Skip to main content

Help us improve the Digital Marketplace - send your feedback

Origin8tive Ltd

ORIGIN8TIVE CLOUD IDENTITY AND ACCESS MANAGEMENT SERVICES

Origin8tive have experience in securely configuring Microsoft Entra ID and integrating this with multiple Software as a Service (SaaS) applications, cloud providers and on-premises systems. We have integrated with AWS IAM Identity Center to provide federated access to AWS services and accounts for our customers.

Features

  • Secure configuration of Microsoft Entra ID for various applications.
  • Integration with AWS IAM Identity Center for federated access.
  • Implementation of internet-scale identity management with AWS Cognito.
  • Streamlined sign-up and sign-in process for mobile-centric applications.

Benefits

  • Enhanced security with robust identity and access management solutions.
  • Simplified access to AWS services and accounts with federated access.
  • Efficient authentication flow for mobile-centric application users.

Pricing

£400 to £1,500 a unit a day

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@origin8tive.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 9 8 9 6 3 0 9 9 9 5 9 2 3 1

Contact

Origin8tive Ltd Andrew Davies
Telephone: 01242 290320
Email: tenders@origin8tive.com

Service scope

Service constraints
Constraints defined by the selected cloud provider, these will be discussed with the customer during the initial phase.
System requirements
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 1 Support - for production system outages, 09:00 to 17:00 (UK time), Monday to Friday coverage and 2-hour response.
Priority 2 Support - for non-urgent production system incidents, 09:00 to 17:00 (UK time), Monday to Friday coverage and 5-hour response.
Priority 3 Support for non-production support incidents, 09:00 to 17:00 (UK time), Monday to Friday coverage and 8-hour response.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
None
Onsite support
Yes, at extra cost
Support levels
Origin8tive will use the ITIL process for providing service management.
Priority 1 Support - for production system outages, 09:00 to 17:00 (UK time), Monday to Friday coverage and 2-hour response.
Priority 2 Support - for non-urgent production system incidents, 09:00 to 17:00 (UK time), Monday to Friday coverage and 5-hour response.
Priority 3 Support for non-production support incidents, 09:00 to 17:00 (UK time), Monday to Friday coverage and 8-hour response.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Origin8tive will work with you to understand your requirements and support you during the initial phase of the engagement. We will provide applicable training and documentation where required. Please see our service definition for further details.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Origin8tive will work with you to securely remove all data from the providers platform and ensure that all resources consumed are removed in the most suitable way for regulatory compliance.
End-of-contract process
As part of our initial planning activities, Origin8tive work with you to define what activities will be required at the end of the contract and this will form the basis of our quote and charges to you. The closure plan will detail transition activities such as data, access, and onward migration, including key dates and required milestones. Origin8tive Terms and conditions provide details of termination outside of the above standard planning and management services.

Using the service

Web browser interface
Yes
Using the web interface
The users will use the service via the selected public cloud providers web console.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
None
API
Yes
What users can and can't do using the API
Users will be able to use all of the selected pubic cloud provider APIs for deploying, configuring and managing cloud resources.
API automation tools
  • Ansible
  • Chef
  • SaltStack
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
HTML
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
Users will be able to use the selected cloud providers cli to deploy, configure and manage all support cloud resources.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Origin8tive work with you to understand your requirements, we then design a solution that is scalable to meet those requirements. We will ensure that your resources are distributed across the provider availability zones and regions and ensure that appropriate routing, load balancing and caching are configured to ensure that spikes in provider demand do not impact your service.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • SMS

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS and AZURE

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
Backup controls
Origin8tive will provide detailed documentation on how to configure the backup service using the chosen cloud providers console and any customisations that have been provided as part of the delivery. Configurable policies are used to control what and when is backed-up.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Origin8tive provide compute hosting and storage from multiple public and private cloud providers. We work with you to select the most suitable provider for your requirements, once this selection has been made we can discuss the SLAs from that provider and ensure this meets with your requirements.
Approach to resilience
Origin8tive provide compute and storage hosting from many public and private cloud providers. During the design phase we will work with you to ensure the solution is resilient to various outages that are applicable to your requirements. This could involve distributing resources across many availability zones, regions, ensuring the correct placement within a zone, having appropriate load balancing, and many other considerations.
Outage reporting
Origin8tive will work with you ensure that you are informed of all outages in the most appropriate manor for your requirements. All public and private cloud providers will detail any outages that they are experiencing, Origin8tive will then notify you of these.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Origin8tive uses the principle of least privilege along with Role Based Access Control (RBAC) or Attribute Based Access Control (ABAC) to restrict access to management and support interfaces. Only resources that require access to those interfaces are added to the appropriate groups.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials and Cyber Essentials Plus
Information security policies and processes
At Origin8tive we take the security and the responsibility of protecting your data seriously. With our roots in Secure Government contracts, we are familiar with the rigour and adherence to policy required to ensure our infrastructure and customer data remains safe and secure.
Origin8tive use the National Cyber Security Centre (NCSC) 14 cloud security principles throughout our product lifecycle, through design, implementation, support and retirement, ensuring our products and solutions are on a secure footing.
All changes to our infrastructure and customer solutions must follow our Information Technology Infrastructure Library (ITIL) services management change control process where changes are evaluated against appropriate hardening and quality standards including the NCSC platform guidelines. The change process provides a formal control point to ensure compliance to Origin8tive and customer requirements.
Origin8tive mandates that labelling for any data held within our platforms ensures that the appropriate protections to be put in place. This is within our wider adoption of the NCSC Cyber Assessment Framework (CAF).
Origin8tive personnel hold a variety of security clearances ranging from BPSS to DV.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Origin8tive deliver services and resources using multiple public and private cloud providers. All changes to our infrastructure and customer solutions must follow our ITIL services management change control process where changes are evaluated against appropriate hardening and quality standards including the NCSC platform guidelines. The change process provides a formal control point to ensure compliance to both Origin8tive and your requirements. Where applicable, resources are configured using Infrastructure as Code (IaC) and these are checked-in to an appropriate configuration management system. We also use the cloud providers vulnerability scanning and configuration services to detect potential issues.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Origin8tive deliver services using multiple public and private cloud providers, we implement their native vulnerability scanning capability that reviews virtual machines, container images and source code. We provide notifications from this scanning to ensure that appropriate resources are alerted and remediation can be implemented.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Origin8tive delivers services from multiple public and private cloud providers, each of these deploys monitoring devices to collect information on unauthorised intrusion attempts, usage abuse, and network or application bandwidth-usage. Devices monitor:

• Port scanning attacks
• Usage (CPU, processes, disk utilisation, swap rates, software-error generated losses)
• Application metrics
• Unauthorised connection attempts
Incident management type
Supplier-defined controls
Incident management approach
Origin8tive's Incident Management Policy is in place to ensure that incidents that arise within the organisation are managed appropriately. This policy covers incidents concerning data loss, data leakage, data handling security incidents, and breaches in Origin8tive policy. Origin8tive has an established and consistent incident management framework to ensure that incidents are identified, managed, contained, and mitigated.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
Public and private cloud provider proprietary
How shared infrastructure is kept separate
Customer environments are logically segregated, preventing users and customers from accessing unassigned resources. Customers maintain full control over their data access. Services which provide virtualised operational environments to customers, ensure that customers are segregated and prevent cross-tenant privilege escalation and information disclosure via hypervisors and instance isolation.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Origin8tive deliver services from multiple public and private cloud providers each have their own energy-efficiency code of conduct.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Origin8tive have committed up to £30,000 in staff costs for volunteering within our community, further improving community cohesion and supporting stewardship of the environment. We plan to push the volunteering initiative towards focusing on organisations supporting environmental protection and improvements in social value. As part of our ongoing efforts to be carbon-positive, we strive to deliver cutting edge solutions to all our clients whilst supporting the sustainability of our global environment. For every contract we win and each new member of the team we recruit, Origin8tive will plant hundreds of trees through Ecologi. Origin8tive offers both an electric car scheme and cycle to work scheme for its employees to promote the reduction of impact on our environment through carbon emissions by around a quarter through work related travel and commuting. Origin8tive are committed to reporting on the impact of social value throughout the lifetime of the Framework Agreement and we will report this to customers at a minimum of every 12 months from the Framework Agreement start date.

Tackling economic inequality

As a growing organisation, our social value priorities are based on elements which increase our capability and team size. The core belief behind this is the investment in future learners and workers. Origin8tive have established an apprenticeship scheme to create new jobs and new skills and increase our business resilience and capacity. Origin8tive have committed 3% of our revenue to this, and for future financial years, to re-invest through the recruitment of apprentices. This increases community cohesion by supporting our local colleges with Science Technology Engineering and Maths (STEM) and outreach activities. Having signed the Armed Forces Covenant, British Armed Forces Veterans now make up 11% of Origin8tive’s diverse workforce. This number is growing through work with the Career Transition Partnership, further improving our community cohesion and proving new skills and re-training and new jobs within our sector. Origin8tive are an accredited member of the Living Wage Foundation. The real Living Wage is the only UK wage rate based on the cost of living. We pay this voluntarily alongside over 14,000 UK businesses as we believe our staff deserve a wage which meets everyday needs - like the weekly shop, or a surprise trip to the dentist. Origin8tive are an accredited member of the Good Business Charter and commit this behaviour through all our contracts and engagements. This collectively covers care for our employees, suppliers, customers, and the environment whilst paying our fair share of tax. Origin8tive are committed to reporting on the impact of social value throughout the lifetime of the Framework Agreement and we will report this to customers at a minimum of every 12 months from the Framework Agreement start date.

Equal opportunity

To redress the balance on workforce equality, one of our priorities in STEM and outreach is supporting women in technology. Origin8tive resources have supported outreach events to encourage around 250 school-aged females to become interested in STEM subjects. Origin8tive attracts talent from diverse groups by offering equal and transparent pay structures, flexible working, and part time roles. Origin8tive are committed to reporting on the impact of social value throughout the lifetime of the Framework Agreement and we will report this to customers at a minimum of every 12 months from the Framework Agreement start date.

Wellbeing

Staff retention is key to our ability to grow and develop our workforce. Origin8tive has invested in several areas to improve the health and wellbeing of our staff. We invest £50,000 per annum in providing a weekly wellbeing hour which enables our team to improve their wellbeing and reconnect staff to our environment. Many of our resources choose outdoor exercise or reflection to reconnect to the environment. We offer a cycle to work scheme to promote the reduction and impact on our environment and improve the health and wellbeing of our staff. Origin8tive recruits and trains mental health first aiders, funds our employee assistance scheme and supports staff through longer full-term sickness payments to increase our commitments to customers through a more resilient resource supply chain. All our resources receive corporately funded healthcare and support, ensuring a healthy and capable workforce. Origin8tive are committed to reporting on the impact of social value throughout the lifetime of the Framework Agreement and we will report this to customers at a minimum of every 12 months from the Framework Agreement start date.

Pricing

Price
£400 to £1,500 a unit a day
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@origin8tive.com. Tell them what format you need. It will help if you say what assistive technology you use.