Skip to main content

Help us improve the Digital Marketplace - send your feedback

AWTG LIMITED

iDAMS

iDAMS is our easy-to-use Digital Asset Management Platform developed through the DCMS DCIA Programme. iDAMS accelerates coverage of 5G by making street lights/other assets available for reuse by Mobile Network Operators in return for a rental fee. Market public assets for other purposes e.g. EV charging, advertising etc.

Features

  • An easy-to-use web platform for publishing assets available for rental
  • Aligned to the Digital Infrastructure Toolkit and Open Access Model
  • Import and manage data from multiple sources in one place
  • Display assets and supporting data as layers on Google Maps
  • Search and filter assets using a wide range of metadata/criteria
  • Select individual/multiple assets to view their metadata and/or request use
  • Select assets within a polygon, radius of a point etc
  • Notifies users when actions are required e.g. review/approve acquisition
  • Integrates with network operators’ automated telecoms operations management systems
  • AWTG’s future-proof solutions are Open RAN Compliant and ORAN Ready

Benefits

  • Enables frictionless acquisition of public assets by MNOs and others
  • Enables the efficient roll out of 5G coverage in towns/cities/regions
  • Enables local authorities, NHS and others to monetise their assets
  • An asset marketplace for advertising, EV charging, IoT and more
  • All assets available for rental presented in a single platform
  • A modern, vibrant and engaging user interface and user experience
  • Developed in collaboration with 7 Councils and multiple MNOs/Neutral Hosts
  • Meets all of the requirements and standards specified by DCMS
  • Integrates with AWTG’s SOC platform for automated telecoms operations management
  • AWTG’s future-proof solutions are Open RAN Compliant and ORAN Ready

Pricing

£0 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 7 6 0 7 4 9 6 2 7 1 2 5 4 3

Contact

AWTG LIMITED Ian
Telephone: 02035155151
Email: ian.vernon@awtg.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Some down time is required for scheduled maintenance and upgrades.
System requirements
  • Users require an appropriate end user device and internet connection.
  • Web Apps require Edge15, Chrome69, Safari11, Firefox62, or later.
  • Native Mobile Apps require Android7, iOS12, or later.
  • Solutions designed for screen resolutions of mobiles, tablets, laptops, PCs.

User support

Email or online ticketing support
Email or online ticketing
Support response times
The AWTG service desk is available 24/7 and monitored by AWTG employees during working hours (Mon to Friday 7.30 to 17.30). P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Customers are able to escalate a matter that has previously been reported to the Service Desk.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
AWTG will allocate a named support manager for each client. AWTG provides the same level of support for all clients. Users can log incidents with the AWTG service desk. This is available 24/7 and monitored by AWTG employees during working hours. The Service Desk is resourced by technical experts and is supported by a sophisticated AI assistant. All support calls, issues and fixes are documented and clients are provided with regular reports of performance. All support calls are prioritised 1 to 4 based on their Impact and Urgency. P1 Calls: Target Response Time 30 mins, Target Resolution Time 4 Working Hours; P2 Calls: Target Response Time 60 mins, Target Resolution Time 8 Working Hours; P3 Calls: Target Response Time 4 Hours, Target Resolution Time 3 Working Days; P4 Calls: Target Response Time 24 Hours, Target Resolution Time 5 Working Hours. Target Resolution Time: The elapsed time from the call being logged with AWTG to a complete fault resolution or to an agreed workaround being put in place until the fault is fully resolved. Target Response Time: The elapsed time from the call being logged with AWTG to an AWTG employee contacting the client to commence work on fault resolution.
Support available to third parties
No

