ANS Group

Secure Remote Access

ANS offers cloud-based RAS solutions for a secure remote connection for Public Sector organisations and their industry partners to connect back to the office networks, applications and data. The range of solutions includes connectivity for Tier 1 - OFFICIAL (including SENSITIVE) with 2-factor authentication, protective monitoring and full end-user support

Features

• Tier-1 Remote Access Service via Internet, RLI, PSN or HSCN.
• End-to-end compliance
• Integrates with EMM
• 2-Factor Authentication options available
• Single Sign On for improved User Experience
• Hassle-free VPN setup
• Simple Client installation
• Full End User Support available from Service Desk
• Protective Monitoring and Security reporting (GPG-13)
• Predictable monthly billing

Benefits

• Available as Cloud Service from existing accredited platforms.
• Options for connectivity to networks including RLI, PSN and HSCN.
• UK Sovereignty guaranteed
• Software as a Service model reducing
• infrastructure and maintenance costs.
• Scalable to meet the changing demands.
• In Case of Emergency option available to burst capacity.
• Range of RAS solutions available to meet your specific requirements.
• UK-based, ISO-accredited data centres, fully owned and operated by ANS.

£0.01 to £0.30 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

545062732347159

Contact

Steve Carroll
+44 (0) 1612271000
tenders@ansgroup.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: The provision of the Cloud Software Services includes planned maintenance activities, which are documented within a Service Level Agreement. ANS works with our customers to ensure that systems are regularly patched and maintained, whilst minimising impact on the user community and business requirements. ANS works with the customers and the user community of the cloud software to deliver secure and resilient services, balancing the security and functionality that are commensurate with the business requirements.
• System requirements: End Point Devices to be approved for OFFICIAL/Tier 1 use.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Calls are responded to within 3 rings. Service Ticket response time is dependent on the criticality: 1. Critical - Immediate Response 2. High - Response within 10 minutes 3. Medium - Response within 1 hour 4. Low - Response within 4 hours 5. Very Low - Response within 24 hours. The standard SLA response times are applicable from 09:00 to 17:00 Monday to Friday (excluding UK Bank Holidays). 365/24/7 Support is also available as a service at an additional cost.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: All ANS customers have access to ticket and telephone-based support, unless they choose to take an unmanaged service. Customers have access to a named Account Manager who takes overall responsibility for the customer's commercial, technical and support relationship with ANS. Customers are assigned a support "pod" based on the type of solution they have with ANS. This ensures customers will always be supported by the same core team of support engineers who are technical experts in their particular solution. Enterprise and public sector customers also have access to a named Customer Success Manager in addition to their Account Manager.; ; Standard support is provided 08:00 to 18:00 Monday to Friday and includes 1st line (User support) through to system management, monitoring and administration. Additional support is available to extend the service support to 24/7 at additional cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: At ANS, we believe that helping our clients prepare for, implement and manage organisational change is paramount if they are to achieve long-term success. ANS are highly focussed on helping customers to achieve full user adoption and our implementation methodology has been proven to create an environment that makes success much more likely by focussing on ongoing knowledge transfer and training.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: MS Word
• End-of-contract data extraction: The export of data is supported and will vary depending upon the software applications being provided. This can include automated exports to external data repositories or specific data exports on request. Some of the applications also provide User driven data export functions.
• End-of-contract process: Should the contract end for any reason, ANS will need to assess what steps need to be followed to ensure data is extracted efficiently. Where Data is protectively marked, it will be destroyed in accordance with InfoSec Standard 5.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile Access to the specific software services is supported through the Private Cloud service; the specific support for mobile device access to the software applications varies between the applications.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Access to the software services is provided via a web-based portal which performs authentication and authorisation to the cloud software services. This portal can be customised to match customer or project branding or to tie in with the application software user interface. The customisable elements of the software services themselves vary between the applications, but ANS will apply customisations where they are supported. Other elements of the service, such as the reporting and dashboard can also be customised.

Scaling

• Independence of resources: The platform is scalable to flex with demand with options for burst capacity. Monitoring and alerting provides proactive response to increases in demand. Private and dedicated options are also available.

