e-Zest Solutions Limited

Data (Discovery, Orchestration, Modelling, Migration , Architecture, Governance) Services

e-Zest, an agile digital technology innovation partner for Fortune 500 enterprises, publicsector organisations and software product companies. Leveraging specializations and partnerships with multiple global cloud principles, we develop custom cloud softwares with special focus in Microsoft, AWS, Snowflake,Synapse, Databricks, SQL etc.). Services focused on data engineering, Legacy transformations,CI/CD, SQL/NoSQL consulting.

Features

• To revive customer's BI and Data infrastructure and related practices
• Customized data platforms built on Snowflake/Synapse/Redshift for your needs
• Seamless integration with existing systems for continuity
• Data platform software development and data engineering services
• Data (Migration, Discovery, Orchestration, Modelling, Architecture) Services
• SQL and NoSQL management, setup and administration services
• Digital transformation from idea to execution and upgrading legacy systems
• Cost optimisation/FinOps, CI/CD Services, DevOps Services
• Risk Planning, Estimate Revision and Project Scheduling activity
• Migration services and Legacy system upgradation services

Benefits

• 2X Faster Cloud Adoption
• 43% Reduced cost of Ownership
• 99.999% SLA
• 5% Efficiency in the Application
• 5% - 8% Optimized Bills
• 20% Reduction in IT staff management costs
• 50% Reduction in repeat call/tickets per year
• Performance and High Availability - 24x7x365 Cloud Monitoring
• Manage and ensure business continuity with potentially high demand
• Optimal Infrastructure and Cost Management

£405 to £1,485 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at athang.kale@e-zest.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

181182848781902

Contact

Athang Kale
+44 7500 706737
athang.kale@e-zest.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: We provide software services, cloud capability and features provided by global cloud service provider such as AWS, Azure and G-Cloud etc.
• Cloud deployment model: Public cloud
• Service constraints: E-Zest specializes in delivering servicers on globally known cloud platforms such as Microsoft Azure and Amazon AWS. While we offer end-to-end services on cloud advisory through design, development and managed services to our global customers, we have observed that these cloud service providers have some limitations/constraints in terms of features and functionalities. In these situations, we closely work with principles as a preferred partner and come up with a solution to mitigate this constraints.
• System requirements:
  • E-Zest offers cloud services which are independent of server-based requirements
  • Because it hosted in cloud which are scalable on need
  • However, people to access cloud should have reasonable computing facility
  • Based on the environment and kind of existing non-cloud system
  • We come up with specific system requirements time-to-time

