SS Technologies

Cloud Development & DevOps Continues Delivery Service

As a Service company therefore, we have set our infrastructure in such a way that could help us provide wide range of services like Digital Transformation, Development and Strategy in Digital, Delivery Management, Cloud Migration, E2E Service Management, Application support & Cyber security.

Features

• Scalability
• Reliability
• Security
• Integration
• Backup and disaster recovery

Benefits

• enable business to adjust resources to optimise costs
• Provide reliability to ensure high availability
• Implement advance security measures
• Integrate seamlessly with other applications and services
• Built in backup and disaster capability for quick restore

£500 to £2,000 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@sstechnologies.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

671068732871007

Contact

Lakshmi Pedamallu
07961860483
admin@sstechnologies.co.uk

Service scope

• Service constraints: Yes, but can also be used as a standalone service
• System requirements:
  • Operating System Compatibility
  • Hardware Resources
  • Security Protocols
  • Integration Compatibility
  • Compliance requirements or regulations

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We support 3 level of assistance. L1 Support is the initial point of contact for users seeking assistance, typically handles basic inquiries and troubleshooting. Involve providing access to online documentation and basic troubleshooting steps. Response times are relatively quick. L2 Support provides more in-depth technical assistance. Involve troubleshooting more complex issues, performing system diagnostics & configuration updates - some times workarounds. Response times are typically faster than L1 support. L3 Support is the highest level of technical support and is reserved for the most complex and critical issues that can’t be resolved by L1 & L2 support, such software bugs as a fix, performance optimisation, and system integrations. Most of the time they work with development team as design need to aligned with current development cycle (if any). Response time may vary based on severity, priority as fix/change need to be agreement with other parties. Cost, L1/L2/L3 support typically comes with different pricing structures based on factors such as response times, availability, and the level of expertise required, that could be based on Key Performance Indicator (KPIs)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Using a cloud software involves several key steps Users sign up for the service, offer onboarding resources and training materials to help users get started. Likes of migrating from an existing system, users may need to transfer data with the provider's assistance and configurations to the new cloud software application, that often offers tools or assistance to facilitate a smooth migration process. For customisation and integration options allow users to tailor the software to their workflow and integrate with other tools if needed. Throughout the process, technical support is available to address any questions or issues.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Wiki
  • Confluence
• End-of-contract data extraction: When service comes to an end, the process of extracting data is crucial to ensure that valuable information isn't lost, we can offer several methods. Built-in data export tools. These tools empower users to download their data in various standard formats such as CSV, XML, or JSON. Application Programming Interfaces (APIs) provided by cloud software services enable users to programmatically access and retrieve their data. This method is particularly useful for users with technical expertise, as it allows for the extraction of structured data which can be used for analysis, integration with other systems. Backup and restore functionality.
• End-of-contract process: At the conclusion of a contract with a cloud software service, several critical procedures ensure a seamless transition and safeguard the user's data and interests. Firstly, comprehensive documentation is paramount. This documentation encompasses both business and technical perspectives of the software. From a business standpoint, it includes detailed business scenarios and insights gathered from engagements with business Subject Matter Experts (SMEs). These documents articulate the business requirements, objectives, and any bespoke configurations implemented during the contract tenure. From a technical viewpoint, designs such as High-Level Design (HLD) and Low-Level Design (LLD), along with precise technical specifications, are meticulously documented. This comprehensive documentation ensures a clear understanding of the software's architecture, functionality, and alignment with business needs. Furthermore, Knowledge Transfer (KT) sessions play a pivotal role in ensuring knowledge continuity. These sessions are meticulously crafted to provide stakeholders with a deep understanding of the software's functionalities, configurations, and potential technical intricacies. Both business and technical aspects are covered comprehensively, ensuring users are equipped to effectively leverage the software and manage any technical nuances that may arise.

Using the service

• Web browser interface: No
• API: Yes
• What users can and can't do using the API: API can be defined and developed as per client needs, as our API services can be REST/SOPA/XML can also do transformation.
• API automation tools:
  • Ansible
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
  • Other
• Command line interface: Yes
• Command line interface compatibility: Linux or Unix
• Using the command line interface: That can be agreed by the client requirements

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Via auto scaling and again this can be tailored based on client requirement and usage as the infrastructure can varies with volumes.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Automated Backup
  • Snapshotting
  • Disaster Recovery (DR)
• Backup controls: Yes we can support various backup strategise based on client needs
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: As a common SLA guarantee 99.9% uptime and it can be agreed in time based on customer bespoke requirement along with load. If the cloud software service fails to meet the agreed-upon uptime guarantees outlined in the SLA, users may be entitled to refunds or service credits as compensation for the downtime experienced. The specific refund or credit policies vary depending on the provider and the terms outlined in the SLA.
• Approach to resilience: We can put in place various resilient approaches like Redundancy, Load Balancing, Failover Mechanisms, Data Replication, Automated Monitoring and Alerting, Disaster Recovery Planning to ensure uninterrupted service delivery and mitigate the impact of potential failures or disruptions.
• Outage reporting: Via public dashboard using monitoring & alerting along with email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We use Role-Based Access Control, Multi-Factor Authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Information Security Policy, Data Classification and Handling, Identity and Access Management (IAM), Data Encryption and Key Management, Incident Response and Management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Can be tailored based on client needs.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Based on client needs.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Based on client needs.
• Incident management type: Supplier-defined controls
• Incident management approach: Based on client needs.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Different organisations sharing the same infrastructure are kept apart through various mechanisms designed to ensure isolation, security, and resource allocation like Virtualisation, Resource Allocation, Network Segmentation, Storage Separation.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We use AWS or Azure

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  As an organisation, we are committed to equality, believing that opportunities should be equal and free from discrimination based on gender, race, or any other factors

  Wellbeing

  As an organisation, prioritizing wellbeing involves fostering a supportive and healthy work environment that promotes physical, mental, and emotional wellness among employees.

Pricing

• Price: £500 to £2,000 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can provide PoCs

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@sstechnologies.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.