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage metrics can be defined by the customer to either be provided as on-demand dashboards and/or periodic reports. Typical usage data includes numbers of users per period, peak usage, average usage, heat-map of usage over time and days of the week, bandwidth consumption, volume of data uploaded/downloaded etc.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data content is not held for this service.
• Data export formats: Other
• Other data export formats: N/A
• Data import formats: Other
• Other data import formats: N/a

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: ANS architects its solutions to industry baselines such as the CAF, WAF, Secure By Design. All access into customer solutions is conducted via ANS devices which are protected and monitored by our SOC and have full XDR. During design phase and architecture, firewall designs ensure that only required ACLs are in place to restrict network connectivity and segmentation.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: ANS provide each customer with a Service Level Agreement which specifies the availability and response targets. Typical availability is 99.96%, assured by contractual commitment.
• Approach to resilience: Resilience of the service is provided throughout the service provision. The Data Centres are classified as a Tier 3 data centre with alternate supply paths for all services to ensure 100% Data Centre uptime. All redundant systems are regularly tested for operation and effectiveness. N+1 Redundant Power Supplies. The Public Sector Dataroom also has additional power connection allowing the entire room to be independently serviced in the event of a catastrophic failure at the site). Redundant Backup Power from Generators and UPS (N+1). 100% carbon neutral, PAS 2060 certified hosting. Carrier Neutral with a range of Tier 1 and 2 carriers. Multihomed internet presentation, means that if 1 carriers Point of Presence fails communications will automatically failover to another. Redundant (N+1) Air Conditioning and Environmental Control. Environmental systems supported by redundant power systems. DR facilities are also available, with secure connectivity provided to replicate data between the production and DR facilities.
• Outage reporting: Service outages and planned maintenance activities are communicated via the service web-interface status dashboards and messaging, via email alerts and the Customer Success Manager or Account Manager make contact with agree Points of Contact in order to communicate status and ongoing activities.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: In addition to the username and password, there is a range of options available for Multi Factor authentication which include hard and soft tokens, PKI certificates and 3rd party authentication apps.
• Access restrictions in management interfaces and support channels: Separate accounts are required for Administrative Access, with authentication and authorisation controls applied to all Administrative functions. SSH access to the Virtual machines command line, and RDP sessions requires key-based authentication from a specified source location into a bastion host, which then requires further authentication and account escalation at each onward connection to the specific administrative services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Other
• Description of management access authentication: Management access is typically from dedicated OOB Management networks, external access is restricted by source address and requires key based auth to a bastion host server from which secondary logins and privilege escalation is required.

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 18/08/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Blackfoot UK Limited
• PCI DSS accreditation date: 10/08/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO27017
  • ISO27018
  • NCSC Certified
  • SOC 2 Type 2 Report.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO27017, 27018, NIS CAF, PCI DSS Level 1 SP, HSCN, PSN, PASF
• Information security policies and processes: ANS have a fully documented ISMS in line with ISO 27001 with policies covering all elements of the control set listed within our SoA. All published on our internal intranet which is updated regularly with ongoing training conducted to ensure user awareness of all policy and procedure. notifications are sent when any changes are made to policy and procedure.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Internal ANS Change is managed through the application of standard project management process with all projects progressing through approval, CAB review and sign off by stage. All ANS Business Change includes the following managed stages (whether these are deployed on a formal or informal basis is determined by the size of the project, by cost, resource application and risk):; ; • Executive or Higher Management sponsor; • Business Case and Success Criteria; • Scope definition; • Documentation; • Risk & Opportunity assessment; • Milestone or stage review; • Stage sign off; • Final Review; • Testing; • Deployment; • Lessons Learned
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: ANS has a vulnerability management process which is certified against all of our security certifications. Vulnerability management is conducted at host level for internal scans, as well as external scans being ran against all public facing services. ANS uses EASM across its whole business estate, includes threat intelligence notifications against breaches relevant to technologies ANS uses, relevant APTS, dark web monitoring and VIP monitoring. ANS patches inline with industry standards, where all CVEs are risk assessed in their relevance and potential impact to the affected assets. For critical and high vulnerabilities, that risk to ANS assets, patching is conducted immediately.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: ANS has implemented an Information Security Management System (ISMS) that has been verified by our external accreditor to be compliant with the international standard for Information Security Management, ISO/IEC 27001. This system is supported by the ISMS manual, detailed policies and procedures, and underpinned by the pragmatic application of industry best practice. The ISMS defines ANS’ approach to its key protective security functions, corresponding in turn to the requirement of the standard (ISO/IEC 27001:2013).; ; We use the ISMS to develop a Protective Security environment, focusing on the Physical, Personnel and Information assets.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ANS has developed and documented pre-defined processes for common events that may affect the confidentiality, integrity, or availability of its information assets. These are based on best practices and guidelines from ISO 27001.; Examples includes:; • malware infection; • denial-of-service attack; • unauthorized access; • data breach; • data loss; ; For each event, ANS has defined:; ; • the roles and responsibilities of the incident response team; • the incident classification and escalation criteria; • the incident response procedures and steps; • the incident communication and notification channels; • the incident recovery and closure actions