Onboarding and offboarding

Getting started
All of our GCloud 13 solutions are configured to the specific needs of each customer. AWTG follows the Prince2 Agile and Scrum methodologies and we adopt a User Centered Design approach. We follow our standard five stage onboarding and configuration approach which is described in detail in our Service Definition Document. This 5-stage process consists of Define, Design, Develop, Demonstrate and Deploy; and it is applied in proportion to the needs of each customer. AWTG will provide clients with end user and system administrator training prior to the launch of the solution. The training can be at the clients own premises or it can be provided online. AWTG will provide clients with training materials and user documentation.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. This includes details of the data that the customer wishes to extract, the format in which the customer wishes to receive the data, and how and where the data should be transmitted in a secure manner. After contract termination all live customer data will be deleted and all customer backups will be destroyed. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this.
End-of-contract process
Prior to the end of the contract, AWTG will agree an offboarding plan with the customer. Customers can be assured that AWTG will provide extracted data in a timely manner and in a common file format that can be easily ingested by an alternative solution. Extracted data will be transmitted to the customer in a secure manner and there will be no additional cost for this. AWTG can provide customers with additional services during off boarding if required. For example, we can retain backups until the customer has fully transitioned to a new platform. There is an additional charge for such additional services. Should the client choose to continue to operate the AWTG solution at the end of a contract period, then AWTG will agree new contractual terms, and we will not charge the customer any offboarding fees. Onboarding fees will only be charged where the customer requires additional services from AWTG such as changes to the configuration and implementation.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
System Admin access is via a web browser. Administrator accounts are created and issued by AWTG using 2FA. Other users must register to create an account. This requires a valid email address and a strong password. Users validate accounts by responding to an email sent to the address provided within a given timeframe. User class determines the users role and privileges within the solution. User classes range from basic (least privileges) to administrator (most privileges). Access controls are tested at least once a year.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
AWTG’s websites feature the UserWay Accessibility Widget to comply with WCAG 2.1 AA requirements. UserWay is a pioneer in innovative website accessibility technologies. UserWay is led by a world class team with decades of experience with complex accessibility protocols, delivery of large scale systems and ground breaking innovation. Userway employs some of the world's leading engineers, entrepreneurs, and visionaries who are defining the future of digital accessibility for us all.
API
Yes
What users can and can't do using the API
The APIs enable customers to import and export data in to and out of the application, in order to enable the application to provide the functionality and information required by the customer. The APIs are configured during the onboarding process. Each customer will have different requirements from the APIs.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The majority of the features listed can be customised to meet the requirements of each individual customer. Configuration and requirements are defined, designed, developed, demonstrated and deployed during the onboarding process.

Scaling

Independence of resources
The architecture consists of several Web microservices. Customer data is spread across various storage and cache layers. The storage layers are designed as data shards, therefore customer data is divided into separate storage containers allowing balancing between them. User identity and access management is driven by AWTG’s Keycloak solution. This features a PostgreSQL backbone enabling horizontal scaling of database tables. MongoDB manages asset, cell and MNO data shards with appropriate caching and indexing. AWTG use Nginx Proxy Manager for horizontal scaling of multiple cache instances using Docker container replication or Kubernetes orchestrator in the Google Cloud Platform.

Analytics

Service usage metrics
Yes
Metrics types
AWTG provides customers with a range of service usage metrics covering Web and Mobile Applications. This information is provided through a mix of real-time dashboards and regular reports.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported where this supports the business processes and workflows provided by the solution, as an automated export as part of the site functionality, or as backups/exports as part of support services.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
Other
Other protection within supplier network
Within Google Cloud Platform, VM to VM routing, including routing to a VM like managed service such as Cloud SQL, takes place on Google's own network backbone, using RFC1918 private IP addresses. In some circumstances, this may require routing traffic outside of the physical boundaries controlled by or on behalf of Google, although as all services for an installation exist within the same Google Cloud Region and Google Cloud Regions map to specific data centres, the likelihood of this happening is extremely low.

