ARX TECH LTD

Cloud Hosting

Experience seamless scalability and reliability with our Cloud Hosting Service. Enjoy flexible resource allocation, high-performance infrastructure, and robust security features. Whether you're a start-up or a large enterprise, our platform ensures your applications are always available and performing at their best.

Features

• Scalability
• High Availability
• Performance Optimization
• Security
• Global Reach
• Automated Backups
• Resource Monitoring
• Cost Optimization

Benefits

• Flexibility
• Cost Efficiency
• Scalability
• Reliability
• Disaster Recovery

£350 to £1,200 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@arxtech.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

462162772444651

Contact

Syed Hayat
07848498921
enquiries@arxtech.io

Service scope

• Service constraints: Resource Limitations: Constraints on the maximum amount of CPU, memory, storage, or bandwidth available to each user or instance.; Geographical Limitations: Restrictions on the availability of data centres or regions where the service is offered, which may impact latency and data residency requirements.
• System requirements:
  • Authentication Requirements
  • Internet Connection
  • Networking Requirements
  • GDPR

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Weekdays ; 09:00-17:00 Response Time in 1 hour; ; Bank Holidays inc Weekends ; 10:00-16:00 Response Time in 24-hour; ; Tickets are responded to on a priority basis. We aim to respond to ALL initial questions within 1 hour during normal business hours and High Severity tickets will be answered 24/7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We do the analysis of the ticket and based on the complexity of the system, work on the SLAs with the client . The standard agreement in place is: ; ; Priority 1 We will acknowledge the issue within 1 working hour and provide a response including an action plan for resolution or cause within 8 working hours. ; ; Priority 2 We will acknowledge the issue within 4 working hours and provide a response including an action plan for resolution or cause within 10 working hours. ; ; Priority 3 We will respond within 1 working day and will aim to provide a fix within 5 working days of the incident being reported. ; ; Priority 4 Where applicable, we will provide a solution as part of the next release.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: To help users get started using our service, we provide a range of resources and support tailored to their needs and level of expertise.; By offering a combination of documentation, tutorials, guides, demos, community support, technical assistance, and training programs, we ensure that users have all the resources they need to start using our service confidently and successfully.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We provide users with multiple options for exporting their data from our service. This may include downloadable backups, export functionalities within the user interface, or APIs that allow users to programmatically retrieve their data.
• End-of-contract process: At the end of the contract, both parties review terms and conditions, with potential notification of termination. Users are offered options to back up and export their data, ensuring seamless migration if needed. Resources provisioned within our service are deactivated, and user data is securely deleted in compliance with regulations. Accounts associated with the contract are closed, maintaining security. Final invoices settle outstanding payments. User feedback is welcomed for service improvement. Users may opt to renew their contract or permanently close their account. Throughout, we prioritize user satisfaction, compliance, and transparent communication to ensure a smooth transition and positive experience.

Using the service

• Web browser interface: Yes
• Using the web interface: What Users Can Do:; ; 1.Provision and Manage Resources; 2.Monitor Performance; 3.Deploy Applications; 4.Manage Identity and Access; 5.Implement Security Controls; 6.Automate Tasks; 7.Scale Resources; 8.Backup and Disaster Recovery; 9.Collaborate and Share Data; 10.Develop and Test Applications; ; What Users Can't Do:; ; 1.Access Certain Administrative Functions; 2.Perform Unauthorized Actions; 3.Modify Billing Information; 4.Access Restricted Regions
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Microsoft Azure Web Interface
• API: Yes
• What users can and can't do using the API: Every services provided on the web interface is available through API for both what users can and can't do
• API automation tools:
  • Ansible
  • Chef
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: Every service described in the web interface and API can be managed through Microsoft CLI (Command Line Interface)

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: To ensure users aren't affected by the demand placed on our service by other users, we implement several strategies aimed at maintaining performance, reliability, and scalability. Here's how we guarantee user experience despite fluctuations in demand:; 1-Resource Isolation; 2-Scalable Infrastructure; 3-Load Balancing; 4-Auto-scaling; 5-Capacity Planning
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Microsoft, Amazon, Google

