Skip to main content

Help us improve the Digital Marketplace - send your feedback

Moriyama

Umbraco Upgrades

Moriyama offers upgrades and rebuilds from your current Umbraco version to the latest supported version, following Umbraco's release schedule. This can involve major version upgrades or rebuilds, minor version upgrades, and security patching to align your project with the latest Umbraco features and address vulnerabilities.

Features

  • Umbraco strategy and rollout planning
  • Umbraco implementation advice and execution
  • Umbraco Health checks and performance advice
  • Website Accessibility check
  • High scalability hosting and platform optimisation for Umbraco sites
  • Continuous deployment and integration tooling
  • Certified Umbraco Masters
  • Umbraco MVPs

Benefits

  • Better ROI and KPI performance
  • Improved Umbraco performance & scaling
  • Improved editor experience - more productive teams
  • More maintainable Umbraco solutions
  • Increased business resilience
  • Faster response to changing markets
  • Ability to rapidly respond to change

Pricing

£5,861 a unit a week

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@moriyama.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 3 5 1 6 5 7 8 3 0 3 3 4 3 6

Contact

Moriyama Thuy Tran
Telephone: +44 (0)203 745 4285
Email: info@moriyama.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Umbraco CMS
Umbraco Cloud
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Core team support Monday - Friday 9am - 5pm (excluding Bank holidays)
out of office hours support available upon request.
System requirements
N/A

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our response times vary depending on the severity of the incident, as indicated below:

- P1: 0.5 working hours
- P2: 2 working hours
- P3: 4 working hours
- P4: 8 working hours
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Moriyama’s flexible and agile approach to Umbraco development, coupled with the way our team is structured, means we’re able to give clients access to resources more rapidly than other suppliers may be able to do so. Our lead time is typically 4-6 weeks to start new Umbraco projects/iterations.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Moriyama would always recommend a Health Check to ensure we can access the codebase we are inheriting and identify any additional actions that may be required. Add more
Service documentation
No
End-of-contract data extraction
To make sure your migration away from Moriyama is a smooth as possible we will endeavour to respond to any requests in a timely manner.
Any offboarding tasks will be treated as support tasks and will draw down on support hours, however if these requests come in after the support contract ends or the current number of support hours are all used up there will be a charge incurred.
Offboarding requests can include, but are not limited to:
• Providing backups of source code
• Providing backups of databases used by production sites
• Liaising with your new agency to transfer relevant hosting details where applicable.
We are more than happy to liaise directly with your new agency if this makes things easier and can provide updates on how much time has been spent so you are fully aware of the requests and tasks.
As part of our standard data retention policy, your source code and data will be retained for 6 months from the end of your final support contract before they are removed from our records.
End-of-contract process
In addition to the end of contract deletion and data extraction, activities referenced in the earlier question, Moriyama's client engagement strategy will include the following activities as we near the end of the contract, to ensure any exiting clients leave us well: - Establish whether the contract will renew at least months ahead of end of term. - Engagement with the client to capture feedback, conduct exit interviews. - Agree specific end of contract actions such as, deletion of any confidential data or documentation and revoke access to any client systems or software. - Liaise with and handover to new supplier as needed. - Provide an end of contract commercial summary.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Our Umbraco website applications are designed to be fully responsive and support experiences across different screen resolutions.
Typically this means making adjustments in the design and frontend implementation for mobile/tablet/desktop, for instance in the way menus operate, to support optimised experiences on any device.
Ensuring app-like behaviours on mobile devices is key, such as launching the camera and camera roll for image selection, rather than launching a file picker, and optimising interaction elements for touch screen usability.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Moriyama provide a dedicated support portal for all clients with a Moriyama support contract.
The support portal allows clients to raise new tickets, view tickets in progress, view their support resource in hours and includes a reminder of contract renewal dates.
Clients are able to view communication/notifications about ticket status changes and progress through this service portal.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
N/A
API
No
Customisation available
Yes
Description of customisation
Moriyama builds and maintains fully custom Umbraco CMS projects for our clients. Every website and backoffice is customised to meet the unique needs of each organisation we support: this includes the blocks and components the website will include for content creation, the frontend presentation layer, UX/UI design and any API or webhook integrations into third party software and systems to support key functions, transactions and data transfer.

Scaling

Independence of resources
Moriyama employ a number of procedural practices to ensure we can optimise flexiblity and availability of resource:

1. Agile iterative development for our clients.
2. Dynamic scheduling and close management of resource forecasting to inform project delivery, new project lead-times and to support decisions around growing the team as/when needed.
3. Dedicated support resources - Umbraco developers always available for support ticket resolution.
4. Dedicated project/iteration resources - Umbraco developers always allocated to iteration work.
5. Access to wider Cohaesus Group - additional developer resource available if needed.

