts to ensure the availability of the environment with a Monthly Uptime Percentage of at least 99.95%, more information is provided in the Amazon EC2 Service Level Agreement

In addition to AWS SLA we implement to following backup and recovery strategy to ensure data reliability

  • Regularly backing up our compute instances utilising AWS snap-shot tools.
  • Continual backup with the ability of point-in-time recovery of core databases.
  • Critical components of H2knOw-how are deployed in multiple Availability Zone.
  • Actively monitor and respond to events.
  • Ensure we are prepared to handle fail over by regularly testing the process of recovery.

What if I forgot my password ?

If you enter an incorrect password in the login dialog a message will be displayed informing you that an invalid username and password combination has been entered. Below the error message an option to reset your password is provided (see image below) if you click on this link a new password will be auto-generated and sent through to you via email. It is advised you change the auto-generated password once access has been granted using the user administrative page

ForgotenPassword.pdf

How do I change my password ?

All users have access to the Administration page where they can manage their own account including changing their password. If the user is an Access Administrator they will also be able to manage other accounts for their projects through the Administration page .