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Databases
  • Files
  • Virtual Machines
  • Applications
• Backup controls: In our service, users have granular control over what backups are performed through a combination of configuration settings and policy management tools. Here's how users can control backups:; ; 1.Backup Policies: Users can define backup policies that specify which resources are backed up, how often backups are performed, and how long backup data is retained. ; 2.Backup Schedules: Users can customize backup schedules to determine when backups are performed based on their specific requirements. ; 3.Backup Monitoring and Alerts: Users can monitor backup jobs and receive alerts and notifications for backup status changes, failures, or other relevant events.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 1. 99.9% Uptime: Many Azure services, including virtual machines, storage accounts, and networking resources, come with a 99.9% uptime SLA. This means that Microsoft guarantees these services will be available and accessible to customers at least 99.9% of the time within a billing period.; 2. Financial Backing: Azure's SLA often includes financial backing or service credit if the guaranteed uptime percentage is not met. In the event of an outage or service disruption that causes the uptime to fall below the guaranteed threshold, customers may be eligible to receive service credits or refunds as compensation.; 3. Exclusions and Exceptions: It's essential to review the specific terms and conditions of Azure's SLA for each service, as certain exclusions and exceptions may apply. e.g. planned maintenance, force majeure events, and customer-induced outages may not be covered by the SLA.; 4. Regional Availability: Azure's SLA may vary depending on the specific Azure region in which services are deployed. While Microsoft aims to provide consistent SLA commitments across regions, there may be slight differences based on factors such as data centre location and infrastructure.; 5. Continuous Improvement: Microsoft Azure continually invests in infrastructure, redundancy, and fault tolerance mechanisms to improve service availability and reliability.
• Approach to resilience: Azure is designed with a resilient architecture to ensure high availability and reliability of its cloud services. With a global network of data centres distributed across multiple regions, Azure offers redundancy and failover capabilities to withstand regional outages. Availability Zones provide isolated data centres within regions, each with independent infrastructure to prevent single points of failure. Redundancy is embedded at every layer, including networking, storage, and compute resources, with automatic failover mechanisms to mitigate disruptions. Data replication across multiple nodes and regions ensures data durability and availability. Proactive monitoring systems detect and respond to issues in real-time, while disaster recovery solutions enable replication and backup to secondary regions or on-premises environments for business continuity. Compliance with stringent security standards safeguards customer data and ensures service integrity. Azure's resilient design aims to maintain service availability and reliability, even in the face of hardware failures, software bugs, natural disasters, or cyberattacks, providing customers with a trusted and resilient cloud platform for their critical workloads.
• Outage reporting: Support tickets in email, SMS messages, on social media public announcements or on real-time dashboards

