Strategic Blue

Cloud Resale and FinOps for Education in AWS

AWS resale, flexible cost optimisation and cloud financial management without changing technical usage. AWS Reserved Instance and Savings Plan optimization, not constrained by standard AWS terms. Supported access to the OGVA and AWS Marketplace. Spend visibility and governance. Ability to prepay for future services. No fee.

Features

• AWS resale, simplified savings, FinOps support as a service
• 100% compute coverage, no usage commitments, no management, no risk
• Free, no service fee
• Maintain existing AWS technical service delivery relationships and contracts
• Compatible with the One Government Value Agreement and AWS Marketplace
• Secure, requiring non-intrusive access to cost and usage meta-data only
• Our activity is isolated in dedicated, auditable AWS accounts
• Requires no technical changes to cloud usage
• Data egress waiver included by default
• Non compute commitments also available

Benefits

• Optimised cloud spend on terms that suit you
• Simplified, understandable cloud billing and purchasing
• Optionally make PrePayments for future invoices
• Savings without precise forecasting or technical changes
• One Government Value Agreement (OGVA2) negotiation and support
• Access to service KPIs and usage trend reporting dashboards
• Simplified budget management with low, stable unit costs
• Managed budget alerts and anomaly detection to reduce overspend risk
• Strategic Blue Account Manager available for support
• Access to FinOps Consultants for wider cloud financial management support

£1 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@strategic-blue.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

334370236467720

Contact

James Mitchell
0736 0498154
sales@strategic-blue.com

Service scope

• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: General Strategic Blue invoice support tickets are answered within 48 hours, Monday to Friday.; ; AWS Support case response time depends on severity. The support response times for Developer, Business and Enterprise Support tiers are available at https://aws.amazon.com/premiumsupport/compare-plans/
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Webchat is provided via a Slack channel. ; https://slack.com/intl/en-gb/accessibility-plan
• Onsite support: No
• Support levels: Technical support for your cloud is provided via the relevant cloud provider, customers can select the level of support that they require. Basic, Developer, Business or Enterprise.; ; Strategic Blue provides support for billing and invoicing questions and cost optimisation support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our team will guide you through the best onboarding approach for you. Your AWS Accounts will either be invited into a Strategic Blue owned Payer Account or the “Consent to Assign Process” will pass ownership of your Payer Account to us. Either enables us to become your reseller to manage your AWS invoicing and payment processes. This does not impact the ownership of your individual AWS usage accounts. ; We will implement our AWS best practice Role Based Access Control, Identity Access Management and Service Control Policies approach. As detailed in our Service Description, this enables us to securely control and manage the access needed to deliver our service.; ; New, dedicated AWS Accounts will be created as “Commitment Holding Accounts”. Reserved Instances and Savings Plans will be registered in these accounts to deliver savings. This maintains isolation from your AWS usage accounts and enables easy auditing of our actions should it be required.; ; Your AWS Accounts can be registered with us through our Portal and you are free to invite anyone from your organization to join the Portal to access your KPI homepage and cost and usage dashboard.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: Customers retain ownership of their data throughout the contract, and simply provide access to Strategic Blue to view their cost and usage information.; At the end of the contract that access is revoked by the customer by reversing the onboarding process.; ; Historic billing data is retained to answer tax or invoicing queries, and is available upon request.
• End-of-contract process: At the end of the contract the customer can remove Strategic Blue access to the billing information and a final invoice will be issued. The customer's billing will then be managed directly by the cloud vendor, customer or to another supplier. ; There is no additional off-boarding cost at the end of the contract.; A detailed customer and vendor-specific off-boarding process document will be provided as part of the service.

Using the service

• Web browser interface: Yes
• Using the web interface: A Web interface is provided for onboarding AWS customers and for day-to-day and month-to-month visibility of AWS and Google cloud spend.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: Automated testing
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Our service is predominantly for contracting and billing, and is independent of customer usage. Our services are cloud-native and can scale as the business grows. ; ; We can provide spend alerts to customers if their cloud usage is predicted to be significantly higher than an agreed baseline.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: Slack message

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Multiple billing metrics and groupings
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: AWS, others on request.

