While this is not a formal service level agreement (SLA), it is our standard service offering for SAS customers and what we feel are our responsibilities as well as our expectations of our customers.

EI-SAS Responsibilities

(Revision date: 2023-08-01)

• Provide a managed server running a supported and properly patched operating system (OS) 
  • We will ensure that your OS is running a supported version, whenever possible, and that the system is up to date with security updates in accordance with the University security policies. Third-party vender constraints to maintain within a supportable version range of their product(s) are taken under consideration.
  • We will work with you to determine the appropriate maintenance window (MW) for your systems and verify that the updates are applied in a coordinated and timely manner.
    • Note: most operating system updates will be installed automatically during the system's maintenance window.
• OS monitoring and alerting during standard support hours of 08:00-17:00 on University business days 
  • We will make sure that our default set of metrics are being monitored and that appropriate alerts are sent to our sysadmin on-call in a timely fashion. During the hours of 08:00 to 17:00 on all university business days we will provide this level of alerting and will let you know if there are service interruptions or anomalies that need your attention. 
    • If extended hours are needed, we can extend up to 0600-2000 on our alerting hours for your service.
  • If you notice a problem with your application during the business day, please feel free to reach out to EI-SAS per our published support page to make sure we are aware of the issue and can keep you updated on our progress to resolve the issue. 
  • In the event that an issue or problem should arise outside of our normal support hours, we will provide billable after hours support for your services via an on-call and escalation process defined below. 
• Application monitoring – defined on a per application basis to the extent available in our available monitoring tools 
  • We will work with you to determine the best ways to monitor your application to keep it working as desired. We will help set alert thresholds based upon your service needs in order to maintain your application availability. 
• We will create and manage the necessary accounts (service and user) to run your application in a secure and consistent manner.  
  • Linux: Create local accounts tied to AD accounts 
  • Windows:  Create accounts/AD security groups as required 
• File system administration and management (grow/shrink) 
  • We will work with you to properly size the data drive(s) needed to support your application. We will also work to establish appropriate access controls to allow proper file access and to prevent undesired access to file resources. 
• Virtual machine backups 
  • A majority of the servers we support are virtual servers (VM) and run on EI managed virtualization platforms or on approved cloud platforms. We will make sure that your VM will be backed up according to recommendations. In the event that a server issue requires that we rollback your server to a previous version, we will coordinate the efforts to restore your system to an available storage system snapshot. 
• File level backup and restores 
  • We will work with you to determine the critical files and folders for your application and make sure that they are properly backed up in order to restore them to a previous version if needed. We will also assist in restoring a file or files to a previous version when needed. 
• Firewall configuration 
  • In order to allow the appropriate access to your application, we will work with the university security office (ISPO) to configure appropriate firewall (fw) rules to allow the proper connections. We will also configure the correct host-based fw rules to allow proper access and to prevent unwanted system network access. 
• SSL cert renewal and management 
  • In order to meet security requirements, we strongly encourage all applications that support https connections to use those exclusively. EI-SAS will be responsible for monitoring the status of your certificates and ensuring they are replaced prior to expiration.  

Customer responsibilities 

• Communicate with EI-SAS administrators on all things related to how we manage your application. Things such as: 
  • Application issues and concerns 
  • Upgrade plans and timeframe 
  • Make sure we have correct contact information in the event of any service interruptions so we can have you verify your application is responding as desired 
• As the service owner for your application, we assume that you will manage all the day-to-day aspects within the application. These include you adding and removing access within the application as allowed by the application itself. Application configurations that do not require system level changes on the application server are your responsibility. Other areas of responsibility include, but are not limited to:  
  • Review software licenses using the technology review process 
  • Keep licensing up to date (as needed) 
  • Provide access to vendor support channels as needed (if available) 
• Be aware of the data security for application and disclose any known Level 3 or 4 (PII, PCI, HIPAA, FERPA, etc.) data within the application so that we can help ensure proper security configuration 
• In the event that you need elevated access to your service on a temporary (24 hours or less) basis, please complete our workflow to request this elevated access. https://its.uiowa.edu/support/article/121591

After Hours Support (Billable) 

If our customers detect a problem with their service or application that they feel could be helped by involving an EI-SAS administrator, they are encouraged to follow this process to get after-hours support: https://its.uiowa.edu/support/article/121596