Skip to main content

Help us improve the Digital Marketplace - send your feedback

MAXIRON LTD

IBM MAS 8 Upgrade

Solve the issue of inconsistent and unsupportable one-off upgrades with a fixed cost upgrade. Through productized and automated upgrade tooling we can upgrade a system in days rather than months
We support the delivery of MAS upgrades through our innovative upgrade factory

Features

  • AI Powered Upgrade Analysis
  • Automated Upgrade & Cloud Migration
  • Zero unplanned downtime
  • Secure & highly available (99.99%)
  • No data loss
  • Reduced customisation
  • Database agnostic

Benefits

  • Get to trial Upgrade in less than 10 days
  • Fixed upgrade costs
  • Continuously Upgraded
  • Always New Environment
  • Remove Upgrade Uncertainty
  • Repeatable and fast

Pricing

£10,000 to £35,000 a unit

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robert.carew@maxiron.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 2 5 0 7 4 7 4 5 5 5 5 1 3 4

Contact

MAXIRON LTD Robert Carew
Telephone: +44 7834533517
Email: robert.carew@maxiron.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
IBM Maximo Application Suite
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
None
System requirements
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Questions will be responded to within 4 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
MaxIron provides one level of support for this offering as it is an upgrade offering and therefore different support levels are not applicable.

The support is included in the offering cost.

There is a technical account manager who is responsible for the support
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our offering is delivered in 3 stages and for Stage 1 - Analyse and Price, we provide full instructions on how to use the service via online user documentation and video.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
At the conclusion of a service contract, we understand the importance of ensuring that our clients can seamlessly transition their data to another system or store it securely. To facilitate this, we have established a straightforward and efficient process for data extraction that respects client data ownership and privacy.

Notification of Contract Termination:
Clients are reminded before their contract ends about the need to extract their data. This notification includes detailed instructions on how to initiate the data extraction process and points of contact for assistance.

Data Extraction
MaxIron will perform the data extraction to the time
frame and for the time period required.

Secure Data Transfer:
Once extraction has completed, we will initiate the transfer process. Data will be transferred to a secure cloud storage service of their choice via secure protocols.

Confirmation and Support:
After the data extraction is complete, users receive a confirmation email summarizing the extracted data and its destination. Our support team is available to assist with any issues or questions that arise during the extraction process.
End-of-contract process
At the end of the contract the customer can continue with the upgraded environment or they can end the service and have their data returned to them.

If the customer elects to utilise the upgraded environment then the ongoing payment for this is via a seprate service contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There are no functional differences. In terms of usability, menus and sidebars will hide based on device size.
Service interface
No
User support accessibility
WCAG 2.1 AA or EN 301 549
API
No
Customisation available
No

Scaling

Independence of resources
Each upgrade is run on its own provisioned infrastructure and it is scaled as required.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
MaxIron will export the customers data to an agreed timeframe and cutoff point. This will be provided in two formats:
1. The original format provided by the customer for the files they uploaded
2. A open format text document of the method statement for the upgrade
Data export formats
  • CSV
  • ODF
Data import formats
Other
Other data import formats
  • SMP (IBM Maximo Code)
  • DMP (IBM Maximo Database)

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Service availability does not apply to this service as it is an upgrade software service.
Approach to resilience
Information is available on request.
Outage reporting
Email alerts are the primary notification mechanism for outages with this service.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Access to our management interfaces and support channels is governed by a multi-layered security protocol including:
Role-Based Access Control (RBAC): Users are granted access rights and permissions based on their specific role within the organization. This ensures that individuals can only access information and perform actions pertinent to their job functions.
Least Privilege Principle: We strictly enforce the principle of least privilege by ensuring that users have only the minimum level of access required to perform their tasks.
Regular Audits: Access rights and privileges are regularly reviewed to ensure compliance with our security policies and to prevent privilege creep.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
MaxIron adheres to comprehensive information security policies guided by international Astandards such as ISO 27001 and GDPR. We fully comply with these standards ensuring robust data protection and security management.
Our Chief Information Security Officer (CISO) oversees our comprehensive security strategy. The CISO reports directly to the CEO and board of directors, ensuring that senior leadership is continuously informed of security status and issues. Below the CISO, our security team executes the day-to-day operational tasks while remaining in compliance with our established policies.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Our configuration and change management processes are designed to ensure stability, security, and consistency in our IT environment. We utilize Jenkins and Puppet for configuration management and JIRA for tracking changes, ensuring that all components of our services are managed effectively through their lifecycle.
To assess the potential security impacts of proposed changes, we conduct a thorough security risk assessment as part of the change evaluation process
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Our vulnerability management process is designed to proactively identify, assess, and mitigate potential threats to our services. We utilize industry-standard tools and practices to ensure comprehensive coverage and rapid response to emerging threats. This process is integral to maintaining the security and integrity of our services.

We assess potential threats to our services by conducting regular vulnerability scans using Qualsys.

Patches are deployed according to the severity of the vulnerabilities identified. Critical vulnerabilities are addressed within 24 hours of identification, with patches tested and then rolled out across affected systems
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our protective monitoring process is a cornerstone of our cybersecurity defense strategy. It involves continuous monitoring and analysis of our environment to quickly detect and respond to potential security threats. We leverage advanced Security Information and Event Management (SIEM) tools, integrated with intrusion detection systems (IDS) and intrusion prevention systems (IPS) to ensure comprehensive surveillance and proactive threat hunting. We maintain continuous vigilance through our protective monitoring processes, regularly updating our tools and techniques in line with evolving threats and technological advancements.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Our incident management process is designed to efficiently handle and resolve any incidents with minimal disruption to our services. We follow best practices as outlined in ITIL service management guidelines to ensure a structured and effective approach. This process includes predefined response strategies for common incidents, a reporting system, and comprehensive incident documentation to ensure transparency. We have established pre-defined processes for common and anticipated events such as network outages, data breaches, software malfunctions, and hardware failures. Our processes are subject to continuous improvement. We regularly review incident reports and response outcomes to identify trends and areas for enhancement.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity

Fighting climate change

We are dedicated to fighting climate change by implementing sustainable practices in our service delivery. This includes optimizing data center usage for energy efficiency, using renewable energy sources, and adopting a cloud-first strategy to reduce carbon footprints.

Equal opportunity

Our commitment to equal opportunity is reflected in our hiring and management practices. We strive for diversity and inclusivity, ensuring that individuals from all backgrounds have equal opportunities to contribute and advance within our organization. We also implement accessibility features in our software products, making technology more accessible to users with disabilities.

Pricing

Price
£10,000 to £35,000 a unit
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Our upgrade offering includes a free analysis and pricing stage.
Link to free trial
Maxiron.com/trialupgrade

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at robert.carew@maxiron.com. Tell them what format you need. It will help if you say what assistive technology you use.