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability of cloud services is provided by highly available services from the cloud vendors across multiple datacentres and regions.; Specific SLAs will depend on the support level purchased
• Approach to resilience: Strategic Blue services are cloud-native and highly resilient across multiple availability zones.
• Outage reporting: Each Cloud vendor provides a service health web page

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Secure access to our portal via username and MFA. Access to cloud services is managed by the customer to ensure security is suitable for the task.
• Access restrictions in management interfaces and support channels: NA
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 22 October 2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 14/2/2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: All of our service is covered
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Strategic Blue has implemented an ISO9001 , 14001 and ISO27001 set of formal documented policies and processes that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment. CSA CCM v4 (STAR level 1) and Cyber Essentials have also been implemented.; All employees have access to the policies and have regular updates to familiarise themselves with the policies. ; Leadership involvement provides clear direction and visible support for security initiatives.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Strategic Blue manages its systems through a continuous integration and deployment pipeline. ; Customers are responsible for managing and deploying their configuration and change control processes.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Strategic Blue conducts periodic penetration testing against its systems to ensure they are secure. ; Customers are responsible for managing vulnerability testing for their services
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Strategic Blue has processes in place, as part of ISO27001, to monitor and report on incidents and potential breaches.; Responsibility for protective monitoring of customer workloads remains with the customer
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Strategic Blue has a service management system to manage and track any incidents which occur.; Customers can submit tickets for Strategic Blue to review via email.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: AWS proprietary, others dependant on the cloud vendor
• How shared infrastructure is kept separate: Different organisations have separate accounts/projects/subscriptions which act as the security boundary. ; ; Customer environments are logically segregated, preventing users and customers from accessing unassigned resources. Customers maintain full control over their data access. Services which provide virtualized operational environments to customers, ensure that customers are segregated and prevent cross-tenant privilege escalation and information disclosure via hypervisors and instance isolation.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: AWS is committed to running its business in the most environmentally friendly way possible. In addition to the environmental benefits inherently associated with running applications in the cloud, AWS is focused on efficiency and continuous innovation across our global infrastructure. AWS are committed to powering our operations with 100% renewable energy by 2025.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Strategic Blue is committed to achieving Net Zero Greenhouse Gas emissions by 2040 and has a Carbon Reduction Plan on our website. We are certified ISO 14001 Environmental Management compliant. Our Environmental Policy outlines our commitment to minimising the environmental impact of our activities, including embedding environmental sustainability in procurement processes and contract terms to ensure our suppliers are able to demonstrate their commitment to protecting the environment. ; ; In recent years, we've implemented several measures aimed at diminishing our carbon emissions. Initiatives like our electric car salary sacrifice programme and cycle-to-work scheme were launched to promote environmental consciousness among our staff. Embracing a hybrid work approach, we limit travel to essential in-person meetings, thereby lessening our carbon impact. Additionally, our assessment of the supply chain includes an evaluation of supplier environmental credentials and carbon reduction strategies.; ; We believe that through cost optimisation we make the cloud a more attractive financial option, which encourages our customers to move more of their workloads to the cloud. This has the benefit of moving services from inefficient legacy data centres (average PUE 1.6) to cloud data centres (PUE 1.2) with a consequential 25% power saving, and associated carbon emissions reduction. ; Critical to this migration is the buyer’s ability to forecast its future costs, and those future costs benefiting from optimal prices. Strategic Blue’s core proposition thus centres around helping buyers understand their future usage and costs, translating into commitments to hyperscalers, to help these vendors manage their capacity, and thus their carbon footprint.

