Performance remains stable and this incident is now resolved.
Posted Nov 15, 2021 - 17:13 UTC
We have maintained system stability throughout this week. As we are committed to giving our customers the best experience possible we are continuing to monitor, identify and implement performance improvements.
Posted Nov 12, 2021 - 14:56 UTC
Further stability enhancements have been implemented and performance, on the whole, remains stable. We have identified other opportunities for improvement and will continue to work on those.
Posted Nov 08, 2021 - 16:08 UTC
Performance has remained stable throughout today. As we strive to give our customers the best experience possible we will continue to work on further performance enhancements and monitor the system closely.
Posted Nov 05, 2021 - 14:10 UTC
Performance is predominantly stable, with occasional variances for some customers. Our priority is to ensure that all customers experience uninterrupted performance, and we will continue to work on improvements and monitor performance closely.
Posted Nov 04, 2021 - 13:52 UTC
We are aware that some customers are experiencing degraded performance. We are continuing investigations to identify and implement further performance improvements and monitor the overall performance very closely.
Posted Nov 04, 2021 - 10:03 UTC
Early reporting shows the system is stable this morning after deploying several performance improvements. We are closely monitoring the situation.
Posted Nov 04, 2021 - 09:03 UTC
We have identified further opportunities for performance improvements and we're working through them sequentially. More improvements will be rolled out overnight. We are committed to resolving all performance issues.
Posted Nov 03, 2021 - 15:58 UTC
We have started to roll out a series of performance improvements while monitoring the situation.
Posted Nov 03, 2021 - 09:58 UTC
The cause of the degraded performance has been identified. We are working on a series of performance improvements.
Posted Nov 03, 2021 - 09:25 UTC
The system's performance is still degraded, and some customers are experiencing intermittent delays. We are still investigating the issue.
Posted Nov 02, 2021 - 14:49 UTC
We are aware that some customers are experiencing intermittent performance issues. We are working with local and global teams as we continue the investigation.
Posted Nov 02, 2021 - 10:11 UTC
We are investigating a potential performance issue with the service. An update will be provided within 30 minutes.
Posted Nov 02, 2021 - 09:40 UTC
This incident affected: Middle East and Africa (Sage Business Cloud Accounting ZA).
We take the security of our customers’ data very seriously. We know how important it is to keep this data safe so we have put in place a set of protective measures, based on recognised industry best practises. This document contains a description of these measures to give our customers confidence that they can trust us with their data.
Our approach to security is under continual review, so we may change any of the descriptions in this document at any time and without notice.
Our overall approach to information security
We have a set of internal documents that are used to inform our employees about our approach to information security. These documents are regularly reviewed to ensure they remain up to date. Our employees are required to use these documents to understand how our information security approach applies to their work.
Information security responsibilities
We have a dedicated team that is responsible for overall information security at Sage. The security specialists make sure their knowledge of security stays up to date by keeping in contact with groups of technical security experts outside Sage. We also keep in contact with authorities such as privacy regulators. Our senior executives regularly discuss information security and take accountability for security within Sage.
We ensure reference checks are carried out on new employees and for roles which are particularly sensitive we do credit and criminal records checks. Our employment contracts include terms relating to information security. We provide training on our information security approach to all our employees to make sure they understand the role they play. If an employee does not follow our information security approach we may take disciplinary action against them. We encourage all our employees to report any information security concerns that they have using a dedicated mailbox, set up for that purpose.
Understanding the data that we handle
We keep track of the different types of data that we handle so that we can ensure it is properly protected. We keep a record of the data and all the software applications, computers and IT systems that handle it. We ensure that the protections we use are proportionate to the sensitivity of the data – more sensitive data may need extra controls. We train our employees to make sure that they do not misuse our IT systems in ways that could reduce the security of the data they handle.
Access to our customers’ data
We apply rules to control which Sage employees can access customers’ data. We only allow our employees to access customers’ data if it is needed for them to do their job, for example, to provide technical support. We track and log all employees that have access to customers’ data.
Encryption of customer data
Encryption is a way of scrambling data to help keep it secure. We often use encryption to protect our customer’ data, for example where is being sent over the internet. We issue clear guidelines written by our security specialists for how our employees should use encryption. We make sure that we properly protect passwords and the keys that can be used to read encrypted data.
We store and process our customers’ data in secure “Data Centres”. These Data Centres are secure and access is restricted to those with appropriate permission. They are also built to be able to withstand fire, flood, lightning strike, power failures or other similar events. However as an additional precaution, we often store customers’ data in multiple data centres so that if one is out of action, our products will keep working. Where we store data in more than one Data Centre, we make sure that the security of each Data Centre is of the same high standard.
Backup copies of customer data
We regularly make backup copies of our customer data so that if the original data is lost or damaged, we can replace it using the copy. We store the copies securely, taking the same care over them as we do over the original data.
We keep records of how our products are being used and how they are performing. We continually monitor these records so that we get early warning of security problems or other problems so we can understand the issue and fix any problems that occur. All monitoring data is kept securely.
Finding and fixing security problems
We use tools to scan computer hardware and software on a regular basis to look for weaknesses that could potentially lead to security problems. If we find these weaknesses, we fix them, on a priority basis. We make sure we test the fixes so that they don’t cause new problems.
Despite adopting industry best practises, security problems can still happen. When they do, we have clear internal processes to ensure problems are quickly reported and handled by the relevant people. After a problem is fixed we learn from what happened to try to stop it from happening again.
Protection from the internet and viruses
We use a variety of software and hardware tools to make sure that unauthorised people cannot access our customers data over the internet, or get any kind of access to our computers.
We keep our computer systems up-to-date and run anti-virus software on them to prevent them becoming infected by computer viruses or other harmful software.
We use a variety of techniques to help stop security problems being introduced into our software as it is being written, and to find and fix problems before we make our software available for customers to use. All Sage employees involved in writing Sage software are trained in these techniques.
We make sure our software is protected so that no-one can change it without permission and we do a wide variety of tests before we make any changes available to customers. We carefully plan changes to reduce the risk that a change will cause a problem or disruption to our customers.
Our suppliers and partners
We use third-party companies across our business. Some of these companies handle our customers’ data on behalf of Sage. Before we send data to any third-party, we review their approach to information security to make sure that we only rely on companies with good security standards and ensure that we have relevant contractual documentation in place.