Sera Neon

PAAS/IAAS Support

All PAAS and IAAS components including Integration/OICS, UCM, Data, OACS on Cloud and Premise

Features

• PAAS Implementation and Support
• IAAS Implementation and Support
• Data Warehouse Implementation and support

Benefits

• Flexible service
• 24/7 Support

£250 to £850 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.team@seraneon.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

395858989628597

Contact

Lianna Messent
07751712195
bid.team@seraneon.co.uk

Service scope

• Service constraints: NA
• System requirements: Buyers should have all required licenses in place

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: S1: 1 hour S2: 4 hours S3: 1 day response times are different at weekend
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Integrated with Microsoft Teams
• Onsite support: Yes, at extra cost
• Support levels: Flexible Support model Across Oracle Cloud- Finance, HCM, CRM, PBCS, Integrations and Release Management 24/7, Business Hours or call out support No Yearly, Long Term Commitment
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding includes Preliminary discussions, workshops, Class Room based or Online Training
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: All Data is held in the client systems
• End-of-contract process: Depending on the length of the contract, go-live support is included with this service.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Resources are dedicated to one project at a time only.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • SMS
  • Other

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Oracle

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Less than once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Users will be refunded for the lost time, not for the reason that is due to the user teams- unavailability etc
• Approach to resilience: It’s available on request
• Outage reporting: Email Alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Other
• Other user authentication: Most of the Cloud or On-Premise based services are on the supplier infrastructure and follow such authentication principles.
• Access restrictions in management interfaces and support channels: Most of the Cloud or On-Premise based services are on the supplier infrastructure and follow such authentication principles. In terms of the emails and administration access, these are restricted via the Gmails Admin Centre
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Supplier specific Certifications

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Programme dependent Security Governance Model
• Information security policies and processes: Data Breach and Data Protection Policy; Cyber Security and Information Handling policy; ; All policies are governed and implemented through a named Data Protection officer and their team

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes follow supplier/programme defined controls. We however would strongly recommend the best change management practices and methodologies.; All changes undergo strict review and testing in a lower test/development environment and are only promoted to production post necessary approvals.; The testing would include, but not limited to security, data, functional, integration, unit and operational testing; The security testing will include both system and user-based negative and positive testing; Load/Performance testing may be included depending on the type of change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As we are not a product-based organisation. Most of our potential vulnerabilities could be with our email and internal storage solutions. Both of these components are within the secure Microsoft or Gmail servers. We however would regularly conduct Cyber security training for all our Employees and Associates and the Cyber Security Consultant keeps us up to date with the known Cyber attacks. As we are growing we are now setting up an internal Cyber Security Team.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Any potential compromises are usually within the email system in form of a fishing email. Any new member of our team is made aware of such attacks at the time of the induction and during the Cyber Security Training. Any such incidents are assessed and responded to immediately.
• Incident management type: Supplier-defined controls
• Incident management approach: We use supplier-provided incident management tools. For our internal email and storage system we maintain a log that is owned by the Operations Director.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Fighting climate change:

  Fighting climate change

  NA
• Covid-19 recovery:

  Covid-19 recovery

  NA
• Tackling economic inequality:

  Tackling economic inequality

  NA
• Equal opportunity:

  Equal opportunity

  Equal opportunity Employer
• Wellbeing:

  Wellbeing

  NA

Pricing

• Price: £250 to £850 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: To be discussed at the time of engagement. As an example, if there are 50 reports to be delivered. One can be delivered FOC

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.team@seraneon.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.