ClickTime’s BI&A Reporting Services Restored

On Friday, August 26th, 2022 at approximately 7:58pm PT our Operations Team was alerted that ClickTime’s Business Intelligence & Analytics, (BI&A) reporting services were unavailable. Service has been restored, (10:20pm PT) and testing indicates the system is fully functional and at no point was any data compromised.

The source of the outage was due to a vendor-reported power event. At this time, although BI&A has been restored, we have been alerted that we may see additional intermittent issues as our vendor continues to investigate on their side. At this time the ClickTime Operations Team is considering this issue resolved.

We apologize for any inconvenience you may have experienced. Please email support@clicktime.com if you have questions or additional issues of any nature. Thank you for your understanding.

The ClickTime Team

Business Intelligence & Analytics (BI&A) Reporting Services are Unavailable

At this moment, ClickTime’s Business Intelligence & Analytics (BI&A) reporting services are unavailable. We are working diligently to restore BI&A, but feel free to reach out to support@clicktime.com for additional information.

Updates

9:58pm PT update: We have identified the underlying issue with ClickTime’s Business Intelligence & Analytics (BI&A) reporting services and are currently working on a resolution. We appreciate your understanding and will continue to update you as we progress. Thank you for your patience.

ClickTime’s Response to Log4j Vulnerability

On Friday, December 10, 2021, the United States Cybersecurity and Infrastructure Security Agency issued an alert about a vulnerability in Apache’s Log4j logging framework (CVE-2021-44228).

Our security and development teams have reviewed all of our code and internal systems and confirmed that the ClickTime service isn’t vulnerable to Log4j. We are actively monitoring this industry issue and reviewing all of our vendors and third-party services to determine if any of them use the vulnerable component and need to be updated.

We take the protection of our customers’ data very seriously. Updates will be posted to this thread at https://system.clicktime.com as additional information becomes available.

Updates

12/13/2021 03:00pm PT update: Our operations team identified one internal system monitoring tool whose vendor acknowledged it needed to be updated due to the Log4j (also known as Log4Shell) vulnerability. This system isn’t accessible to the public and thus wasn’t directly at risk but we have completed the update successfully. We continue to investigate our software and our vendors for any issues or updates needed.

12/14/2021 04:30pm PT update: Our security and development teams have reviewed all of our code and internal systems and confirmed that the ClickTime service isn’t vulnerable to Log4j.

12/15/2021 10:05am PT update: We continue to review all vendors, third-party software and third-party services we engage with to ensure that they are verifying and updating their systems as needed.