Our hosting is an affordable & low-risk solution

Are you thinking about cloud-based hosting for your public housing authority (PHA)? Over 30% of our clients currently enjoy the cost benefit of Emphasys' high performance and secure hosting services to manage their portfolio of affordable housing.

Dozens of Emphasys PHA clients have benefited from our hosting solution, ranging in size from 50 subsidized units to well over 30,000 subsidized units with hundreds of concurrent users. Clients have realized improved performance and reliability, a reduction in system-administration costs and the peace of mind of disaster recovery protection. Best of all, the computer workstations that your employees already use, along with an Internet connection, are the only things your PHA needs.

With our hosted solution, Emphasys provides your PHA with secure access to your Elite PHA housing software, from any location at any time, via state-of-the art hardware located off-site from your PHA in a secure and certified data center. We manage the software for you, including backups, updates and disaster recovery.

Key Benefits

Reliability and Security:

  • Complies with HUD's Disaster Recovery requirements
  • Scalable
  • Secure/encrypted environment
  • Load balancing
  • Virus protection
  • SOC Type 1 and 2 Security
  • Managed 24/7

Low cost of ownership:

  • No servers to purchase
  • No server or database to be managed
  • No updates to apply to servers
  • No updates to apply to Elite Housing Software
  • No backups to be managed
  • No antivirus or other third party software to purchase
  • No database licenses to purchase

Convenience and Flexibility:

  • Just connect to the Internet
  • Connect from anywhere
  • Add users with a simple phone call
  • Print anywhere
  • One big virtual office

Five questions to ask any hosting provider

Is there a Service Level Agreement and is there a proven history of strong performance related to that agreement?

Service Level Agreements (SLAs) provide a great way to align your expectations with a guarantee by the vendor of performance. Putting in the effort to get your SLA right is one of the first and most important steps. There are several things you should consider on your SLA:

  • Guarantee availability – is there 99% or greater guaranteed uptime? How do they guarantee this uptime?
  • Is there an N+1 level redundancy (form of resilience that ensures system availability in the event of component failure)?
  • Do they have dedicated network technicians onsite 24/7 to monitor and maintain the data center?
  • Is their physical data center climate controlled?
  • What about backup power supplies, not only for the server environment but also for the building?
  • What kind of automatic fail-over and redundancy is built into the server platform and at each major point of failure? Does it cost extra?
  • Do they rely on a single upstream provider or a single fiber line? What happens if the provider has an issue, or if the fiber gets cut?
  • Do they have multiple sites and an ability to fail-over to another data center? How long would that take? Hours, days?
  • Is the data closet protected by gas-based fire suppression systems, or will all their servers be soaked if a fire breaks out anywhere in their building?
  • When is the System Maintenance window, and is that down time part of the 1% down time?
  • Guaranteed performance – is there a guaranteed transaction time, storage, and scaling of the servers as needed?

Do you meet critical security and compliance requirements?

Security and compliance are key priorities in evaluating any hosting solution, especially with PHAs. Your PHA remains accountable to regulators, business partners, customers and employees. Thus, you shouldn't consider using a hosted solution unless it has adopted a comprehensive and technically sound approach to an in-depth security program that is certified and proven to meet all HUD, Federal Government, and industry standards for computing over the internet. Some useful questions to ask include:

  • What are the procedures for protecting your data, both from a physical systems perspective, as well as a procedural perspective?
  • How is the application and the database itself protected, and how is that protection maintained?
  • Has the hosting solution been certified based on SOC2/3 assessment and QSA-let PCI assessment?
  • What about meeting specific security and compliance standards as defined by HUD, by the National Institute of Standards and Technology (NIST), by accounting standards as defined in SAS70, and by the Health Insurance Portability and Accountability Act (HIPAA)?
  • 24×7 NOC (Network Operations Center) for Monitoring and Security.
  • Is penetration or breach testing performed regularly?
  • Is there a dedicated hardware firewall for individual clients?

Can you demonstrate similar deployments of my size?

Most inexpensive hosting solutions look good on paper, but in real-world conditions, they may reveal alarming weaknesses. PHAs are rightfully risk averse, so when trying to determine risk, it's comforting to know you're not the first to implement a particular solution.

Ask the vendor for many strong references of your size, with the same number of concurrent users or larger. PHAs are being forced to do much more with fewer resources, so understanding how other PHAs leverage hosting can help you determine the cost benefit and ROI. If the hosting provider is new to hosting an agency of your size, that should be reason for concern.

Do you have a comprehensive Disaster Recovery Plan, and is it included?

When it comes to disaster recovery, many hosting providers will simply provide an offsite backup of your database and say, 'Yes, we have a disaster recovery plan.' It's painful to realize too late when that is not enough.

In the case of a real catastrophic failure, your disaster recovery plan should be real time (hot redundancy) or near real time (warm redundancy). In contrast, your recovery time objective (RTO) will vary, depending on the needs of your business and the likelihood of an actual disaster.

When you make a decision about hosting, it is important for you to consider resiliency of both the hosting provider's core infrastructure and its disaster recovery capabilities. The provider should expect the loss of any particular component or system and plan for it. That loss should have no impact on you, as long as both areas are covered.

Do you deliver robust service integration and operational transparency, including reporting capabilities?

There is nothing you can't do in a hosted environment that you could do with your local on-premise environment (at least there shouldn't be). So beware of the less experienced hosting vendor because they may not be able to deliver the more advanced services that you should expect. Look out for added costs if the vendor is not providing these value-added services as part of their core offering:

  • Database backups performed hourly/daily/weekly
  • Database administration services
  • Application Software updates applied for you
  • Capacity and license planning, with usage management
  • System performance monitoring and management
  • Change management
  • Problem management
  • Service level data integration for ad-hoc reporting capabilities

To download a copy of our Hosting Whitepaper, fill out the form below.

The Whitepaper will be sent to your email.

    To download a copy of our Hosting Whitepaper, fill out the form below.

    The Whitepaper will be sent to your email.

      Ready to learn how we can help your public housing authority?

      Contact Emphasys