INFOHASH LTD

Digital Transformation, Cloud Infrastructure provisioning and platform security

InfoHash provides hosting infrastructure in AWS managed through Terraform IaC. Provisioning the cloud infrastructure. Embedding security in the cloud infrastructure. Automated security checks in the cloud infrastructure. Automated compliance checks in the cloud infrastructure. Automated report generation, and auto-remediation.

Features

• Terraform IaC
• Ansible Configuration Management
• Continuous integration, Continuous delivery, and Continuous deployment
• Automated Security Testing
• Automated Compliance checks
• Automated Infrastructure Testing
• Sustainable infrastructure provisioning with less carbon emission
• Test driven development
• Agile delivery

Benefits

• You can efficiently mange infrastructure as code.
• You get a seamless flow of software
• You get an early feedback loops on the software flow
• Shift left to attain early security testing & compliance check
• Intuitive design, and implementation
• Cost effective infrastructure provisioning
• You get a trackable velocity based agile delivery
• You get monitoring capability from mobile devices
• You get BAU activities supported by us.
• You get a resilient, scalable, available, and secure system.

£395 to £695 a user a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at harish@infohash.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

499383461391988

Contact

Harish Kamugakudi Marimuthu
07903896490
harish@infohash.co.uk

Service scope

• Service constraints: N/A
• System requirements: N/A

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response times during weekends are as per the project's need and as agreed.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: There will be a technical account manager with who the customer can engage for their ongoing technical needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Code, Documentation, and Training provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: As a best practice, we tend to store everything in a customer-owned environment. In case of need demands and when we use any system, we will plan and share the user data in the way they expect it, by engaging and agreeing with the customer.
• End-of-contract process: The cost is per engineer per day rate.; In case the engineer needs to travel to a remote location to meet the customer's needs, then the cost will be agreed upon with the customer.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Testing the scalability in an early software life cycle.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Infrastructure components
  • Virtual machines
  • Databases
  • Network configurations
  • Object stores
• Backup controls: Yes. As per customer needs, we can tailor the backup on a different schedule through automation.
• Datacentre setup: Single datacentre with multiple copies
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The level of availability which we can guarantee is the cloud infrastructure's availability.; ; In case we do not meet the availability expectation, the refund is paid as agreed upon with the customer.
• Approach to resilience: Self-heal infrastructure, auto-recovery infrastructure, redundancy in multiple available zones for fault tolerance.; The details can be available on request.
• Outage reporting: Public dashboard; email

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access controls will be provided.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: About to get the CyberEssential Plus certification.
• Information security policies and processes: About to get ISO 27001 certification for the company.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A streamlined configuration managed workflow with frequent early testing.; Any changes to the defined environment are managed via a configuration management tool.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Through scheduled automated security testing, and vulnerability assessment of infrastructure and services through various tools.; ; Once identified the patches are applied in a lower environment first to gain the confidence of rolling out the patches to production.; ; There is a dashboard that gets generated out of the scheduled vulnerability assessment. That dashboard gives information about the potential threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Proactive frequent scheduled monitoring of security can identify any potential threats to the infrastructure.; There are certain tools and techniques which can auto-fix the potential threats. There are occasions when the change record is created automatically and addressed immediately based on the severity of the threat.
• Incident management type: Supplier-defined controls
• Incident management approach: Using incident management tools & processes for this. Preferably the tool the user already has or if needed we can recommend the tool and process as per the customers' need.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: AWS
• How shared infrastructure is kept separate: AWS managed infrastructure. When a customer needs stringent network isolation, then bare-metal installation can be provided in the cloud.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: https://aws.amazon.com/energy/sustainability/

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We design and deliver software to cater the environmental benefits by working towards net-zero greenhouse gas emissions.

  Covid-19 recovery

  We give the opportunity in employing the people affected during the COVID-19 crisis, then give them enough training to serve the customer need.

  Tackling economic inequality

  We strive to create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors.

  Equal opportunity

  Social Justice is a key principle for InfoHash. We support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the contract.

  Wellbeing

  We demonstrate action to support health and wellbeing, including physical and mental health, in the contract workforce.

Pricing

• Price: £395 to £695 a user a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at harish@infohash.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.