Service Agreement

Does stSoftware make available the full source code under an escrow agreement ?


What are my IP rights?

September 29, 2015

What are my IP rights?

Client IP is held in Client App and Client Data Layers


stSoftware's award winning patented multi-layered database structure separates generic and custom client code and data into different database layers. The code and data held in the Client App Layer and the Client Data Layer are the intellectual property (IP) of the client. The code and data held in the st Engine/App Layers are the IP of stSoftware.

The multi-layered database structure provides more than a designation of IP, they are integral to customising a generic solution which is rapid and affordable. Generic functionality can be easily customised rather than having to develop a custom system from scratch.

Specific client requests are normally broken down and implemented as generic features and then customized to the clients' requirements unless otherwise requested. Generic features are maintained/enhanced by stSoftware on going.  

Overview of a typical database layer structure in a custom cloud system

The client owns the IP for all code and data that is located in their Client App Layer and Client Data Layer for all stSoftware solutions.

stSoftware's Engine/App Layers

  • Generic features and data held in these layers are the IP of stSoftware
  • The cost of developing these features is shared by stSoftware and the client requesting the generic changes
  • The cost of maintaining these layers is the responsibility of stSoftware
  • There is NO client IP over any of the generic features/data in the base layers. 

Client's App Layer

  • Contains client specific screens/classes that are not generic
  • The client owns the IP (including Business Rules)
  • The client is responsible for the full cost of development and ongoing maintenance of the/Client App Layer including keeping compatibility with future browsers/features and keeping integration points compatible with other systems

Client's Data Layer(s)

  • Contains all the system's 'business data'
  • The client owns all the IP rights for the 'business data'
  • Completely private and is only accessed by ST for backup, support and redundancy purposes

Note: The structure can support multiple Client Database Layers, this is an additional benefit of the layering that enables the sharing of system functionality. For example in a franchise arrangement each franchisee has access to a discreet and totally private data layer and also has access to the shared Group App Layer and Group Data Layer

What are the security, back-up, disaster recovery and firewall services ?

November 27, 2013

What are the security, back-up, disaster recovery and firewall services ?

stSoftware systems have security measures, back-up procedures and a range of disaster recovery options.


Industry standard best practice for passwords for both the web server and Linux machines. Site designers do not have direct access to the underlying Linux server, the raw database or files. All changes are done within sandbox of the system. 

Back ups

All databases are backed up nightly.

All client documents are backed up nightly and consistency check of the raw file checksum is performed. 

The backups are kept for a week on site.

The machines themselves are backed up as a whole to an off site secure backup location. A full or partial restore of the machine can be done from the off site recovery centre.


The standard system is Linux will all ports closed except HTTP, HTTPS and SSH. 

SSH is configured to block IP addresses after a series of failed log in requests. All SSH requests that are from unknown locations or from foreign countries are blocked by default.


All raw files which are stored separately to the database itself are sent to both the main site and the disaster recovery site when the files are uploaded. Each version of a file is kept and never modified ( new version created ). When a file is uploaded a file checksum of the raw file is performed and stored in the database, the file is then encrypted and the key is stored in the database.  The compressed/encrypted resulting file is sent to the redundant file servers for permanent storage.

The hosting provider has a 2 hour hardware replacement

Service Delivery

What are the network and server availability guarantees ?