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks:
  • MoD RLI
  • Law Enforcement Community Network (LECN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are a company built on our culture and values, with a strong committing to protecting the world and demonstrating our social responsibility. ANS are PAS2060 Carbon Neutral Certified and compliant for a number of years and are aiming to be net zero by 2050. Furthermore, we have and extensive variety of processes and procedures in place to support our commitment, which include: ; • Recycled 10 Tonnes of old servers with all profits going to charity. ; • Relocated data centre cooling equipment in 2022 to reduce the solar gains and save energy. ; • Removed old, inefficient computers so all staff PCs are now modern efficient laptops. ; • Recycle 100% of our WEEE waste using appropriate 3rd party providers.; • PAS2060 certified and compliant. We appointed Carbon Footprint Ltd, a leading carbon and energy management company, to independently assess our Greenhouse Gas (GHG) emissions in accordance with the UK Government’s ‘Environmental Reporting Guidelines: Including Streamlined Energy and Carbon Reporting Guidance’.; • In 2023 we offset 1265 tons of Carbon Dioxide by supporting numerous projects. ; • Cycle to Work scheme available to all employees including great bike sorage facilities on site.; • Introduced a salary-sacrifice electric car scheme.; In addition to the above, we believe environmental awareness is something which needs to be considered further, at home and at work. We provide environmental internal training and communication, which includes:; • Environmental Aspects and Impacts ; • Employees’ responsibilities ; • Environmental Policy ; • Waste Disposal ; • Travel and Transport ; • How ANS helps employees reduce their carbon footprint ; • CSR; • Our Certification

  Covid-19 recovery

  ANS is a proud Manchester based organisation and supports the local community, businesses and charity’s which has helped in the recovery from COVID-19. ANS continued to operate throughout Covid, with measures in place and allowing for remote working.; Creating Employment for those affected by COVID; ANS worked on numerous projects in the lockdowns to assist frontline organisations. One example was a council, to quickly and easily coordinate requests for support and volunteering in the community in response to the Covid.; Furthermore, ANS worked alongside universities to enable students to resume studying, in addition to working with NHS Trust to assist with the tracking and coordination of the Royal Free Hospital’s 15,000 staff during the pandemic.; This meant ANS was able to recruit and provide opportunities.; Support organisations to recover and a new way of working; ANS worked with a council to build a mobile-friendly application using the Microsoft Power Platform which works by pulling together data on individuals who are considered to be vulnerable, from a range of sources and formats, along with a request service.; Furthermore, ANS worked with a university to enable remote working for students.; A council worked with ANS to launch a complex case management system for coronavirus contact tracing which helped contain and manage Covid-19 outbreaks across their population of over 300,000 residents.; ANS had controls in place which included social distancing, we also operated a remote service where this was possible alongside ensuring measures were in place for those unable to work from home, including:; Social Distancing; Covid testing; Workspaces sanitised daily; Adequate ventilation is the building; ANS have numerous flexible working policies in place, including remote and hybrid working which has allowed a large majority of the company to remain working from home post-Covid, however, some roles do require being in the facility.