Availability and resilience

Guaranteed availability
AWTG’s standard SLA is 24/7/365 site availability with an annual availability of 99.9%. This excludes planned downtime for pre arranged maintenance activities and downtime as a result of factors outside of our control. AWTG operates a service credit regime to compensate customers should we fail to meet our guaranteed level of availability (99.9% excluding planned downtime and downtime as a result of factors outside of our control). Service credits are calculated annually. Customers are refunded a percentage of their annual costs for every 1% shortfall in availability below 99.9%.
Approach to resilience
AWTG Platforms are hosted in two physically separate UK locations. The infrastructure is configured into an active-passive high availability cluster to ensure application availability. Zone 1 is the primary location and actively processes traffic. Zone 2 is a backup that replicates Zone 1, that monitors the health of the primary and takes over if Zone 1 fails. Load Balancing distributes client requests or network load efficiently across multiple servers in each zone, ensuring high availability and reliability by sending requests only to servers that are online in that zone. Load balancing is provided in both zones. AWTG platforms are designed to scale horizontally to handle growth in traffic or usage.
Outage reporting
AWTG platforms are hosted in the Google Cloud Platform. AWTG utilises Google Cloud Monitoring tools and its own additional artificial intelligence enabled monitoring and health state alerting tools to manage the performance of the Application including its ongoing availability. In the event of an outage, AWTG automatically alerts customers by email and automatically alerts AWTG DevOps employees by email and text message. Outages are managed as Priority 1 incidents. Here the target is to respond to the customer within 30 mins and to resolve the issue or put in place an agreed workaround to restore service within four working hours of the incident being logged. If this is not possible, due to the nature of the fault, then AWTG will make all reasonable efforts to escalate the issue and provide any additional technical resources as may be required to achieve a full restoration of the service.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
To access AWTG applications, user must first register to create an account. User registration requires a valid email address and a strong password. Users must validate their accounts by responding to an email sent to the address provided. If a user fails to respond to the validation email promptly, the account is deleted. Each user is allocated to a class which determines their role and privileges within the solution. Users have the minimum required rights to access only the facilities they have rights to. Only AWTG can create administrator accounts which are validated using 2FA.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
CQS (Certified Quality Systems) Limited
ISO/IEC 27001 accreditation date
28/05/2021
What the ISO/IEC 27001 doesn’t cover
The scope of the certification applies to the approved Information Security Management Systems relating to the following activities: The Provision of Engineering Consultancy, Design Optimisation and Network Performance Verification Services.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
AWTG complies with ISO27001, CSA CCM 3.0 and Cyber Security Essentials. AWTG has established an ISO27001 certified Information Security Management System (ISMS) and governance framework. The security governance framework coordinates and directs the management of the solutions and services that we provide and the information that is contained within them. The governance framework ensures that procedures, employees, physical and technical controls continue to work through the lifetime of the solutions and services that we provide to our customers. The framework is regularly updated to respond to changes in the solutions and services that we provide, technological developments and the appearance of new threats. The framework specifies named officers responsible for legislative compliance including data protection and GDPR.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
AWTG maintains an accurate picture of assets along with their configurations and dependencies. Our ISMS conforms to CSA CCM 3.0. AWTG identifies and manages changes which could affect the security of the service and we detect and prevent unauthorised changes. We use the following Google configuration management tools Security Command Centre, Resource Manager and Cloud Deployment Manager. In addition, AWTG is able to validate the full hosting stack using Shielded VMs, which enable live measurement, monitoring, and alerting for any changes. Google provides robust logging services which provide information such as "who did what, where, and when."
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
AWTG has management process in place to identify, triage and mitigate vulnerabilities. Our ISMS conforms to CSA CCM 3.0 In addition, Google’s vulnerability management team track and follow-up vulnerabilities. Once a vulnerability requiring remediation has been identified, it is logged, prioritized, and assigned an owner responsible for ensuring it is remediated. Google administrates a vulnerability management process that actively scans for security threats using a combination of commercially available and purpose-built tools, intensive automated and manual penetration efforts, quality assurance processes, software security reviews and external audits.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
AWTG’s ISMS conforms to CSA CCM 3.0. Google Cloud Platform services monitor for attack, misuse and malfunction in order to detect successful and unsuccessful attacks and quickly respond to potential compromises of customer environments and data. AWTG uses the following Security products: Cloud Identity and Access Management, Cloud Security Scanner, Event Threat Detection, Cloud Security Command Centre and Security Health Analytics, and, Shielded VMs that enable live measurement, monitoring, and alerting for any changes of the full stack.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
AWTG’s ISMS conforms to CSA CCM 3.0. We have carefully pre-planned incident management processes in place so that when incidents do occur, the correct decisions are made minimising the impact on users of security, reliability and environmental issues. Google has a rigorous incident management process for security events that may affect the confidentiality, integrity, or availability of systems or data. This process specifies courses of action, procedures for notification, escalation, mitigation, and documentation. It is structured around NIST guidance on handling incidents (NIST SP 800–61). Google will notify AWTG of data incidents promptly and without undue delay.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

