Lifebit Biotech Limited

Managed AWS

Lifebit is an advanced Amazon Web Services (AWS) consulting partner and official UK government Reseller, providing​ organisations​ with scalable cloud resources to deliver Lifebit’s Trusted Research Environment. This enables customers​ to consume the full suite of AWS services at list-price and access Lifebit’s implementation and managed services.

Features

• AWS Government Reseller with full integration of AWS Services
• Patching, security, backups, and monitoring of EC2 instances and databases
• Support server-side customer data encryption, automated management of encryption keys
• Support ML and AI, data lakes and analytics, and IoT
• AWS developer tools enable clients to host code, build-test-deploy applications
• Granular control for infrastructure management (choice of processors, storage, networking)
• 24/7 support and AWS infrastructure automation
• Centrally deployed data protection policies configure and manage backup
• Support serverless technologies for running code, managing data, integrating applications
• Support API operability with error reporting

Benefits

• Integrate data through AWS visual, code-based interfaces and accelerate analysis
• Wide-ranging storage solutions maximise application performance (object/block storage, EFS)
• Accelerated computing instances provide optimal workload balancing
• Pay-for-use billing model increases agility and optimises costs
• Improved uptime with ITIL-aligned service management
• Support well-managed, secure and highly flexible AWS-based hybrid solutions
• Industry-leading scalability, data availability, security and performance
• Secure, resizable compute capacity making web-scale cloud computing seamless
• Build failure resilient applications across multiple AWS Availability Zones
• Private network access to Trusted Research Environments through AWS Workspaces

£1,550 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at procurement@lifebit.ai. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

613903491365647

Contact

Thorben Seeger
+ 44 7857149052
procurement@lifebit.ai

Service scope

• Service constraints: No
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Initial email responses via email to support@lifebit.ai are within 24 hours. For critical issues we respond immediately (i.e. within an hour) and provide a workaround in 12 hrs. This can be 9-5 or 24/7 depending on requirements (depending on a tailored service level agreement (SLA) Lifebit Platform subscription plan).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Lifebit uses Intercom Messenger, a customer messaging platform, which is compliant with the Web Content Accessibility Guidelines 2.0 Level AA. Specifically, Intercom focuses on three main areas for accessibility with their web chat, and include: Keyboard navigation Screen reader support Colour contrast.
• Onsite support: Yes, at extra cost
• Support levels: We provide a service model based on severity of issue with different response times for each level. For critical issues we respond immediately (i.e. within an hour), and provide a workaround in 12 hrs. This can be 9-5 or 24/7 depending on requirements (i.e. Lifebit Platform subscription plan).
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide a fully managed onboarding process.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • Other
• Other documentation formats: Markdown
• End-of-contract data extraction: The Lifebit Platform does not transfer any data, metadata, or log information out of the user's cloud account. The Lifebit Platform only manages the allocation of the user's resources and never processes any information from the user's analysis or datasets. Therefore, there is no need for users to extract their data when the contract ends. If they wish, they can simply revoke their Identity and Access Management (IAM) credentials from the Lifebit Platform and from this point the Lifebit Platform ceases to have access to the user's storage resources.
• End-of-contract process: Removing Lifebit as payer, the owner of the account will always be under the buying entity. There are no additional costs associated with disconnecting the Lifebit Platform from cloud accounts.

Using the service

• Web browser interface: Yes
• Using the web interface: We provide a control panel allowing users to provision, manage and decommission various aspects of this service. The web interface also provides access to a comprehensive set of documentation. Launch, manage and delete virtual network, compute and storage resources.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: N/A
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: All services can be fully configured through the AWS API. See https://docs.aws.amazon.com/index.html#user_guides for the full list of API interfaces. There are no limitations to how the service is configured via the API.
• API automation tools: Other
• Other API automation tools: AWS SDK
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Customer environments are logically segregated to prevent users from accessing resources not assigned to them. Each workload has their own EC2 Instance which ensures the independence of resources.; Service usage and infrastructure needs are continuously monitored. AWS maintains a monthly capacity planning model to assess infrastructure requirements and support future demands to implement additional resources based upon current and forecasted requirements.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Amazon Web Service (AWS)

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: User-defined
• Backup controls: Under user control, depending on buyer requirements. Backup schedules are agreed during customer onboarding.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Other
• Other protection within supplier network: Not applicable because the Lifebit Platform never transfers data which is deployed within the client network.

Availability and resilience

• Guaranteed availability: Well-architected solutions on AWS that leverage AWS Service SLA’s and unique AWS capabilities such as multiple Availability Zones, can ease the burden of achieving specific SLA requirements. AWS currently provides SLAs for several services. Due to the rapidly evolving nature of AWS’s product offerings, SLAs are best reviewed directly on their website (https://aws.amazon.com/service-terms/). More information available on request.
• Approach to resilience: AWS services are delivered from multiple data centres worldwide. When deploying the Lifebit Platform for AWS, Lifebit will ensure that services span multiple availability zones (data centres) to ensure service resilience.
• Outage reporting: Any outages can be reported through an API, email alerts and/or web chat support.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Identity and Access Management (IAM) credentials for linked cloud account. Further information available on request.
• Access restrictions in management interfaces and support channels: Management interfaces require authentication in the form of username and password. More information is available on request.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Description of management access authentication: Identity and Access Management (IAM) credentials.; Lifebit’s platform integrates with Active Directory (AD) service, which implements a Role-Based Access Control (RBAC) relying on user groups and attributes. The service authentication will leverage user information retrieved through the AD which supports different levels of access based on the roles. More information is available on request.
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SOCOTEC Certification UK Ltd
• ISO/IEC 27001 accreditation date: 03/02/2020
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2 Gap Assessment
  • HIPAA