  Tackling economic inequality

  Strategic Blue fully recognises the importance of creating new opportunities for all individuals to acquire relevant digital skills. ; Strategic Blue works as part of the Cloudbank consortium, funded by the NSF, to enable cloud research and facilitate easy access to digital skills development. ; We continue to support UK-based university customers, including those early in their cloud journey, helping researchers and support staff enhance their digital skills. We desire to build on this foundation to establish a UK-based Cloudbank initiative.; We freely expand the Cloud FinOps knowledge available within the broader cloud user community through blogs and podcasts on cost optimisation and control, on our website, events and through our active contribution to the FinOps Foundation.; We have established a Core Competency and Values framework, outlining necessary competencies and core values for all at Strategic Blue. We shall be formulating learning and development initiatives that will be integral to tackling the digital skills gap. These initiatives will empower Strategic Blue to establish impactful apprenticeships and internships, targeting marginalised communities and individuals confronted by economic obstacles, and granting them access to valuable opportunities.; We aim to forge partnerships with non-profit organisations specialising in addressing economic inequality and the digital skills gap. By collaborating, we can amplify our impact and reach a broader audience, possibly involving joint initiatives, outreach programmes, or financial support.; With expanding business demands, we will hire additional Account Managers, Technical Support personnel, and Portfolio specialists, creating new digitally skilled jobs. Nurturing an inclusive culture valuing diverse perspectives, experiences, and backgrounds, we create an inviting environment that attracts talent from various communities.

  Equal opportunity

  Strategic Blue is committed to promoting awareness of and taking positive action to address workforce inequality across multiple dimensions, including employment, skills, pay, and development. We ensure that our recruitment processes are fair and inclusive, actively seeking candidates from diverse backgrounds and underrepresented groups. We have implemented policies and practices that prevent discrimination based on factors such as race, gender, age, disability, or socioeconomic status. Our goal is to create a workforce that reflects the diversity of the communities we serve.; We invest in continuous skills development programmes for our employees, providing training opportunities that enhance their professional growth and aim to close skills gaps within our organisation. We provide access to training and development initiatives, ensuring that all employees have an equal chance to acquire new skills and advance their careers.; We conduct regular and thorough pay equity analyses to identify and rectify any disparities in compensation based on any protected characteristics. Our aim is to ensure that all employees receive fair and equitable remuneration for their contributions, regardless of their background.; We have clear pathways for career advancement and development within our organisation. We implement performance evaluation systems that are unbiased and objective, provide opportunities for mentorship, and offer transparent criteria for promotions. By creating an environment that fosters equal opportunities for growth, we actively tackle workforce inequality.; As a small to medium-sized business we are constrained in our capacity to guarantee the dedication of our suppliers to uphold fairness in their workplaces. However, we assess our suppliers within our approved supplier process and conduct yearly audits. These steps are taken to verify that our supply chain aligns with our principles concerning equality, diversity, and respect.

  Wellbeing

  Strategic Blue prioritises the holistic health and wellbeing of its workforce, fostering a culture of support and encouragement that extends beyond the workplace. We give all employees access to an Employee Assistance Programme (EAP) that offers vital resources such as counselling and tailored nutrition advice, ensuring employees have access to professional guidance for both physical and mental health challenges.; ; Recognising the importance of mental health awareness, all new starters undergo specialised training to equip them with the knowledge and tools to navigate mental health issues effectively. Additionally, our commitment to employee wellbeing is underscored by mandatory training for managers on 'How to Support Employee Wellbeing', empowering them to create a nurturing environment conducive to optimal health outcomes.; ; We also provide staff with access to two medical benefit providers that offer a diverse range of services tailored to address both mental and physical wellbeing, ensuring our employees have access to comprehensive support networks. Furthermore, our dedicated mental health support folder provides a repository of valuable resources, including expert advice and informative documents, accessible to all employees.; ; Strategic Blue goes beyond mere provision, actively fostering a culture of wellbeing through regular events designed to promote team cohesion and mental health awareness. From team-building activities to stress-relief initiatives like yoga classes, these events serve as vital outlets for employees to unwind and prioritise self-care.; ; Central to our ethos is the cultivation of a supportive workplace culture that champions work-life balance and open dialogue around wellbeing. By encouraging transparent communication and fostering an environment where employees feel valued and supported, we strive to create a community where holistic health is prioritised and nurtured.

Pricing

• Price: £1 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Strategic Blue provide a free cloud optimisation service as part of our cloud hosting solution. ; There are no time limits or restrictions.
• Link to free trial: https://strategic-blue.com/public-sector/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@strategic-blue.com. Tell them what format you need. It will help if you say what assistive technology you use.