Skip to main content

Help us improve the Digital Marketplace - send your feedback

COOPERS AND LLOYDS LTD

AWS Cloud Hosting and Consultancy Services

Coopers&Lloyds offers robust and best in class Amazon Web Services (AWS) solutions and services such as Hosting, Migration, Design, Development, Implementation and Consultancy. We help our clients transform and transition their service delivery approach to a cloud-native mindset. Amazon Web Services offers unrivaled hosting capabilities and security for your organisation.

Features

  • Covers IaaS, PaaS, SaaS (AWS)
  • Full range of Amazon Web Services (AWS)
  • Consultancy and support through AWS strategy, architecture and design
  • Improve the security of your AWS Cloud infrastructure.
  • AWS total cost of ownership (TCO) reduction strategies.
  • Support and management of all AWS Cloud services.
  • Automate your development and test environments.
  • Migrate your existing applications to the AWS Cloud.
  • Full migration services to Amazon Web Services (AWS) platform.
  • Bespoke managed Amazon Web Services (AWS) consultancy from experienced consultants

Benefits

  • Increase agility with automated deployment and 24x7 DevOps support
  • Access to highly skilled specialist consultants and Experts
  • Improved business productivity and Cost effective design
  • Reduce delivery and on boarding time, costs and risks
  • 24/7 AWS server monitoring
  • Market leading security on AWS
  • Fully managed infrastructure lets you focus on development
  • Innovate faster, reduce costs and operate more securely with AWS.
  • Multiple data migration methods and tools
  • Cloud expert in AWS and Azure

Pricing

£350 to £1,250 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sooryakumar@coopersandlloyds.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

5 6 3 7 0 6 6 4 2 1 4 9 8 4 9

Contact

COOPERS AND LLOYDS LTD sooriyakumar Coimbatore Rajendran
Telephone: 07868741771
Email: Sooryakumar@coopersandlloyds.com

Service scope

Service constraints
C & L provide overall service management to the customer. We pride ourselves on working closely with your management team to minimise the impact that these services will have on your organisation and offer a flexible and pragmatic service to identify suitable times for testing and implementation, including utilising sandbox / test environments, which would have the least disruption to your business operations.

Any constraints to be identified during initial consultation and Negotiable with Service Delivery Manager
System requirements
As Defined with Service Delivery Manager during consultation

User support

Email or online ticketing support
Email or online ticketing
Support response times
We respond to all questions within 8 business hours. Normal business hours are 09:00-5:00 Mon-Fri excluding UK holidays. We regularly respond to questions within 4 business hours, and we immediately work on all inbound questions to establish urgency and set appropriate priorities. We provide an SLA based on the clients’ requirements.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We will work with the Buyer and tailor the Chat support accordingly e.g. 24*7 support.
Onsite support
Yes, at extra cost
Support levels
We provide remote as well as on-site support with flexible fit for purpose fee structure. We provide technical account manager for each client.

Our Support offering is not driven by a standard service catalogue; instead it is tailored to meet your specific needs to provide the right level of support to meet your business requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide a User Documentation pack for users of our Services.
All staff performing services has received extensive onsite training.
Apart from these, we also provide a handover training to customer users once the service is setup which will enable client users to get started quickly on the system.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users may take advantage of our online data tool or make a request and data will be provided to them and in some cases, the customer is responsible for extracting all data prior to the contract end.
End-of-contract process
At the end of the contract, the access of the users to application will be removed. Customer proprietary documentation access to the users should be revoked. All the revoking steps must be documented and signed off by the customer. In Flight project, documentation and knowledge transfer is provided to the customer and the new vendor in a series of arranged sessions. All documentation regarding the customer environment is handed over to the customer.We also provide a transition to the vendor who is taking over the management of the system and the scope of services being provided under the current contract.

