e-Zest Solutions Limited

Cloud, Dev-Ops and Managed Services

e-Zest, an agile digital technology innovation partner for Fortune 500 enterprises, public sector organisations and software product companies. Leveraging specializations and partnerships with multiple global cloud principles, we have helped organisations adopt innovative technologies to improve their processes, optimise their profitability and amplify end-user experience since more than two decades.

Features

• Our service includes archiving, backup & DR planning and implementation
• Computing platforms that enable delivery of software via the Internet
• A cloud service that allows to upload, organize, start-stop, scale
• A service starting from big data and metadata management, BI-analytics
• NoSQL Consulting and Development services include: DynamoDB, MongoDB, CouchDB, Cassandra
• Cloud Infrastructure Provisioning and Administration Services through its partnerships
• Resource Manager and can help to deploy-configure cloud seamlessly
• Monitoring and troubleshooting are to improve on performance and scalability
• Asynchronous service-to-service communication used in serverless and microservices architectures
• Build, deploy, test and run applications on cloud PaaS service

Benefits

• 2X Faster Cloud Adoption
• 43% Reduced cost of Ownership
• 99.999% SLA
• 5% Efficiency in the Application
• 5% - 8% Optimized Bills
• 20% Reduction in IT staff management costs
• 50% Reduction in repeat call/tickets per year
• Performance and High Availability - 24x7x365 Cloud Monitoring
• Manage and ensure business continuity with potentially high demand
• Optimal Infrastructure and Cost Management

£207 a person a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at athang.kale@e-zest.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

475279531477279

Contact

Athang Kale
+44 7500 706737
athang.kale@e-zest.com

Service scope

• Service constraints: E-Zest specializes in delivering servicers on globally known cloud platforms such as Microsoft Azure and Amazon AWS. While we offer end-to-end services on cloud advisory through design, development and managed services to our global customers, we have observed that these cloud service providers have some limitations/constraints in terms of features and functionalities. In these situations, we closely work with principles as a preferred partner and come up with a solution to mitigate this constraints.
• System requirements:
  • E-Zest offers cloud services which are independent of server-based requirements
  • Because it hosted in cloud which are scalable on need
  • However, people to access cloud should have reasonable computing facility
  • Based on the environment and kind of existing non-cloud system
  • We come up with specific system requirements time-to-time

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Responding to tickets and emails is the function of service level agreement (SLA). e-Zest team works with customer point of contact on identifying this SLAs before kicking-off the engagement and all team members are sensitized to work. Sample SLA:; 1. For Critical tickets, response time is 30 mins to an hour based upon Urgency.; 2. For High priority tickets, response time is 30 mins to 2 hours based upon Urgency.; 3. For Medium priority tickets, response time is 2 to 4 Hours based upon Urgency.; 4. For Low priority tickets, response time is 4 to 8 hours based upon Urgency
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We always recommend the use of third party ticketing tool like Zendesk to manage tickets and services. This third party tool has web chat support to communicate, share the information within the team in real-time.
• Onsite support: Yes, at extra cost
• Support levels: We provide tiered support to provide the best possible service in the most possible efficient manner. ; 1. Level 1 / L1 support: This is the initial support level responsible for basic customer issues that do not require any developer intervention. Typical activities include support required related to usage of the system, educating the user, resolving configuration issues. ; The first job of a Level-1 specialist is to gather the user’s information and to determine the user’s issue by analyzing the symptoms and figuring out the underlying problem. Once identification of the underlying problem is established, the specialist can begin sorting through the possible solutions available. ; ; 2. Level 2 / L2 support: This is a more in-depth technical support requiring experienced and more knowledgeable personnel on a product or service. For this level of support of developer intervention is required but there is no change in functionality.; ; 3. Level 3 / L3 support: This is the highest level of support in a three-level support model responsible for handling the most difficult or advanced problems. This support involves developer intervention with functionality level changes. Complete life cycle needs to be executed to implement such changes.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Service Startup scripts
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Word
  • PowerPoint
  • Excel
• End-of-contract data extraction: All the cloud subscriptions and ownership is always with the customer. Once all the dues are cleared as per the contract, e-Zest hands-over all the subscriptions to customer. We are a global technology services company and adhere to the highest level of professionalism.
• End-of-contract process: E-Zest as a professional global service provider company, before we engage into the contract, we make sure that our proposal response includes all these necessary details. At the end of the contract, if any handover and knowledge transfer is to be done, e-Zest does so in a professional manner and additional commercial basis. e-Zest doesn't store any data; after the contract is over, whatever the contractual obligation is regarding the data as per the contract, it is agreed and executed by e-Zest (such as, destroying all the data).

