Tata Consultancy Services Limited

TCS Hyperscaler Cloud Management and Re-seller services

TCS offers Cloud platform and infrastructure services on Microsoft Azure, Amazon Web Services (AWS) and/or Google Cloud Platform (GCP).

Features

• Deploy, manage and run software
• Self-service catalogue for provisioning workloads
• Delivery model through virtual workforce
• Centralised metering and cloud cost monitoring optimisation
• Centralised threat monitoring and dashboards
• Multi-cloud managed service
• Machine First, full stack automation enabled cloud services
• Standardised set of tools, processes - cloud economics, service transparency
• Service catalogue based modular adoption
• Provision and use processing, storage or networking resources

Benefits

• TCS as single partner to across managed services and licensing
• Pay as You Go: only pay for what you use
• Direct Support: both licensing and 1st line support from TCS
• Multi-cloud Brokering
• Leverage hyperscaler cost efficiencies for loyalty
• Access to hyperscaler funding programmes for PoC's and new workloads
• Access latest technology innovations in the cloud: GenAI and Quantum.
• Exploit a wide array of Security tools and capabilities
• Derive carbon benefits of cloud computing for a greener future.
• Access to competitive pricing compared to traditional and direct procurement

£0.01 a unit a second

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.PublicSector@tcs.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

505613715081395

Contact

Meena Meghani
07860 259091
UK.PublicSector@tcs.com

Service scope

• Service constraints: As stated by the public cloud provider. As an example for Azure, please see ; https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: As provided by the public cloud provider. As an example for AWS, please see https://aws.amazon.com/premiumsupport/compare-plans
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: More details available from each Cloud Provider
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: As provided by the public cloud provider. As an example for GCP please see; https://cloud.google.com/support/; For AWS; https://aws.amazon.com/premiumsupport/compare-plans; For Azure please see ; https://azure.microsoft.com/en-us/support/plans/
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: TCS provides a range of services spanning across advisory, implementation, migration and support and is detailed in our Lot 3 service offering titled - "TCS Cloud Consultancy and Support Services"
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats: Kindle
• End-of-contract data extraction: Data may be copied out using hyperscaler API tools to download data
• End-of-contract process: Buyer may terminate the relationship with Supplier for any reason by (i) providing Supplier with notice and (ii) closing Buyers account for all services for which Supplier provide an account closing mechanism. ; ; Buyers pay for the services they use to the point of account termination. ; ; Supplier customers retain control and ownership of their data. Supplier will not erase customer data for 30 days following an account termination. This allows customers to retrieve content from Supplier services so long as the customer has paid any charges for any post-termination use of the service offerings and all other amounts due.

Using the service

• Web browser interface: Yes
• Using the web interface: As provided by the public cloud provider.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Using the console provided by the public cloud provider.
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: As provided by the public cloud provider.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
• Other API automation tools:
  • Wide range of third party services
  • SDKs for Python, Ruby, PHP, JavaScript, Java, .NET, Node.js
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: Functionalities provided by the public cloud provider can be accessed via the command line interface

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Environments are logically segregated and will leverage TCS design principles to drive the segregation of duties and resource utilization. Security controls and real-time monitoring by the public cloud provider ensures independence of resources.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • VPN Tunnel Metrics
  • Request Metrics
  • Health Metrics
  • Maintenance Metrics
  • Workflow Execution Metrics
  • Application Health
  • Latency Metrics
  • Activity Metrics
  • Capacity Availability
  • Packets
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Google, AWS, Azure

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• Backup controls: TCS will bring the domain knowledge to design and build the respective public cloud platform in order to align to the customer needs.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Other
• Other protection within supplier network: Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them. Cloud Providers give customers ownership and control over their content by design through simple, but powerful tools that allow customers to determine how their content will be secured in transit.; ; Cloud Providers enable customers to open a secure, encrypted channel to services using TLS/SSL, and/or IPsec or TLS VPN (if applicable), or other means of protection the customers wish to use.; API calls can be encrypted with TLS/SSL to maintain confidentiality; the Console connections are encrypted with TLS.

Availability and resilience

• Guaranteed availability: As provided by the public cloud provider.
• Approach to resilience: As provided by the public cloud provider.
• Outage reporting: Real time monitoring and report via dashboard, email, messaging.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: As provided by the public cloud provider. In addition, TCS will design controls as per the customer compliance requirements.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: TÜV NORD CERT GmbH
• ISO/IEC 27001 accreditation date: Initial certification: 2006. Last certification 01.04.2024, Valid until 31.03.2027
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 22/11/2023
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: -
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27017
  • ISO 27018
  • SOC 1/2/3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 27017, ISO27018, Cyber Essentials Plus, SOC1/2/3
• Information security policies and processes: Default will be as provided by the public cloud provider. In addition, TCS will bring industry knowledge with respect to customer's business compliance requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: As provided by the public cloud provider.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As provided by the public cloud provider.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: As provided by the public cloud provider.
• Incident management type: Supplier-defined controls
• Incident management approach: As provided by the public cloud provider.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Any of these could be applied and will be driven by the design principles
• How shared infrastructure is kept separate: As per the public cloud provider and TCS design principles

