FOOTPRINT IT SOLUTIONS LIMITED

Footprint-IT Hosted Platform-as-a-Service

Footprint’s Hosted Managed Platform as a Service is a cloud platform comprising infrastructure and middleware, allowing system developers to focus on building/deploying applications without the cost/burden of platform management. It offers scalability, flexibility, and cost-effectiveness in database management, application hosting/development, monitoring, mobilisation and optimisation and deployment workflows including pilot projects.

Features

• Scalable hosted platform provisioning optimal performance and cost-efficiency.
• Suitable for test, pilot, short-term full service network requirements
• On-demand infrastructure provisioning, optimisation, DevOps and data engineering environment
• Supports Footprint's DevOps, Migration and Optimisation, Data Engineering/analytics, Workflows
• Monitoring and Analytics tracking performance, issues, and optimize resource utilization.
• Automated technical monitoring for optimizing operations and management costs
• Accommodates AI and Machine Learning to identify key data relationships
• Continuous configuration-management, monitoring, alerting, and security responses
• Data transparency tools to identify and address data discrepancies
• Usage based cost models available for pilots/trials and in-life deployments

Benefits

• Faster Time-to-Market, enabling rapid deployment of applications/features.
• Real cost benefit - eliminates need for upfront infrastructure investment
• Scalability on demand, ensuring applications manage varying workloadsand minimal cost.
• Modular capability to complement existing data management and analytics tools
• Significantly reduced risk to your integrations and focus on innovation
• In-House Network "ownership" and promotion of data ownership
• Benefit from Footprint's technical knowledge of portfolio/programme/project solutions
• Confidence that services are configured, patched, hardened while flexible/customised
• Simplify your assurance, accreditation, resilience, compliance and security processes..
• Consistent, documented, auditable processes ensure governance and data compliance

£595.00 to £1,350.00 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.hemming@footprintit.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

487355971733900

Contact

Andrew Hemming
01983475470
andrew.hemming@footprintit.net

Service scope

• Service constraints: No over-arching constraints, and any requirement or project-specific constraints would be identified and discussed with the Buyer by Footprint-IT at the early discovery stage
• System requirements:
  • Secure Browser Access and Internet Connectivity
  • VPN connectivity is normally required
  • Supported, up to date OS versions at customer site

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 1 hour during working days (Monday to Friday 09:00 to 5:30)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We have not carried out specific assistive technology use testing, though we are aware that many customers of ours do have assistive technology users active on systems derived from our work with them.
• Onsite support: Yes, at extra cost
• Support levels: Footprint-IT provide engineers and consultant resource to enable and support change and transformation through DevOps. We support customer choices of cloud hosting and software, enabling customers with developing in the cloud using DevOps best practices. We also support customers in optimising their usage of these AWS DevOps tools at during implementation and in-life. We tailor specific production level and support plans for each project we are engaged with. Normally, these will include P1 to P4 graded incident management, and are included in the overall project costings we provide,
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Footprint-IT will ensure that Customers can expect a smooth onboarding experience with a dedicated success team that tailors documentation to their specific needs. This includes user communication plans, training materials, and quick start guides. Regular check-ins ensure performance is on track, with comprehensive reports provided. Training is prioritised to maximise user adoption from the outset. This may include introductory sessions, success planning meetings, and quarterly reviews. Additional, customised training packages are available. Overall, this collaborative approach ensures a seamless transition and ongoing support to empower users and maximise the value of our service.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: This is service and data dependent, but options where practical include secure FTP or API interaction. These can be triggered on-demand (e.g. username and email), upon records being created/updated, or on a schedule pre-agreed with Footprint-IT
• End-of-contract process: In recognition of evolving business needs, Footprint-IT will offer customers the opportunity to extend their contract term prior to its expiration. To facilitate a smooth renewal process, we request that customers communicate their intent to extend the service and/or contract options at least 60 days before the scheduled termination date. For customers who choose not to renew, a 30-day cancellation notice is required at the end of the contract term. Should the contract reach its natural conclusion without a prior renewal request, Footprint will initiate our standard offboarding process, as outlined within the contract agreement. This process ensures the secure and compliant deletion of all customer data following the official contract expiration. This structured approach guarantees a seamless transition for both renewing and departing customers, while prioritising data security and adhering to contractual obligations.