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Responding to tickets and emails is the function of service level agreement (SLA). e-Zest team works with customer point of contact on identifying this SLAs before kicking-off the engagement and all team members are sensitized to work. Sample SLA: ; 1. For Critical tickets, response time is 30 mins to an hour based upon Urgency. ; 2. For High priority tickets, response time is 30 mins to 2 hours based upon Urgency. ; 3. For Medium priority tickets, response time is 2 to 4 Hours based upon Urgency. ; 4. For Low priority tickets, response time is 4 to 8 hours based upon Urgency
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We always recommend the use of third party ticketing tool like Zendesk to manage tickets and services. This third party tool has web chat support to communicate, share the information within the team in real-time.
• Onsite support: Yes, at extra cost
• Support levels: We provide tiered support to provide the best possible service in the most possible efficient manner. ; 1. Level 1 / L1 support: This is the initial support level responsible for basic customer issues that do not require any developer intervention. Typical activities include support required related to usage of the system, educating the user, resolving configuration issues. ; The first job of a Level-1 specialist is to gather the user’s information and to determine the user’s issue by analyzing the symptoms and figuring out the underlying problem. Once identification of the underlying problem is established, the specialist can begin sorting through the possible solutions available. ; ; 2. Level 2 / L2 support: This is a more in-depth technical support requiring experienced and more knowledgeable personnel on a product or service. For this level of support of developer intervention is required but there is no change in functionality.; ; 3. Level 3 / L3 support: This is the highest level of support in a three-level support model responsible for handling the most difficult or advanced problems. This support involves developer intervention with functionality level changes. Complete life cycle needs to be executed to implement such changes.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User can use the service by providing Workshops & Trainings at extra cost.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Word
  • Excel
  • PowerPoint
• End-of-contract data extraction: All the cloud subscriptions and ownership is always with the customer. Once all the dues are cleared as per the contract, e-Zest hands-over all the subscriptions to customer. We are a global technology services company and adhere to the highest level of professionalism.
• End-of-contract process: E-Zest as a professional global service provider company, before we engage into the contract, we make sure that our proposal response includes all these necessary details. At the end of the contract, if any handover and knowledge transfer is to be done, e-Zest does so in a professional manner and additional commercial basis. e-Zest doesn't store any data; after the contract is over, whatever the contractual obligation is regarding the data as per the contract, it is agreed and executed by e-Zest (such as, destroying all the data).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Cloud software developed as part of the call off contracts can be provided on Mobiles, if required.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: We always recommended to use of third party ticketing tool like Zendesk to manage tickets and services. Below are few features and functionality provided by the ticketing tool:; - Flexible ticket management with automated workflow; - Multi-channel support: email, web, phone, chat, social media; - Mobile support with native iPhone, iPad, and Android apps; - Robust reporting and advanced analytics; - Customer facing web interface ; - Knowledge base portal and community forums; - Over 100 out-of-the-box integrations with 3rd party apps; - Open API enabling seamless integration; - Multi-brand support ; - Multi-locale; - Export ticket to CSV; - REST API
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We always recommend the use of third party ticketing tool like Zendesk to manage tickets and services. This third party tool has been tested and pass through proper quality checks of assistive technology users.
• API: Yes
• What users can and can't do using the API: We always recommend the use of third party ticketing tool like Zendesk to manage tickets and services. Whatever APIs exposed and provided by these third party providers will be also available to customer.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: We always recommended to use of third party ticketing tool like zendesk to manage tickets and services. ; For customizations we will gather requirements and propose possible customizations that are feasible to the system/solution. The customisable components will be developed by us.

Scaling

• Independence of resources: This can be managed through Infrastructure Capacity planning. All services reach 85% after which we scale the service as per requirement.

Analytics

• Service usage metrics: Yes
• Metrics types: Services metrics are mutually discussed before each engagement as no two engagements are alike. General areas covered include SLAs, system performance indicators (provided by principle cloud providers thru default analytics), and analysis of tickets.
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: E-Zest resells Microsoft Azure's and AWS technology products/cloud components

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: The security of data at rest is ensured as per policies deployed according to ISO 27001:2013.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: The system will have option to Import & export the data from & to the CSV format.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Site-to-site VPN connection is implemented between e-Zest and client network to securely access data between networks. Email services are TLS enabled that care of encryption to protect outbound and inbound communications. To connect network securely by using SSL VPN connection. SPAM messaging gateway for advanced threat protection and anti-spam solution. On firewall we have Advanced gateway subscription that care of unwanted services. NAT rules on firewall to provide secure access.
• Data protection within supplier network:
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Capture Advanced Threat Protection (ATP) Service, Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, Content Filtering Service subscription, Application Intelligence and Control Service subscription that help to secure internal network. VLAN are used to segregate network that help to get access in particular area data. SSL certificates are used to secure websites. WIFI network is secured through [WPA2][Auth(PSK)] and MAC Filtering of physical systems. Symantec Endpoint Protection software is used for Antivirus on all server and client systems. Regular data backups. Data Leak Protection service installed in network. Project repository access are granted after ticket in ticketing system and approval of Project manager.

