Rowden Technologies Ltd

VPN Cloud Deployment

Rowden's Cloud-hosted VPN service seamlessly integrates with Azure, AWS, and other platforms, providing enhanced security, scalability, and cost efficiency. It supports global accessibility, performance optimisation, and multi-tenant capabilities, making it ideal for businesses seeking reliable and flexible network solutions across various cloud environments.

Features

• Global VPN Accessibility: From any device, without geographic restrictions
• Scalability: Scales based on your customer needs
• Cost Efficiency: Eliminating need for physical infrastructure maintenance
• Enhanced Security: advanced encryption, securing data across public Internet
• Reliability: High uptime using redundant, distributed cloud server networks
• User Management: User interface for easy permissions and access management
• Traffic Control: Detailed controls to manage network traffic efficiently
• Performance Optimisation: Optimises data routing for improved speed and performance
• Integration Capabilities: Seamlessly integrates with existing cloud and IT infrastructure
• Multi-Tenant Support: Supports privacy and security for multiple tenants

Benefits

• Global Accessibility: Removes geospatial restrictions to data
• Scalability: Quickly adapts to changing user and operational demands
• Cost Efficiency: Reduces costs associated with hardware and network management
• Enhanced Security: Protects data from cyber threats and unauthorised access
• Reliability: Minimises downtime, ensuring continuous availability of network services
• User Management: Facilitates efficient user access control and security administration
• Traffic Control: Optimises network to prevent bottlenecks and improve speed
• Performance Optimisation: Delivers faster network and data processing speeds
• Integration Capabilities: Enhances productivity through better workflow and system harmonisation
• Multi-Tenant Support: Enables provision to multiple clients securely and independently

£550 to £1,450 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@rowdentech.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

560510252393141

Contact

Sales Team
+44 (0) 117 4285759
sales@rowdentech.com

Service scope

• Service constraints: There are limited constraints associated with this service. Redeployments can cause downtime but measures can be put in place to limit this as required.
• System requirements:
  • Modern Operating System (Linux, Mac or Windows)
  • Android 8 and above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are dependent on service level agreements as agreed with the buyer. Flexible response times can be provided allowing users to ensure support is available when needed, including for operational purposes.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All support is co-ordinated by each dedicated customer technical account manager and levels are agreed on a customer-by-customer basis.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will conduct a detailed and thorough assessment of the client’s requirements, including Key Performance Indictors (KPIs) enabling us to customise a tailored solution. The assessment phase will be continuous throughout the life of the service and an agile response to any client changes in requirements will be adopted. An initial bedding-in period will be provided to ensure that users are able to exploit the services in full and as intended. Any changes will be made if required followed by a tailored onboarding process. This can include BYOD / CYOD or a mixture. Current IT/mobile infrastructure may be incorporated into the implementation of the system.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Rowden respects that your data is your data. It can be removed by you at any time. All data at the termination of the service will be destroyed unless alternative prior arrangements have been agreed. Depending on the nature of the service, the offboarding process will be tailored to the situation. In most cases, the cloud-based infrastructure will be deactivated, and data and cluster resources removed and/or destroyed in line with NCSC guidance.
• End-of-contract process: At the end of the contract period the cloud hosted environment will be suspended for a period of 10 working days before all instances and data are deleted in line with NCSC guidance. If the users wish to extract any data they must request this prior to the 10 day notice period.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: By offering a cloud based solution in multiple UK datacentres and working with users to understand the capacity and load baseline requirements we are able to scale independently of other users. Once in production, our expert network and hosting architecture staff will monitor and manage all service supporting components to ensure the service is maintained.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: WireGuard® VPN utilising state-of-the-art cryptography.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: To enhance data protection within our service, we utilise end-to-end encryption with advanced protocols like AES-256 to secure data from origin to destination. Multi-factor authentication (MFA) strengthens user verification and thwarts unauthorised access. We consistently update our software to mitigate vulnerabilities and include intrusion detection and prevention systems for real-time threat monitoring. Network segmentation minimises breach exposure, and strict access controls based on the least privilege principle ensure users access only necessary data. These measures collectively safeguard data throughout its transit within our service.

