345

345 AIR - Azure Integration Ready

345 AIR is a cost-effective, rapid-deployment SaaS solution for Azure Integration Services, offering secure landing zones, DevOps pipelines, governance tools, disaster recovery, SDK and additional connectors. It can be deployed within 4 weeks at a fraction of traditional costs, aiming to accelerate value in integration and enhance operational efficiency.

Features

• APIs
• Workflow / Orchestration
• Messages
• Event handling
• Custom code
• Streaming data
• Logging and diagnostics
• Operational dashboards
• Monitoring and alerting
• Configuration management

Benefits

• 100% cloud native
• Evergreen platform
• Security
• Speed to Deploy
• Supportable
• Faster project delivery
• Future roadmap

£10,000 to £20,000 a unit a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew@345.technology. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

192689208427946

Contact

Andrew Rivers
01962 657696
andrew@345.technology

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Azure and Azure Integration Services
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: 345 Technology are experts in Azure Integration Services and would prefer to offer a short, configuration window to double check how 345 AIR can fit into your current Azure estate and understand which version you may need. There are 3 Different Versions: Standard Edition, optimised for cost, running in a single region. Premium Edition: installs with isolated networks already configured. These can be connected to your internal corporate network so that you have a 100% isolated solution. Enterprise Edition: when availability is highest priority, this will run active in 2 or more Azure regions.
• System requirements: Microsoft Azure Account

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard response time is 4 hours, Monday to Friday (09:00 to 17:00). On request we we can offer alternative support packages.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: We can tailor the support levels to your needs. Further details available on request.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer a guided installation process that includes preparation of your landing zone, security review and technical documentation. This typically covers a 2-4 week timescale. We provide a full handover of the platform to your technical staff.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: This is not applicable. 345 AIR is a technical integration platform and does not hold your data, it facilitates connectivity between your systems and allows you to automate processes, synchronise information and connect to external parties.
• End-of-contract process: The price of the contract is the licence fee for running the base service, plus support for the platform. ; ; Additional costs are for:; - Training; - Guided deployment; - Building integrations that run on the platform

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: There are 3 Different Platform Variants: Standard Edition - optimised for cost, running in a single Azure region. Premium Edition - installs with isolated networks already configured. These can be connected to your internal corporate network so that you have a 100% isolated solution where no traffic is exposed to the Internet. ; Enterprise Edition - When availability is most important to you, we have an edition of 345 AIR that will run active-active in 2 or more Azure regions.

Scaling

• Independence of resources: We implement separate cloud infrastructure for each deployment, thus ensuring that you are not affected by any other users. Your workload is fully isolated.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide dashboards in the Azure Portal that include the following:; ; - API calls; - Logic App executions; - Azure Function executions; - Error rates
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: This is not applicable - this is an integration platform and not a line of business system that holds your data.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The service is hosted in Azure, therefore the availability of the service meets the same level as Azure, which is 99.5%. Higher service levels can be accommodated an an additional cost by deploying the service to multiple cloud regions.
• Approach to resilience: Typically we deploy into the Azure UK South region, which has multiple availability zones (datacenters) and hence zone redundancy.; ; At an additional cost we can deploy across multiple Azure regions to ensure geo-redundancy, should this be a requirement.
• Outage reporting: You can check for service outages via a dashboard, alternatively, email alerts can also be configured.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Full role-based access controls (RBAC).
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation
• ISO/IEC 27001 accreditation date: 14/10/2023
• What the ISO/IEC 27001 doesn’t cover: Nothing. This covers the whole organisation.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have an information security management system (ISMS) that includes a regular information security review cycle, reporting of risks and issues, annual auditing and all other processes needed in order to comply with ISO27001.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Features and changes are logged in our DevOps system and subject to testing and release approval. All changes are logged and audited.; ; As part of the review and testing process, information security impact is regularly checked.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats are assessed through information security audit.; These are then logged as work items in our project management backlogs and prioritised according to severity.; Information security threats are identified by:; - Penetration testing; - Static analysis tools; - Operational security monitoring tools
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use a suite of tools within the cloud platform to monitor potential issues. These are then raised as alerts, which then are actioned.; ; Response time to security incidents is treated as Priority 1 incidents, which goes to the top of the queue for the support team to address.
• Incident management type: Supplier-defined controls
• Incident management approach: As part of our ISMS we have a process for raising and managing incidents.; This uses out ticketing system, which users can raise through our portal, or we can set up security monitoring to automatically raise tickets.; Incident reporting forms part of our monthly reporting cycle for all customers taking infrastructure managed services.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  We encourage applications from diverse applicants and have high proportions of female staff and staff from non-UK and minority backgrounds.

Pricing

• Price: £10,000 to £20,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew@345.technology. Tell them what format you need. It will help if you say what assistive technology you use.