Change Requests
Change requests (requests which impact confidentiality, integrity, availability, or cost) must be submitted in writing by a designated OneStream administrator through email or our support portal to manage the workflow of the requested change. 3rd parties, such as approved implementation partners and consultants, may submit requests on behalf of customers but require documented approval from a of a customer’s designated administrators prior to being actioned.
Portal: https://www.onestream.com/support/
Authorized Personnel
OneStream’s third-party cloud services providers retain a full audit trail of any changes to a customer’s Cloud Instance. All activities conducted within our Service Environment are auditable and track personnel actioning the change as well as the relevant support requests. Audit logs and other related change management data is retained for a minimum period of twelve (12) months.
Maintenance and Change Management
Scheduled maintenance to a customer’s Cloud Instance is coordinated by the OneStream Service Cloud Operations management team. A standard maintenance window is in place on the weekend following the industry’s “Patch Tuesday” update releases and are mandatory events. OneStream conducts regression testing of all underlying patches in a OneStream test environment prior to introducing to the Service Environment. In the event a customer has scheduled activity, an alternate time within the next seven (7) calendar days following “Patch Tuesday” may be requested so long as the request is received at least three (3) calendar days prior to the maintenance window. If a critical update is necessary for security purposes, OneStream will notify the customers and take action to perform the updates as soon as possible irrespective of the standard maintenance window.
OneStream will coordinate separate scheduled maintenance windows with customers to perform upgrades to the software related to the functioning of the Service and other instance changes. OneStream will notify customer contacts at least three (3) calendar days before any maintenance window and again at least 24 hours prior.
Physical Controls of OneStream Corporate Facilities
OneStream deploys physical access devices (e.g. key fobs) to control entry to those offices with direct connectivity to OneStream’s processing environment. Satellite offices are logically controlled by maintaining an internet connection and enforcing VPN access into the environment.
The electronic access logs are reviewed weekly, noting any anomalies. Special attention is paid to any unusual activity during the evenings and weekends, as well as monitoring the cleaning company’s activities. If an issue is found, an incident report is created. OneStream employs security cameras and motion detectors to monitor activity. CCTV systems record continuously, and the recordings are retained for at least 60 days. Additionally, OneStream’s offices have alarm systems that monitored and responded to by the local authorities.
All visitors must electronically sign-in, and sign-out of the visitor log located at the receptionist desk and be accompanied by the employees that they are visiting for the duration of their stay.
Incident Response
OneStream takes any security incident very seriously. We practice prevention and preparedness through education. In the event of an incident, OneStream follows a process of Identification, Triage, Containment, Eradication, and Recovery. Following an incident, a full post-mortem review is conducted to close the loop on future education.
OneStream will notify customer without undue delay, which in no event shall be greater than 48 hours after the determination that a Security Incident has occurred or is likely to have occurred and provide to Customer, upon request, a reasonably detailed incident report. OneStream is committed to cooperate in good faith with Customer to remedy or mitigate the impact of any Security Incident.
Backup, Recovery, and Archive
OneStream maintains a robust automatic backup system, ensuring continuity of the Service Environment in the event of unexpected failure or disaster. Cloud Instance resources unique to a customer are automatically replicated to a secondary data center within the same region continuously. In addition, all databases are automatically backed up at the transaction level to allow for Point in Time Recovery (or “PITR”) for the trailing seven (7) day period. In addition to PITR backups, databases also have weekly “snapshots” for long-term retention (or “LTR”) for the trailing fifty-two (52) week period. Additional periods of LTR for weekly “snapshots” may be procured for an additional fee, up to a maximum retention period of the trailing five-hundred and twenty (520) weeks. Both PITR and LTR enable a customer to roll back critical data elements (such as the database state) of a customer’s Cloud Instance to a specified point in time.
Customers retain ownership of, and are expected to maintain, all data in their Cloud Instance. OneStream requires that the Customer ensure that all data uploaded to the Cloud Instance, including but not limited to personally identifiable information, is in compliance with applicable legislation and regulations. For the avoidance of doubt, OneStream does not purge or obfuscate data on customers behalf.
