Tech Mahindra Limited

mPAC 3.0: Managed Platform for Adaptive Cloud

Our hosting service offers: cloud readiness assessment, cloud design, build, test, cloud hosting and cloud managed services. As a part of Intelligent cloud operations we provide TechOps, DevSecOps, FinOps.

Features

• Strategic Partner AWS, Azure, Google Cloud and IBM
• Experience across Big Data/AI/Digital Marketing/Analytics
• IaaS, PaaS Provisioning - Automated catalogue-based provisioning
• Real time monitoring - Event corelated monitoring
• FinOps: Continuous optimization of cloud resources and auto reconfiguration
• Single pane of management – Multi-cloud management using single console.
• Automation - AI Tools based automation for all hosted functions
• Operations & Reporting - Automated dashboards and comprehensive reporting
• Task, Workflow, Health automation and Ticket Orchestration
• IAC - Infrastrcuture as a code to automated provisioning

Benefits

• Provisioning & Orchestration
• Workflow Automation
• Multi Tenancy
• Multi Hybrid Cloud integrations
• AD/LDAP Integration
• Life Cycle Management
• Identity Roles and Access controls
• Resource Pooling
• Governance and Policy
• Resource utilization and Reporting

£550 to £1,000 a user an hour

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at MB00787638@techmahindra.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

547221127662760

Contact

Michael Blakemore
+44 7432452595
MB00787638@techmahindra.com

Service scope

• Service constraints: Any requriement on Private cloud shall be provisioned and support as per the requirement. ; Requirements on Public cloud would follow the constraints as set by the public cloud provider (AWS/Azure/GCP ).
• System requirements: Infrastructure for the baseline that includes compute, storage, licenses, ect

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 1) TechM shall provide 24x7 support based on the requirement from on-shore, near-shore or off-shore ; 2) L1/L2 and L3 support for all in-scope requirements either on dedicated or from our shared service center depending the requirement and SLAs; 3) We proivde industry standard SLA (eg: based on the high availability soluiton shall priovde 99.99% availability for platform, datbases etc) ; 3) We provide both account management and technical support
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: 1) TechM shall provide 24x7 support based on the requirement from on-shore, near-shore or off-shore ; 2) L1/L2 and L3 support for all in-scope requirements either on dedicated or from our shared service center depending the requirement and SLAs; 3) We provide industry standard SLA (eg: based on the high availability solution shall provide 99.99% availability for platform, databases etc) ; 3) We provide both account management and technical support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Depending on the services that the users consume, either online web based training, Onsite training or step by step documentation shall be provided for the end users. If the changes are very complex service, a comprehensive OCM process shall be initiated to ensure seamless acceptance of the new services
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: When the services are provide via a private cloud solution, depending on the nature of the project, either the data shall be completely erased or shall be migrated to a target systems that client provides and the source data shall be erased beyond recovery.; When services are provide through public cloud, data shall be migrated to the target system provide by the customer. Cloud provider will erase the data beyond recovery and storage HW will be resigned to other customers.; If the data needs to be retained in the system, the access credential shall be transferred to the team taking out the support activity, that will disable TechM staff to access the data after the contract ends.
• End-of-contract process: TechM shall preform the following tasks after the end of the contract , that are included in the contract. ; • All privilege's and non privilege access of TechM support staff for infra, application and other systems will be removed; • All customer IPs, Knowledgebase, SOPs shall be handed over to the customer; • All TechM IPs that are used for delivering services shall be decommissioned from the G-Cloud environment ; • Reverse Transition process shall be kick started to hand over to the vendor / Inhouse team and hand over all the in scope services provide under the agreed contract

Using the service

• Web browser interface: Yes
• Using the web interface: MPAC has a range of features that can be controlled via the interface, these include: dynamic workload management; reporting; and cloud brokering.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Our service is fully compatible with assistive technology users.
• Web interface accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: .
• API automation tools: Ansible
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: TechM ensures the services provided to G-Cloud are by the resources dedicated. If services are provided via a shared services team, the resources are logically segregated so that is no impact for the service delivery and will ensure that the SLAs are not impacted.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability Zones are unique physical locations within an cloud DC region. Zone-redundant services replicate the applications and data across Availability Zones to protect from single-points-of-failure. With Availability Zones, CSP offers industry best 99.99% VM uptime SLA. By Configuring DR for the necessary critical applications, near 100% availability shall be achieved.
• Approach to resilience: TechM's IT resilient strategy address the key components of IT service delivery that includes , availability , scalability , capacity , stability and performance . These key components are covered for all the in scope services.; The resiliency design for achieving all the above said points shall be achieved by designing high availability and DR solution. TechM also, with its automation tools and IPs shall provide a near Zero-Touch services to increase the resiliency.
• Outage reporting: Service Reports not limited for Outages, but also for other parameters like performance , capacity etc shall be provided via customized persona based dashboards that provide the service impact views or IT impact view. The other medium of communication for the service reports shall also be provided, that could include emails, SMS, reports from the service management tools etc.

