ATOS IT SERVICES UK LIMITED

Atos Managed Container Service

Atos Managed Container is a fully automated managed container service which can be deployed on top of VMware stacks and with minor efforts can be adapted to any platform be it public or private.

Features

• Fully automated customer facing portal for container platform operations
• Platform independent containers trough vanilla Kubernetes (ubuntu, RHEL) or RKE
• Cloud like autoscale service of kuberbetes cluster
• Security management for both N-S and E-W traffic
• Integrated Jenkins pipeline tooling for Continuous Integration and Continuous delivery

Benefits

• Faster time to market and development agility
• Security built into the supply chain
• Frictionless movement of applications between clusters enabling multi-cloud estates
• Accelerates the adoption of DevOps practices
• Simplified Management and Integration

£6,500 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at opportunities@atos.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

325215553791694

Contact

Louise Carr
+447733315094
opportunities@atos.net

Service scope

• Service constraints: Service was built to sit on top of VMware platforms, but it can be adapted to sit on top of hybrid cloud (VCS) or even public cloud due to the fact it can use vanilla Kubernetes on most Linux flavours.
• System requirements: Customer requirements needed to deploy Ansible machine for portal deployment.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Our standard SLAs are: ; ; Service Desk Availability Window - 24x7x365 ;; ; Incident handling window ; ; Priority 1 & 2 / Severity 1 - 7x24 hours: All days, 24 hours a day ;; ; Severity 2, 3, or 4 - 5x10 hours: Business Days, 08.00 – 18.00 h * ;; ; Change handling window: for manual changes - 5x10 hours: Business Days, 08.00 – 18.00 h * ;; ; Support Language English ;; ; * confirmed at time of contract and can be adjusted to suit the needs of the buyer.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Measurement Availability / Details ; ; Service Availability - 99.9% (Determined by selected underlying Infra and design options) ; ; Service Desk Availability Window - 24x7x365 ; ; Standard Maintenance & upgrade window - Every three months, Saturday 08:00- Sunday 23:59 ; Emergency Patch maintenance window 03:00 – 07:00 (CET) Monday to Friday ; Service access point – measuring platform ; ; Availability is measured via Atos API Endpoint and extracted to Status Page ; ; Incident handling window ; ; Priority 1 & 2 / Severity 1 7x24 hours: All days, 24 hours a day ; ; Severity 2, 3, or 4 5x10 hours: Business Days, 08.00 – 18.00 h * ; ; Change handling window: for manual ; ; changes 5x10 hours: Business Days, 08.00 – 18.00 h * ; ; Support Language English ; ; Priority 1 (Urgent/Major) - The OpenShift cluster is completely unavailable as signified by the status page or access to all running applications is seriously impacted ; ; Priority 2 (High) - Some components of the OpenShift cluster are seriously impacted or access to some running applications is impacted ; ; Priority 3 (Minor) - Some impact (mostly user specific) on the OpenShift cluster but no problems identified on the status page ; ; Priority 4 (None) - No impact given or expected
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once service is contracted customer can access URN portal without requiring any hardware (directly in AMS hosted platform).
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: Confluence
• End-of-contract data extraction: Relevant documents will be delivered to customer (HLD, SOW, SD, etc).
• End-of-contract process: Users can request data backup before contract ends. Users can store the backup on suitable media of their choice.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can do most of the daily tasks related to deployment, management lifecycle and backup of containers, More details in service description document.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Typically, we would conduct the following web interface testing for assistive technology users: ; ; • Screen reader compatibility testing ; ; • Keyboard navigation testing ; ; • Colour contrast and visual clarity testing ; ; • Alternative text for images and icons ; ; • Input assistance and error handling ; ; • Testing with diverse assistive technology setups
• API: Yes
• What users can and can't do using the API: All existing automated options can be triggered externally via API
• API automation tools: Ansible
• API documentation: Yes
• API documentation formats:
  • ODF
  • PDF
• Command line interface: Yes
• Command line interface compatibility: Linux or Unix
• Using the command line interface: Ansible playbooks can be pushed from Ansible Linux box.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Resources will be separated at multiple levels, including networking, compute level, vRA level is Aria suite is used, storage level as well as directly at Kubernetes level (each customer get dedicated cluster with their own resources RBAC and security policies).
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Persistent database
  • ETCD
  • Master and worker node configuration files
  • Application
• Backup controls: Through the urn portal options.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Service Availability SLA of 99.5% subject to Infrastructure availability SLA
• Approach to resilience: Deployed across UK data centers using network, storage and compute virtualisation technologies to deliver active/active services across data centers and zero data loss DR. All physical building blocks are N+1 resilient.
• Outage reporting: Through email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management is via dedicated virtual management LAN. Access to these LANs is controlled via 2FA or specific user credentials. Only selected ports are permitted for management traffic.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: PWC
• ISO/IEC 27001 accreditation date: 01/11/2023
• What the ISO/IEC 27001 doesn’t cover: Scope may be provided upon request.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Blackfoot UK Ltd
• PCI DSS accreditation date: 11/12/2023
• What the PCI DSS doesn’t cover: No non-covered scope. Scope may be provided upon request.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Atos has in place a full set of security policies and procedures. Atos staffs are required to follow the procedures, this requirement is covered in the Security Operating Procedures (SyOps) that administrators are required to sign.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Atos utilise the ITIL methodologies for the management of change and configuration management, supported by our Service Now tooling. This allows for the controlled assessment, execution and testing of changes to the service, whilst upholding a full audit trail of changes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Atos has processes and procedures in place covering operational security. Changes that impact security are covered at the Security Working Group. Atos processes are ITIL compliant. All assets are recorded automatically in a Configuration Management Database (CMDB), this allows the assets to be track through their lifespan.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: 24x7 Operations Center monitors the platform for threats using Intrusion Detection, Intrusion Protection and Security Information and Event Management technologies.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management is defined as part of Atos ATF tooling and standards.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: VMware, Hyper-V, Citrix XenServer, Oracle VM, Red Hat Virtualisation, KVM hypervisor
• How shared infrastructure is kept separate: Every customer gets their dedicated Kubernetes cluster with dedicated networking stack. Additionally separation can be done from VMware multitenancy (vRA multitenancy, NSX multitenancy, etc).