Using the service

• Web browser interface: Yes
• Using the web interface: ===Placeholder===
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: N/A - this is a service designed on a per-client basis so not subject to testing of this type beforehand
• API: Yes
• What users can and can't do using the API: Footprint's API will allows applications to access data and interact with external software components, operating systems, or microservices. They bring applications together in order to perform a designed function built around sharing data and executing pre-defined processes.
• API automation tools: Ansible
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: We do not share between differing clients the mPaaS environments we assemble, and our hosting is subject to automatic scaling (and down), ensuring our customers get the capacity they require.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • System and user data (encrypted)
  • Servers and VM's
  • Application servers
  • Disk volumes (encrypted)
  • Files and Folders (structure & content)
• Backup controls: This is customer requirement specific, typically Footprint-IT can implement schedule-based backups or dynamic/replication.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Single datacentre with multiple copies
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Footprint-IT's managed Platform-as-a-Service runs to a 99.99% target availability KPI. We monitor our uptime & bandwidth continuously, and develop KPI/SLA triggers for each service. Generally, service credits are available for service disruptions and can be claimed by raising a support ticket where we will review the claim and raise any applicable service credits.
• Approach to resilience: Our Hosted PaaS service is designed to be highly available, resilient and scalable, with appropriate redundancy measures implemented to achieve our target uptimes, including instance and data centre redundancy, load balancing, hardware and software failover across disparate components, data replication, and automated scaling. We detail this on a per-deployment basis with our customers.
• Outage reporting: We use email as standard for outage reporting. Where a critical (or foreseen) event arises, we endeavour to reach stakeholders by email/telephone in addition to the standard elements

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: All staff access is controlled by our access control policy, staff only have access to areas of the systems required for their specific job roles and these are regularly reviewed in line with ISO27001. All systems are protected by a secondary authentication method and access/session activity is fully logged.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 14 April 2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: As an ISO27001 compliant organisation we have in place a suite of policies and procedures that are owned and governed at board level by our CTO and CISO. These include Information management policy, Cyber Security Management Framework, Information Classification and Handling Policy, Data Protection Framework, Service management Policy ID management Framework, Password Policy control, Secure Remote working, Incident Management policy, Cryptographic Policy, Asset Management, Internet Usage regulations, use of OTC/2FA, lock-down of devices, Each includes escalation pathways based on time and nature of any incident, and immediate escalation right up to the CEO for critical incidents including any data breach. All frontline support staff are required to pass an annual refresher test on our information security policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have a detailed change management process that conforms to the ISO27001 standard and is governed by our project management teams on each deployment. These include comprehensive tracking of assets, config history and change history.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Footprint-IT deploys software tools to monitor and assess the customer infrastructure for known vulnerabilities and threats. On notification and/or discovery of a new vulnerability, we aim to apply patches within 72 hours. We also monitor the logs from our services and are alerted to suspicious activity, and are subscribed to various threat intelligence resources.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Footprint-IT uses software tools to monitor and assess the customer infrastructure for known vulnerabilities and threats. On notification and/or discovery of a new vulnerability, we aim to apply patches within 72 hours. We also monitor the logs from our services and are alerted to suspicious activity, and are subscribed to various threat intelligence resources
• Incident management type: Supplier-defined controls
• Incident management approach: Footprint IT manages a pre-defined Incident Management process that covers common incidents such as user account breaches or the detection of suspicious activity, which users can also log themselves as incidents via our support desk. Each incident will be logged along with remedial activity undertaken. Incident reports are made available following incident resolution and communicated by email to affected parties either as they occur, or as part of regular review meetings/interaction

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Footprint-IT host with Hyperscaler datacentres, in particular AWS, who adhere to the EU code of conduct for energy-efficient datacentres. For more information please visit https://aws.amazon.com/about-aws/sustainability/

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Footprint is committed to creating innovative Technology with a positive impact by working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint is committed to becoming Net Zero by 2050. Footprint commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Fighting climate change’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 4.1 Deliver additional environmental benefits in the performance of the contract including working towards net-zero greenhouse gas emissions. • MAC 4.2 Influence staff, suppliers, customers, and communities through the delivery of the contract to support environmental protection and improvement which as part of our Social Value Commitment, this product offering will also be integrated into the company's Continuous Improvement Plan and will be scrutinised to identify, monitor, measure and achieve the MAC 4.2 measures. Example reporting metrics of benefits delivered under the contract may include: People-hours spent protecting/improving the environment under the contract, Number of green spaces created under the contract, reduction in emissions of greenhouse gases, reduction in water use, and reduction in waste to landfill.

