S&M TECHSOL LIMITED

Data Warehousing Hosting via Google Cloud Platform (BigQuery)

GCP BigQuery is a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyse all your data using your existing business intelligence tools.

Features

  • Cloud strategy and advisory
  • Hybrid cloud architecture
  • Migrating apps, data from a legacy to a cloud
  • Full-service strategy boot camps and strategic mapping
  • Data Warehouse Offload to Cloud

Benefits

  • Flexible Pricing Structure
  • Very Easy to Scale Server Resources
  • High Uptime and Availability
  • Speedy Setup Process
  • Up to 5x faster than standard MySQL databases
  • Highly scalable for Demands
  • Efficiency
  • Flexibility
  • Strategic value

Pricing

£355 a unit a day

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at venkata@smtechsol.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

4 7 8 4 2 8 4 9 9 5 9 8 4 0 7

Contact

S&M TECHSOL LIMITED Venkata Angaluri
Telephone: 020 3744 3337
Email: venkata@smtechsol.co.uk

Service scope

Service constraints
None, we have a team of specialists who can assist to plan around constraints
System requirements
We use your environment only

User support

Email or online ticketing support
Email or online ticketing
Support response times
General guidance cases < 24 hours; system impaired cases < 12 hours; production system impaired cases < 4 hours; production system down cases < 1 hour; business-critical system down cases < 30 minutes
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Slack is accessible via any web browser that supports HTML5 and is also accessible programmatically via its API. Alternatively, Slack can be used via its own desktop client.
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
Standard support includes Customer Success Managers, Technical Account Managers, Support Engineers and a 24/7 Operations Centre. We aim to respond to ALL incidents and requests within 15 minutes 24/7, with a priority on resolving P1 incidents.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All new customers are assigned a Customer Success Manager that will provide proactive support and advise for the first 90 days. This also includes the assistance from dev-ops and cloud architects to ensure the right solution is provisioned and maximised for the workloads, along with a range of user guides.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The customer has complete autonomy of how data is stored and managed within their virtual environment. Data can be extracted either from within the VM (for example, copying data over virtual networks), or the entire VM (for example, exporting as a VMDK or OVF).
End-of-contract process
We will return all your data and materials which cannot be deleted or exported by you, and securely destroy all copies of your data on your written instruction. We will return any pre-paid sums for services not delivered to you. We will not penalise you for terminating your contract with us unless specifically stated in the Service Definition. We will also return all of your confidential information, unless there is a legal requirement that we keep it.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
This does not apply to us as we are only providing consulting and advisory services.
Usage notifications
No

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
No

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Our consulting and advisory services do not need any SLAs. Having said that we can build in some risk and rewards based on you adopting our recommendations.
Approach to resilience
This is not applicable to us as we are providing Consulting and advisory services. However, we do ensure the team assigned too you stays with the client.
Outage reporting
Not applicable to our services.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
We can help you build these access restrictions as per our consulting and advisory services.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Dedicated device on a segregated network (providers own provision)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
CSA CCM version 3.0
Information security policies and processes
Cloud platforms AWS/Google/ Azure implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment.

Employees maintain policies in a centralised and accessible location.

The output of reviews include any decisions or actions related to:

• Improvement of the effectiveness of the ISMS.
• Update of the risk assessment and treatment plan.
• Modification of procedures and controls that affect information security to respond to internal or external events that may impact the ISMS.
• Resource needs.
• Improvement in how the effectiveness of controls is measured.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes to AWS/Google/Microsoft Azure Platform services and features follow secure software development practices, including security risk reviews prior to launch. Developer access to production environments is via explicit access system requests, subject to owner review and authorisation.

Teams set bespoke change management standards per service, underpinned by standard Platform guidelines.

All production environment changes are reviewed, tested and approved. Stages include design, documentation, implementation (including rollback procedures), testing (non-production), peer to peer review (business impact/technical rigour/code), final approval by authorised party.

Emergency changes follow Platform incident response procedures. Exceptions to change management processes are documented and escalated to Platform management.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
AWS/Google/Azure Security performs vulnerability scans on the host operating system, web applications, and databases in the environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.

AWS Security monitors newsfeeds/vendor sites for patches and receives customer intelligence via http://aws.amazon.com/security/vulnerability-reporting/.
Google Cloud Vulnerability Management - https://cloud.google.com/container-registry/docs/vulnerability-scanning
Microsoft Azure Vulnerability Management - https://docs.microsoft.com/en-us/azure/security-center/built-in-vulnerability-assessment
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Cloud platforms AWS/Google/Microsoft Azure deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:

• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts

Near real-time alerts flag incidents, based on Service/Security Team- set thresholds.
Incident management type
Supplier-defined controls
Incident management approach
Cloud platforms AWS/Google/Microsoft adopts a three-phased approach to manage incidents:

1. Activation and Notification Phase
2. Recovery Phase
3. Reconstitution Phase

To ensure the effectiveness of the Incident Management plan, conducts incident response testing, providing excellent coverage for the discovery of defects and failure modes as well as testing the systems for potential customer impact.

The Incident Response Test Plan is executed annually, in conjunction with the Incident Response plan. It includes multiple scenarios, potential vectors of attack, the inclusion of the systems integrator in reporting and coordination and varying reporting/detection avenues.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Social Value

Fighting climate change

Fighting climate change

Activities that:
- Deliver additional environmental benefits in the performance of the contract including working towards net zero greenhouse gas emissions.
- Influence staff, suppliers, customers and communities through the delivery of the contract to support environmental protection and improvement.
Covid-19 recovery

Covid-19 recovery

At SMTECH we are committed to help local communities to manage and recover from the impact of COVID-19 by

- Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors.
- Support people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding.
- Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services.
- Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.
- Improve workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions.
Tackling economic inequality

Tackling economic inequality

At SMTECH we are committed to the below statements to tackle economic inequalities

-Create employment opportunities particularly for those who face barriers to employment and/or who are located in deprived areas.
- Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors.
- Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications.
- Influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.
-Create a diverse supply chain to deliver the contract including new businesses and entrepreneurs, start-ups, SMEs, VCSEs and mutuals.
- Support innovation and disruptive technologies throughout the supply chain to deliver lower cost and/or higher quality goods and services.
- Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity
Equal opportunity

Equal opportunity

At SMTECH we provide equal opportunities to everyone without any discrimination on any grounds, we are committed to below principles.

- Increase the representation of disabled people in the contract workforce.
- Support disabled people in developing new skills relevant to the contract, including through training schemes that result in recognised qualifications.
- Influence staff, suppliers, customers and communities through the delivery of the contract to support disabled people.
- Identify and tackle inequality in employment, skills and pay in the contract workforce.
- Support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the contract.
- Identify and manage the risks of modern slavery in the delivery of the contract, including in the supply chain.
Wellbeing

Wellbeing

At SMTECH we take at most care to ensure to improve health and wellbeing to our employees, suppliers, customers and third parties.

Which includes the activities below

- Actions to support the health and wellbeing, including physical and mental health, in the contract workforce.
- Influence staff, suppliers, customers and communities through the delivery of the contract to support health and wellbeing, including physical and mental health.
-Collaboration with users and communities in the codesign and delivery of the contract to support strong integrated communities.
- Influence staff, suppliers, customers and communities through the delivery of the contract to support strong, integrated communities.

Pricing

Price
£355 a unit a day
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at venkata@smtechsol.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.