DBaaS Ltd

Database Management Services

We at DBaaS Ltd specialize in Database managed service to offer full-time database support. You can get experienced database administrators (DBAs) from here who are well versed in a wide range of technologies, platforms, and potential integrations. DBaaS Ltd provides round-the-clock support and get regular reports on your database environment.

Features

  • Archiving, Backup, Disaster Recovery on Databases Management.
  • Compute and application hosting with Data warehousing support.
  • Support, managed or consulting services any platform.
  • Essentials (BAU), LIVE Services and Migration Services.
  • Relational & NoSQL database & Other Database Services.
  • DBaaS, PaaS, IaaS using Outsourcing or On-Premises Support.
  • Infrastructure and Platform Support with B2B / B2C.
  • Short Term, Long Term, Specific Statement of Work.
  • 24×7×365 services for continuous support, maintenance.
  • Protective monitoring & Logging and analysis & User Management.

Benefits

  • Database Management in any platform and cloud services.
  • DBA Supports in RDBMS, NoSQL, BigData, Opensource.
  • Oracle Middleware, eBiz, Exadata, Databases Architect & Design.
  • MySQL, PostgreSQL, Pivotal GreenPlum On premises Cloud Platform.
  • Build, Configure, Migrate Databases to AWS, Azure or Google Cloud.
  • Automation on DBA activities in the cloud and on-premises.
  • Redshift, RDS, MongoDB, Elasticsearch DB.
  • Archiving, Backup & Recovery, Disaster Planning & Assurance.
  • Monitoring Process, Message Notification & Log queuing.
  • Secure and User Managements on Database Management systems.

Pricing

£400 to £1,200 a user a day

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@dbassltd.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

7 3 7 5 9 9 2 6 0 3 8 5 8 9 7

Contact

DBaaS Ltd DBaaS Ltd
Telephone: +44 07480 080202
Email: admin@dbassltd.com

Service scope

Service constraints
The service excludes any third-party software licensing&third-party support costs(unless these are included in the infrastructure provider pricing)•The service does not include support for database-specific content including data change or deletion or data integrity checks.•The service does not include support to major database RDBMS change&release activities,this is available as a service option•The service excludes the implementation of service requests. These are charged separately on a T&M basis•The service excludes support for security accreditation and testing •The service excludes visits to customer sites,including the attendance of service reviews; attendance will be subject to prior agreement with any expenses incurred charged additionally
System requirements
  • 8 GB RAM
  • Windows 10 or Windows 11
  • 256 GB SSD
  • AWS or Azure Cloud Partner
  • Office 365 License-Standard
  • Mac Pro or Mac Airbook

User support

Email or online ticketing support
Email or online ticketing
Support response times
We respond to all questions within 8 business hours. Normal business hours are 09:00-5:00 Mon-Fri excluding UK holidays. We regularly respond to questions within 4 business hours, and we immediately work on all inbound questions to establish urgency and set appropriate priorities. We provide an SLA based on the clients requirements. Weekends : 10am to 4pm on Saturday and 11am to 3pm on Sunday with extra costs.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
Chatbot
Onsite support
Onsite support
Support levels
We provide a service desk for our managed services customers. Also, assigned consultants or architects will respond in 8 business hours of response time. Our Support offering is not driven by a standard service catalogue; and also provides the tailored support levels to meet your specific needs to provide the right level of support to meet your business requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We can provide online training, user documentation or Onsite training
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • PDF
  • Word Document
  • Visio
  • Powerpoint
End-of-contract data extraction
We do data extractions and preparing the contracts handover during the contract end periods.
End-of-contract process
We do full KT (knowledge transfer) and cross-training to the team members and permanent member of the staffs. Preparing the full confluence documents in the intranet or global usage in the organisations. Preparing the full online training or in-house training to the business to technical team and technical to business and non-technical to business teams.

