GREENLORD STUDIOS LIMITED

SaaS Platforms - Software as a Service

Greenlord Studios has developed a number of award winning SaaS platforms for clients, in a range of industries. Software solutions and associated platform environments are developed by our team of experience engineers.

Features

• Award-Winning SaaS platform development
• Full Stack development
• Collaborative development
• Hybrid development
• Database development
• Admin and User Portal development

Benefits

• Deliver cloud and mobile native application
• Reach new markets
• Create new business tools and processes

£400 to £750 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at liam.mcelroy@greenlordstudios.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

736836422376481

Contact

Liam McElroy
07847410251
liam.mcelroy@greenlordstudios.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Pre existing software platforms
• Cloud deployment model: Hybrid cloud
• Service constraints: Come back to this
• System requirements:
  • Access to a modern internet browser
  • Internet Connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times agreed by SLA, with normal operating hours being betwen 9am and 5pm Monday to Friday, excluding UK bank holidays. Out of Hours support is available at additional cost, to be agreed by SLA.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Typically support levels and availability is agreed when discussing the SLA, but as standard, developers are available for questions and concerns 9-5 Monday to Friday excluding UK bank holidays. During development, a regular meeting schedule is agreed upon to provide updates and insights into the project, and to allow a more formal environment for clients to ask questions. Out of hours support is available, and can be agreed upon when drawing up the SLA.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Pre-production of the platform will consist of multiple design meetings, either virtually or in person, to agree upon a technical specification.; Once the platform is created, on boarding documents can be created for users following the client's specifications
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Word
  • Excel
• End-of-contract data extraction: If a user decides to terminate the service provided by Greenlord Studios, any and all relevant data will be provided to the client in an electronic format of their cost. This may incurr a fee if the volume of data is particularly high, or the preferred format is non-standard.
• End-of-contract process: Everything agreed upon in the SLA is included in the price of the contract, up to and including handover training and documentation. If it is not agreed upon when creating the SLA, onoing support can be discussed as an additional cost, depending on what level of support is needed.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Buyers have total control over what is developed by our team. We will work the client to develop a technical specification, and the client will have access to it at every stage of development. Regular stand-ups will also ensure that the client is aware of what is being developed and when, and will offer them ample opportunity to ask questions or make changes.

Scaling

• Independence of resources: When agreeing upon SLA, hosting solution tiers will be discussed in regards to user volume, and speculative user volumes will be used to project likely scenarios. Hosting solutions are always set up to be scalable, so that future changes in user volume can be accounted for

Analytics

• Service usage metrics: Yes
• Metrics types: When designing the platform and accompanying admin portal, service metric trackers can be agreed upon and implemented upon request.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: FIPS 140-2 Compliant. All data at rest is protected by Azure storage unless different secure storage volume specified by client.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: During creation of the SLA, it will be decided upon with the client how best to export user data whenever it is requested, and user data will be exported in whatever format is agreed upon
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF
  • Whatever is agreed upon in SLA
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Whatever is agreed upon in SLA

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee a 95% availability. If we are unable to meet that guarantee, clients shall be refunded for hosting costs for associated time.
• Approach to resilience: We use Azure hosting as our datacentre setup and for hosting. Azure has multiple data centres within the UK to provide redundancy. Our services are also penetration tested for vulnerabilities which are addressed prior to launch.
• Outage reporting: When agreeing upon the SLA, any outages or issues reporting can be outlined by the client and implemented into the platform.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Client can specify user Authentication during design discussions
• Access restrictions in management interfaces and support channels: Role-Based Access Control
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: Management access authentication can be decided upon by the Client during the design phase

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We follow best practices outlined by Microsoft
• Information security policies and processes: We follow Microsoft best practices

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: These processes are defined by the Client during discussion phase of the SLA. As well, the service is configured to current best practice as outlined by Microsoft, and change management would be updated as best practices change, or by request of the Client.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats to the service are regularly assessed by a third-party CREST certified penetration tester. Patches are deployed with utmost urgency as and when they are required. Information about potential threats is also provided by the penetration tester.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: During SLA creation, protective monitoring processes will be agreed with the client to best suit the needs of the platform. By default, we use Auth0 and Microsoft which have in built monitoring alerts.
• Incident management type: Supplier-defined controls
• Incident management approach: During creation of the SLA, the client can instruct on what the incident management processes should be, and how they can best be tailored to suit the platform being created.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Greenlord Studios is based out of Middlesbrough, an area faced with significant amounts of poverty and wealth inequality. We strive to hire developers from the area, and in the past have hired a number of young developers from the local area who have graduated from Middlesbrough college or from Teesside University. We have worked with Middlesbrough college a number of times to enrich their students and assist in their teaching. As well, we have supported students from the college with part time jobs as they finish their studies.

Pricing

• Price: £400 to £750 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at liam.mcelroy@greenlordstudios.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.