Workday Hosting & Software Pricing
Cloud Hosting and Service Level Agreement
Workday warrants its Software as a Service delivery with its standard Service Level Agreement (SLA). The SLA includes a Disaster Recovery (DR) plan for the Workday Production Service and includes a Recovery Time Objective (RTO) of 12 hours and a Recovery Point Objective (RPO) of 1 hour. The Recovery Time Objective is measured from the time the Workday Production Service becomes unavailable until it is available again. The Recovery Point Objective is measured from the time that the first transaction is lost until the Workday Production Service became unavailable.
To ensure Workday maintains these SLA commitments, the company maintains a DR environment with a complete replication of the production environment. In the event of an unscheduled outage where the interruption is estimated to be greater than a predefined duration, Workday executes its DR plan. The MySQL database is replicated to the DR data center, new OMS instances are started in the DR data center, and customers are redirected to the fail-over DR data center. The DR Plan is tested at least every six months.
While specific amounts and percentages for the SLA were not disclosed, Workday offers this standard service level agreement tied to a minimum uptime guarantee that is tied to a financial or service credit for customers.
Information Security and Uptime Assurance
Workday adheres to some of the highest security standards in the industry including ISO 27001, SAS70 Type II, and Safe Harbor, and has multiple co-location data centers located on the east coast, west coast and in Europe (vendor chose not to disclose exact locations). Further physical, communications/network, application, data security, and comprehensive security safeguards include:
- Physical Security
State-of-the-art Tier IV data center and backup facilities.
Highly restricted access with 24x7 monitoring and audit.
Backup and disaster recovery with regular testing of procedures to ensure integrity of customer data.
- Communications and Network-Level Security
Access permitted only over secure connections including Secure Socket Layer (SSL) version 3 or Transport Layer Security (TLS).
Perimeter-level defense and network intrusion prevention.
Regular 3rd party network vulnerability and penetration testing.
- Application-Level Security
Authentication of all user and web services requests.
Support for SAML Single Sign On (SSO).
Support for delegated authentication.
Granular customer-defined access control rights and permissions.
- Data Security
No direct database access allowed. All access requests routed through the business logic.
All attribute values in the database and backups uniquely encrypted in the database using AES 256-bit encryption – the only hosted HR solution on the market supporting this approach.
- Comprehensive Auditing
Full audit of user and web services authentication, authorization, and access.
Complete audit trail reporting in support of governance and compliance.
Workday Software Pricing
While Workday delivers some social tools and claims to be a social enterprise itself, the software vendor is far from transparent when it comes to software pricing. Workday refrains from disclosing pricing models in favor of letting their sales professionals negotiate such information with prospects during the sales cycle.
However, as a guideline Workday prices its software based on a subscription pricing model that represents metrics for the overall client business, rather than per-Workday-user. This model is based on the total number of employees (or total revenue) and service areas. Because Workday is a SaaS HR product, support and updates are included within the subscription price and maintenance fees are not assessed to the client.
Next - Workday Company Viability Review >>