Using the service

Web browser interface
Yes
Using the web interface
Using the ultra viewer with the vpn connected interface.
Web interface accessibility standard
WCAG 2.1 AAA
Web interface accessibility testing
Yes, all the web interface been tested with the cyber security specialists with Cyber Essentials team.
API
Yes
What users can and can't do using the API
User familiarize with the API activities and how to integrated to services to another application. setup via java thin client or nodejs or java or any relative coding's. No limitations to how users can setup
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
Other API automation tools
Jenkins
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
Using the bash scripts or python or shell scripts or windows command centre scripts using the services using the CI/CD or notepad++ or visual studio.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
We keep monitoring 24/7 with proactive team independently and managing all aspects of business activities to be monitor without affected the BAU and live services. All users will be under full SLA support as requested and ensure there is zero tolerance and zero downtimes.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • SMS
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Storage Access
  • Portable Wifi Data dongle devices
Reporting types
  • API access
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files
  • Database
Backup controls
We do system folders backup and email backups into centralized mapped drives with the one drive or NFS system used in the mapping profiles.
Datacentre setup
Multiple datacentres
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
A service level agreement (SLA) is a documented agreement between a service provider and a customer that identifies both the services required & expected level of service. The agreement varies between vendors, services, and industries. Handle all incoming Support Queries in accordance with SLA response times attached on DBaaS Ltd Onboarding process page, provided always attempted first (but been unable) to resolve the relevant issue through its own internal IS resources; Communicate via telephone and e-mail; Be available during standard service hours, and only provide telephone or email support through people who are fluent in the English language. Supplier is prevented or delayed in performing its obligations due to Force Majeure. In these circumstances, the Contract Price shall be adjusted and any necessary refund or credit effected in accordance with the Authority’s reasonable instructions.
Approach to resilience
Provide a full detailed resilient plan and technical documents wrapper around the Service which shall include, but is not limited to, our IT strategy, service resilience, performance monitoring and reporting, service reviews to monitor progress and discuss issues (e.g. quality of delivery, resource, troubleshooting, risks and issues with proposed mitigations). Performing all activities within various Systems Development Life Cycle (SDLC) types including Waterfall, Agile and DevOps. Ensure a timely response to address the need, with resilience to provide substitute or replacement capability when required to avoid service disruption. Engaging Operations teams to get a buy-in on approach and co-ordination and scheduling of work to secure technical resource(s) (where applicable) to assist in an emergency. Be versatile across multiple channels including web, social and print media. Contain elements/icons that can be used across various digital and print mediums including a website. We need to reflect the tone of the buyer's instance – less emphasis on the ‘touchy feely’ environmental green tropes and more a focus on innovation, action and technical solution
Outage reporting
SERVICE LEVEL REPORT 1) Before the 10th calendar day of each month (or the previous day, if the 10th calendar day in the relevant month is not a Working Day), the DBAAS Ltd shall provide GCloud services with a report containing accurate figures of performance against each Service Level including, with regards to Availability, the levels of Scheduled and Unscheduled Downtime in the previous month and in the previous three (3) month period on a cumulative basis and on a rolling basis, together with details of any instances of non-compliance with the Incident Resolution Service Levels. Handle all incoming Support Queries in accordance with SLA response times attached in DBaaS Ltd Onboarding process page, provided always attempted first (but been unable) to resolve the relevant issue through its own internal IS resources; Communicate via telephone and e-mail; Be available during standard service hours; and only provide telephone or email support through people who are fluent in the English language.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Gain access to cloud-based data lakes and data warehouses. Their goals are to increase the agility, security, and reliability of their applications, to lower costs, and to improve data analytics capabilities. Moving a clould based platforms and software deployment to a new location is a multi-step process that involves tasks that must be identified, planned, implemented, and tested.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Information Security Management System (ISMS)
ISO/IEC 27001 accreditation date
30/06/2021
What the ISO/IEC 27001 doesn’t cover
Nothing to say, it covers most of the services as per Our ISO 27001 accreditation means that we have put all necessary measures in place to ensure that our clients' information is always protected.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
30/06/2021
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/A
PCI certification
Yes
Who accredited the PCI DSS certification
Barclays
PCI DSS accreditation date
30/06/2021
What the PCI DSS doesn’t cover
N/A
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • Memset Hosting
  • GCHQ Certified Master of Cyber Security
  • CISSP
  • CMFS
  • CEH
  • CVI

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
We do follow the CyberEssentials Plus and Memset Hosting

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration&Change Management we follow to control the environment releases by raising a change in Buyer's support system&linking it to the initial SR/Incident.The approval is sought in a regular CAB-meeting scheduled to take place once a week.We can hold emergency CABs-or-seek approval outside CAB from our release manager.We try to limit these approvals outside CAB to a minimum.When working with the support company,the team will attend the CAB meeting to represent the change, but the support company may be asked to fill out some technical details in a 3rd party RFC document, our team also to represent the change in CAB.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Automated vulnerability management scanning tools should be run on a monthly frequency and against all solution components and their supporting infrastructure. Vulnerability scanning tools should provide vulnerability risk scores in accordance with the common vulnerability scoring system (CVSS) version 3. Penetration testing (CREST/CHECK/TIGER scheme). Patch management (including any policies and procedures). Version control, Remediation action plans (please detail SLA timescales for high, medium and low CVSS scored vulnerabilities). There also needs to be a requirement for user accountability (logging and monitoring). Is BYOD permitted? If so, is it corporately managed?
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring Services which support its strategic communications, media outreach activities and track and measure the success of its PR campaigns; across all sites. We do protective monitoring processes means appropriate technical and organisational measures which may include: pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of such measures adopted by it;
Incident management type
Supplier-defined controls
Incident management approach
We can predictive intelligence, which uses detailed incidents reports to respond to requests and Performance analytics to create data visualizations, anticipate trends, prioritize resources, and improve performance and Incident management and problem management to restore services quickly after an unplanned interruption or a major incident Asset management to get a complete, connected view of all assets We can be able to communicate via telephone and e-mail; Be available during standard service hours; and provides telephone or email support through people who are fluent in the English language. a)Incident and Problem Management c)Ticketing Management d)Service Request Management

