S&M TECHSOL LIMITED

Data Warehousing Hosting via Google Cloud Platform (BigQuery)

GCP BigQuery is a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyse all your data using your existing business intelligence tools.

Features

• Cloud strategy and advisory
• Hybrid cloud architecture
• Migrating apps, data from a legacy to a cloud
• Full-service strategy boot camps and strategic mapping
• Data Warehouse Offload to Cloud

Benefits

• Flexible Pricing Structure
• Very Easy to Scale Server Resources
• High Uptime and Availability
• Speedy Setup Process
• Up to 5x faster than standard MySQL databases
• Highly scalable for Demands
• Efficiency
• Flexibility
• Strategic value

£355 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at venkata@smtechsol.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

478428499598407

Contact

Venkata Angaluri
020 3744 3337
venkata@smtechsol.co.uk

Service scope

• Service constraints: None, we have a team of specialists who can assist to plan around constraints
• System requirements: We use your environment only

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: General guidance cases < 24 hours; system impaired cases < 12 hours; production system impaired cases < 4 hours; production system down cases < 1 hour; business-critical system down cases < 30 minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Slack is accessible via any web browser that supports HTML5 and is also accessible programmatically via its API. Alternatively, Slack can be used via its own desktop client.
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: Standard support includes Customer Success Managers, Technical Account Managers, Support Engineers and a 24/7 Operations Centre. We aim to respond to ALL incidents and requests within 15 minutes 24/7, with a priority on resolving P1 incidents.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All new customers are assigned a Customer Success Manager that will provide proactive support and advise for the first 90 days. This also includes the assistance from dev-ops and cloud architects to ensure the right solution is provisioned and maximised for the workloads, along with a range of user guides.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customer has complete autonomy of how data is stored and managed within their virtual environment. Data can be extracted either from within the VM (for example, copying data over virtual networks), or the entire VM (for example, exporting as a VMDK or OVF).
• End-of-contract process: We will return all your data and materials which cannot be deleted or exported by you, and securely destroy all copies of your data on your written instruction. We will return any pre-paid sums for services not delivered to you. We will not penalise you for terminating your contract with us unless specifically stated in the Service Definition. We will also return all of your confidential information, unless there is a legal requirement that we keep it.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: This does not apply to us as we are only providing consulting and advisory services.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Our consulting and advisory services do not need any SLAs. Having said that we can build in some risk and rewards based on you adopting our recommendations.
• Approach to resilience: This is not applicable to us as we are providing Consulting and advisory services. However, we do ensure the team assigned too you stays with the client.
• Outage reporting: Not applicable to our services.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: We can help you build these access restrictions as per our consulting and advisory services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Cloud platforms AWS/Google/ Azure implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment.; ; Employees maintain policies in a centralised and accessible location.; ; The output of reviews include any decisions or actions related to:; ; • Improvement of the effectiveness of the ISMS.; • Update of the risk assessment and treatment plan.; • Modification of procedures and controls that affect information security to respond to internal or external events that may impact the ISMS.; • Resource needs.; • Improvement in how the effectiveness of controls is measured.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to AWS/Google/Microsoft Azure Platform services and features follow secure software development practices, including security risk reviews prior to launch. Developer access to production environments is via explicit access system requests, subject to owner review and authorisation.; ; Teams set bespoke change management standards per service, underpinned by standard Platform guidelines.; ; All production environment changes are reviewed, tested and approved. Stages include design, documentation, implementation (including rollback procedures), testing (non-production), peer to peer review (business impact/technical rigour/code), final approval by authorised party.; ; Emergency changes follow Platform incident response procedures. Exceptions to change management processes are documented and escalated to Platform management.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: AWS/Google/Azure Security performs vulnerability scans on the host operating system, web applications, and databases in the environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.; ; AWS Security monitors newsfeeds/vendor sites for patches and receives customer intelligence via http://aws.amazon.com/security/vulnerability-reporting/.; Google Cloud Vulnerability Management - https://cloud.google.com/container-registry/docs/vulnerability-scanning; Microsoft Azure Vulnerability Management - https://docs.microsoft.com/en-us/azure/security-center/built-in-vulnerability-assessment
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Cloud platforms AWS/Google/Microsoft Azure deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:; ; • Port scanning attacks; • Usage (CPU, processes, disk utilization, swap rates, software-error generated losses); • Application metrics; • Unauthorized connection attempts; ; Near real-time alerts flag incidents, based on Service/Security Team- set thresholds.
• Incident management type: Supplier-defined controls
• Incident management approach: Cloud platforms AWS/Google/Microsoft adopts a three-phased approach to manage incidents:; ; 1. Activation and Notification Phase; 2. Recovery Phase; 3. Reconstitution Phase; ; To ensure the effectiveness of the Incident Management plan, conducts incident response testing, providing excellent coverage for the discovery of defects and failure modes as well as testing the systems for potential customer impact.; ; The Incident Response Test Plan is executed annually, in conjunction with the Incident Response plan. It includes multiple scenarios, potential vectors of attack, the inclusion of the systems integrator in reporting and coordination and varying reporting/detection avenues.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Fighting climate change:

  Fighting climate change

  Activities that: ; - Deliver additional environmental benefits in the performance of the contract including working towards net zero greenhouse gas emissions. ; - Influence staff, suppliers, customers and communities through the delivery of the contract to support environmental protection and improvement.
• Covid-19 recovery:

  Covid-19 recovery

  At SMTECH we are committed to help local communities to manage and recover from the impact of COVID-19 by; ; - Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors.; - Support people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding.; - Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services.; - Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.; - Improve workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions.
• Tackling economic inequality:

  Tackling economic inequality

  At SMTECH we are committed to the below statements to tackle economic inequalities; ; -Create employment opportunities particularly for those who face barriers to employment and/or who are located in deprived areas. ; - Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors. ; - Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications. ; - Influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.; -Create a diverse supply chain to deliver the contract including new businesses and entrepreneurs, start-ups, SMEs, VCSEs and mutuals. ; - Support innovation and disruptive technologies throughout the supply chain to deliver lower cost and/or higher quality goods and services. ; - Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity
• Equal opportunity:

  Equal opportunity

  At SMTECH we provide equal opportunities to everyone without any discrimination on any grounds, we are committed to below principles.; ; - Increase the representation of disabled people in the contract workforce. ; - Support disabled people in developing new skills relevant to the contract, including through training schemes that result in recognised qualifications. ; - Influence staff, suppliers, customers and communities through the delivery of the contract to support disabled people.; - Identify and tackle inequality in employment, skills and pay in the contract workforce. ; - Support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the contract. ; - Identify and manage the risks of modern slavery in the delivery of the contract, including in the supply chain.
• Wellbeing:

  Wellbeing

  At SMTECH we take at most care to ensure to improve health and wellbeing to our employees, suppliers, customers and third parties.; ; Which includes the activities below; ; - Actions to support the health and wellbeing, including physical and mental health, in the contract workforce. ; - Influence staff, suppliers, customers and communities through the delivery of the contract to support health and wellbeing, including physical and mental health.; -Collaboration with users and communities in the codesign and delivery of the contract to support strong integrated communities. ; - Influence staff, suppliers, customers and communities through the delivery of the contract to support strong, integrated communities.

Pricing

• Price: £355 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at venkata@smtechsol.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.