ITHQ LTD

ITHQ Documentation Automation Solution

ITHQ delivers a powerful Documentation Automation Solution by integrating Liongard's dynamic asset configuration capture with ITGlue's systematic documentation platform. This solution tracks IT asset configurations, logs and tracks changes, maps relationships between assets, and enhances operational visibility with advanced reporting and alerting functionalities.

Features

• Automated polling of IT systems to track configuration changes
• Historical snapshots of device configurations
• Relationship mapping between devices and assets
• Reporting and metrics on managed devices
• Detect and alert on changes to critical infrastructure
• Pre-Built integrations with all common enterprise software solutions
• Enterprise-grade security with SOC2 compliance
• DNS Domain & SSL Certificate tracking
• Immutable audit trail

Benefits

• Reduce risk with automated documentation and change tracking
• Single source of truth for enterprise configuration tracking
• Ensure availability of system configuration data using SaaS solution
• Actionable alerts if unexpected changes are detected
• Monitor and report on cloud licensing utilisation
• Automated system polling removes requirement for manual intervention
• Self-Service functionality to remove silos of knowledge
• Automated device discovery ensuring compliance with policies

£400 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

557737938852034

Contact

Dale Nursten
02039977979
bidteam@ithq.pro

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Active Directory, Office 365, SQL Server, Azure, Windows, Hyper-V; Google G-Suite; Cisco IOS, ASA, Meraki, Umbrella; VMware ESXi; Fortinet security devices; Sonicwall security devices; Watchguard security devices; Palo Alto security devices; Amazon Web Services (AWS); Linux; Internet Domain Name System (DNS); Veeam; ; TLS/SSL Certificates; Networking - Device Discovery,
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Only supported devices / solutions listed on the compatibility guides can be automatically linked to the system.; ; Details on integrations can be found here: https://www.liongard.com/integrations/
• System requirements: All environments can be supported

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: LionGard 9:00 AM - 5:00 PM US Central Time Monday-Friday
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The support policies can be viewed at:; ; https://www.liongard.com/support/
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ITHQ will support the on-boarding of the solution with an agreed Scope of Works document customised to meet the customers' requirements.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data export tools within the platform.
• End-of-contract process: At the end of the contract the customer will be offered the option of extending their subscription or ceasing to use the platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/A
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: You can use the ITGlue API to access all of our API endpoints, such as the Configurations API, the Passwords API, and the Flexible Assets API.; ; The IT Glue API is a RESTful API and conforms to the JSON API Spec: jsonapi.org. The API can be used to create, retrieve, update, and delete data in your IT Glue account.; ; You can use the IT Glue API with any programming language that supports the creation of HTTPS requests and that can parse JSON. Most modern programming languages have tools to parse JSON, which allows you to sync your data with virtually any platform.; ; Liongard Roar is an API-first product, meaning that ALL functionality of the Roar platform is exposed via our REST API.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Customisation will be discussed and agreed as part of a Scope of Works document with ITHQ around the integration with external systems and any customised reporting or alerting required by customers.

Scaling

• Independence of resources: To manage the demand for processing capacity and the implementation of additional capacity commitments, we ensure that systematic network and monitoring is in place. Daily and monthly task and; event logging is maintained. Automatic backup systems are utilized to perform scheduled system backups of target data while backup jobs are monitored with notification alerts sent out in the event of backup failure.; IT Glue has a backup schedule in place to automatically initiate production backup jobs. Finally, restore operations from backup media are performed as a component of disaster recovery operations to verify that out system components can be recovered.

Analytics

• Service usage metrics: Yes
• Metrics types: Details of license capacity consumed.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Liongard & ITGlue

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Using the data export tool available in the platform.
• Data export formats: CSV
• Data import formats: Other
• Other data import formats: N/A

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As with all SaaS solutions the expectation is that access is unrestricted and built on highly-available public cloud platforms in order to provide high levels of uptime. The system has been available 24x7 and there has been no downtime in the last 90 days for ITGlue.
• Approach to resilience: Available on request
• Outage reporting: Both SaaS engines which underpin the service have their own status pages available for real-time enquiries as well as e-mail alerts for any preventative maintenance outages that may be required.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Only authorised users / groups will be able to access the management interface or support portals.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 15/03/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: LionGard:; SOC2 Type II; NIST; HIPAA; GDPR; PCI; ; ITGLUE:; SOC2 Type II
• Information security policies and processes: LionGard: A company with SOC2 Type II certification, in short, has demonstrated that its systems have been designed and verified to keep sensitive data secure. Liongard is currently in the process of earning this certificate, with expected completion in Summer 2020.; ; IT Glue: We use a variety of security technologies depending on the situation to help protect your information from unauthorized access, use, or disclosure, such as physical access controls, TLS, Internet firewalls, and network monitoring.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: LionGard implement a variety of security measures and processes to protect your personal information. All information you provide is transmitted via Transport Layer Security (TLS) and stored securely by our third-party providers. Only authorized personnel are allowed access to the data and required to keep the information confidential.; ; For ITGlue all incidents are documented, including steps to contain the issue, root cause analysis, long term solutions, related evidence and communications. High severity incidents require an analyst to determine the root cause and changes are recommended to eliminate the incident from reoccurring.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability Scanning - Vulnerability scans are performed internally and at least quarterly. Independent vulnerability scans are performed by a third-party vendor at least quarterly.; • Penetration Testing - External penetration testing is performed by an independent third-party at least annually.; • Internal Reviews - IT Glue reviews the hardening standards and its implementation at least annually. Firewall rules are reviewed at least semi-annually.; • Internal Audit - Independent internal auditing is performed on the controls annually.; • System Monitoring - IT Glue’s Ops team monitors the availability of production systems through automated systems. Logs and events are then centrally managed.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: To manage the demand for processing capacity and to enable the implementation of additional capacity commitments, we ensure that systematic network and monitoring is in place. Daily and monthly task and event logging is maintained. Automatic backup systems are utilized to perform backups of target data while backup jobs are monitored with notification alerts sent out in the event of backup failure.; IT Glue has a backup schedule in place to automatically initiate production backup jobs. Finally, restore operations from backup media are performed as a component of disaster recovery operations to verify that out system components can be recovered.
• Incident management type: Supplier-defined controls
• Incident management approach: All incidents are documented, including steps to contain the issue, root cause analysis, long term solutions, and related evidence and communications. High severity incidents require an analyst to determine the root cause and changes are recommended to eliminate the incident from reoccurring.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  ITHQ runs a corporate social responsibility programme called Life In IT in South East England. Life In IT allows us to recondition tech devices donated from businesses headed for disposal and pass them on to local non- profit organisations that put them to great use. Schools in particular are now benefitting from free technology that creates fresh learning opportunities through increased access to education platforms for more students.

  Equal opportunity

  To specifically address equal opportunity, our Life In IT programme prioritises collaboration with schools that support students from diverse backgrounds, including low-income families, minorities, and those with disabilities. We provide customised technology solutions that cater to a wide range of learning needs and styles, thereby ensuring all students have the opportunity to succeed. By doing so, ITHQ is committed to creating a more inclusive educational environment where every student, regardless of their socioeconomic status or background, can benefit from equal access to high-quality digital education.

Pricing

• Price: £400 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.