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: As per cloud provider for example AWS https://sustainability.aboutamazon.com/environment/the-cloud

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  TCS UK and Ireland achieved Carbon Neutral operational status in FY 23 for Scope 1 & 2 GHG emissions. We have reduced Scope 1& 2 emissions by 71% and Scope 3 emissions by 45% (vs. FY2016 baseline). ; ; TCS is committed to achieving net zero status by 2030. Contracts awarded under this framework will be governed by our net zero pledge.; ; We evidence our commitment through independent certifications:; o PPN 06/21 compliant Carbon Reduction Policy (Oct 2023); o PAS 2060 Carbon Neutrality Certification (2023); o ISO 14064 validation & verification of GHG emissions (2022); o ISO14001:2015 Environmental Management System (2022-2025); o Ecovadis Gold (2023); o Sustainalytics 11.7 Low Risk (2023); o MSCI climate & ESG A rated (2022); o All data centres ISO50001, powered by renewables; ; To ensure TCS incorporate Fighting Climate Change (FCC) within RM1557.14 delivery we will:; • Work with purchasing Authorities to help them meet their FCC goals through sustainable delivery and knowledge sharing; • Conduct annual sustainability assessments (to ISO14044) to determine potential improvements, and develop and implement contract environmental and sustainability policies and procedures ; • Propose sustainable solutions using green software development practices (aligned to Greening Government Commitments) to reduce energy consumption and the carbon footprint of applications.; • Provide role-specific environmental and sustainability training so that all staff understand their responsibilities, embrace green practices in their day-to-day job, help achieve enterprise-wide goals of reducing carbon footprint from operations. ; • Minimise travel by use of e-conferencing services, online training etc; • Embed sustainable procurement across our supply chain by requiring and supporting partners to sign the TCS Code of Conduct for Suppliers to ensure they share our values and commitments; • Follow TCS’ Green Procurement Policy, factoring life-cycle cost and potential environment impact of products and services.

  Covid-19 recovery

  UK Government research shows some workers were disproportionally economically impacted by the pandemic, including disabled people, minority ethnic groups and the youngest and oldest workers; we also note that the recovery of labour force participation rate in the UK has been poor when compared with similar economies. ; ; We also recognise a shortage of digital skills and a risk that some people are being left behind, with 52% of people leaving full-time education without advanced digital skills (Department for Culture, Media and Sport, 2022). ; ; TCS training and employment opportunities help plug the skills gap, help empower career growth and sustainability in local communities. We seek opportunities to work with local partners and training providers and will do so for any contracts awarded under RM1557.14 to assist Purchasing Authorities meet their local priorities through activities such as:; ; • Working with local SME supply chains allowing us to invest in communities ; • Partnering with qualified training organisations, local colleges and universities to offer a range of Apprenticeships from Level 2-7. Current examples of established programmes with customers include Jaguar Land Rover and Diligenta.; • Initiatives including workshops in partnership with local Job Centres. This provides mentoring in IT career opportunities, training and skills suggestions, CV creation and interview preparation. We shall ensure people interested in IT opportunities receive information on forthcoming TCS vacancies.; ; This approach provides value for the workforce, our customers, local communities and TCS: ; • Individuals benefit from enhanced skills relevant to their role, increased job satisfaction, higher market value - in TCS and externally.; • Customers benefit from high-quality service delivered by skilled, motivated, engaged employees.; • Local communities benefit through employment and training schemes.

  Tackling economic inequality

  As a major UK Software and IT Services provider, we understand the market and recognise the equality issues affecting different members and groups of the workforce.. Our training and employment programmes help tackle inequality, empower career growth and sustainability in local communities.; Through RM1557.14 we will support purchasing Authorities to tackle inequality through:; ; •Apprenticeships, internships, and graduate positions within our organisations. All posts are paid at least the Real Living Wage. Recruits are supported by comprehensive training plans, career and learning pathways.; •Paid and unpaid work experience placements, virtual and in-person, within our programme delivery teams.; •Digital education and skill initiatives e.g. school-focused STEM and careers events, online and in-person. STEM programmes (students aged 6-18) introducing Computer Science, Design Thinking and Innovation to young people. We invite purchasing Authorities to nominate local schools and participate in these events.; •Careers skills events, online and in-person e.g. collaboration with local service providers to help people into training and work by volunteering through mock interviews, CV writing support, etc. ; •Attending Career Fairs with Education Authorities and Universities ; •Community outreach through volunteering and sustainable civic leadership programmes. We invite purchasing Authority staff to volunteer alongside TCS, creating strong partnerships and employee involvement in local causes. ; •Innovation Forums through our Co-Innovation Network for SMEs/MSMEs, start-ups and entrepreneurs to share learning and development and innovation in technology.; •Our partner Generations UK provides training to support people into careers that would otherwise be inaccessible, hiring candidates from BAME (black, Asian, minority ethnic) communities and different socio-economic backgrounds. These individuals have been trained in Cloud technologies, and some switch careers to IT through our bootcamps. ; •Providing all employees with clear career paths, enabled by extensive in-house learning platforms and mechanisms. Coaching and mentoring gives employees the support they need to grow their careers.