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus,; HIPAA,; SOC 2
• Information security policies and processes: The Lifebit Platform is certified as compliant with ISO 27001 by a UKAS accredited certifying body. Management formally approves the information security strategy, policy, and architecture to ensure appropriate implementation, coverage and maturity for security controls and processes. We are able to supply our Information Security Policy subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Lifebit Platform's Services change management process aligns with ITIL v3 ITSM best practices. All the changes will be tested before deployment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We assess vulnerability and potential threats by performing annual penetration testing and frequent reviews by an Information Security Officer. We follow a model of continuous integration and deployment. New patches are scheduled to be deployed daily but in urgent occasions of threats Lifebit might proceed in deploying the changes as soon as possible. Penetration testing feedback (outsourced) and reviews from an Information Security Officer.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Lifebit leverages the cloud provider's security tools as the first layer of defence against unauthorised access. Audit logs of user activity are transferred to our protective monitoring solution, the Security Operations Centre (SOC), with a real-time view of cloud (infrastructure) activity and tools to identify suspicious behaviour such as suspected instances of unauthorised data access or data leaks. Alerts in response to malicious activity are reported directly to the client through services like AWS CloudWatch Service. ; Alerts are reviewed on a daily basis and appropriate action is taken upon review.
• Incident management type: Supplier-defined controls
• Incident management approach: Lifebit has a robust incident management process in place. Further details will be part of the master service agreement.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: As cloud providers, AWS maximise energy efficiency and reduce their carbon footprint by investing in best-practice usage of IT and support resources, which include: ; ; (a) optimising server utilisation, ; (b) investing in efficient cooling systems for data servers, and ; (c) distributing workloads to achieve energy efficient usage of server populations. ; ; Cloud sustainability focuses on managing resource allocation to provision resources cost-effectively, so that the consumption demands for compute infrastructure, and electrical support and maintenance systems, are matched in an energy-efficient manner. ; ; In accordance with the EU Code of Conduct for Energy Efficient Datacentres, the consumption of IT equipment in distributed datacentres is managed through: ; ; (a) optimised data storage approaches, ; (b) allocating correctly requisitioned computational resources, and ; (c) minimising the deployment of high-powered hardware equipment.; ; In addition, the use of mechanical and electrical systems to support the energy demands of IT resources in the data centre are under the control/fully manageable by the customer. Clients can monitor their usage patterns of resources consumed, and accordingly decommission under-utilised components. This flexibility in software and architecture management allows users to implement load smoothening practices, and deploy usage behaviour patterns that can consistently achieve sustainable utilisation of electrical and mechanical energy resources over the long-term.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Lifebit pledges to adhere to our carbon reduction plan and ensure that our operating services create minimal environmental impact.; ; In recognition of how important it is to mitigate the detrimental impact of our actions on the environment, Lifebit’s policy is to ensure that, wherever reasonably practicable, we work together to try and reduce the negative impacts our actions can have, for example, the impact of our travel. Our net zero target is to reduce our greenhouse gas emissions to net zero emissions on or before our target by 2040.

  Covid-19 recovery

  The Lifebit Platform supports organisations working on COVID-19 vaccines and treatments by providing a secure research environment that brings analysis and researchers to the data. Our clients have used the Lifebit Platform to create a research environment for COVID-19 data and analytics, providing world-class patient data security as the data never leaves the environment, while also allowing flexible research access. Therefore harnessing the potential of genomic data research to continue developing vaccines and treatments, ultimately helping communities to manage and recover from the impact of COVID-19.; ; Lifebit believes that data should never be an obstacle to curing diseases and saving lives. We strive to improve the health of individuals globally by enabling research and scientific discoveries through advanced technology and access to data.

  Tackling economic inequality

  Lifebit’s Economic Pledges:; ; We pledge to facilitate collaboration between data custodians and pharmaceutical companies that will help alleviate funding constraints for data custodians.; ; We pledge to support start-ups and SMEs through our supply chain to support new talent and innovation.; ; Lifebit’s Education and Skills Pledges:; ; We pledge to provide educational and knowledge-sharing opportunities for people working or studying in the global life sciences sector on topics relating to health informatics and genomics. ; ; We pledge to raise awareness of the role of data in curing disease amongst the science and research community.; ; We pledge to provide our staff with opportunities to expand their knowledge and skills beyond mandatory training to support their career development.

  Equal opportunity

  We are committed to promoting equal opportunities in employment and creating a workplace culture in which diversity and inclusion are valued and everyone is treated with dignity and respect. As part of our zero-tolerance approach to discrimination in any form, all job applicants will receive equal treatment regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or parental status, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation (protected characteristics). We are also committed to providing equitable treatment to all those we deal with as an organisation, including customers and suppliers. ; ; Employment and Volunteering Pledges : ; ; We pledge to create and retain an inclusive and diverse workforce that attracts people from all genders, races, ages, abilities, sexual orientation, religions and cultures.; ; We pledge to use our skills, knowledge, and resources to empower and support people living in some of the underrepresented communities we serve.

  Wellbeing

  Lifebit’s Wellbeing Pledges: ; ; We pledge to enable our partners around the world to improve the quality of life for those living with disease through our technology by making data needed for research accessible. ; ; We pledge to continue to provide resources and opportunities that promote the social, physical and mental well-being of our employees.; ; Lifebit’s Remote Working Policy:; ; Lifebit is a remote-first company. Recognising the importance of mental health, Lifebit supports and values its employees' well-being and fosters an environment where individuals can thrive working remotely. By following this policy, we can maintain a harmonious relationship between personal well-being and professional growth.; ; The benefits of remote working include job satisfaction, flexibility, and savings on travel costs, which reduce stress.

Pricing

• Price: £1,550 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at procurement@lifebit.ai. Tell them what format you need. It will help if you say what assistive technology you use.