Using the service

• Web browser interface: Yes
• Using the web interface: We always recommended to use of third party ticketing tool like Zendesk to manage tickets and services. Below are few features and functionality provided by the ticketing tool:; - Flexible ticket management with automated workflow; - Multi-channel support: email, web, phone, chat, social media; - Mobile support with native iPhone, iPad, and Android apps; - Robust reporting and advanced analytics; - Customer facing web interface that you can easily brand; - Knowledge base portal and community forums included; - Over 100 out-of-the-box integrations with 3rd party apps; - Open API enabling seamless integration into your business; - Multi-brand support with linked accounts; - Unlimited, free “light agents” (Enterprise plan only); - Group rules and macros; - Screen casting; - Public and private forums; - Full CSS rebranding; - Multi locale (time zone and languages); - Export ticket views to CSV; - SSO with Twitter, Facebook, Google and SAML; - REST API
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Yes, we have done accessibility standard testing WCAG 2.1 AAA of web UI interface.
• API: Yes
• What users can and can't do using the API: We always recommend the use of third party ticketing tool like Zendesk to manage tickets and services. Whatever APIs exposed and provided by these third party providers will be also available to customer.
• API automation tools:
  • Ansible
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: This can be managed through Infrastructure capacity planning. All services reach 85% then we scale the service as per requirement.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: E-Zest resells Microsoft Azure's technology products and cloud components.

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: The security of data at rest is ensured as per policies deployed according to ISO 27001:2013.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Back up of database schema to reuse
  • Back up stored data along with encrypted data
  • Back up VM, SQL workloads and on-premises VMware-machines
  • Restore data with App consistency using VSS snapshot & freeze
  • Encrypt data and keep it for extended period
  • Manage resources and activity from Azure central backup
  • Full backups
  • Incremental backups
  • Differential backups
  • Remote Backup
• Backup controls: E-Zest is a technology service provider company and we use services provided by AWS, Azure and Google cloud etc. cloud service provider. They have proven and modern all types of configuration settings for backups to manage from web interface.
• Datacentre setup: Single datacentre with multiple copies
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Site-to-site VPN connection is implemented between e-Zest and client network to securely access data between networks. Email services are TLS enabled that care of encryption to protect outbound and inbound communications. To connect network securely by using SSL VPN connection. SPAM messaging gateway for advanced threat protection and anti-spam solution. On firewall we have Advanced gateway subscription that care of unwanted services. NAT rules on firewall to provide secure access.
• Data protection within supplier network:
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Capture Advanced Threat Protection (ATP) Service, Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention, Content Filtering Service subscription, Application Intelligence and Control Service subscription that help to secure internal network. VLAN are used to segregate network that help to get access in particular area data. SSL certificates are used to secure websites. WIFI network is secured through [WPA2][Auth(PSK)] and MAC Filtering of physical systems. Symantec Endpoint Protection software is used for Antivirus on all server and client systems. Regular data backups. Data Leak Protection service installed in network. Project repository access are granted after ticket in ticketing system and approval of Project manager.

Availability and resilience

• Guaranteed availability: We use public cloud service provider such as, AWS, Azure, Google Cloud etc. So availability that are guaranteed by these cloud providers is what customer get. e-Zest has no role-play in doing so. However, as a part of managed service contract, if there are any tickets raised e-Zest follows the SLAs as per the contract.
• Approach to resilience: Reliable applications are:; - Resilient and recover gracefully from failures, and they continue to function with minimal downtime and data loss before full recovery.; - Highly available (HA) and run as designed in a healthy state with no significant downtime.; ; During the architectural phase, we focus on implementing practices that meet customer's business requirements, identify failure points, and minimize the scope of failures:; - Perform a failure mode analysis (FMA); - Create a redundancy plan; - Design for scalability; - Plan for subscription and service requirements; - Use load-balancing to distribute requests; - Implement resiliency strategies; - Build availability requirements into design; - Manage your data. ; - Choose replication methods for application data. ; - Protect your data. ; - Plan for data recovery.
• Outage reporting: We use public cloud service provider such as, AWS, Azure, Google Cloud etc. So outages reported by these providers will be submitted to customers.

