Bricknode General Service Level Agreement


Effective starting: 2016-10-24


This Service Level Agreement “SLA” between Bricknode and its subscribers of Bricknode Financial Systems “BFS” is to serve as a documentation for the agreed services, which Bricknode is to deliver.


BFS – means the software and hardware as well as infrastructure (network, hosting environment etc.), which is required to make the services available for end customers and staff of the subscriber according to the Bricknode Customer Agreement.


Visiting address:                
Lögegatan 11, 541 30 Skövde, Sweden
Phone: +46 8 14 55 69 

Support service levels

The support service level is defined in the


System availability required (i.e. up-time) is 24*7*365.

The system is monitored by 24 hours support desk and potential problems and events are logged by a Helpdesk tool.

Upgrade of the system, which implies down time will not take place during normal working hours i.e. Monday to Friday 8.30 to 17:30. Customers will be notified in advance. Bricknode has the right to implement upgrades and patches which are critical to the technical operations without getting prior customer consent.

Technical operations

Bricknode is responsible for adequate technical operations of BFS which includes: 

Hardware, framework software and infrastructure

Technical operations, monitoring, installations, upgrades, configuration of hardware and framework software

Technical operations includes standard server applications as operating systems and core components as active directory for Windows based servers and Internet Information Services.

IT Recovery Procedures

All critical data and components are stored and mirrored in at least two physical places.

The recovery plan will be updated every 6 months and the plan is kept in several physical places.

IT Recovery Procedures are tested at least once per year.

Change Control Procedures

Procedures for change control exists.

Clients use a web based front end, which always has the latest version so no distribution of software is needed.

Secure data center

Our service is located at Amazon Web Services, which is a top-tier data center. The facility provides carrier-level support, including:

Access control and physical security

Electronic surveillance and multi-factor access control systems

Staffed 24x7 by trained security guards

Access is authorized strictly on a least privileged basis

Building engineered for local seismic, storm, and flood risks

Tracking of asset removal

Environmental controls

Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Date centers are conditioned to maintain atmospheric conditions at optimal levels.

Personnel and systems monitor and control temperature and humidity at appropriate levels


The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.


Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services.

Fire detection and suppression

Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems

Secure transmission and sessions

Connection to the Bricknode environment is via SSL 3.0/TLS 1.0, using global step-up certificates from GeoTrust, ensuring that our users have a secure connection from their browsers to our service

Individual user sessions are identified and re-verified with each transaction, using a unique token created at login

Network protection

Perimeter firewalls and edge routers block unused protocols

Internal firewalls segregate traffic between the application and database tiers

Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports

Disaster Recovery

The Bricknode service performs real-time replication to disk at the data center, and daily data replication between the production data center and the disaster recovery center

Data are transmitted across encrypted links.

Disaster recovery tests verify our projected recovery times and the integrity of the customer data


All data are backed up at each data center, on a rotating schedule of incremental and full backups

The backups are cloned over secure links to a secure archive

Backups are not transported offsite and are securely destroyed when retired

Internal and Third-party testing and assessments

Bricknode tests all code for security vulnerabilities before release, and regularly scans our network and systems for vulnerabilities. Third-party assessments are also conducted regularly:

Application vulnerability threat assessments

Network vulnerability threat assessments

Selected penetration testing and code review

Security control framework review and testing

Security Monitoring

Our Information Security manager monitors notification from various sources and alerts from internal systems to identify and manage threats.