Skip to main content

Help us improve the Digital Marketplace - send your feedback

HANDD Business Solutions

Progress MOVEit Cloud - From HANDD Business Solutions (MFT - Managed File Transfer)

MOVEit Cloud is a secure, cloud-based managed file transfer service by Progress Software. It facilitates safe data exchange, ensuring compliance with regulations. Offering encryption, advanced authentication, and centralised management, it streamlines file transfer with heightened security and scalability. UK hosting is available.

Features

  • Utilises AES, SSH, SSL/TLS to secure data transfers.
  • Automate workflows for seamless, efficient file transfer processes.
  • Control and monitor transfers from a single interface.
  • Ensures continuous operation with failover and load balancing.
  • Perform ad-hoc, person-to-person transfers
  • Instantly share files securely with authorised recipients.
  • Seamlessly integrate with existing applications and systems.
  • Tracks all file transfer activities for compliance and accountability.
  • Distribute workloads across multiple servers for scalability and reliability.
  • Supports SFTP, FTPS, HTTPS, AS2 for secure data exchange.

Benefits

  • Eliminate hardware costs and reduce operational expenses significantly.
  • Protects data with advanced encryption algorithms.
  • Simplify file transfers with automated workflows and centralised management.
  • Access and transfer files securely from anywhere, anytime.
  • Easily scale up or down to accommodate changing business needs.
  • GDPR Ready, HIPAA, PCI-DSS, and CCPA/CPRA compliance
  • Save time with automated processes and improved workflow orchestration.
  • Business continuity, disaster recovery, highly available load-balanced web-farm minimising downtime
  • Facilitate secure file sharing with partners and clients.
  • Tailor workflows and configurations to suit specific business requirements precisely.

Pricing

£125.86 a user a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matt.parkinson@handd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 0 0 3 4 8 5 0 0 7 6 9 6 3 7

Contact

HANDD Business Solutions Matthew Parkinson
Telephone: 07779150169
Email: matt.parkinson@handd.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Standard system upgrades are required periodically but upgrades are unlikely to reduce service uptime. Customers can choose from a selection of pre-determined maintenance windows.
System requirements
Please ask for up-to-date minimum system requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
HANDD provide first and second line support during UK business hours Monday to Friday from 8:00am to 6:00pm with response times varying from as little as 30 minutes depending on severity. Out of hours support is available with our premium support plan.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
There is a web chat functionality available via our website.
Web chat accessibility testing
N/A
Onsite support
Yes, at extra cost
Support levels
HANDD Business Solutions provide a range of wrap around services depending on customer requirements. This can be purchased as time and materials or against scope of works with guaranteed deliverables to ensure pricing consistency. Standard vendor support is included and upgraded support or managed services can be provided at additional cost bespoke to customer requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All customers are provided with MOVEit user guides and supporting documentation. We understand users workflows must not be unduly impacted and through our pre-sales process, onboarding, Delivery, management and training processes give all relevant stakeholders confidence that the solution will deliver expected business outcomes. Thinking about the whole journey and delivering against business outcome not just a product is critical to success. HANDD understand these business and security challenges in detail and help towards achieving these goals from inception through to delivery and beyond.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Bespoke to customer requirements
  • Training videos
  • Word Documents
End-of-contract data extraction
HANDD do not require access to customer data. HANDD only hold data of the contacts required to deliver the product for example technical onboarding staff and relevant commercial contacts to enable operation of the contract. These contacts have the right to be forgotten as applicable under existing GDPR regulations as applicable under law
End-of-contract process
Licences are bought as subscription licences and as such access is removed at the end of the contract. Where services, managed services or as-a-Service is purchased, access to these services are terminated if the contract is not extended. Additional costs can apply for services outside of those contracted, these could include: additional training configuration services (via professional services)

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile service is optimised for smaller screens and touch interactions, offering a streamlined interface for accessing essential features and performing tasks on the go. The desktop service, on the other hand, provides a more comprehensive interface with additional options and functionalities suited for larger screens and traditional input devices like mice and keyboards.

Both the mobile and desktop services aim to provide users with secure and efficient file transfer capabilities, tailored to their respective platforms and usage scenarios.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
The interface of MOVEit Cloud is designed to be user-friendly, intuitive, and efficient, providing users with easy access to its various features and functionalities.

The platform includes a dashboard that provides an overview of recent file transfer activities, a navigation menu to allow users to access different sections of the service, File Transfer Interface allowing users to initiate, monitor and manage file transfers, user Management allowing administrators to add or remove users, assign roles and permissions, settings and Configuration allowing users to customise the experience As well as Reports & Analytics to generate and view detailed reports.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
MOVEit Cloud provides an API Interface for third-party programs with programmatic access to a wide variety of MOVEit Cloud services and administrative capabilities to improve web application integration and automated account provisioning.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
MOVEit Clouds infrastructure is designed to scale dynamically to accomodate varying levels of demand to ensure resources are allocated efficiently to handle increased user activity without compromising performance.

