MIS Active Management Systems Limited

MIS-AMS Cloud Hosting Services

MIS-AMS use best of breed cloud native technologies with our innovative and thought leading service architecture to deliver first class IT Services with real-time compliance which is both unique and unrivalled.

Features

• Native Cloud Technologies
• Real-time compliance and monitoring
• Scalable and high-performance
• Speed and agilisty
• Secure, flexible and reliable
• Cost-Effective
• High availability and resilience
• Global multiple regions
• Best-in-class vendor neutral PaaS & IaaS offerings
• Expert Cloud Support Engineers & Solution Architects

Benefits

• Use enterprise-class datacentres without the running cost
• Enables flexible provision of IT services across your organisation
• Simplified billing
• Flexible licensing options
• Facilitates easy mobility and a reliable consistent platform
• Allows rapid deployment of both simple and complex applications
• Uncover key insights for improving business processes and decision making
• Access from anywhere anytime with standard Internet connection
• Provide better visibility, monitoring and security of your data
• Pay-as-you-go consumption model, only pay for what you use

£3 a virtual machine

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mis-ams.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

434724625313243

Contact

Christopher McLaughlin
08453302325
tenders@mis-ams.com

Service scope

• Service constraints: Our services are based on public cloud platforms and infrastructure, as such only the usual constraints around IaaS and PaaS architectures apply. We always engage in a full discovery exercise with our customers to fully understand and scope the requirements and before proposing any solution.
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Normal Support Hours : Monday–Friday 09:00–17:00 excluding English public holidays. Support Response times Critical 1-hour - Critical functionality inaccessible or system down causing a severe impact on services availability. High 2-hours - Critical functionality degraded having a severe impact on services availability. Normal 4-hours - Non-critical function or procedure, unusable or hard to use having an operational impact, but with no direct impact on services availability. Low 24-hours - requests and enhancements and non-urgent assistance Emergency Support may be provided outside of the hours included, subject to a separate agreement and costs.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support levels are tailored based on a customers specific requirements. Ranging from full platform and end-user support, management and monitoring, consultancy and training to provisioning support. This support also covers assisting the customer with the migration from on-premise to the cloud including hybrid configurations. There are also support levels to cover disaster recovery and business continuity solutions either within the context of the cloud i.e. between regions to enable a highly available and resilient solution or as a backup to on-premise systems. Support costs are agreed in advance with the customer, based on the level and detail of support required, these are also flexible. All support contracts include both account managers and support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training will be provided and is available for users at every step of the project from planning to follow-up analysis. This can be provided by our consultants onsite if required or delivered online via audio and visual conferencing tools such as Cisco Webex or Microsoft Teams. In addition to this, standard user documentation and materials will be made available in electronic format which can be saved by the user.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Support will be provided to assist users with exporting or extracting their data in a suitable format where possible. Examples of this range from SQL backup images, file share backups or disk images. In most cases the exported data would be downloaded by the customer over the network (network consumption charges will apply). Amazon Web Services offer an Import/Export services that accelerates moving large amounts of data into and out of AWS using portable storage devices for transport. For significant data sets, AWS Import/Export is often faster than Internet transfer and more cost effective than upgrading your connectivity. You can use AWS Import/Export for migrating data into the cloud, sending backups to AWS, and interchanging data with other cloud providers. Azure Import/Export service can also be used to transfer data from Azure Blob storage to disk drives and ship to your on-premises sites.
• End-of-contract process: At the end of any contract the customer will be invited to migrate or export any of their data. This should be completed before the end of the contract to avoid any contract extensions or additional services charges. When the customer has confirmed in writing they are no longer using the service and have successfully migrated any required data we will safely and securely terminate the service and delete all associated data in accordance with our GDPR and data destruction policies. Backups of customer data will be made available for download in the formats documented in the terms and conditions, any costs associated with storing the backups or bandwidth costs for download will charged at the prevailing storage and bandwidth rates. Any requests for data extractions not included in the terms and conditions will be at the sole discretion of MIS-AMS and subject to additional charges.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can provision pre-approved templates which are specific to the customers’ requirements
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: We utilise Atlassian JIRA and AWS Service Catalogue to support our self service options. These comply to standards, however we are not in complete control of how this is displayed to the users.
• Web interface accessibility testing: None at this time
• API: Yes
• What users can and can't do using the API: Our APIs are primarily based on AWS and Azure APIs, which offer extensive API calls for customer cloud tenants.
• API automation tools: Other
• Other API automation tools: Any services compatible with AWS, Azure, Atlassian
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: AWS and Azure CLIs are documented on their respective sites