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: 1-Role-Based Access Control (RBAC); 2-Multi-Factor Authentication (MFA); 3-Conditional Access Policies; 4-Privileged Identity Management (PIM); ; By leveraging these access control mechanisms, Azure ensures that only authorized users and applications can access its management interfaces and support channels, reducing the risk of unauthorized access and enhancing the security of its cloud platform.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance approach centers on proactive risk management, clear policies, compliance with regulations, and robust controls. We deploy access management, encryption, and monitoring tools while providing continuous security awareness training. Incident response plans ensure swift detection, containment, and recovery from security incidents. Regular audits and reviews drive continuous improvement, adapting to evolving threats and technologies. By fostering a culture of security awareness and accountability, we prioritize the confidentiality, integrity, and availability of our systems and data, maintaining trust and confidence with our customers, partners, and stakeholders.
• Information security policies and processes: 1.Data Classification and Handling: Policies define the classification of data based on sensitivity and prescribe appropriate handling procedures for each classification level, ensuring confidentiality, integrity, and availability.; 2.Access Control: We enforce strict access control policies, employing principles of least privilege and role-based access control (RBAC) to limit access to authorized personnel only. Multi-factor authentication (MFA) is required for accessing sensitive systems and data.; 3.Encryption: Data encryption policies mandate the use of encryption mechanisms to protect data at rest and in transit. Encryption is applied to sensitive data, communication channels, and storage systems to prevent unauthorized access and data breaches.; 4.Incident Response: We have established incident response policies and procedures to detect, respond to, and recover from security incidents and breaches promptly. Incident response teams are trained and equipped to mitigate the impact of incidents and restore normal operations.; 5.Security Awareness and Training: Policies require regular security awareness training for employees, contractors, and stakeholders to educate them about security risks, best practices, and compliance requirements. ; 6.Compliance and Regulatory Requirements: We ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI DSS, ISO 27001, and others applicable to our industry and geographic location.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes involve meticulous tracking of service components throughout their lifecycle, documented baselines, and version control. Changes undergo rigorous review, testing, and approval procedures, with rollback plans in place. Security impact assessments evaluate changes for potential security risks, including vulnerability scanning, penetration testing, and risk analysis. Security controls are implemented to mitigate identified risks, ensuring the stability, security, and reliability of our services while minimizing disruptions and maintaining compliance with regulatory requirements.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: 1.Threat Assessment: Azure employs a combination of automated tools and manual analysis to assess potential threats. ; 2.Patch Deployment: Azure rapidly deploys patches to address identified vulnerabilities. Microsoft follows a structured approach, releasing updates through its Patch Tuesday cycle or out-of-band releases for critical vulnerabilities. Azure customers benefit from automated deployment mechanisms for seamless patching.; 3.Information Sources: Azure leverages a wide range of sources for threat intelligence, including Microsoft's own security research, industry reports, and community contributions. Additionally, Azure Security Center provides insights into potential threats and offers recommendations for mitigation.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Microsoft Azure employs advanced threat detection mechanisms and real-time monitoring to identify potential compromises swiftly. Anomaly detection, machine learning, and behavioral analytics analyze security events and telemetry data from across the Azure environment. Upon detection, Azure follows predefined incident response procedures, with incident response teams investigating, triaging, and mitigating the threat. Azure Security Center provides actionable recommendations for remediation, ensuring a rapid and effective response. Azure prioritizes incident response based on severity, aiming to minimize the time to detection and containment, with defined SLAs outlining response times for different types of incidents.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Microsoft Azure maintains pre-defined incident management processes for common events, detailing steps for detection, triage, and resolution. Users report incidents through the Azure portal, Support Center, or directly to Azure support. Incident reports are provided post-resolution, detailing the incident timeline, root cause analysis, and remediation actions. Azure communicates incident reports through email notifications, service status updates, and the Azure Security Center dashboard. These processes ensure a structured and transparent approach to incident response, enabling timely detection, resolution, and communication of security incidents to customers and stakeholders.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Microsoft data centers rigorously adhere to the EU Code of Conduct for Energy Efficient Data Centers, employing a multifaceted approach to optimize energy efficiency and reduce environmental impact. This commitment begins with the implementation of cutting-edge cooling systems like air-side economizers and evaporative cooling, minimizing energy consumption associated with temperature regulation. Energy-efficient hardware, including servers and networking equipment, is utilized to maximize performance per watt and minimize energy usage. Furthermore, Microsoft invests in renewable energy sources such as wind, solar, and hydroelectric power to offset energy consumption, demonstrating a commitment to sustainability. Sophisticated energy monitoring and management systems track consumption patterns, enabling the identification of inefficiencies and the optimization of resource utilization. Facility design prioritizes energy efficiency, incorporating modular construction and optimized airflow to minimize waste. Energy-efficient operational practices, including virtualization and dynamic resource allocation, further contribute to reduced energy consumption. Microsoft continually evaluates and enhances its data center operations to achieve higher levels of energy efficiency and sustainability, ensuring alignment with the EU Code of Conduct for Energy Efficient Data Centers and demonstrating leadership in environmental stewardship.

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Our company is committed to fostering an inclusive environment where equal opportunity is not only valued but actively promoted. We recognize the importance of diversity and strive to create a workplace where all individuals, regardless of race, gender, ethnicity, religion, sexual orientation, disability, or other characteristics, have equal access to opportunities for growth, development, and advancement.; ; In practice, this commitment to equal opportunity social value is reflected in various aspects of our operations:; ; Recruitment and Hiring: We ensure that our recruitment processes are fair and unbiased, actively seeking candidates from diverse backgrounds and providing equal consideration to all applicants.; Training and Development: We offer training and development opportunities to all employees, focusing on building inclusive leadership skills, cultural competence, and awareness of unconscious bias.; Promotion and Advancement: We promote a merit-based culture where promotions and advancement opportunities are based on performance, skills, and qualifications, rather than personal characteristics.; Workplace Policies and Practices: We have policies and practices in place to prevent discrimination, harassment, and bias in the workplace, and we provide channels for employees to report any concerns they may have.; Supplier Diversity: We actively seek to engage suppliers and partners from diverse backgrounds, including minority-owned, women-owned, and small businesses, to promote economic inclusion and support underrepresented communities.; By embracing equal opportunity as a core social value, we not only create a more equitable and inclusive workplace but also strengthen our business by leveraging the diverse perspectives, talents, and experiences of our employees and partners.

Pricing

• Price: £350 to £1,200 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full service based on a time limitation as per agreement

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@arxtech.io. Tell them what format you need. It will help if you say what assistive technology you use.