  Tackling economic inequality

  ANS has a strong commitment to tackling economic inequality, and this is demonstrated through our employees and companies we work alongside.; Our people; ANS have continued to grow as a business and are now a team of over 700 employees.; ANS take Continual Professional Development (CPD) seriously, from skills development to apprenticeships. ANS are committed to giving every employee 12 days per year to devote to professional self-development or business innovation.; ANS have a strong commitment to apprenticeships and have the ANS Academy. Upskilling the local workforce, we invest heavily into our junior staff giving them the best development opportunities. The ANS Academy provides industry-leading training and hands-on experience for the next generation of passionate tech leaders. We were recently rated ‘Outstanding’ by Ofsted.; We engage with schools and colleges based in Manchester, ANS has direct access to the rich and diverse mix of cultures. This ensures that all groups have access to the information on our apprenticeships. In 2022, this resulted in 45% of Apprentices hired identifying as BAME.; We partner with 2 girls’ schools in our community by running immersive days at our office where groups of students can speak with women from at ANS.; Fostering an inclusive workspace, our diversity groups represent various communities, including LGBTQ+, BAME, disability groups and gender.; Increase supply chain resilience and capacity; We also take into consideration the standards and qualification level of those in the supply chain that we choose to work with and/or recommend. At a practical level, we maintain relationships with local businesses, we value our position as a key contributor to the ‘Northern Powerhouse’. For our own on-site operation, we have contracted with many SMEs and VCSEs.; Demonstrating the value of these partnerships, advantages include:; Fewer overheads; Local employment growth opportunities; Innovation; Reduced carbon footprint; Less bureaucracy

  Equal opportunity

  ANS are proud to be a Disability Confident Employer. The scheme, set up by the Department for Work and Pensions, is designed to help employers recruit and retain disabled people and people with health conditions for their skills and talent. As a Disability Confident committed employer, ANS is providing inclusive and flexible recruitment processes such as offering video interviews and supporting flexible working patterns where possible. We also ensure our workplace is suitable to support any employee that may have a disability.; ; ANS recognises equity and fairness throughout the business and that discrimination in any form is unacceptable. Equal opportunities has long been a feature of our employment practices and procedure, that’s why we have an equal opportunities policy in place. Breaches of the policy will lead to disciplinary proceedings and, if appropriate, disciplinary action.; ; The aim of the policy is to ensure no job applicant, employee or worker is discriminated against. We ensure the policy is circulated to any agencies responsible for our recruitment and a copy of the policy will be made available for all employees and made known to all applicants for employment.; ; ANS have a strong commitment to equality in the workplace. We have a full modern slavery policy, but in addition to policies, we have internal iniatives in place to tackle workplace inequality such as having internal EDI groups:; ; • Women in ANS; • Diversity and Beyond (DAB); • The Rainbow Alliance; • The Association for Better Living and Education (ABLE) Group; • ANS Squirrel Club (Neurodiversity); • Parents in ANS; • Let’s Talk About Mental Health; ; ANS also has a strong commitment to equality in the workforce through being a living wage employer, alongside a disability confident employer.

  Wellbeing

  ANS is committed to the wellbeing of our employees and this extends to the wider community, we are strongly committed to the wellbeing of our teams, and provide numerous benefits to help with physical and mental health, which include but are not limited to:; ; • An extra day’s holiday on birthdays and an extra 5 days for tying the knot ; • ‘Celebration Day’ - staff can use for any occasion that is meaningful to them; • Hybrid, flexible and remote working ; • Free onsite gym ; • Private healthcare ; ; Furthermore, we emphasise the importance of mental wellbeing. Internally, we obtained a group of volunteers so that we could provide training to become Mental Health First Aiders (MHFA), accredited by MHFA England. They provide online drop-in and in-person sessions, which is accessible for both staff who work in our office and those who work remotely. The sessions continue to support our employees with their personal issues. In addition to health benefits, ANS are committed to ensuring our employees are able to develop in their careers, and therefore, we provide numerous measures, which include but are not limited to 12 development days per year. These days can be used for courses, examinations, partner training and many other reasons. Additionally, we provide regular PDR’s which enable ANS employees to reflect and set future goals on their career. ; ; ANS have a strong commitment to the local community, this is demonstrated through our community outreach in recruitment for the academy alongside our local community when selecting local suppliers. ANS look to use local suppliers where this is possible, and is demonstrated through the selection of local food vendors for our events, local event management specialists, our active support to local charities, such as the Manchester Youth Zone and using local waste service companies.

Pricing

• Price: £0.01 to £0.30 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.