Availability and resilience

• Guaranteed availability: We will provide the user with compensation in the form of a service extension if, through the fault of the supplier, the service has been degraded to such a level as to prevent the user from gaining access. All UK datacentres used have a 99.9% uptime. As part of the onboarding process, specific business critical SLAs can be requested including the ability to specify critical events that will require additional support or resource.
• Approach to resilience: We build our public cloud solutions to utilise the redundant and fault tolerance features of the cloud. Servers can be distributed across multiple availability zones and regions and duplicated where appropriate to provide fault tolerance across all disaster scenarios. Using the latest clustering techniques we are able to provide elastic scaling on demand ensuring high performance is maintained across all traffic demands. We utilise the latest DevOps and Infrastructure-As-Code practices to create dynamic, scalable and resilient applications that are easy to maintain, cost efficient and reliable.
• Outage reporting: In the event of an outage, the Service Delivery Manager contacts the user to inform them. The user also has full access to a management dashboard with configurable email alerts. Further updates are then communicated using a combination of methods, including the dashboard, phone, or email, in accordance with the severity of the outage, as documented in our Incident Management process.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Access control is based on individual permissions applied to a human or machine identity. This is role-based access control (RBAC). Rowden use a single access control process and mechanism to provide a coherent approach.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: Rowden follow industry best practice to deliver Information Security Policies which is governed at board level and tailored to support individual projects.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes to component configuration are submitted to a Minor or Major change management process with the aim of maintaining operational service whilst incorporating the change as quickly as possible. All changes are technically reviewed, risk-assessed, scheduled and then re-reviewed post-implementation.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Security reviews are performed every quarter and discussed at service review meetings. We also offer automated security testing throughout the life of the service and specific security testing after any system level change has be implemented. An annual independent 3rd party vulnerability and security testing audit is available upon user request which will be conducted using an independent ISO27001 security testing company. Critical issues found are raised immediately via the service desk to be fixed by the support team under SLA.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Events can be configured both by the users and the Service Delivery Team to trigger alerts. If an attack is detected, alerts will be raised and outputs from the logging platform used to create a mitigation response. These alerts are integrated into our support service. All incidents and security events are resolved under SLA.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: All incidents are reported into a central monitoring dashboard, which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution. Rowden Technologies operates to a robust Incident Management process that can be tailored to the users requirements.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: We use a variety of virtualisation technology to bring the benefit of cloud computing to the end users. Kubernetes Clusters as well as traditional VM are used depending on the user requirements.
• How shared infrastructure is kept separate: A Virtual Private Cloud provides complete network layer separation from any other portion of the environment. A VPC acts as a container for any resources in a given region, including virtual machines, storage, security rules, database instances, Cloud Formation stacks etc. Authentication and DNS, span all VPCs – allowing, e.g. global user access control policies.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: AWS and Azure adhere to the EU Code of Conduct for Energy-Efficient Data Centres, focusing on reducing energy consumption efficiently. AWS enhances energy efficiency through innovative cooling methods such as direct evaporative cooling and high server utilisation, minimising physical servers and maximising virtual operations. This not only adheres to the Code’s guidelines but also leverages renewable energy sources wherever possible. On the other hand, Azure utilises artificial intelligence to optimise cooling systems and deploys energy monitoring and smart grid technologies. This helps align energy usage with the availability of renewable energy. Azure also utilises highly efficient server configurations and modular data centres that adapt to demand, optimising energy use. Additionally, Microsoft commits to renewable energy, aiming for zero-carbon operations. Both AWS and Azure not only comply with the EU Code by integrating advanced technologies and sustainable practices but also actively seek new methods to enhance data centre energy efficiency, underscoring their commitment to environmental sustainability. This approach demonstrates a proactive stance in exceeding the basic requirements of the Code, showing leadership in energy-efficient data centre management.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a forward-looking company delivering next-generation technical solutions, we have a responsibility to lead the way in addressing climate change. To achieve this, we embed climate change initiatives into the delivery of all our contracts, creating a link between revenue generation and positive ecological change. During call-off, we will agree with the Buyer a specific plan, timescales and reporting (via our Social Values Dashboard) to demonstrate how our services will; positively impact climate change. This plan will introduce new initiatives (together with the necessary budget) and build on existing efforts. We offset the emissions of our workforce, contractors and external project team members to drive long lasting positive behaviours. This is via Ecologi Ltd, Bristol-based social enterprise. We offer employee benefits that encourage and influence positive environmental behaviours including free onsite EV charging, a competitive EV rental salary sacrifice scheme, and access to advanced technology solutions that support effective remote working. We engage and involve our people in our sustainability efforts via an internal working group that leads on climate change initiatives (recent examples being a switch to recycled paper and a scheme under which we donate our unwanted technology to a local children’s charity). We track the emissions generated by our business and wider supply chain using a carbon accounting module which is integrated into our accounting software. This enables us to identify actionable methods of reducing emissions in line with our target to reduce per head emissions by 25% by 2030, which we have set out in our Carbon Reduction Plan. We ask our supply chain to adhere to sustainability commitments as part of our Supplier Code of Conduct, thus encouraging positive environmental action in our wider ecosystem. We plan to establish a working group involving a range of suppliers to feed into broader environmental initiatives.