  Equal opportunity

  We are an equal opportunities employer, committed to Diversity, Equity and Inclusion (DEI). We select and promote individuals who demonstrate the right skills, values, attitudes and behaviours, regardless of disability, race or gender. ; ; To ensure Equal Opportunities within RM1557.14 we will:; •Help purchasing Authorities meet their goals through knowledge sharing; •Govern contracts awarded under our corporate policies and procedures. ; •Recruit and promote using only neutral job descriptions to ensure we do not exclude or discriminate due to protected characteristics.; ; TCS is/has:; •A Living Wage employer paying salaries specific to level and experience, benchmarked continuously against peer organisations.; •A Disability Confident Employer, complies with UK Business Disability Forum guidelines, using their expertise to audit recruitment/onboarding practices. ; •Working to reduce the Gender Pay Gap (UK gap 17.7%); •35.7% of our workforce are women (an industry high figure), +60% senior women executives since 2019, women hiring +10% since 2021; •A workforce of 153 nationalities and 5 generations (88% millennials); •Global DEI policy and training for all employees. Inclusive leadership training for people managers and certified HR training. UK specific training aligned to the Equality Act. ; •Supported access and flexible working as a norm.; •Employee Networks to tackle inequality including LGBTQ+, Gender Equity, Cultural Diversity, Enable (for employees with disabilities), and Single Parenting.; •Annual Diversity Maturity survey (e.g. gender, nationalities and generation) monitoring and informing policy and action. We benchmark status against the industry and act to address any gaps.; •Committed to supporting in-work progression. Skills development programmes give career pathways to all employees (39.7m hours of learning by staff in FY23/24). Staff have career advice and support to develop, cross- or re-skill, to progress their careers in different functions, technologies, and domains. ; •A compliant Modern Slavery Statement published at TCS.com, confidential whistleblowing hotlines and grievance mechanisms, and supplier risk assessments.

  Wellbeing

  TCS is Gold Certified by the Top Employers Institute as a global leader in people practices and ranked #2 in the world in Employee Health & Wellness.; ; Staff wellbeing is supported through “TCS Cares”, a comprehensive, wrap around package free to all staff.; ; Mental health services aligned to the Mental Health at Work commitment (MHaWC) include:; •Confidential advice available 24/7*365; •Face-to-face counselling (certified ISO9001:2015, ISO27001:2013) on personal issues, self-development, separation and loss, relationship issues, job stress, elder care, childcare, parenting, work-life balance, domestic violence, harassment, substance abuse etc. ; •Access to Mental Health First Aiders who:; o Support those experiencing mental health crisis or emotional distress. ; o Spot early signs and symptoms, support through conversations or escalate as needed.; o Assess risk of suicide or self-harm and escalate if required.; •Mental Health Ambassadors: employees who have experienced mental health issues raise awareness by sharing their personal experience and lessons learned. ; •Mental health ‘toolkits’ e.g. “Working From Home: How Do I Prepare?”, “Looking After Your Mental and Emotional Well-Being”; •Emotional wellbeing leave ; •Access to the “TCS Minds” employee mental health network, with 100+ UK members. Regular newsletters are enhanced by monthly ‘coffee connects’: Teams calls discussing Mental Health topics and a full annual events programme.; ; Physical Health and Wellbeing services include:; •24x7 virtual UK GP, providing unlimited consultations free for employees & dependents, vaccination programmes, health insurance.; •Fit4Life, our fitness and physical wellbeing programme (available as an app), encouraging associates to see fitness as a common activity and goal.; •Bike to Work scheme; •Weekly all hands calls covering H&S, good ergonomics and dynamic risk assessment for remote workers. Employees can apply for equipment to create safe working environments.; •Monthly virtual/in-person events for all staff including yoga, Meditation Sessions ; •Volunteering programmes. TCS logged 6.7 million hours of volunteering in 2023.

Pricing

• Price: £0.01 a unit a second
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: As provided by the public cloud provider.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.PublicSector@tcs.com. Tell them what format you need. It will help if you say what assistive technology you use.