We shall, in agreeing to this Framework Agreement, be accountable for continuous development and execution of our Carbon Net Zero Plan, and actively seek to develop our company policies, and practices to promote the battle against climate change. The ways in which we may be able promote the battle against climate change include but are not limited to: Influence and/or incentivise staff, suppliers, customers and communities through the delivery of call-off contracts to support environmental protection and improvement initiatives. Invest in the adoption and/or deployment of technologies that help reduce carbon emissions in service delivery across the entire supply chain. Invest in the monitoring and reporting of carbon emissions of the corporation, their supply chain, and the solutions they delivery to the customer.

Covid-19 recovery

We shall, in agreeing to this Framework Agreement, seek to help local communities to manage and recover from the impact of COVID 19 in ways including but are not limited to: Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors. Support people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding. Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver Services. Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care Services. Improve workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions. Fair, inclusive and ethical employment practices & skills development.

Tackling economic inequality

We shall, in agreeing to this Framework Agreement, actively seek to develop our company policies and management culture to promote opportunities in an inclusive way and to assist the UK Government in Levelling up by: Creating training schemes that address skills gaps within the workplace and that result in recognised qualifications. Promote awareness of careers and recruitment opportunities relating to known skills shortages or in high growth sectors relating to the subject matter of the contract. Identify opportunities to grow supplier diversity in the contract supply chain or in the location/community where the contract is performed, including SME and VCSE participation and new business creation. Build innovative and/or disruptive technologies into network solutions that increase efficiency and quality whilst reducing the overall cost baseline.

Equal opportunity

We shall, in agreeing to this Framework Agreement, actively seek to develop our company policies and practices to comply with the Equal Opportunities Act of 2010. The key principles being: Eliminate discrimination. Advance equality of opportunity. Foster good relations between different people when carrying out their activities. We will support and encourage employment and skills development opportunities through the performance of this Framework Agreement, with a specific focus on opportunities for priority groups, including but not limited to: People with disabilities ex-offenders BAME; and long-term unemployed  This support may include but is not limited to: Apprenticeship and work experience placements Part-time and full-time employment and flexible working opportunities Providing stable employment and hours of work, and avoiding exploitative employment practices including, for example, inappropriate use of zero-hour contracts or other forms of demand driven contracts supporting individuals to fulfil their potential with further education, employment or training e.g. coaching, mentoring, CV and interview skills providing funded training and professional development opportunities for existing employees providing funded training opportunities (for individuals not employed by Supplier) fair and equal pay policy; and offering a range of employee assistance schemes.

Wellbeing

AWTG’s aims in this respect are: • Providing technological capabilities to communities through our CSR programme. • Supporting volunteering activities by our staff to deliver benefits to their local communities. • Supporting local and grassroot initiatives to develop and prosper. • Partnering with local communities to support employment, internship, and apprenticeship opportunities. • Supporting our staff and contractors to live healthier lives.

Pricing

Price
£0 a licence a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ian.vernon@awtg.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.