  Covid-19 recovery

  Rowden recognises that local communities and individuals within them are still recovering from the effects of COVID-19. As part of our sustainable growth, we support the local community in ongoing recovery efforts. During call-off, we will agree with the Buyer a specific plan, timescales and reporting (via our Social Values Dashboard) to demonstrate how our services will support COVID-19 recovery. This plan will introduce new initiatives and build on these existing efforts. Recognising employees may still be subject to physical and psychological consequences of COVID-19, we provide a comprehensive employee benefits package including private medical insurance, a health cash plan and 24/7 access to counselling via the LifeWorks Employee Assistance Programme. Trained mental health first aiders support our dedication to ensure the mental health of our people. Financial support and advice is available via Bippit. The evolution of home working arrangements that were necessary during the pandemic into permanent flexible working policies that both support employees with a diverse range of caring needs or health concerns and underpin our talent attraction strategies. A dedicated sustainability budget, used for initiatives across three pillars of Rowden’s sustainability programme (economic, social, environmental). Employees can suggest uses for funds, including charitable donations and event sponsorship. We engage in a range of community/charitable initiatives, from homeless collections, volunteering at STEM events, through to sustainable travel initiatives run by the local authority. Strategies to create new work opportunities and maintain job security for existing employees through development of new products and services. Sourcing local suppliers of goods and services wherever possible (taking into account customer requirements), thus stimulating the local economy. Extensive L&D budgets to support employees with training and development opportunities, including those that are relevant in the post-pandemic economy (e.g. using modern delivery approaches to adapt to changing market demands).

  Tackling economic inequality

  As a regional SME, we understand the barriers to entry that exist in the sector and are committed to tackling economic inequality. During call-off, we will agree with the Buyer a specific plan, timescales and reporting (via our Social Values Dashboard) to demonstrate how our services will tackle economic inequality. This plan will introduce new initiatives and will build on the following existing efforts. Measures to improve EDI in our hiring processes and employment (see equal opportunities response). Investment in an L&D budget of £600 per head available for courses and qualifications to upskill people in areas relevant to our contracts. This complements a tailored internal training programme, mentoring schemes and other external programmes. We have just recruited our 2024 intake for our graduate engineering scheme. We would consider funding additional places linked to a specific call-off. Partnerships with a range of organisations to tackle inequality in our sector and a dedicated STEM budget for community outreach, engagement, and sponsorship (see equal opportunities response). · We endeavour to achieve the optimum balance of employees and contractors, considering what will provide the best customer outcomes. We consider how to increase opportunities for diverse businesses and proactively seek out local SMEs for support, e.g. via teaming and partnership structures. We provide informal mentorship and technical assistance to such businesses to help them deliver their strategies. We actively seek to reduce barriers to entry for new market entrants/SMEs by championing modularity principles to guide procurement, maintaining an independent, vendor-agnostic delivery approach. We track information about the types of suppliers we work with as a key metric. Our Supplier Code of Conduct clarifies what we expect from our supply chain. We manage cyber risks across delivery and are Cyber Essentials Plus certified. We assess and mitigate cyber security risks in our supply chain.

