VINDOW TECHNOLOGY FAQS

How to Manage the RFP

We answer frequently asked questions about
Vindow and our Technologies

Is Vindow multi-tenant?

Yes

What compliance certifications does the Vindow hold?

We are pursuing a COBIT certification.

What data center certifications does the hosting provider hold?

Vindow uses AWS as a data hosting provider and they hold all center certifications.

What is the technology infrastructure that hosts Vindow?

  • Our solution is hosted in AWS. The front end is a React SPA served from a CDN.
  • Service layer is a collection of REST APIs built in Node.js, hosted as docker containers behind a load balancer that manage the amount of instances as needed.
  • The data layer is composed of different NoSQL DBs (DynamoDb and DocumentDb). Every db has a Redis Cache to support them.
  • Machine Learning models are built in Python using TensorFlow, Keras and scikit learn and they a run in a cluster as docker containers.”

Does Vindow utilize geographically dispersed data centers to serve customers?

Yes, we do.

Does Vindow have multiple environments to accommodate production and pre-production, so functional development and integration testing can be performed without affecting production?

Yes, at Vindow we have multiple environments that can be segregated by client where testing can be done without affecting production.

How does Vindow control and release different versions of code across customer instances or environments?

Vindow uses an Agile development process with two week long sprints. We release into our QA environment and have our analysts test each story and perform regression testing within the system. Once we are assured the functionality works as designed we release into our production environment.

Every release has it’s own branch in the source control system.

How often does Vindow release patches or upgrades and how are these accomplished while minimizing risk and downtime for customers?

Vindow releases every two weeks (see above for further description). In addition, we can release patches within 24 hours on an as needed basis.

Does Vindow encrypt data at rest (RSA, DES, AES, Blowfish, Bitlocker, etc.)?

Yes, we do.

Does Vindow encrypt data in transit?

Yes, we do.

Does Vindow have built-in data loss prevention capabilities?

Yes, we do.

Does Vindow provide disaster recovery services?

Yes, we have hourly backups and data replication and the ability to restore that information in a timely manner.

Is disaster recovery data encrypted?

Yes, disaster recovery data is encrypted.

How often will backups occur?

Vindow does incremental backups every 5 minutes.

Does the backup exist in a separate location from the primary data center where the solution is hosted?

Yes, back up exists in a separate location from primary data.

Does Vindow allow tenant-managed encryption keys?

Not at the time.

Does the platform/solution segregate data by tenant?

Yes, Vindow segregates data by tenant.

Who has the ability to decrypt customer data?

Only the Chief Technology Officer can decrypt customer data.

Does Vindow allow clients to download a full copy of their data if the they stop using the solution?

Yes, if a customer requests a full copy of data Vindow can provide (this may come at an additional cost to client).

Does Vindow erase all client data if the client stops using the solution?

Yes, if a client would like all of their data erased from the system it can be removed.

Describe Vindow's approach to storing and accessing historical and production data for transactions and reporting purposes.

Historical data is archived in their own tables. Transactional and historical data are always available and can be accessed any time. In case that both sources are required to fulfill a report, a fan out query is executed to be consolidated after execution.

Which authentication and SSO mechanisms are supported by the platform/application? (SAML, OAuth, OpenID, AD/LDAP)

Currently, Vindow supports user login via username and password. We will be supporting OAuth and OpenID SSO soon.

Who has the ability to control access to the solution? For example, can the vendor add a super user account?

Yes, the vendor can use an Admin to control access to the solution.

Does the platform/solution provide admin audit and access logging?

Yes, actions taken by users are logged and can be tracked to the user session that generated them.

Does the platform/solution provide standard user audit and access logging?

Yes, actions taken by users are logged and can be tracked to the user session that generated them.

Does the platform/solution support 2-factor authentication?

In the near future.

Does the platform/solution support strong password enforcement?

Yes.

Does the platform/solution support IP Filtering?

Not at the time.

What capabilities does Vindow provide to integrate with cloud systems?

Vindow supports webhooks and custom integrations can be developed as needed.

What capabilities does Vindow provide to integrate with API Gateways?

All of Vindow’s application services are exposed as REST APIs that can be integrated in any API gateway.

Has Vindow been subjected to both load and performance testing?

Yes, statistics regarding page load times for Vindow can be provided upon request.

Can Vindow be “white-labeled”?

Yes, Vindow can be white labeled upon request.

Can the Vindow UI accommodate different experiences per role or per other user attributes (geography, property, user type, etc.)?

Yes.

Can the UI be personalized by individual users?

Yes, custom reports are supported and dashboards can be personalized.

Is Vindow UI utilize responsive web design?

Yes, our website has full support for tablets and partial support for mobiles. We also provide a mobile application.

Does Vindow support multiple languages?

In the near future.

Become Part of the Vindow Community

The Only Platform that Provides Streamlined RFP Creation, Contract Management and Data Intelligence in one intuitive platform.