ATCH Ltd

Communications Data Collection, Retention and Analysis solutions

ATCH’s and its partner can support its customers in the development of Communications Data Collection, Retention and Analysis solutions that are both optimised and affordable to the mission. Our support is based on over 50 years of global telecommunications design and engineering experience.

Features

• Agile Data Retention and Disclosure Services
• Timely onboarding and offboarding of TOs to meet LE needs
• Timely response to queries through automated platform
• Data Base Management Services(DBMS) capable of handling large data volumes
• Neflow 'plus' collection, correlation and analysis
• Communications data tradecraft advisory
• PLX as a Service

Benefits

• Affordable to the mission
• Leverage global telecommunications experience
• System agility optimise retention to mission needs

£11,414 an instance

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tim@atch.tech. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

178933783883485

Contact

Tim Harris
07770 395499
tim@atch.tech

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Hybrid cloud
• Service constraints: Details of the Service Constraints applicable will vary dependent on circumstances and are negotiated on a contract-by-contract basis.
• System requirements: Detailed on a contract by contract basis

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: ATCH's preferred contact method is telephone, in which case one might say that response is immediate. Emailed communications to support@atch.tech, or Instant Message, are opened by an engineer within 15 minutes of arrival. A ticket is opened in our Service/Customer Management system, an automated notification of ticket number is emailed back to the originator and a resolution will be delivered according to our principal service target of resolution time, based upon the Severity level of the matter. Severity level criteria are pre-defined. This process applies identically 24 hours a day, 7 days a week.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Nature and availability of Web Chat is by individual arrangement with customer.
• Web chat accessibility testing: None as of this date.
• Onsite support: No
• Support levels: ATCH's support is based on the principle that your communication will be dealt with by an Engineer, not a Call Centre Agent. Support is included in the hosting rate.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: After initial contact, an order will be raised, fully detailing the service that will be provided. Upon agreement to the order the service will be provisioned.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We allow a 1-week period following the date of service termination during which the customer may request us to reactivate it. Only after this time will Datacenta purge and destroy all customer data related to the service.
• End-of-contract process: The standard minimum contract length is one year. After that time if the customer wishes to terminate his service he will provide 1 month’s notice, after which further time the service will be suspended. The customer will be liable for any outstanding charges incurred over the term of the contract. There is no termination charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Through effective Capacity Management processes.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics to be agreed with buyer.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Details will be provided on a contract by contract basis
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: ATCH offers an SLA covering the areas of Availability, Incident Management, Change Management (including Development Requests) and Report production (Major Incident Report). ATCH defines 3 levels of achievement of service target categories in these areas, namely Expected Level, Service Impacted Level and Business Impacted Level. Service Credits may be available by measuring achievement against these levels. The actual values of each level are by agreement.
• Approach to resilience: Due to the nature of the software and its use, the resilience approach will vary dependent on circumstances and are negotiated on a contract-by-contract basis.
• Outage reporting: Email alerts, Twitter feeds, individual customer wiki updates

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management and sysops functions are conducted only from a standalone PC not accessible other than from within the datacentre or by 2FA across a VPN.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 24/1/2013
• What the ISO/IEC 27001 doesn’t cover: Protecting Application Service transactions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Services run within ISO27001 facility.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ATCH and its partners maintains a comprehensive global security organisation of over 1,200 security professionals. ATCHs' partners Chief Security Office (CSO), is dedicated to the protection of the ATCH and its partners network and its service offerings. It supports a broad range of functions, from security policy management to Customer-facing security solutions. ATCH and its partners CSO continually reviews/assesses the Company’s security posture to keep pace with industry security developments and to satisfy regulatory and business requirements. Recommendations are made on the technology solutions and critical skills that are to be developed/acquired to maintain the required security posture. The ATCH and its partners CSO establishes policy and requirements, as well as comprehensive programs, to incorporate security into every facet of ATCHs' partners computing and networking environments. At the executive level, the CSO chairs the ATCH and its partners Security Advisory Council, a program where key business and functional leaders meet on a regular basis to discuss corporate security strategy, vision, and concerns. The ATCH and its partners CSO technical personnel work in partnership with other ATCH and its partners business units to evaluate threats, determine protective measures, create response capabilities, and promote; compliance with best security practices.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Due to the nature of the software and its use, Configuration and Change Management requirements vary dependent on circumstances and are negotiated on a contract-by-contract basis.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Due to the nature of the software and its use, the vulnerability management approach will vary dependent on circumstances and are negotiated on a contract-by-contract basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Due to the nature of the software and its use, the protective monitoring approach will vary dependent on circumstances and are negotiated on a contract-by-contract basis.
• Incident management type: Supplier-defined controls
• Incident management approach: Due to the nature of the software and its use, the incident management approach will vary dependent on circumstances and are negotiated on a contract-by-contract basis.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Assessing, and regularly re-assessing, the environmental effects of the Company’s activities or services - which shall then either be eliminated or effectively controlled. This will be carried out to meet or exceed all regulatory requirements relating to the environment. •Advocating employee involvement in all environmental matters, and providing suitable training and support to all employees with regards to the environmental policy. •Minimising waste to the lowest practical level, whilst ensuring its disposal in a diligent and responsible manner. •Reducing to a minimum all unnecessary use of materials, resources, and energy. •Promoting the use of recyclable and renewable materials. •Preventing pollution and continuously improving Environmental Management and performance. •Complying with all applicable legal requirements, and any other requirements relating to our engagement with the environment. •Conducting reviews in light of any new knowledge, change of legislation, or public concern

  Tackling economic inequality

  ATCH is committed to tackle economic inequality by stimulating personal and professional development of our staff.

  Equal opportunity

  ATCH is committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination. Our aim is for our workforce to be truly representative of all sections of society and our customer and for each employee to feel respected and able to give their best. Our commitments include training managers and other employees about their rights and responsibilities under the equality, diversity and inclusion policy. Responsibilities include staff conducting themselves to help the organisation provide equal opportunities in employment and prevent bullying, harassment, victimisation and unlawful discrimination.

  Wellbeing

  We make each employee feel valued and appreciated in their job as the Company believes the best performance of staff is from happy and satisfied staff. We have a number of employees development and social activities as well as maintaining a good work/life balance .

Pricing

• Price: £11,414 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tim@atch.tech. Tell them what format you need. It will help if you say what assistive technology you use.