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Red Hat Virtualisation
How shared infrastructure is kept separate
We keep the same infrastructure as kept apart as BAU continuity and improving the upcoming projects to delivering the best tactical and strategic solutions to the best of infrastructure

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
We do solution will be based on a cloud-based architecture with the solution hosted within a minimum of two ISO 27001 (2005) accredited datacentres located in the UK. Increasing the use of public / zero emission transport modes. Stimulating demand for energy efficient products and low environment impact services. Contributing to local climate change mitigation targets. Increasing energy efficiency of domestic an operational buildings and business activities. Encouraging local, ethical and fair-trade purchasing.

Social Value

Fighting climate change

Fighting climate change

We do more to understanding your carbon emissions. ... Drive more efficiently. In particular, observe speed limits and avoid rapid acceleration and excessive breaking. Don’t drive aggressively. Commute by carpooling or using mass transit. ... Plan and combine trips. ... Drive more efficiently. ... Switch to “green power.” Switch to electricity generated by energy sources with low—or no—routine emissions of carbon dioxide.
Covid-19 recovery

Covid-19 recovery

3.2 In light of the Coronavirus disease (COVID-19) it is the intention of buyer's to be as flexible as possible in relation to the procurement process for the GCloud hosting to support the tender however this will remain within the parameters of the Public Contract Regulations 2015 (PCR 2015). Please note that Supplier's will use reasonable endeavours to notify all tender participants of any potential risks which may delay the procurement process and its subsequent award and implementation.
Tackling economic inequality

Tackling economic inequality

DBaaS Ltd is committed to tackling economic inequality at root. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.
Equal opportunity

Equal opportunity

1.The Authority and Supplier shall continue to monitor the performance and objectives of this Contract throughout its duration and to make any amendments or changes necessary to this Contract, or its performance or objectives in order further to promote equality, diversity and equal opportunity. 2. The Supplier shall notify the Authority immediately in writing as soon as it becomes aware of any investigation or proceedings brought against it in relation to equality, diversity or equal opportunity whether under the Act or otherwise. 3. Where any investigation is conducted, or proceedings are brought which arise directly or indirectly out of any act or omission of the Supplier, its staff, employees, workers, consultants, agents or Sub-Contractors and where there is a finding against the Supplier in any such investigation or proceedings, the Supplier shall indemnify and keep indemnified and hold harmless the Authority and the Chief Constable with respect to all costs, charges and expenses (including legal and administrative expenses on an indemnity basis) incurred by the Authority during or in connection with any such investigation or proceedings and further indemnify and keep indemnified and hold harmless the Authority from and against all and any compensation, damages, costs, losses ,fines, penalties or other award (including any interest) the Authority may be ordered or required to pay. 4. If a finding of unlawful discrimination or breach of equal opportunities legislation (including but not limited to the Act) is made against the Supplier or against the Authority arising from the conduct of the Supplier or any of its employees, workers, consultants, agents or Sub-Contractors, the Supplier shall take immediate remedial steps to prevent further recurrences and shall advise the Authority of the steps taken. 5.Where any investigation is undertaken by a person or body empowered to conduct such an investigation and/or proceedings are instituted
Wellbeing

Wellbeing

The DBaaS Ltd promotes the health, safety and wellbeing of patients, service users and the public by raising of regulation and voluntary registration of people working in health and care. DBaaS Ltd, is to drive UK global leadership in Intelligent Mobility, promoting sustained economic growth and wellbeing through integrated, efficient and sustainable systems, innovative accelerators and processes to people values: Care, Collaboration, Courage and Integrity.

Pricing

Price
£400 to £1,200 a user a day
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Demo covers the basic information about the solutions provided on the free version using masking data and don't have testing or real activities data. Actual real or users data is not included Periods will be 3 months maximum derived based on the certain limits based on the cloud services providing.
Link to free trial
Not Available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@dbassltd.com. Tell them what format you need. It will help if you say what assistive technology you use.