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Where customer scaling is in place, the resources are isolated for a specific customer. This is all backed off to AWS/Azure, with service limits in line with the maximum required.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Amazon AWS, Microsoft Azure and Google Cloud

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • Databases
  • Files as a Service
• Backup controls: Backup policies are configured from a central backup console, simplifying backup management and making it easy to ensure that your application data is backed up and protected. Backups, restores, and setting backup retention policies across services in the cloud and on premises can be done using a central console, APIs or command line interface. Automated backup schedules, retention management, and lifecycle management are all included.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: MIS-AMS use AWS and Azure for provision of our cloud infrastructure service, each cloud product has an individual SLA which is largely dependant on the configuration of individual service.; For example, a Web server in a single availability zone would not have the same SLA as a multiple load balanced web servers in multiple availability zones or regions. Disk storage availability and durability is measured based on the individual storage products levels. ; As part of any contract we clearly define and set out the expected SLAs for each component of the service based on the customer requirements. Where required additional configuration and design choices can be made to bring the SLA to the desired level. All claims concerning SLA guarantees must be made in writing by the Customer within seven days following the end of the month in question and will be shown as a credit (once agreed by MIS-AMS) on the next regular service charge invoice. MIS-AMS will use all information reasonably available to it to validate any claims and make a good faith judgement on whether the SLA and/or credits apply to the claim.
• Approach to resilience: We use Microsoft Azure and Amazon AWS global Infrastructures and datacentres. Every component of the infrastructure and our solutions are designed and built for redundancy, reliability and uptime. All data is stored in UK regions and data centres by default (unless otherwise agreed) on highly durable and redundant infrastructure which can span geo-locations for DR/BC purposes, sensitive data can also be encrypted at rest. Network load balancing and redundant routing is also configured where appropriate including the facility to use direct connections. MIS-AMS' preferred approach is to design a hosting solution and application layout that supports an active-active approach across multiple datacentres. This is a standard approach in AWS via availability zones, which allow applications to run across 2+ datacentres concurrently. This approach has a similar cost to a load balanced high availability solution in a single datacentre, with the obvious advantage that a datacentre failure results in near zero downtime and data loss, it also significantly reduces the cost and impact to the business of regular DR tests. As with every solution we provide our aim is to provide the best service at the lowest cost, rather than the lowest cost at the expense of risk.
• Outage reporting: MIS-AMS have multiple channels to communicate any service outages. These include all the standard facilities offered by AWS and Azure such as public dashboards like 'Azure Status' which shows in detail (refreshed every 2-mins) the status of each cloud region down to individual cloud products. Amazon Web Services publishes also has a public dashboard posting up-to-the-minute information on service availability. As with Azure this can be personalised by the individual user to include notifications. In addition we can also create email notifications and expose API information on a case-by-case basis. This would be for specific components of a particular customer cloud solution managed by MIS-AMS such as availability of a Web Server or SQL Server etc. MIS-AMS' AI monitoring builds a Root Cause Analysis assessment and provides the ability to replay the issue as it happened. This data will be passed into an automated ticket which can then be routed to the Service Provider, which may be the Infrastructure provider. The Customer will have access to all this data via the monitoring console, as well as access to the tickets.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management Interfaces all require Multi Factor authentication using software or hardware tokens.; ; Support Channels can be accessed via Username and password, with certain functions requiring MFA
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our cloud solutions have the ability to work on Microsoft Azure and Amazon Web Services. Both of these vendors are certified to ISO27001.; ; Within the MIS group our sister company Incline-IT provides the security and governance standards for our hosting services and our ISO27001.
• Information security policies and processes: Our cloud solutions have the ability to work on Microsoft Azure and Amazon Web Services. Both of these vendors are certified to ISO27001.; ; Our cloud solutions have the ability to work on Microsoft Azure and Amazon Web Services. Both of these vendors are certified to ISO27001. Within the MIS group our sister company Incline-IT provides the security and governance standards for our hosting services and our ISO27001.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Any configuration changes must follow an internal change management process which consists of the following stages: ; a) Change control form to identify why the change is needed.; b) Who is accountable for administrating the change.; c) testing outcomes and rollback planning.; d) release phase agreed by stakeholders.; e) tracking log to measure success.; f) audit.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MIS-AMS will provide a service to manage vulnerabilities and potential threats which reports to the Customer and also the hosting provider. The MIS-AMS service extends beyond patching into vulnerability management which is a key requirement for GDPR, PCI-DSS and ISO27001. This will result in reports of missing patches and details on un-patchable vulnerabilities which cannot be patched and may require workarounds until a patch is available from a vendor. Our patching service follows a standard approach of delivering OS patches into Development and Test environments to allow application vendors to run automated tests before patches are deployed to production.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: MIS-AMS typically uses server based IPS/IDS capabilities as this provides a more granular approach to network inspection rather than a monolithic and expensive firewall at the edge. MIS-AMS' service also includes automated checks to ensure firewall rules are compliant with best practice and can be evidenced against ISO27001, GDPR and PCI-DSS. Findings are presented as (low, medium, or high), accompanied by detailed evidence and recommendations for remediation. The findings are also available as functions, enabling automatic remediation of specific types of issues. Otherwise any high or medium alert will be quickly assessed by a cloud engineer.
• Incident management type: Supplier-defined controls
• Incident management approach: We offer a robust incident management approach based around ITIL and GDPR standard processes for incident events.; These include: a) identification, b) logging, c) investigation and diagnostics, d) assignment and escalation, e) resolution, f) closure and g) satisfaction survey.; The MIS-AMS AI based monitoring will automate a significant amount of the ITIL incident management process. As part of the Hosting Service our automated solution will detect proactive issues on services, application and infrastructure.; Automated ticket routing will be used to either route tickets directly to the Customer or Service Desk provider