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Objective of EU Code of Conduct for Energy Efficient data centres is to reduce energy consumption at data centres, and thus their environmental impact, without compromising their performance and capacity. Atos is fully supportive of the principles enshrined in the EU Code of Conduct for Energy Efficient data centres towards more innovative, sustainable and secure data centre facilities. We demonstrate this commitment through continuous development of our data centres, particularly with respect to energy usage. ; ; The EU Code of Conduct for Data Centres utilises Power Utilisation Effectiveness (PUE) as a key metric to assess the overall efficiency of a data centre. Please find below PUE of our UK data centres in Longbridge and Birmingham along with other key attributes: ; ; Longbridge: PUE value 1,16 - indirect free cooling, efficient A/C and UPS upgrades, cold aisle containment implementation, using renewable energy.; Birmingham: PUE value 1,58 – efficient A/C and UPS upgrades, cold aisle containment implementation, using renewable energy.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Atos is a global leader in decarbonised digital services incorporating sustainable practices into our IT services to mitigate against the impact of climate change. This is evidenced by our EcoVadis Platinum Award. We are committed to an SBTi endorsed Science Based Target and are on track to reduce all emissions by 50% between 2019-25 and achieve Net Zero by 2039. Activities to achieve this include: IT Products and Services: We place a 20% sustainability weighting during procurement and use EcoVadis to assess supplier environmental performance. We were awarded “Platinum” status by EcoVadis for the fourth year running in October 2023. Renewable Energy Sources: Since 2018, the electricity purchased for our IT equipment, lighting and some space heating in mainland Great Britain has been from 100% renewable sources. Reduce Energy Consumption: Initiatives include the adoption of remote/hybrid working for employees, leading to a 10% drop in Atos UK&I energy usage between H1 2022 and H1 2023 through the rationalisation of 15 offices. In 2020, we signed up to a group-wide car-fleet agreement to source only electric vehicles with the aim to switch our entire fleet to electric or hybrid by 2025 (70% achievement in 2022). Minimise Electronic Waste: Atos has a circular economy approach to minimise electronic waste and extend the lifespan of its IT equipment ensuring that 100% of our obsolete IT assets are collected, reused, or recycled in a responsible way. The policy approach is based on the ISO14001 certified management system. In the UK we partner with Tier1, an SME specialising in hardware recycling. We will assess each call-off contract from G-Cloud 14 and make commitments that will drive sustainability such as: • Selecting sustainable partners and hosting joint decarbonisation workshops • Delivering environmental volunteering opportunities • Delivering training/education on sustainability