Availability and resilience

• Guaranteed availability: We use public cloud service provider such as, AWS, Azure, Google Cloud etc. So availability that are guaranteed by these cloud providers is what customer get. e-Zest has no role-play in doing so. However, as a part of managed service contract, if there are any tickets raised e-Zest follows the SLAs as per the contract.
• Approach to resilience: Reliable applications are: ; - Resilient and recover gracefully from failures, and they continue to function with minimal downtime and data loss before full recovery. ; - Highly available (HA) and run as designed in a healthy state with no significant downtime. ; During the architectural phase, we focus on implementing practices that meet customer's business requirements, identify failure points, and minimize the scope of failures: ; - Perform a failure mode analysis (FMA); - Create a redundancy plan; - Design for scalability; - Plan for subscription and service requirements; - Use load-balancing to distribute requests; - Implement resiliency strategies; - Build availability requirements into design; - Manage your data; - Choose replication methods for application data; - Protect your data; - Plan for data recovery.
• Outage reporting: We use public cloud service provider such as, AWS, Azure, Google Cloud etc. So outages reported by these providers will be submitted to customers.

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Token based authentication
• Access restrictions in management interfaces and support channels: Ensure no user credentials is shared. Create user groups and add the user to desired groups.; Restrict the user access to particular directory by limiting the permissions to that directory to specific user/group.; If required, ensure user has access to only specific commands by granting him a custom shell
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Other
• Description of management access authentication: Apply password rotation policy and setup strong password requirements.; User is granted a private key and MFA is configured for him with tokens generated on a virtual device (Gauth application).; User uses this key along with username to login after which the system prompts user to enter MFA and grant access to the system

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: TUV NORD
• ISO/IEC 27001 accreditation date: Certificate date: 20.10.2022. Valid till 19.10.2025
• What the ISO/IEC 27001 doesn’t cover: The control A.14.2.7 Outsourced Development is excluded from the certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Crossbow Labs LLP
• PCI DSS accreditation date: 29/05/2020
• What the PCI DSS doesn’t cover: E-Zest IT & cloud administrative support are covered in PCI DSS scope. Rest of the e-Zest software development activities are not covered.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27001 2013
  • ISO 27701 2019

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 9001, ; CMMi 3, ; PCI Compliance
• Information security policies and processes: All the policies according to ISO 27001:2013 like policies for Operational Security, Human resources security, Network security, Asset management, security in supplier relationships, etc. are implemented.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Requirements Management at e-Zest is driven by specialized Analysis practice and is a two-step process – Scope and Requirements Management. Initially in the project the focus is on understanding the breadth of requirements and defining the boundaries of the system – this is documented under a scoping document. We perform change management at three different levels – ; • Level 1 of change management is to minimize the scope of change in future ; • Level 2 of change management is by tracking small scale changes in requirements ; • Level 3 of change management is assessment of the impact of requirement changes
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Asset Based, operational and personal data risk assessment is performed. VAPT are conducted at regular intervals.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Log monitoring, Data leak prevention controls, incident monitoring and risk monitoring are performed as protective monitoring processes.
• Incident management type: Supplier-defined controls
• Incident management approach: E-Zest has proven enterprise global incident management process. The incident process provides efficient incident handling, which in turn ensures continual service uptime. The process steps are as described below: ; 1. Identification ; 2. Logging ; 3. Categorization ; 4. Prioritization ; 5. Initial Diagnosis ; 6. Incident escalation ; 7. Investigation and diagnosis ; 8. Resolution and recovery ; 9. Incident closure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our G-Cloud service provision is deeply committed to delivering against the outlined Social Value themes, particularly:; ; Wellbeing - We recognize the importance of employee wellbeing in driving productivity and organizational success. Our services prioritize user experience, intuitive interfaces, and streamlined workflows to reduce cognitive load and enhance overall satisfaction. Additionally, we offer resources and support for mental health awareness and work-life balance, promoting a culture of wellness within our client organizations.; ; Our G-Cloud service provision is dedicated to delivering social value across multiple dimensions

Pricing

• Price: £405 to £1,485 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at athang.kale@e-zest.com. Tell them what format you need. It will help if you say what assistive technology you use.