EAI System Cloud Hosting Service

We provide a comprehensive suite of hosting, advisory, implementation, support and enablement services enabling customers to extract the maximum value from their investment. We work in partnership with our clients to drive better business outcomes by leveraging our deep expertise in cloud technologies.


  • Provisioning
  • Monitoring and Event Management
  • Patch and Continuity Management
  • Availability
  • Security and Access Management
  • Compliance
  • Incident Management
  • Change Management
  • Cost
  • Support


  • Quick and easy deployment of cloud infrastructure
  • Environment if configured for logging and alerts using best practices
  • Patching and backup activities keep your resources current and secure
  • Our Managed Services are hosted in multiple regions world-wide
  • Protect information assets and helps keep your cloud infrastructure secure.
  • rigor and controls help to enforce your corporate and security
  • monitor the overall health of your infrastructure resources
  • secure and efficient means to make controlled changes
  • recommendations to optimize platform usage and optimize cost
  • Full time employees are available to augment and empower you


£200 to £1,000 a licence a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at manasi.lovlekar@eaisystems.com. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

4 7 1 1 9 2 2 0 9 0 4 9 2 9 1


Telephone: 07852710858
Email: manasi.lovlekar@eaisystems.com

Service scope

Service constraints
The service can be accessed from Mobile, PC, Laptop etc. It's a web based service so internet connectivity is required.
System requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
We respond to queries with Highest Severity (S1) within an hour, for other severities it can take from few hours to a couple of days depending on if there are any other higher severity queries / tickets are present.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We provide credentials to users to access the web chat support. Users have to login into the application for chat support with the credentials and then can chat with any available support persons. We haven't done any testing with assistive technology users
Onsite support
Yes, at extra cost
Support levels
Tier 1 : Basic help desk resolution and service desk delivery
Tier 2 : In-depth technical support
Tier 3 : Expert product and service support
Tier 4 : Outside support for problems not supported by the organization
Support available to third parties

Onboarding and offboarding

Getting started
We provide onsite training or online training and user documentation.
We also have our support personnel who would assist our customers if they have any queries about using our service.
We also help users set up the APIs, Command-line interface for using our service.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Offline
  • Web interface
End-of-contract data extraction
At the end of the contract, the data is backed up and stored securely for a set duration, during which the customer needs to get it. After that duration, the data is removed and is not available.
End-of-contract process
End of contract will be based on the service agreement with customer.

Using the service

Web browser interface
Using the web interface
The web interface supports all operations. There may be some extra configurations required to support few complex operations.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
The web interface can be accessed using a web browser or through an app. We haven't done any testing with assistive technology users
What users can and can't do using the API
Users can perform all infrastructure setup and management operations through the API.
It can be used to setup infrastructure through CI/CD pipeline.
Cloud resources can be created or updated using the API.
Access control can also be performed.
API can be used to get reports related to cloud infrastructure.
API automation tools
  • Ansible
  • Chef
  • Terraform
  • Puppet
  • Other
API documentation
API documentation formats
  • PDF
  • Other
Command line interface
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
Users can perform all infrastructure setup and management operations through the Command line interface.
It can be used to setup infrastructure through CI/CD pipeline.
Cloud resources can be created or updated.
Access control can also be performed.
Reports can be generated using the command line.


Scaling available
Scaling type
  • Automatic
  • Manual
Independence of resources
For each user the hosted environments are kept in a virtual private cloud, which are completely separate and cannot get impacted by how other users are using their services.
Usage notifications
Usage reporting


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
Regular reports


Supplier type
Reseller providing extra support
Organisation whose services are being resold

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
What’s backed up
  • Data in databases
  • Any files stored in cloud storage
  • Logs of the applications
  • Periodic backup of the Application instances (Server Images)
Backup controls
Users need to put a request to support staff stating what they want to backup and the frequency if the backups are to be taken periodically.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We offer the availability simillar to what AWS ,Azure and Google cloud offers (around 99%). Based on the contractual terms we refund part of the amount if we do not meet the SLA.
Approach to resilience
With horizontal autoscaling, load balancers and microservices like lambdas the load is distributed and guarantees resilience and high availability
Outage reporting
We can configure the emails to be sent to concerned support staff / users for scenarios like outages, cpu usages or memory usages crossing a set threshold