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Incline-IT
• How shared infrastructure is kept separate: Our design strategies and multi-tenant model ensures organisations are kept apart. MIS-AMS achieve this by deploying resources into their own Subscriptions, Active Directories, resource groups and virtual private clouds. Technologies include: VLAN Isolation, Compute Isolation, Logical Isolation Between Compute and Storage, Isolation Using Storage Access control, IP Level Storage Isolation, Encryption in Transit and at Rest, Disk Encryption and Database Isolation, Isolation through Network Topology.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: European AWS datacentres comply adhere to the EU Code of Conduct for Energy Efficient datacentres.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  "At MIS:AMS we are implementing plans to reduce internal carbon emissions. We have dramatically reduced our carbon emissions by actively encouraging online client meetings, where possible. We have successfully reduced our Carbon Dioxide levels, for example, year-end September 2022 our overall company 7.36 - tCO2e (tonnes (t) of carbon dioxide (CO2) equivalent (e)) with a reduction of 0.61 tCO2e in year-end September 2023. We are also reducing our electricity usage and have evidenced a 0.20 tCO2e reduction.; Our housing management system, ActiveH is made up of modules which are designed to eliminate waste in a multitude of areas. For example, maintenance. Clients are enjoying more economical and effective site visits and even a reduction in them. Our products ensure more effective communication with their customers / residents and therefore often eliminate the need to physical site visits. Additionally, their Director Labour Organisations and external Contractors utilise our Mobile product which includes a van-stock tracking tool. This automatically reorders stock, meaning an engineer won’t have to leave jobs to restock at suppliers. "

