The following guidelines and services apply to UKG Banking Solutions:
| Cloud Services | |
|---|---|
| Environments: Services to restore Production environment to one Non-Production environment up to one time per week, if requested for UKG Lobby. |
Included Additional non-production environments are available for additional fees. |
| Environment restoration for UKG Lobby: One standard Production environment. One Non-Production (Development) environment available upon request. Customer is responsible for requesting data to be moved from the Production environment to the Non-Production environment and for the contents of the data moved from the Production environment to the Non-Production environment. |
Included More frequent restores or additional environments will be subject to additional time and material fees. |
| Connectivity to Service: Customer's users connect to application via secure SSL/TLS connection over the internet. Cooperative efforts with customer IT staff may be required to enable access. UKG will assist with validating site connectivity but assumes no responsibility for customer internet connection or ISP relationships. UKG related Internet traffic cannot be filtered by proxy or caching devices on the client network. Exclusions must be added for the fully qualified domain names and public IP addresses assigned to the environments in the UKG Cloud. |
Included |
| SFTP Accounts: SFTP accounts are provided to customers to push files to the UKG Cloud and to pull files from the UKG Cloud for designated integration points. The UKG SFTP folder location is not designed for long-term storage and files stored longer than 30 days may be deleted. UKG Cloud SFTP does not initiate connections, thus SFTP file transfers must be a customer initiated process. |
2 logins included |
| Operating System and Database Software Management: Includes the required O/S and SQL Server licenses, as well as services for UKG to apply critical security patches, service packs and hot-fixes for the software running in UKG Cloud. |
Included |
| Server Maintenance: All server maintenance, including repair and replacement of defective or failed hardware and the installation of hardware upgrades for the software running in UKG Cloud. |
Included |
| UKG Application Updates: Services to perform technical tasks required to apply application service packs, point releases and version upgrades. |
Included |
| Backup: Customer data is backed up daily. Database backups are replicated via encrypted connections to a second UKG Cloud datacenter. Backups are retained for the prior 28 days on a rotating basis. All historical employee and configuration data is stored in the rotating backups. |
Included |
| Disaster Recovery Services: Basic Disaster Recovery services are provided to all hosted customers at no additional fee and include: Customer environment and all customer data in the UKG Cloud are replicated to a secondary UKG Cloud data center. Disaster Recovery Services provide for a Recovery Point Objective (RPO) of 24 hours and UKG strives to restore application availability in a commercially reasonable timeframe. The customer will be down until the Production environment is restored in the primary or secondary data center, if needed, as an application environment is not readily available at the alternate site to process data. Customers are expected to use fully qualified domain names (FQDNs) to access the service given that IP address of the service may change. Any issues arising out of the disaster recovery event due to customer configuration/customization and/or customer third party software outside of the UKG Cloud is the responsibility of the customer to resolve. |
Included |
| Encryption at rest of Customer Content at storage level Customer Content will be encrypted at rest at the storage level. Encryption at rest is defined as Customer Content is made unreadable on disk via encryption technology when the UKG Cloud computing environment hardware is powered off. |
Included |
Guidelines and Assumptions:
| Assumptions |
|---|
| Estimated availability of production application logins is approximately 30 days after the Order Form is processed. |
| Customer agrees to receive automatic updates to the applications. |
| Customer will be required to sign a go live milestone document confirming customer has completed their testing and is ready to go live with the application(s). |
| Customer agrees not to upload payment card information, as the service is not certified for PCI DSS. |
| Customer agrees not to upload health information that falls under the United States HIPAA law. |
Additional policies:
Legal Hold Policy
UKG will comply with applicable laws and regulations and respond to subpoenas and inquiries from government agencies in accordance with their validity after consultation with customers when applicable. In the event that a customer is subject to subpoena, litigation discovery or government inquiry directed at customer data or documents that is solely within UKGs’ control, at customer’s request, UKG will make commercially reasonable efforts to provide assistance to customer to the extent that it is technically feasible to do so. Customer will reimburse the costs that UKG incurs in order to provide such assistance, such as copying, delivery and other handling costs. Subject to the above, UKG will produce the relevant data or documents as instructed by customer. Except at its sole discretion or if legally required to do so, UKG will not entertain requests to store or host legacy or archived customer data or documents for these purposes. UKG periodically reviews all matters subject to legal hold including data that is being retained.
www.ukg.com/policies/acceptable-use
Rev 2021-04-20