Each user's account and resources are isolated from others, preventing on user's activities from impacting another user's experience. This isolation helps maintain consistent performance and reliability for all users.

Load Balancing techniques can also distribute incoming traffic across multiple servers or resources to help evenly distribute the workload and prevent any single component from becoming overwhelmed by high demand.

Analytics

Service usage metrics
Yes
Metrics types
MOVEit Cloud provides service usage metrics and reporting capabilities. Users can access detailed insights into file transfer activities, such as transfer volume, frequency, and user activity, to monitor usage trends, track compliance metrics, and optimise performance.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Progress (formerly Ipswitch)

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Any user data held by HANDD or the vendor will be removed at the end of the contract as appropriate.
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
Native formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
SLA's can be agreed on a per customer basis. Service is delivered against specific outcomes to ensure delivery against business objectives. MOVEit Cloud provides 99.9% uptime SLA (outside of scheduled maintenance).
Approach to resilience
Services are provided with inherent cloud resiliency but additional resiliency can be provided with High availability configuration or across cloud availability zones depending on requirements
Outage reporting
Email Notifications
Dashboard Notifications
Status Page
Social Media

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access control is granted on the principle of least privilege. Users are only provided access to the information they require to perform their tasks and role.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
NQA
ISO/IEC 27001 accreditation date
08/03/2023
What the ISO/IEC 27001 doesn’t cover
9.4.5 Access control to program source code 12.1.4 Separation of development, testing and operational environments 14.2.1 Secure development policy 14.2.4 Restrictions on changes to software packages - HANDD does not develop systems. HANDD uses SaaS solutions only. 14.2.5 Secure system engineering principles - HANDD does not develop software or code. We are a licensed reseller of software only 14.2.6 Secure development environment 14.2.7 Outsourced development 14.2.8 System security testing 14.3.1 Protection of test data HANDD does not develop software or code. We are a licensed reseller of software only
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
The following is available on request only HANDD Business Solutions operate under all relevant legal, regulatory and contractual compliance requirements as documented in the Legal and Contractual Requirements Register. The register is maintained through the continual improvement process and the audit plan. Legal and Contractual Requirements Register contains details of the applicable information security standards. As a minimum the following apply • ISO 27001 • Cyber Essentials Role Responsibility General Manager- Endorse the Information Security Management System. Senior Management Team- Owns the information security management system, the information security management objectives and agrees risk mitigation. Management Review Team- Is responsible for ensuring the effective delivery of the information security management system and its continual improvement. The Management Review Team meets at least quarterly and follows the agenda as laid out in the ISO 27001 standard. Head of IT Operations- Responsible for the day-to-day management and running of the information security management system including risk management and continual improvement. Specific Roles- A RASCI table is in place that shows who is accountable, who is responsible, who is consulted and who is informed.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Detail available on request -HANDD internal change control brief summary:
Changes must be submitted to the HANDD CAB within timescales listed below for approval. All changes summited will be aligned with the customer CAB to ensure that there is adequate time to be presented for initial review at the weekly review meetings.
Changes must be submitted using the RFC form by providing as much detail as possible before submitting to the customer CAB for approval.
Any change submitted with less than two business day’s notification is considered an emergency request and must follow the Emergency process
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
HANDD detailed vulnerability management available on demand and subject to NDA
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Available on demand and subject to NDA
Incident management type
Supplier-defined controls
Incident management approach
HANDD policy available on demand and subject to NDA

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Social Value

Social Value

Social Value

Equal opportunity

Equal opportunity

HANDD’s Equal Opportunities Policy The aim of this policy is to communicate the commitment of the Board and management to the promotion of equality of opportunity in HANDD Business Solutions. It is our policy to provide equality of staff membership to all, irrespective of: gender, including gender reassignment marital or civil partnership status having or not having dependents religious belief or political opinion race (including colour, nationality, ethnic or national origins, being an Irish traveller) disability sexual orientation age We are opposed to all forms of unlawful and unfair discrimination. All members of the organisation will be treated fairly and will not be discriminated against on any of the above grounds. Decisions on membership, selection for office, training or any other benefit will be made objectively, without unlawful discrimination, and based on aptitude and ability. To request a copy of this policy please email careers@handd.co.uk

Pricing

Price
£125.86 a user a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
There is a 15 day proof of concept trial license of MOVEit Cloud available. This will include access to the support team for assistance in getting this deployed.
Link to free trial
Please contact tenders@handd.co.uk

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matt.parkinson@handd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.