Identity and authentication

• User authentication: Other
• Other user authentication: Token-based authentication
• Access restrictions in management interfaces and support channels: Ensure no user credentials is shared. Create user groups and add the user to desired groups.; Restrict the user access to particular directory by limiting the permissions to that directory to specific user/group.; If required, ensure user has access to only specific commands by granting him a custom shell
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: TUV NORD
• ISO/IEC 27001 accreditation date: Certificate date: 30/10/2020. Valid till 19/10/2023
• What the ISO/IEC 27001 doesn’t cover: The control A.14.2.7 Outsourced Development is excluded from the certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Crossbow Labs LLP
• PCI DSS accreditation date: 29/05/2020
• What the PCI DSS doesn’t cover: E-Zest IT & cloud administrative support are covered in PCI DSS scope. Rest of the e-Zest software development activities are not covered.
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 9001 ; CMMi 3 ; PCI Compliance
• Information security policies and processes: -Policies and procedures as per ISO 27001:2013 are implemented. ; -Project teams implement application security requirements as defined at organization level.; -Internal audits are conducted quarterly to review the implementation. The non-conformances in the audit are recorded and corrective actions are taken to close them after appropriate root cause analysis.; -Monthly review of IT processes is done as per PCI DSS requirements.; -External certification/surveillance audits are conducted as per ISO 27001:2013.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Requirements Management at e-Zest is driven by specialized Analysis practice and is a two-step process – Scope and Requirements Management. Initially in the project the focus is on understanding the breadth of requirements and defining the boundaries of the system – this is documented under a scoping document. ; ; We perform change management at three different levels –; • Level 1 of change management is to minimize the scope of change in future; • Level 2 of change management is by tracking small scale changes in requirements; • Level 3 of change management is assessment of the impact of requirement changes
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Asset Based, operational and personal data risk assessment is performed. VAPT are conducted at regular intervals.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Log monitoring, Data leak prevention controls, incident monitoring and risk monitoring are performed as protective monitoring processes.
• Incident management type: Supplier-defined controls
• Incident management approach: E-Zest has proven enterprise global incident management process. The incident process provides efficient incident handling, which in turn ensures continual service uptime. The process steps are as described below:; 1. Identification; 2. Logging; 3. Categorization; 4. Prioritization; 5. Initial Diagnosis; 6. Incident escalation; 7. Investigation and diagnosis; 8. Resolution and recovery; 9. Incident closure

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Azure & AWS
• How shared infrastructure is kept separate: The subscriptions are created for specific customer on public cloud service provide such as AWS, Azure, Google Cloud etc. We use their services so its owner of the public cloud service provider to ensure that no Two subscriptions are mixed with each other.

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  e-Zest started the initial support to frontline workers who have supported the nation during the COVID-19 pandemic. We distributed masks and multivitamin tablets to Corona Warriors working in Pune, India.; ; e-Zest was also a part of Mission Vayu which had been anchored by MCCIA Pune and PPCR (Pune Platform for COVID-19 Response) to help government and healthcare organizations to strengthen the medical infrastructure and get aid to accelerate the response to COVID-19 recovery.; ; As a part of the scheme, e-Zest contributed five units of BiPAP ventilators in presence of Murlidhar Mohol, Pune Mayor.; ; e-Zest has also made valuable contribution to COVID -19 recovery worldwide as e-Zest has helped UNICEF in development of a COVAX portal. COVAX is a program led Program co-led by CEPI (Coalition for Epidemic Preparedness Innovations), World Health Organisation, GAVI, alongside key delivery partner UNICEF. It was introduced ; • To deliver COVID Vaccines to low and lower middle-income countries; • To support procurement for upper middle-income and high-income nations; • Ensure global equitable access to COVID-19 vaccines; • Securely supply COVID-19 vaccines all over the world
• Tackling economic inequality:

  Tackling economic inequality

  We extend support to the Digital India Mission with our digital empowerment bus initiative. ; This initiative has been launched under the aegis of the Digital Pune Mission with an objective to empower at least one person per low-income household in Pune with basic digital literacy skills. This translates to over 2 lakh citizens to be trained. Pune Municipal Corporation, in association with Pune City Connect and NASSCOM Foundation, had launched this mission as part of the development plans for Pune and to encourage the national agenda of achieving Digital Literacy under the National Digital Literacy Mission (NDLM). 40000 citizens have been trained thus far under this large scale public private partnership that is benefitting the low-income communities of Pune.
• Wellbeing:

  Wellbeing

  e-Zest as an organization are committed to protecting our workforce and enabling them to work remotely from the safety of their homes due to severe outbreak of COVID-19. ; ; For mental health wellbeing e-Zest implemented the services of a mobile application called GoVida for all our employees all over the globe. The application offers rewarded wellbeing. The solution is designed to become “go to” platform for employee wellness and health improvement. The smart phone app and employer portal provide the tools businesses need to promote physical and mental wellbeing and encourage work life balance whilst rewarding their staff.

Pricing

• Price: £207 a person a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at athang.kale@e-zest.com. Tell them what format you need. It will help if you say what assistive technology you use.