Identity and authentication

• User authentication: Other
• Other user authentication: Controlled access
• Access restrictions in management interfaces and support channels: Users are, by default, provided with a least privilege or common user id/user access. Based on the job role, the elevated access shall be provided following through a strict approval process. The privilege access shall be made timebound and shall need re authentication if needs extension . However TechM shall ensure the right privilege's to the right job to ensure no disruption in services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 01/01/2022
• What the ISO/IEC 27001 doesn’t cover: Everything is covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01/01/2022
• CSA STAR certification level: Level 5: CSA STAR Continuous Monitoring
• What the CSA STAR doesn’t cover: Everything is covered.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: TechM delivery centers are certified for ISO27001 & SOC 1 & SOC 2 Type 2 & undergo regular audits for the same.; ; TechM has a well-structured, well-defined ‘Corporate Security Policy’. This policy is owned by the corporate security and are reviews and updated on a periodic basic. This policies are approved at the highest level by our Chief Security Officer (CSO).These Guidelines and Procedures covers security requirements extensively to manage security risk for the client and their information assets. This also covers TechM support organization and its staff. The scope of the security policy covers all TechM business units, its Partners, all is associates, suppliers and sub contractors.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: TechM shall adhere to the change management set as a port of the ITIL process . Any changes (that as not agreed as a port of BAU operations) shall strictly follow the change process. Any change needed in the environment shall be requested using the Change Request (CR). All CR details will be registered in the Change Log. CRs will be analysed for the impact on the environment that includes scope, cost, effort, improvement and quality. ; The Change register, part of the ITSM system will track all the changes and necessary reports shall be taken.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: TechM will handle the entire lifecycle of threat analysis that includes ; Planning and Direction, Threat data Collection and Processing, Threat Data Analysis and Dissemination and finally the Feedback.; TechM ‘SOC Analysist’ will provide the following to our SOC team.; • Define an optimum architecture for integration of Threat Intelligence Subscription to various platforms. ; • Provide & Maintain Integration of Threat Intelligence feeds with various platforms ; • TechM’s security expertise brings in customer, the specific Context awareness to the Threat Intelligence Service. Context Aware Service contributing to prioritize security incidents and gauging their impact on customer's IP, assets, and information.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: TechM proposes SOC solution that integrates in-scope On-premise & Cloud based log sources into the SIEM system and provides a single pane of glass for providing security operations. ; TechM's SIEM solution will have capabilities related to Log collection & storage, event correlation based on defined Use cases & will help in the process of security incident detection in customer environment. Critical servers, security devices, end point security solution, vulnerability management and patch compliance solutions will be integrated as part of the SOC service.
• Incident management type: Supplier-defined controls
• Incident management approach: TechM follows an ITIL-based operation which is the backbone of the ASM services and aims to improve upon the services to reduce the lead time of Incident resolution, reduce time to market and reduce the operational expenditure; Incident creation is from multiple sources like Service desk creating Incidents by collecting details from users, Users dropping mails with Incident details to Service Desk, End users creating incidents on the ITSM Ticketing tool

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Logical separation using Virtualization, containers shall be implemented to ensure the separation between users are achieved,

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We audit internally to review our adherence to the Code of Conduct.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We demonstrate an effective stewardship of the environment through activities that:; Deliver additional environmental benefits including working towards net zero greenhouse gas emissions.; Influence staff, suppliers, customers and communities to support environmental protection and improvement

  Covid-19 recovery

  We help local communities to manage and recover from the impact of COVID-19; through activities that:; Support people and communities to manage and recover from the impacts of COVID-19, including those worst affected or who are shielding.; Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services.; Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors.; Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.; Improve workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions.

  Tackling economic inequality

  We create new businesses, new jobs and new skills through activities that:; Create opportunities for entrepreneurship and help new, small organisations to grow, supporting economic growth and business creation.; Create employment opportunities particularly for those who face barriers to employment and/or who are located in deprived areas.; Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors.; Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications.; Influence staff, suppliers, customers and communities to support employment and skills opportunities in high growth sectors.; We increase supply chain resilience and capacity through activities that:; Create a diverse supply chain including new businesses and entrepreneurs, start-ups, SMEs, VCSEs and mutuals.; Support innovation and disruptive technologies throughout the supply chain to deliver lower cost and/or higher quality goods and services.; Support the development of scalable and future-proofed new methods to modernise delivery and increase productivity.; Demonstrate collaboration throughout the supply chain, and a fair and responsible approach to working with supply chain partners.; Demonstrate actions to identify and manage cyber security risks, including in the supply chain.; Influence staff, suppliers, customers and communities to support resilience and capacity in the supply chain.

  Equal opportunity

  We reduce the disability employment gap through activities that:; Demonstrate action to increase the representation of disabled people in the contract workforce.; Support disabled people in developing new skills, including through training schemes that result in recognised qualifications.; Influence staff, suppliers, customers and communities to support disabled people.; We tackle workforce inequality through activities that:; Demonstrate action to identify and tackle inequality in employment, skills and pay in the contract workforce.; Support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills.; Demonstrate action to identify and manage the risks of modern slavery, including in the supply chain.

  Wellbeing

  We improve health and wellbeing through activities that:; Demonstrate action to support the health and wellbeing, including physical and mental health, in the workforce.; Influence staff, suppliers, customers and communities to support health and wellbeing, including physical and mental health.; We improve community integration through activities that:; Demonstrate collaboration with users and communities in the co-design and delivery of the contract to support strong integrated communities.; Influence staff, suppliers, customers and communities to support strong, integrated communities.

Pricing

• Price: £550 to £1,000 a user an hour
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at MB00787638@techmahindra.com. Tell them what format you need. It will help if you say what assistive technology you use.