  Covid-19 recovery

  Footprint commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Covid-19 recovery’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 1.1: Creation of employment, re-training, and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high-growth sectors. • MAC 1.2: Support for people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding. • MAC 1.3: Support for organisations and businesses to manage/recover from the impacts of COVID-19, including where new ways of working are needed to deliver services. • MAC 1.4: Support for the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services. • MAC 1.5: Improvements to workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions Example reporting metrics of benefits delivered under the contract may include: Number of FTE employment for those made redundant due to COVID-19, people-hours supporting local community integration related to COVID-19, and percentage/number of the supply chain to have implemented the 6 standards in the Mental-Health-at-Work commitment.

  Tackling economic inequality

  Footprint commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Tackling Economic Inequality’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC2.1: Create opportunities for entrepreneurship and help new organisations grow. • MAC2.2: Create employment/training opportunities for people who face barriers to employment, are located in deprived areas, and in industries with known skills shortages or high growth sectors. • MAC2.3: Support educational attainment including training schemes • MAC 3.1: Create a diverse supply chain including new businesses/entrepreneurs/start-ups/SMEs/VCSEs/mutuals. • MAC 3.2: Support innovation and disruptive technologies throughout the supply chain to deliver lower cost, higher quality goods/services. • MAC 3.3: Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity. • MAC 3.4: Demonstrate collaboration and a fair/responsible approach to working with supply chain partners. • MAC 3.5: Demonstrate action to identify/manage cyber security risks in the delivery including in the supply chain. Example reporting metrics of benefits delivered under the contract may include: Number of FTE employment/apprenticeship/training opportunities created, learning interventions delivered, start-up/SME/VCSE/mutuals opportunities awarded, and relevant supply chain metrics e.g. Cyber Essentials certification and adoption of NCSC 10 steps.

  Equal opportunity

  Footprint commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Equal opportunity’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 5.1: Demonstrate action to increase the representation of disabled people in the contract workforce. • MAC 5.2: Support disabled people in developing new skills relevant to the contract, including through training schemes resulting in recognised qualifications • MAC 6.1: Demonstrate action to identify/tackle inequality in employment, skills, and pay in the contract workforce. • MAC 6.2: Support in-work progression to help people, including those from disadvantaged/minority groups, to move into higher-paid work by developing new skills relevant to the contract. • MAC 6.3 Demonstrate action to identify/manage the risks of modern slavery in the delivery of the contract, including in the supply chain. Example reporting metrics of benefits delivered under the contract may include: Percentage/number of FTE disabled/under-represented people employed as a proportion of the total FTE including apprenticeships/training schemes, percentage/number of companies in the supply chain to have committed to the five foundational principles of good work, percentage of supply chain mapping completed, and people-hours devoted to supporting victims of modern slavery.

  Wellbeing

  Footprint commits to working with your organisation to ensure that opportunities under the contract deliver agreed Policy Outcomes and Model Award Criteria. Footprint’s Wellbeing policies are aligned to the UK Government’s Good Work Plan (satisfaction, fair pay, participation and progression, well-being, safety and security, voice and autonomy). Footprint understand our buyers have commitments in this area and will work with them at implementation stage. We routinely work to ensure delivery of meaningful positive input in this important area. Our initial discovery workshop will include a clear method statement stating how we will achieve Policy outcomes and how our commitment meets the Award Criteria, a timed project plan and process (detailing how we will implement agreed commitments and by when), and how we will monitor, measure and report on our commitments/the impact of our proposals. Related to ‘Wellbeing’ we will focus on implementing effective measures to deliver any/all of the following benefits through the contract: • MAC 7.1: Demonstrate action to support health and wellbeing, including physical/mental health, in the contract workforce. • MAC 7.2: Influence staff, suppliers, customers, and communities through the delivery of the contract to support health and wellbeing, including physical and mental health. • MAC 8.1: Demonstrate collaboration with users and communities in the co-design and delivery of the contract to support strong integrated communities. • MAC 8.2: Influence staff, suppliers, customers, and communities through the delivery of the contract to support strong, integrated communities. Example reporting metrics may include: Percentage/number of the supply chain to have implemented measures to improve the physical and mental health and wellbeing of employees including the 6 standards in the Mental Health at Work commitment and mental health enhanced standards in ‘Thriving at Work’, and people-hours supporting local community integration e.g. volunteering/community-led initiatives and Mental Health First Aiders

Pricing

• Price: £595.00 to £1,350.00 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 14-day access to a fully-managed demo.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.hemming@footprintit.net. Tell them what format you need. It will help if you say what assistive technology you use.