  Tackling economic inequality

  Atos recognises that the IT sector faces employment and skills shortages whilst under-represented groups still face barriers to accessing jobs. According to Prospects.ac.uk (December 2023), less than 8.5% of senior leaders in UK tech are from ethnic minority groups, only 16% of IT professionals are female and less than 9% of all IT specialists have a disability. We have implemented initiatives to tackle economic inequality: Early Career Talent Activities Atos provides work experience placements and STEM outreach to schools/universities to inspire students from different backgrounds across the UK into technology careers. Our Graduate and Apprenticeship programmes are over 18 months and provide experience in project delivery, operations and technical areas. The Atos Graduate Internship and Apprenticeship Community supports members in building up a network across the organisation and provides extra-curricular opportunities. Recruitment Activities We have embedded a fully inclusive and accessible end-to-end recruitment process. Actions include: Our Recruitment professionals to complete ‘Diversity, Equality and Inclusion (DEI) training for HR and Talent Professionals’ to attract a diverse talent pool We use Textio, a writing-enhancement service, to remove gender bias from job adverts We use video and flexible/adjusted interviews to provide support if wanted by people with disabilities including neurodiversity, such as assistive technology and schedule flexibility We organise tech career events and partner with organisations such as Bright Network to target candidates from under-represented groups. Career Development Activities All Atos employees are encouraged to set an Individual Development Plan with access to in-house learning and development resources such as Atos University. We will assess each call-off contract from G-Cloud 14 and make commitments that will tackle economic inequality such as: Creating employment opportunities Collaborating with our partners such as Next Tech Girls and SmartSTEMs to deliver training schemes/programmes to address any identified skills gaps and support skills growth.

  Equal opportunity

  Atos has been recognised as a leading employer in supporting an inclusive workplace through its inclusion in the Times Top 50 Employers for Gender Equality 2023 and our Level 3 Disability Confident Leader status. We continually review and improve our DEI initiatives to ensure we advance our goal. Inclusive/accessible recruitment activities We have embedded a fully inclusive and accessible end-to-end recruitment process. To achieve this, we engaged external partners to provide training to managers/HR to ensure fair recruitment by removing barriers and attracting diverse talent. Inclusive working conditions We create an inclusive working environment where all individuals can thrive and enable Atos to retain diverse talent: Policies: Our policies ensure we support all our employees regardless of their characteristics, enabling everyone to access and pursue opportunities available in Atos. DEI Networks: Our employee-led networks are advocates for equality and change in the workplace and wider society. Business Initiatives: We have initiatives to support under-represented groups’ progress in our workplace such as talent programmes and embedding cultural events into our calendar including International Woman’s Day and Black History Month. Fair Pay Our Diversity Pay Gap Report aligned to the Equality Act 2010 (Gender Pay Gap Information) Regulations 2017, is published annually and provides transparent reporting on our progress to create gender and ethnicity balance. Flexible Working Atos is proud to actively support remote/hybrid and flexible working to assist all employees achieve a good work life balance. Beyond this, our Flexible Working Policy outlines the support available to employees and candidates with fluctuating health conditions or care/personal responsibilities. We will assess each call-off contract from G-Cloud 14 and make commitments that will promote equal opportunity such as: Creating employment opportunities for under-represented groups by working with inclusive recruitment partners such as Bright Network Delivering training schemes and programmes for under-represented groups

  Wellbeing

  We are signatories of the Six Standards of Mental Health and invest significantly in the mental health of our employees: Prioritising mental health We provide a comprehensive Employee Assistance Programme (EAP) to all staff including an online GP service, wellbeing toolkits and a free, anonymous 24/7 helpline where employees can get counselling and advice on a wide range of topics including family, financial and legal matters. Promoting positive mental health Our senior leadership team and Mental Health First Aiders act as positive role models, endorsing initiatives like World Mental Health Week. Open culture We drive an open culture where conversations about mental health are supported. Line Managers promote employee wellbeing through monthly 1-2-1s and workload assessment. Should an employee raise a concern over their workload, their Line Manager conducts Individual Stress Risk Assessments and encourages EAP and Stronger Minds helpline use when needed. Holding regular 1-2-1s is a metric Atos Line Managers are appraised on as part of our Performance Management system, ensuring nurturing connections between our managers and employees are embedded as a culture. Increasing organisational capability We partner with third-party specialists in wellbeing and mental health, such as Genius Within, to provide training to our employees. Providing tools and support We provide annual training on subjects such as anxiety and depression, and signpost mental health tools available on our Wellbeing Hub. Tools include links to NHS Mental Health helplines, AXA PPP Wellbeing articles and a Mental Health Toolkit with 19 tips/tools breathing exercises and sleep techniques. Increasing transparency We measure wellbeing in surveys and publish action plans to address employee feedback gathered from the survey. We will assess each call-off contract from G-Cloud 14 and make commitments that will promote equal opportunity such as funding Mental Health First Aiders for the contract delivery team.

Pricing

• Price: £6,500 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at opportunities@atos.net. Tell them what format you need. It will help if you say what assistive technology you use.