Using the service

Web browser interface
Yes
Using the web interface
Our web interface can be used by all clients to view, manage and respond to support tickets. Self-managed customers can also use our web interface to manage their database and uploaded files and to view their log entries.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
Basic Testing
API
No
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
  • Other
Using the command line interface
Resource and configuration management can be done through the command line interface. All functionalities for the resources under management are done through the provided web interface.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
All environments are sized and architected for the Clients environment using network and component separation provide by the Global Cloud providers. Each user is accessing the defined services for their specific organisation on AWS.

Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level.

AWS capacity planning model supports the planning of future demands to acquire and implement additional resources based upon current resources and forecasted requirements.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • SMS
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • AWS resources: e.g. Amazon EC2/Amazon RDS DB instances, DynamoDB tables
  • Custom metrics generated by customers’ applications and services
  • Metrics associated with log files generated by the application
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller (no extras)
Organisation whose services are being resold
Amazon Web Services, Google Cloud, Azure, Plesk, Cloudflare, R1soft

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Full solution backup via Amazon Snapshots
  • EC2 instances, Databases, Machine Image , Entire Systems
  • Bespoke backup service considering client's RTO and RPO needs.
  • Online, off-line and off-site backup services.
  • Automated or manual backup operations as needed by client.
  • Granular backups on or off server, server of database(s)
  • Granular backups on or off solution of files
  • Routine backup testing service.
  • Backups on or off solution of email
Backup controls
Backup schedules are agreed in advance with the users. During the contract, changes to the schedule are enabled through change control
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We offer industry standard availability. The standard SLA's are negotiated during the contract negotiation stage and we have a proven record in meeting those SLA's.Provision of support for high severity incidents (Priority 1 and 2) through on-call resources, out of hours on a 24/7 basis including weekends and Bank Holidays.P1/2 24/7 on-call service with extra costs as an optional additional service. This is not included and subject to contract or variation.
Approach to resilience
We will discuss with client to provide the resilient with a different data centre with various zones.
Outage reporting
Email alerts, API triggers, Phone alerts, Private Dashboards and Dashboards through internal TV monitors. Notifications in the web services and service update via internet.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
IP restrictions, two factor authentication of approved users and protective monitoring/logging, RBAC, Strong Password, VPN Access to the cloud OPS account
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We work on all Information Security Policies and Processes and GDPR levels of security which are well documented. Authorised users have thorough training on these policies, and we conduct regular security checks to ensure that these are being followed completely.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Both the Customer or C & L may request change to the original scope of work at any time using the Change Request (CR). All CR details are recorded in a Change Log. Each CR will be analysed in terms of impact on the original scope, schedule, cost, effort, and quality. The increased scope of work on project schedules and/or planned resources will be assessed.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We keep our services under constant review. We monitor open-source intelligence and vulnerability disclosure lists in order to discover new vulnerabilities. We also proactively seek out vulnerabilities in components we use and disclose them responsibly. We treat security updates as high-priority work. The vast majority of routine updates, including security updates, are automatically applied to production machines. We regularly carry out penetration testing, both on behalf of our clients and of our own, and use the results to harden and improve our services, and to model new potential threats and attacks.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We monitor a wide variety of metrics across our infrastructure. We also monitor for anomalous log events and review these alerts centrally. As necessary, we also carry out investigations into underlying issues, and take appropriate remedial action. We respond to these issues as they arise during business hours, at the start of business hours for non-emergency alerts, and 24/7 for critical alerts. Through Emails, monitoring tools and by automation process.
Incident management type
Supplier-defined controls
Incident management approach
We have defined incident management process where users can report incidents. Details available upon requests.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
We use the latest cutting edge technology to logically isolate client environments from each other while on the shared public cloud. The logical partitioning divides hardware resources among clients thereby keeping them separate and secure from each other.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Disclosed upon application

Social Value

Fighting climate change

Fighting climate change

We at Coopers and Lloyds (C&L) are committed towards Fighting climate change.

Pricing

Price
£350 to £1,250 a unit a day
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Sooryakumar@coopersandlloyds.com. Tell them what format you need. It will help if you say what assistive technology you use.