Application Design, Development and Hosting
Our services specialise in developing, deploying and hosting software to process your data. We offer comprehensive cloud agnostic services for applications, spanning DevOps to Managed Cloud, IAAS or PAAS, be it Public, Private or Hybrid. Our consultant team prioritises development and operational relationships, leveraging automation, agility, and efficiency.
Features
- Services include cloud-agnostic solutions for easy Cloud migration.
- Optimisation through Cloud Consulting.
- Comprehensive, custom system design and architecture.
- Enablement of hosting, development, and maintenance of apps
- Agile methodologies for software and infra-automation cycles
- Collaborative software engineering to meet your needs
- Streamlined Agile DevOps release orchestration
- Seamless CI/CD tool migrations and integrations
- Infrastructure efficiency through code
- Leveraging your data to derive intelligence
Benefits
- Receive a personalised service through our consultancy and design
- Enhance your systems via our design & architectural expertise
- Enable smooth transitions with cloud migration
- Accelerate development with our agile software & infra-automation
- Seamlessly deploy with our Agile DevOps orchestration
- Improve processes with continuous integration/delivery deployment
- Make informed decisions using your data through bespoke tooling
- Gain expert guidance from our managed cloud consulting
- Streamline infrastructure management with our coding service
- Optimize infrastructure through our comprehensive audit and design
Pricing
£0 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 9 4 4 4 7 9 2 2 5 7 1 4 0 1
Contact
HAMILTONIAN DYNAMICS LTD
Rob Diamond
Telephone: 07966900679
Email: directors@hamiltoniandynamics.com
Service scope
- Service constraints
-
Service will need customer engagement to ensure their requirements are met.
Standard Cloud Hosting Constraints. Any additional constraints will be identified and addressed during the requirements phase. - System requirements
- Full requirements to be established during requirements gathering phase.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 9-5 weekday support. Weekend support on prior arrangement
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Support is provided via email, or tickets on a 9-5 basis,
Phone support can be arranged if required
Staff on site can provide additional support as required and refined during the requirements phase. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- On hands training can be provided User documentation will be available for the main features and workflows
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
Data can be provided via storage device (if large) or end product reports can be exported as and when required.
Will comply with all relevant UK Laws - End-of-contract process
- At the end of a contract the services are ceased and all data securely erased after a grace period (unless user required immediate erasure), If required data or reports can be extracted for supply to the user.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Web Interface is provided by Cloud providers. Custom Web Interface for this can be developed if required to meet specific customer needs.
Web Interface for applications and services are provided as an when required. - Web interface accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web interface accessibility testing
-
Browser DevTools (Lighthouse) and automated Accessibility testing using A11y and AXE tools to ensure Web Interfaces comply with standards.
Manual testing is performed using screen readers and speech recognition software to improve usability by assistive technology users. - API
- Yes
- What users can and can't do using the API
- Users can query our services via an API, these can be customised depending on buyer requirements. Main interface will be a UI, however complementary APIs can be provided for reporting and exporting purposes
- API automation tools
- Other
- Other API automation tools
-
- Common programming languages
- Modules for automation tooling can be developed when required
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- ODF
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Service is built and developed with user requirements taken into account for scaling and anticipated load. Automated scaling can be implement to ensure resources are available for all user interaction.
- Usage notifications
- Yes
- Usage reporting
-
- Other
- Other usage reporting
- Automated ticketing.
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
- All / any data
- Backup controls
- Backups are provided as standard due to service design, implementation and services high availability / data redundancy
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Availability is dependant on 3rd Party cloud hosting services. On prem solutions will rely on local support staff
- Approach to resilience
-
Resilience is dependant on 3rd Party cloud hosting services.
Additional cross-site resilience can be setup if required - Outage reporting
- Email alerts
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Access to management interfaces is to only expose them to a dedicated management network. This is often achieved with separate network interfaces on the managed infrastructure.
Seller or users can configure accesses for different user groups. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Security governance and risk management follows NCSC guidelines
- Information security policies and processes
- Information security policies aim to follow NCSC and Cyber Essential guidelines and processes
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All changes are stored in a configuration management tool and require a ticket for the change request which is recorded in a change management tool
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Constant monitoring of services is performed for vulnerability management and mitigation. Patches are applied routinely, and dependant on severity expedited to production systems.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Auditing, monitoring and reporting is used to track and identify compromises
Security manager is informed when a potential compromise and manages the process.
Incidents are responded to immediately when detected - Incident management type
- Supplier-defined controls
- Incident management approach
-
Service aims to follow guidelines set by NCSC.
Incidents are triaged, contained, investigated, resolved and reported on when they occur.
Users can report incidents via email to the security manager.
Incident reports can be provided on conclusion of the event
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Third-party
- Third-party virtualisation provider
- AWS, Azure, GCP, other provider if required
- How shared infrastructure is kept separate
- Services provided for each organisation are contained within their own account, subscription, or project. Resources are kept separated and secure using provider mechanisms.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- Provision or access is only through industry standard and accredited Data centres.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
At Hamiltonian Dynamics, we believe in taking tangible steps towards a greener future. We
don't have a physical office, significantly reducing our team's need to commute and lowering
our carbon footprint. We visit customer sites when necessary, further minimising our
environmental impact. On site we will adhere to the customer/ clients environmental policies
to collaborate and support their efforts to minimise impact on the environment.Covid-19 recovery
Service can be used to protect UK economy and for fraud detection which may have been taken advantage of during Covid-19Tackling economic inequality
We believe that a diverse workforce drives innovation and enhances our ability to meet the
diverse needs of our customers and stakeholders. We are committed to inclusive practices
and embracing individuals from various racial, ethnic, cultural, gender, sexual orientation,
ability, and socioeconomic backgroundsEqual opportunity
We are dedicated to providing equal opportunities for career growth, development, and
advancement to all .
We recognise that historical disparities exist, and we commit
to implementing fair and unbiased practices to ensure that everyone has an equal chance to excel .Wellbeing
Improve health and wellbeing
Activities that:
- Demonstrate action to support the health and wellbeing, including physical
and mental health, in the contract workforce.
- Influence staff, suppliers, customers and communities through the delivery
of the contract to support health and wellbeing, including physical and mental health,
Pricing
- Price
- £0 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A free trial or demo can be provided to demonstrate functionality of the systems. Limitations can depend on user requirements.