AI TECHNOLOGIES LIMITED

Bespoke software accessible via API/web interface

We offer bespoke software development services accessible through APIs and web interfaces, ensuring seamless integration with existing systems. Our solutions empower organizations to streamline processes and drive growth by delivering flexible, scalable, and innovative software tailored to their unique needs and requirements.

Features

• remote and in premise configurations
• bespoke customisation
• training provided

Benefits

• vendor agnostic
• competitive pricing
• initial training included

£100 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrea@aitechnologies.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

555577948607063

Contact

Andrea Isoni
+447580756898
andrea@aitechnologies.co

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Since we are bespoke software consultancy, we can be flexible, case dependant. We can do extension software for any major cloud services or specific in certain industry (like splunk or logrythm in cybesecurity).
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: None
• System requirements:
  • Desktop
  • Server
  • Mobile

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Depending on the specific SLA, between 10 to 48hrs
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Depending on the requirements the chat will be designed following WCAG 2.1 AA or EN 301 549.
• Web chat accessibility testing: We implement bespoke solutions therefore depending on contract we will do the necessary tests as required.
• Onsite support: Yes, at extra cost
• Support levels: Since we are a bespoke development agency,we can provide different levels of services depending on the actual tender. Generally we have always provided an account manager for any project/contract with one or more engineer to develop the software.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We can provide ad-hoc onsite, online and user documentations. Typically this is provided as needed since our service is bespoke.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: Doc files
• End-of-contract data extraction: Depending on the service , users can either ask and under an SLA the user will receive his/her own data. In other services there will be a web interface in which the user can directly request and receive the data at contract end.
• End-of-contract process: At contract end there is a off board procedure where we typically deliver the software, the operational manual, future work ideas and an ad hoc final workshop to train the internal team to use and operate the software delivered.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: We can both design interfaces that are responsive (i.e. adaptable to any screen size via browser) or app both iOS and Android.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Since we are a bespoke software consultancy, the interface will be set up ad hoc for the specific purpose of the project.
• Accessibility standards: None or don’t know
• Description of accessibility: Since we are a bespoke software consultancy, depending on the project requirements we will follow standards including WCAG 2.1 AA or EN 301 549 as necessary.
• Accessibility testing: Since we are a bespoke software consultancy, we will do tests as necessary depending on the contract requirements.
• API: Yes
• What users can and can't do using the API: Since we are a bespoke software consultancy, we can; -enable an interface where the users and stakeholders can configure the API replies and output; -enable an interface where the users and stakeholders can change the API software performances and output; -enable an interface where the users and stakeholders can configure the API security and authorisation profiles
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • ODF
  • PDF
  • Other
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Since we are a bespoke software agency, depending on the project and contract we can build and develop specific software for the customer needs as well as adapting and configuring existing software and Vendor to specific requirements.; We can allow both users and other parties to customise the service via interface, specific requirement agreements and following a sign off procedure.

Scaling

• Independence of resources: The software and the hardware requirements will be designed and deployed based on expected number of users so that the demand is managed properly.

Analytics

• Service usage metrics: Yes
• Metrics types: These metrics include user engagement, such as active users and session duration, feature adoption rates, and user retention. Additionally, metrics like error rates, response times, and resource utilization offer insights into software performance and reliability. By analyzing these metrics, businesses can identify trends, address pain points, and enhance the overall user experience, driving success and growth.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: Protecting data at rest involves encrypting sensitive information stored in databases, files, or storage systems to prevent unauthorized access. Techniques include using strong encryption algorithms like AES-256, implementing access controls to restrict data access, and employing secure key management practices. Additionally, data masking and tokenization can obscure sensitive data, while robust authentication mechanisms, such as multi-factor authentication, add an extra layer of security. We run audits, monitoring, and data lifecycle management policies ensure compliance and mitigate risks. Together, these measures safeguard data integrity and confidentiality, mitigating the impact of potential breaches or unauthorized access.
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Since we are bespoke software consultancy, we can be flexible, case dependant. Typically the data can be asked and exported manually or an interface can be set up to allow data export directly.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Flexible depending on project
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Flexible depending on project

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Since we are bespoke software consultancy, we can be flexible, case dependant. Therefore the SLAs will be specific to the project.
• Approach to resilience: We use a series of providers including for our datacentre needs. Our datacenter setup ensures resilience through redundant power supplies, network connections, and storage systems. High-availability architecture, including load balancing and failover mechanisms, minimizes downtime. Regular backups and disaster recovery plans are in place to mitigate risks. Additionally, continuous monitoring and automated alerts enable rapid response to potential issues, ensuring uninterrupted service availability and data integrity.
• Outage reporting: Since we are bespoke software consultancy, we can be flexible, case dependant. Depending on the actual project and requirements, we cn report outages using a public dashboard, API or email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Since we are bespoke software consultancy, we can be flexible, case dependant. Depending on the application being built and the requirements we can set up the appropriate access restrictions.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We follow the 27001 ISO standards.
• Information security policies and processes: Following the 27001 ISO standard, we have in house procedures to store, process and review data in our organisation. These processes include: Administration Accounts Security Procedure; Identify, assess and record_critical information ;Procedures in place to apply the principles of data protection by design and default ; Process to identify, assess, and record information security risks.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Since we are bespoke software consultancy, we can be flexible, case dependant. Based on project requirements and contract we can track the libraries and software for defined period of time with specific SLA (service level agreements) to fix potential issues. This includes security breaches or other security related issues.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Since we are bespoke software consultancy, we can be flexible, case dependant. Depending on the contracts we will run penetration tests , update libraries or underline software to the latest patches according to the SLA contract (usually within 12-48hrs), and regularly monitorsecurity websites including CSO Online, SIGNAL magazine, Sophos news.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Since we are bespoke software consultancy, we can be flexible, case dependant. In software development, we proactively identify potential compromises through rigorous testing, stakeholder feedback, and risk assessment. When a compromise is discovered, we swiftly assess its impact on functionality, security, and user experience. Our agile response involves prioritizing resolutions based on severity and deploying patches or updates promptly. We maintain a rapid incident response protocol, ensuring timely mitigation and resolution of any unforeseen issues.
• Incident management type: Supplier-defined controls
• Incident management approach: Since we are bespoke software consultancy, we can be flexible, case dependant. We have pre-defined processes for common events, ensuring swift resolution and minimal disruption. Users report incidents through our dedicated support channels or integrated ticketing system. We provide detailed incident reports outlining the issue, its impact, and the steps taken for resolution. These reports are communicated promptly to stakeholders, fostering transparency and trust in our response capabilities.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We have our own carbon reduction plan and adhere to net zero plan by 2050

  Covid-19 recovery

  Plan for mental health training (including Psychological First Aid by FutureLearn, Suicide Awareness Training – full version by Zero suicide alliance), volunteering and social distances

  Tackling economic inequality

  we do support yearly some local communities via donations: for example we donated to the Equality Trust. We also ahve old laptop donation program

  Equal opportunity

  AI Technologies also gives opportunities for a fresh graduate from a UK University to follow a real working code in AI in action (an area with both skill shortage and high growth). We believe this is a massive opportunity for a young student to learn what an AI application can deliver and put his hands ‘dirty’ on code. He will obtain the initial experience to qualify for data science or software development junior roles and we always prefer students coming from less privileged backgrounds. We did recruit regardless of gender and backgrounds.

  Wellbeing

  We have programs for meditations and breath classes available for all the staff

Pricing

• Price: £100 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrea@aitechnologies.co. Tell them what format you need. It will help if you say what assistive technology you use.