Identity and authentication

User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Each user is assigned to a role. Roles define the level of access, permissions to access any service / component. The default policy is deny all and access is granted after an approval process where access is granted only for the requested or needed services / components.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
We follow below steps for security governance :
1. Take a holistic approach to strategy
2. Create awareness and training throughout the
3. Monitor and measure - constant assessment of policies - which work and which do not work.
4. Establish open communication between all stakeholders.
5. Promote agility and adaptability
Information security policies and processes
1. Acceptable Use Policy
2. Access Control Policy
3. Change Management Policy
4. Information Security Policy
5. Incident Response (IR) Policy
6. Remote Access Policy
7. Email/Communication Policy
8. Disaster Recovery Policy
9. Business Continuity Plan (BCP)

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
As part of Configuration Management we focus on below aspects :
1.Identification of configurable items
2.Labelling of configurable items
3.Protection of configurable items
4.Keeping of baseline and other information
5.Configuration Verification and Audit
6.Defining Responsibilities

For change management of the configurable items we follow below process :
1. Identification of needed change.
2. Determining the impact of the change.
3. Change request.
4. Change strategy.
5. Execution of change.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our Vulnerability Assessments can help to protect the integrity of applications and data by proactively identifying potential attack vectors or vulnerabilities in your environment. You will receive notification whenever a vulnerability is detected, plus remediation guidance from our team of security experts.

An essential element of any security strategy, vulnerability assessments can allow you to stay one step ahead of intruders, before they can take control of your servers and access business-sensitive information. we perform effective vulnerability management and detect relevant threats. Using a non-intrusive internal scanner, we configure monthly scans to assess solution for security threats.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our protective monitoring activity covers all assets that provide our products to customers, including all hosting infrastructure, networking and management applications.
We protectively monitor up to the hypervisor.
The following demonstrates the scope of Protective Monitoring:
Perimeter routes and firewalls - protectively monitors and regularly assesses any potential vulnerabilities at the perimeter, alongside other mitigations including DDoS* and active vulnerability scanning.

Compute hypervisor, networks and physical infrastructure - we protectively monitor and regularly assess vulnerabilities across all components of the hosting estate (for example, hypervisors, hosting infrastructure, servers, networking and management applications).
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incidents can be classified into three categories: Software, Hardware, and Service Request. Service request part not always viewed as incident, but rather as Change Requests. Incident management is the process of limiting those elements which are detrimental to the proper functioning of the business. Incident management is usually followed by a post-incident analysis in which it is determined how it appeared despite the precautions and controls put in place. Incidents are reported using emails.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
Other virtualisation technology used
Custom Virtualization technologies used by AWS and Azure
How shared infrastructure is kept separate
We use VPCs ( Virtual private clouds) for each individual customer, each VPC contain cloud infrastructure for an individual organization only. The VPCs has a separate set of security rules and users for accessing it.

Energy efficiency

Energy-efficient datacentres

Social Value

Fighting climate change

Fighting climate change

We are committed to playing our part in the fight against climate change and always consider the impact on the environment when conducting our business activities. The aim of EAI Systems Ltd is to be carbon neutral by the year 2040, whereby helping UK achieve its zero carbon by the year 2050. Many of solutions we have delivered over the years have digitized manual, paperless processes and encouraged use of customer facing devices to gain input. This has not only given our customers the benefit of reduced costs and improved efficiency but also reduced their use of paper. We also positively influence behaviour of customers through our delivery of Cloud solutions. Software we provide has facilitated the decommissioning of numerous on-premises servers in favour of a cloud-based platform, reducing overall energy consumption. We have removed all printers from our offices and send all our contracts, consultancy agreements and documentation via digital channels. When it is necessary to send physical packages, we take steps to ensure recyclable packaging is used and any non-recyclable items are kept to a minimum. We have changed our office lightings to LED lightings with sensors thereby saving on electricity. As we continue to scale and grow as a business, we aim to regularly review our business processes, looking for opportunities to reduce our carbon footprint and undertake other initiatives which will help us become truly carbon neutral.
Covid-19 recovery

Covid-19 recovery

Please visit our website for more details on how we are helping on Covid19 recovery. https://www.eaisystems.com/about/products


£200 to £1,000 a licence a month
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at manasi.lovlekar@eaisystems.com. Tell them what format you need. It will help if you say what assistive technology you use.