BLS International Services Ltd.

Cloud Software

The software is used for network monitoring and end point monitoring as well as automated ticket generation through emails and SMS.

The software has special features for server utilization, health and pre failure alerts defined and send to the administrator.

Features

• Remote access
• Saas
• Paas
• IaaS
• Xaas

Benefits

• Solving and rectifying service request remotly using RAS-RIM tools
• We help delivering services and applications over the Internet
• Allow developers to build applications and services over the internet
• Computer infrastructure to support various operations.
• Services related to cloud computing and remote access

£2,000 to £2,000,000 a unit a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gaurav@blsinternational.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

447168745836978

Contact

Gaurav Aggarwal
+919810207327
gaurav@blsinternational.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • Linux operating system
  • Database servers
  • Firewalls
  • Load balancers
  • Web servers

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: No, our tickets generation is automated and the responses are 24*7, 365 days online with defined SLAs
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: The support levels you provide; L1, L2, L3; how much the different support levels you provide cost; L1 no cost; L2 and L3 are on a costing model. ; These support are given on an hourly basis model. ; ; whether you provide a technical account manager or cloud support engineer; We do provide a technical Account manager for large clients. For small or medium clients, we provide L1 L2 and L3 support through phone and chat and emails.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: For on-boarding the users has to sign an agreement know as MSA ( master service agreement ), post signup we will provide various user manuals and online training if required.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: A link will be provide to the users. This link will take them to the master service data and they will be able to download either the whole data or datewise from the portal.
• End-of-contract process: All IPR will remains with user only and they are free to use the application after end of contract, for any extend service they can renew contract terms on hourly, monthly and annual basis.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No there are no differences, services are accessible via both devices
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our application is multi tenanted with clear defined logins and use individual for each user and the software is defined at an organization level and the users are mapped underneath the organization with a admin at the top level and users and other roles defined underneath the admin.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: They will be provided with date wise extraction option and data can be exported in XLS or PDF
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Below is the an extract from the MSA ( Master Service Level Agreement ); ; Our organization is in the business of providing software development services and their implementation and support to various customers.; ; XXX has requirements of a technology service provider, who will provide off-site software development and its maintenance & support, and wishes to engage the services of a reliable software development company. ; ; Our organization has represented to XXX that they:; ; 1) Have understood the specific development and support requirements of XXX; ; 2) Will provide skilled qualified and well trained resources to fulfill the aforementioned objectives;; 3) will adopt best technology, security and Industry best practices;; ; Our organization agrees to develop custom software products as per the requirements of XXX and warrants to XXX that the software solutions developed by them will comply to the best security and software development practices; that our organization will perform its services in line with this Agreement. It will be XXX responsibility to get it verified through security company and our organization will close all vulnerabilities if found.; ; Refund - We do not have any refund policy however we provide after sale support of 30 days to our customers without any extra charges
• Approach to resilience: We are hosting on a datacenter which is uptime certified, tier-3 with 99.98% uptime guarantee, further details can be shared related to documents pertaining to security and availability on request.
• Outage reporting: Email alerts - All outages are reported to the customer provided SPOCs email addresses

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: For support channel there is a separate URL for logging into the application and providing support, these are role based access given to the agents based on the support level like L-1, L-2 and L-3.; ; For management level access to specific modules in the software for MIS purpose based on roles defined as per the managerial levels.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: DBS certification
• ISO/IEC 27001 accreditation date: 2021-2024
• What the ISO/IEC 27001 doesn’t cover: We cover all the pointers who are part of ISO/IEC 27001
• ISO 28000:2007 certification: Yes
• Who accredited the ISO 28000:2007: UK certification and inspection Ltd.
• ISO 28000:2007 accreditation date: 2020-2023
• What the ISO 28000:2007 doesn’t cover: We cover all pointers mentioned under ISO 28000:2007 certification
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ENS ( Spenish Govt. Certification )

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO standards 27001 and CMMi level - 3

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to information resources shall be managed and executed according to a formal change control process. The control process will ensure that changes proposed are reviewed, authorized, tested, implemented, and released in a controlled manner; and that the status of each proposed change is monitored.; The change control process shall be formally defined and documented. A change control process shall be in place to control changes to critical company information resources (such as hardware, software, system documentation and operating procedures). This documented process shall include management responsibilities and procedures. Wherever practicable, operational and application change control procedures should be integrated.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: 1. Define the organization’s critical IT assets that is the data whose loss or exposure would have a major impact on the business operations.; Identify the key business processes that utilize or require this information.; Identify the threats could affect the ability of those business functions to operate.; ; 2. how quickly you deploy patches to your services?; This exercise generally takes 1 to 2 hours. ; ; 3. where you get your information about potential threats from; We get the information about the potential threats from the subscription with the OEMs, the support team, the various competitor's analysis etc.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: 1. ; Notifications for Unusual Logins; Inability to Access The Account; Insecure Configurations and Permissions; Unusual user Activity; Shadow IT; ; 2. ; Stay calm and take the time to investigate thoroughly; Get a response plan in place before you turn the business switch back on.; Notify your customers and follow your state's reporting laws.; Call in your security and forensic experts to identify and fix the problem.; ; 3. ; The response to incidents is almost immediately with the blocking of the account and changing of the permissions and passwords
• Incident management type: Supplier-defined controls
• Incident management approach: 1.; Yes. We have predefined process; 2.; The CT shall analyze the impact of the incidents as reported. The same shall be formally documented along with relevant evidence collected or observations.; Incident Report format is used to report the impact of security incident(s) and the corrective action/s taken by the CT.; The Incident where in there is a compromise on the Data integrity or the confidentiality of the Data needs to be properly documented and reported to the relevant authority.; 3.; The incidents reported through email or verbal communication or the chat that would be made available for this purpose

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Covid-19 recovery

  Covid-19 recovery

  Our G-Cloud services can play a significant role in Covid-19 recovery by providing robust cloud-based solutions to address the challenges posed by the pandemic

Pricing

• Price: £2,000 to £2,000,000 a unit a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gaurav@blsinternational.com. Tell them what format you need. It will help if you say what assistive technology you use.