  Equal opportunity

  Rowden's commitment to tackling workplace inequality is a core company value and strategic imperative. During call-off, we will agree with the Buyer a specific plan, timescales and reporting (via our Social Values Dashboard) to demonstrate how our services will deliver equal opportunities. This plan will introduce new initiatives and build on existing efforts. Recognising that gender imbalance is an issue in our sector, we are signatories to the Women in Defence Charter. 30% of our workforce is female; we aim to reach at least 35% by 2030. We are a Disability Confident Employer, collaborating with the Business Disability Forum for advice which helps us understand the issues affecting the disabled community. Working with Evenbreak, we publicise opportunities to disabled candidates. We are an Armed Forces Covenant signatory, planning to become a Gold Armed Forces Covenant Award member by 2030. This continues a longstanding practice - 30% of our workforce constitutes service leavers. Pay equity is maintained through biannual reviews. Our holistic benefits package offers flexible working for a diverse range of employees. 96% of employees reported a positive work-life balance in our 2024 engagement survey. Employees undertake mandatory EDI training. Hiring managers receive additional training to reduce the risk of bias in recruitment. Monthly EDI L&D sessions (via our partnership with Powered By Diversity) cover protected characteristics. We use recruitment agencies committed to targeting under-represented groups. Our interviews include skills-based tasks to remove subjective judgements/improve diversity. We proactively discuss reasonable adjustments in hiring to set the foundations for success. We participate in Tech Talent’s diversity survey and partner with Coding Black Females. Our dedicated STEM budget supports community outreach. We sponsor initiatives that champion equality (mentoring schemes - Women Like Me, events - CynNam EmPower Girls). We pledge to sign up to the MotherBoard and Bristol Women in Business charters.

  Wellbeing

  Our workplace culture prioritises employee health and wellbeing from the top down. During call-off, we will agree with the Buyer a specific plan, timescales and reporting (via our Social Values Dashboard) to demonstrate our commitment to wellbeing. This plan will introduce new initiatives and build on our existing efforts. We offer hybrid working and flexible working policies support our workforce. 96% of employees reported a positive work-life balance in our 2024 engagement survey. Our comprehensive employee benefits package includes private medical insurance, a health cash plan and access to counselling (LifeWorks Employee Assistance Programme). We offer financial support and advice via Bippit, and a cycle-to-work scheme. We provide good physical workplace conditions, including an on-site gym, ‘wellness room’ and free lunch and healthy snacks. We actively promote wellbeing resources, e.g. ‘wellness action plans’, and signpost local/national services. Trained mental health first aiders are on hand to support our people. Managers undertake workplace mental health training to support mental health conversations during 121s and signposting to resources. Our people policies align to the 6 standards of the ‘Mental Health at Work’ framework. We run a bi-annual engagement survey to gather employee feedback. We have a strong focus on cooperative team behaviours and encourage conflict to be dealt with maturely and respectfully. We collaborate with our customer teams throughout contract design and delivery. Prioritising engagement, we ensure contracts align with customer needs and values. We frequently provide our customers with access to co-working spaces onsite. This increases the unplanned interactions that are vital to reduce project risk, builds long-term trust, and facilitates faster organisational learning, thereby creating greater productivity. We communicate with customers about our dedication to community wellbeing and actively engage ensuring alignment with their needs. These efforts aim to foster strong, integrated communities where everyone feels valued and supported.

Pricing

• Price: £550 to £1,450 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A full stack free trial is provided. This will be limited to an initial 3-week period but can be extended on request.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@rowdentech.com. Tell them what format you need. It will help if you say what assistive technology you use.