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Umbraco cloud, Microsoft Azure

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Moriyama website applications include the ability to export Umbraco Forms data from Umbraco back-office via a CSV or Excel download.
Data export formats
  • CSV
  • Other
Other data export formats
Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • Bulk and individual image import
  • Bulk and individual file import
  • Bulk and individual PDF import

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We benefit from the enhanced SLA Umbraco and Microsoft offers with >99.95% ability, and we extend those benefits to our clients. Whilst we do not currently offer service credits, any issues are explored individually with clients on a case for case basis, and we can agree redress actions where necessary.
Approach to resilience
Available upon request
Outage reporting
Automated email alerts to mailboxes monitored by multiple senior Moriyama team members.

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Moriyama employ principle of zero access and were access is needed for management interfaces and support channels this is granted on a named individual basis. Access credentials are stored and obfuscated using a password management platform which utilises dual key and MFA to authenticate user requests. Access to client platforms and channels is revoked when no longer needed and/or upon immediate request from a client.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
N/A
Information security policies and processes
The IT security policy of Moriyama is designed to safeguard company and client data through comprehensive access controls, data protection measures, physical security guidelines, network security practices, incident response protocols, and compliance standards. Access Controls emphasize strong password practices, including length and complexity, with regular changes every 90 days. Multi-factor authentication is mandated for cloud services and remote access. Access is granted based on necessity, following the principle of least privilege, and promptly revoked upon an employee's departure. Data Protection mandates secure storage on approved cloud platforms with encryption at rest and in transit, automated encrypted backups stored offsite. Physical Security guidelines require vigilance with devices containing sensitive data and secure storage of documents. Network Security requires firewalls, updated antivirus software, and prompt security patching. Security Incidents must be reported immediately for investigation, with forensic analysis and appropriate measures to prevent further damage. Breaches are reported to clients and authorities as required by law. Policy Compliance demands employee acknowledgment and adherence, with regular policy reviews to address evolving regulations and technology. Violations may lead to disciplinary measures.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Available upon request
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Available upon request
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Available upon request
Incident management type
Supplier-defined controls
Incident management approach
The incident response process involves: Incident Identification: Use security monitoring tools, anomaly detection, error reports, or employee/client reports to identify incidents. Assessment and Containment: Investigate and isolate affected systems to prevent further damage or access. Eradication and Recovery: Remove malicious elements, reset compromised credentials, and restore systems from clean backups. Post-Incident Analysis: Determine root causes, extent of compromise, and implement preventive measures. Notification and Reporting: Inform affected parties, report cyber-attacks to law enforcement, and notify regulators if required. Return to Normal Operations: Monitor systems, share lessons learned, resume operations, and provide additional security training if necessary.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

Moriyama are committed to fighting climate change and view this as one of the most serious threats humanity currently faces. We support this through a number of elements: 1. Remote working - we are predominantly remote-based, with the team working from home and meeting up occasionally for team workshops and planning sessions, around once per quarter. This means our carbon emissions are greatly reduced by our lack of need to travel to an office space. 2. Travel choices - where we do need to travel for client or team meetings, we reduce the impact of travel by favouring sustainable public transport as primary method, and make use of lift-sharing wherever possible if public transport is not an option. 3. Using Umbraco as our technology partner means we are contributing to sustainable digital development. Umbraco's sustainability team are focussed on moving towards digital sustainability and carbon neutral delivery of digital solutions.

Equal opportunity

Moriyama aims to foster a diverse and inclusive workforce, ensuring every employee feels respected and empowered to perform at their best.
We commits to promoting equality and fairness by eliminating unlawful discrimination based on various protected characteristics such as age, disability, gender, race, religion, and sexual orientation.

Moriyama emphasises creating a workplace free from bullying, harassment, and victimisation, where individual differences are valued, and contributions are recognised.
All employees are expected to conduct themselves in accordance with these principles and receive training on their rights and responsibilities under the equality, diversity, and inclusion policy.

Moriyama pledges to provide equal opportunities for training, development, and career progression based on merit, reviewing employment practices regularly to ensure fairness and compliance with the law. The company will monitor the workforce's diversity and inclusion, assessing the policy's effectiveness annually and taking corrective actions as needed.

Complaints of discrimination or harassment will be taken seriously, investigated, and addressed promptly through appropriate disciplinary procedures. The policy underscores the serious consequences of misconduct, including dismissal for gross misconduct. It also acknowledges the legal implications of sexual harassment and other forms of discrimination, reinforcing a commitment to upholding equality and diversity within the organisation.

Wellbeing

Moriyama's remote and flexible working policy enables team members to structure their work to balance with life commitments and priorities outside of work, recognising this as crucial for everyone's wellbeing. We encourage all team members to engage with team social events but also recognise and respect colleagues' choices to not do so if that's their preference. Moriyama encourages any employee facing workplace stress to reach out confidentially to their manager or safety representative for support. The goal is to identify the right solutions tailored to the individual's needs and the company's capacity to provide support. This can include: One-on-one discussions Evaluating work processes Allowing time for recuperation or considering temporary/permanent role changes Conducting 'return to work' interviews after stress-related absences to plan manageable schedules Adjusting working hours or duties temporarily Offering additional training or support Exploring flexible working arrangements, including remote options Providing more regular supervision or fostering team socialising opportunities if suitable

Pricing

Price
£5,861 a unit a week
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@moriyama.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.