DASSAULT SYSTEMES UK LIMITED

BIOVIA ScienceCloud Unified Lab Management

The BIOVIA Unified Lab offers research, development, analytical and QA/QC laboratories a unique opportunity to truly digitalise their lab processes and to connect analytical and process workflows end-to-end. Daily workflows are truly digitalised, non-value added tasks are minimized and organization are able to transform their lab operations

Features

• Optimise laboratory productivity and compliance
• Digitise daily laboratory workflows
• Standardise laboratory management
• Store and share all laboratory data in a central repository
• Replace paper notebooks with intuitive Electronic Lab Notebook
• Accelerate Development
• Improve Decision Making
• Capture and Access Consistent Data
• Predictive Analytics

Benefits

• 30% reduction in errors
• 50% reduction in documentation time
• 40% increase in laboratory productivity
• Create publishable reports, quickly and easilt
• Extensible via API to other systems
• Integrate with instruments and data sources
• Reduce IT overhead

£576 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pola.dwernicki@3ds.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

356629642780447

Contact

Pola Dwernicki
+44 7546 696 266
pola.dwernicki@3ds.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: None
• System requirements: Internet Connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: DS Support Team’ target is to address Customer’s Case based on its validated urgency level as follows.; Urgent - within 2 Opening Hours; High - within 4 Opening Hours; Medium - within 8 Opening Hours; Low - within 2 Business Days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The Support Services package available for Online Services during the period of Customer’s Agreement is the Support Services level called ADVANTAGE, this is included in all quoted costs.; Once received by DS Support Team, Customer’s Case and related proposed qualification of its urgency level will be reviewed by the DS Support Team.; The allocation of support resource is dependent on the categorisation and urgency of the reported case
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training can be delivered at an additional cost.; ; Onboarding is supported via a substantial online knowledgebase and community support.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extraction is supported in XML or CSV format
• End-of-contract process: Users can self-extract all data as required.; ; Functionality and access ceases at contract end.; ; Services function can be purchased to assist with this extraction or data transformation if required

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: BIOVIA Sciencecloud is deployed in a hosting environment that supports Dynamic provisioning. Cloud resources are deployed to match our customer's fluctuating demands, typically scaling up to handle spikes in usage and scaling back down when demands decrease. This provisioning can be automatically configured but also human monitored and configured.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can create their own data extraction solution or alternatively utilise a previously created solution from the ScienceCloud Protocol Exchange; The Exchange includes numerous key features that are beneficial to the research community. These features include:; Intuitive home page for finding and sorting protocols of interest; Search for protocols ; Filter for protocols based on their keyword categories (e.g., Reporting, Generic, Table, etc.); Sort dropdown list to view search results based on name or usage statistics (most relevant, most views, most downloads, most recent, highest rated); Quick access to all protocols; Search Results pane for viewing protocol summary information
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Provided Customer has complied with its obligations under the Agreement the monthly availability as defined in the Service Level Agreement is 99.50 % for a given calendar month.; If availability falls below this the compensation will be calculated as follows: for unavailability of a given Online Service of more than zero point five per cent (0.5 %) in a calendar month, as calculated under the Service Level Agreement, a time credit corresponding to twice the cumulated downtime in excess of the zero point five per cent (0.5%) threshold will be allocated.
• Approach to resilience: Available on request
• Outage reporting: Outages are reported via email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management access is limited based on client requirements using pre-defined roles-based access.; Access control policies and procedures are in place with specific requirements for privileged access.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SGS
• ISO/IEC 27001 accreditation date: 18/01/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Available on request

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Documented Change Management process is in scope for ISO27001. All changes are recorded in Change Management System.; Change Management Process is required for any change to production services that could be customer affecting. Security review and approval are required for change requests. Policy in place for security to get involved prior to coding.; ScienceCloud Security Team ensures appropriate controls are in place to ensure that risks can be mitigated and controlled to acceptable levels on an ongoing basis. ; The customer is notified in advance. Customers will be notified and provided access to the testing environment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: OS Authenticated vulnerability scans are conducted monthly using industry top cloud security provider. ; WebApp scans ongoing and every release version is scanned before customer access. Ongoing Internal Penetration testing.; Minor updates are applied monthly along with the release of OS updates. Critical updates use the incident management process and are rolled out ASAP and dependent on the risk.; Security blogs, SANS, Cyber Security Podcasts
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use a combination of TrendMicro Deep Security, AWS Confir, CloudWatch AWS GuardDuty, AWS WAF, and SumoLogic forIDS/IPS, FIRM, SIEM and Dashboards. ; AWS WAF security automation to prevent common attacks and bad IPs ; The incident response process covers DDoS attacks. ; ; Incident Response Process identifies special handling for privacy issues. ; Customers will be notified within 24hrs of any detected breach of customer data
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We use a combination of tools for Intrusion detection, Threat Intell, HIDS/HIPS, and dashboards. Real-time alerts are sent to the Security Team with 24/7 coverage and a dedicated employee on duty.; Incident response policies and procedures are in place. The IR process identifies key contacts and decision-makers. Incidents are triggered by monitoring, scanning, support, DevOps, and developers. Jira ticketing system is used with priority and escalation.; Notification to customers is also documented in the process. The process is reviewed and approved by executive management. Metrics are collected and reported quarterly.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  3DS is committed to a policy of non-discrimination and equal opportunity for all employees and qualified applicants without regard to race, color, religion, gender, sex (including pregnancy, childbirth or medical or common conditions related to pregnancy or childbirth), sexual orientation, gender identity, gender expression, marital status, familial status, national origin, ancestry, age (40 and above), disability, veteran status, military service, application for military service, genetic information, receipt of free medical care, or any other characteristic protected under applicable law. 3DS will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.

Pricing

• Price: £576 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Trial services can be provided for periods between 1 week and 2 months.; ; Trial is fully functional with access to all solution modules

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pola.dwernicki@3ds.com. Tell them what format you need. It will help if you say what assistive technology you use.