# Startup FAQ

Different aspects to consider before getting started with a new project

# Hosting

TS recommends using hosted cloud servers, but on prem setup is also possible.

Read about [Requirements](https://docs.tsnocode.com/books/server-maintenence/page/requirements "Requirements") if you want to install your own server.

# Data handling

### <span class="mw-headline" id="bkmrk-storage-and-backup-1">Storage and backup</span>

You can choose between

- On premisis (customer location)
- Cloud hosting

Cloud hosting will be handled on Amazon Web Services Europe (AWS) datacenters in either Ireland or Sweden.

Backup is done to segregated triple redundant storage

- Nightly for 2 months
- Monthly for 2 years

### <span class="mw-headline" id="bkmrk-access-and-ownership-1">Access and ownership</span>

Data in the systems belongs to exclusively to the customer.

TS support will in some cases need to access data under non-disclosure obligations.

### <span class="mw-headline" id="bkmrk-gdpr-compliance-and--1">GDPR compliance and retention</span>

The platform contains everything needed for GDPR compliance in your systems.

Using workflow automation automatic deletion or anonymization can be set up: This should be configured in accordance with your data retention and privacy policy.

A data processing agreement will be issued to your organization automatically.

# Security

### <span class="mw-headline" id="bkmrk-authentication-1">Authentication</span>

Authentication is based on username/password.

Optionally 2-factor authentication can be set up using af mix of

- SMS sent to phone
- IP address of callers

#### <span id="bkmrk-"></span><span class="mw-headline" id="bkmrk-single-sign-on-%28opti-1">Single sign on (optional)</span>

Single sign on integration is included for

- ADFS
- LDAP (and AD)
- Google, Azure, Facebook, LinkedIn

A group membership synchronization exists for

- ADFS
- LDAP

#### <span id="bkmrk--1"></span><span class="mw-headline" id="bkmrk-anonymous-users-%28opt-1">Anonymous users (optional)</span>

External users can access data via the following methods

- Create new records: Public link 
    - Services can be protected by a CAPTCHA test
- Edit existing records: Specific link sent to user 
    - Links can expire after certain amount of time

### <span class="mw-headline" id="bkmrk-authorization-1">Authorization</span>

User permissions are granted via inheritable group membership

Authorization schemes

- Field level control
- State model
- Data ownership

Additionally special roles can be assigned

- Administrator (backend)
- Bulk operations

### <span class="mw-headline" id="bkmrk-encryption-1">Encryption</span>

Transport encryption is based on SSL via HTTPS policies

- Cloud hosting includes option for free SSL certificates

Storage encryption is best handled via operating system measures

- Linux: LUKS
- Windows: Bitlocker

Passwords are hashed using BCrypt algorithm.

### <span class="mw-headline" id="bkmrk-protection-1">Protection</span>

Platform complies with all requirements in OWASP level 2

- Hacking: SQL injection, XSS, CSRF
- Password policies

# Requirements

### <span class="mw-headline" id="bkmrk-languages-1">Languages</span>

Frontend can run multiple languages simultaneously.

- Preconfigured languages 
    - English
    - Danish
- Other languages can be setup in the backend

Backend language is English

### <span class="mw-headline" id="bkmrk-software-1">Software</span>

#### <span class="mw-headline" id="bkmrk-user-clients-1">User clients</span>

A modern browser is needed

- Chrome
- Mozilla firefox
- Microsoft edge

To use certain features an office suite will be needed (any version later than 2010)

#### <span id="bkmrk-"></span><span class="mw-headline" id="bkmrk-servers-%28option%29-1">Servers (option)</span>

*Cloud hosting servers will not require any additional software*

On premises installations will need

- Java 8+
- MySQL 5+
- Servlet engine

### <span class="mw-headline" id="bkmrk-technical-skills-1">Technical skills</span>

#### <span class="mw-headline" id="bkmrk-normal-user-1">Normal user</span>

Users will need no special training for basic usage.

Some users may require ½ day training, for learning advanced features such as:

- Reporting and personal views
- Bulk data handling (import/export)

#### <span id="bkmrk--1"></span><span class="mw-headline" id="bkmrk-developer-%28optional%29-1">Developer (optional)</span>

*This role is optional for customers wanted to develop applications inhouse.*

In order to build and maintain applications 1 day of training is needed.

#### <span id="bkmrk--2"></span><span class="mw-headline" id="bkmrk-administrators-%28opti-1">Administrators (optional)</span>

*This role is optional for customers using on premisis hosting.*

Perfom platform maintenance upgrade requires very little skill, as the software is self-upgrading

1. Stop service
2. Copy archieve
3. Start service

# Licenses

### <span class="mw-headline" id="bkmrk-normal-users-1">Normal users</span>

Only **active** users are paid for, down to a minimum of 5.

A service can be configured in order to automatically deactivate inactive users.

### <span class="mw-headline" id="bkmrk-anonymous-users-1">Anonymous users</span>

Anonymous users are paid for per **active** interface (access to a solution):

- All users using a specific interface is counted as a single user license (1 SUL).
- Solutions can support multiple anonymous users via multiple interfaces

### <span class="mw-headline" id="bkmrk-light-users-1">Light users</span>

Some users will only cost a fraction of a normal user license (1/4 SUL)

- Only read access
- Infrequent users
- Simple solutions

Read more about the different licenses on [our website.](https://tsnocode.com/resources/pricing/)