  Covid-19 recovery

  "During the coronavirus pandemic. MIS recognised that due to the pandemic causing redundancies and uncertainty there was an 81% increase in demand for food parcels, and most worryingly of all, the number of parcels given to children increased by 122%. As a result of this frightening statistic, MIS decided to launch the Food for All campaign, a campaign which would see MIS donate £20,000 to foodbanks across the UK & Ireland and forging good links with the Trussell Trust in various regions in the process.; ; MIS have customers from all over the UK & Ireland, so as part of the Food for All campaign we took it upon ourselves to donate £1,000 to two foodbanks, every week, for ten weeks. Each week would be dedicated to a different region. We started in our heartland of the Northwest and then moved onto Scotland, Yorkshire and the Humber, North East of England, East and West Midlands, Wales and the South West, South East England, East of England, Greater London and Northern Ireland. However, we didn’t just select foodbanks from these locations on our own accord. As there is so many excellent and well-deserving foodbanks across the UK, we required our customers’ assistance. We asked our customers to provide the foodbank that they feel is most deserving in their region, and why, to help with our selection."

  Tackling economic inequality

  "We are a local living wage organisation. All of our 170+ employees are paid at the local living wage or higher. Working in housing, we understand that large portion of the population of the UK is struggling financially. We are also aware that it is becoming increasingly more difficult for young people to get into work and particularly careers that they enjoy. A a leading software services company, we are in a great position to offer young people and graduates real-life, hands on and practicle experience in the industry. We offer fulfill an annual commitment of two placement for young people. We are keen to see the industry benefit from the continual employment of the next generations. ; ; In 2023, MIS started working closely with Keele University and following its long-standing work in Social Housing and Emergency Services, MIS created the Stewart Mclaughlin Scholarship program at Keele for disadvantaged students in the Paramedic degree course. This awards a student with a donation covering one year of their accommodation fees. ; ; In addition to the above, MIS has supported; customers awards, ‘Give and Gain’ days, estate walkabouts and have attended a number of CIH research trips over the years to help drive efficiency within the industry. One of the social areas MIS is most proud of is our Student Placement program. The MIS Student Placement program has been in place since 2014 and involves MIS taking between 1 and 3 student placements each year as part of their IT University placement year course. Although this is an excellent way of providing real life experience within a business, what MIS are most proud of, is the fact that every single placement student has managed to secure a job once they have finished their course due to the level of training they had received."

  Equal opportunity

  "We achieve equal opportunity from the start of our employment by implementing rigid recruitment processes. Recruitment, promotion and other selection exercises is conducted on the basis of merit, against objective criteria that avoid discrimination. Shortlisting is done by more than one person possible and at least two interviews are carried out before employment. Vacancies are generally advertised to a diverse section of the labour market. ; Advertisements avoid stereotyping or using wording that may discourage particular groups from applying. Job applicants do not ask questions which might suggest an intention to discriminate on grounds of a Protected Characteristic. For example, applicants are not asked whether they are pregnant or planning to have children. Job applicants are not asked about health or disability before a job offer is made, except in the very limited circumstances allowed by law: for example, to check that the applicant could perform an intrinsic part of the job (taking account of any reasonable adjustments), or to see if any adjustments might be needed at interview because of a disability. ; Once in employment at MIS, staff training will be identified through regular staff appraisals. All workers will are given appropriate access to training to enable them to progress within the organisation. All promotion decisions will be made based on merit. Where appropriate, steps will be taken to identify and remove unnecessary or unjustifiable barriers and to provide appropriate facilities and conditions of service to meet the special needs of disadvantaged or under-represented groups. "

  Wellbeing

  "One of our products, ActiveC, an omni-channel contact centre tool, contains 'sentient analytics' technology, which identifies, in real-time, if a caller shows signs of distress, which is flagged and the appropriate mitigation can be actioned and the situation monitored. ; ; In relation to MIS employees, we have built a family-run, open, honest and friendly atmosphere, which is evidenced by our high staff retention levels. We do, however understand that it takes individuals to make a team and all staff memebers partake in very regular one to one meetings with their line manager, where wellbeing is discussed as a priority. Additionally, we have trained four staff members on mental health awareness and mentoring.

Pricing

• Price: £3 a virtual machine
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@mis-ams.com. Tell them what format you need. It will help if you say what assistive technology you use.