ITHQ LTD

Automox - Automated Patch Management

Automox's Automated Patch Management service is a cloud-based solution that automates patching and configuration for Windows, macOS, and Linux systems. It ensures all endpoints are consistently up-to-date, significantly reducing vulnerabilities and enhancing cybersecurity across an organisation’s network, streamlining IT operations with powerful automation tools.

Features

• Manage updates for Windows, macOS, Linux from one dashboard.
• Automatically updates OS and third-party applications across devices.
• No additional hardware needed; fully cloud-operated.
• Dashboard displays up-to-date patch compliance status.
• Set custom patching policies to meet organisational needs.
• Ensures safety with secure script signing.
• nstantly address issues on Windows and macOS remotely.
• Organise devices by departments, OS, or regions.
• Extends patching beyond OS to third-party software.
• Leverages AI for smarter, more efficient endpoint management.

Benefits

• Automatically updates systems, saving time on manual patching.
• Keeps software up-to-date, minimising vulnerability exposure.
• Automates routine tasks, allowing focus on strategic initiatives.
• Maintains systems in compliance with industry standards.
• Manages all endpoints from a single platform.
• Quick patch deployment ensures continuous operation.
• Patches remote systems without needing VPN connectivity.
• Tailors patching and configuration policies to specific needs.
• Offers immediate visibility into endpoint security status.
• Efficiently handles increasing numbers of devices and software.

£30 a device a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

762009607503269

Contact

Dale Nursten
02039977979
bidteam@ithq.pro

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Internet Dependency: Requires a consistent internet connection for cloud-based operations.; Operating System Compatibility: Limited to specific versions and configurations of Windows, macOS, and Linux.; Scheduled Maintenance: May experience temporary service disruptions during planned maintenance windows.; Hardware Requirements: Endpoint devices must meet minimum specifications for the Automox agent.; Software Patching Limits: Supports a set list of third-party applications for patch management. More details available at https://help.automox.com
• System requirements:
  • Windows (7, 8, 8.1, 10, 11)
  • MacOS (10.14+)
  • Linux RHEL 6+, CentOS 6+, Fedora 28+
  • Requirement: Minimum 1 GHz processor or faster.
  • At least 512 MB of RAM recommended.
  • Disk Space: Minimum 250 MB free disk space.
  • Outbound connections to specific Automox domains over HTTPS (port 443).
  • Continuous internet connection required for cloud communication.
  • Windows Server 2008 R2 to 2022
  • Linux Ubuntu 16.04+, Debian 9+

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Dependent on SLA purchased, we have three; 8x5xNDB, 8x5x4 and 24x7x4
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Automox support levels vary based on subscribed standard, premium and premium plus services More details in this documents:; https://patch.automox.com/rs/923-VQX-349/images/Automox-Premium-Support-Plans.pdf
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ITHQ will support the on-boarding of the solution with an agreed Scope of Works document customised to meet the customers' requirements.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data export tools within the platform.
• End-of-contract process: At the end of the contract the customer will be offered the option of extending their subscription or ceasing to use the platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The Automox API is a powerful interface that allows you to integrate Automox reporting data into your applications and control your devices, policies, and configurations. All endpoints are only accessible via HTTPS and are located at https://console.automox.com/api/
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Policies and Configurations: Users can customise patch management policies, including what to patch (OS and third-party applications), when, and how frequently. Configuration settings can also be tailored to specific security or operational needs.; Grouping and Tagging Devices: Devices can be grouped and tagged based on criteria such as department, operating system, or geographical location, allowing for targeted management strategies.; Worklets: Automox allows the creation of custom scripts or Worklets that can automate almost any action on endpoints that the Automox agent is installed on, from software deployment to advanced configuration changes.; ; Via the Automox Console: Most customisations, including policy adjustments and device grouping, are performed through the Automox web-based management console, which provides a user-friendly interface for all administrative tasks.; Using Automox Worklets: For more technical customisations, users can write their own Worklets or modify existing ones using PowerShell (Windows) or Bash (Linux and macOS), directly from within the console.; ; IT Administrators & Developers: In organisations where customisation needs are more complex, developers may get involved to script and deploy custom Worklets to automate specific tasks or integrate with other systems.

Scaling

• Independence of resources: Scalable Cloud Infrastructure: Automatically adjusts resources to handle increased loads without affecting performance.; Resource Isolation: Utilises virtualisation to separate user processes, preventing one user's activity from impacting another's.; Load Balancing: Distributes traffic evenly across servers to avoid overloads and ensure consistent service levels.; High Availability Systems: Includes redundancies and automated failover capabilities to maintain service continuity.; Performance Monitoring: Proactively monitors and manages system performance to preemptively address capacity issues.

Analytics

• Service usage metrics: Yes
• Metrics types: Patch Compliance: Indicates the percentage of devices updated with the latest patches, critical for security and functionality.; Vulnerability Exposure: Identifies and assesses vulnerabilities by device and severity, aiding prioritization of fixes.; Software Deployment Success: Monitors the success rate of software installations across devices, highlighting any failures.; Configuration Changes: Tracks and logs configuration modifications to ensure compliance with standards.; Endpoint Health: Scores each device's health based on updates, configurations, and compliance.; Operational Efficiency: Measures time efficiency in patching and resolving issues, improving IT process management.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Automox

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Automox allows users to export their data primarily through the use of CSV files, offering flexibility and straightforwardness in handling exported data. Users can generate various types of reports such as activity logs, overview reports, and specific policy or device reports directly from the Automox console. Each report type can be customized and filtered to meet specific informational needs and then exported by simply clicking the 'Export CSV' button available on the reporting interface.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Automox platform architecture uses a clustered design to ensure high availability, reliability, and flexibility to scale up or down quickly on demand. Automox leverages the AWS concepts of Regions and Availability Zones to provide services and data that are safe, secure, and continuously available. In addition, Automox follows frequently tested backup and restore procedures to ensure the highest reliability and security. However, even with spikes caused by outside factors, Automox ensured lower risk levels were brought into remediation within a short time frame.; ; Automox provide an availability dashboard and have not reported any outages or incidents in the last 12-months https://status.automox.com/
• Approach to resilience: The Automox platform architecture uses a clustered design to ensure high availability, reliability, and flexibility to scale up or down quickly on demand. Automox leverages the AWS concepts of Regions and Availability Zones to provide services and data that are safe, secure, and continuously available. In addition, Automox follows frequently tested backup and restore procedures to ensure the highest reliability and security. However, even with spikes caused by outside factors, Automox ensured lower risk levels were brought into remediation within a short time frame.
• Outage reporting: Public Dashboard: Automox typically provides a public status dashboard that users can access to view real-time information regarding the system's operational status. This dashboard displays current service conditions, ongoing issues, and planned maintenance updates.; API: While specific details were not found, many service providers like Automox offer an API that can be used to programmatically monitor the service's status. This allows users to integrate real-time status information into their own monitoring systems or dashboards.; Email Alerts: Automox is likely to use email notifications to alert users to significant outages or disruptions. These alerts provide details about the nature of the outage, the expected impact, and any recommended actions for users.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Only authorised users or groups are able to access the management and support portals.
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 15/03/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ITHQ are ISO27001 accredited and able to supply our Information Security Policies subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Will be provided by ITHQ upon request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Will be provided by ITHQ upon request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Will be provided by ITHQ upon request.
• Incident management type: Supplier-defined controls
• Incident management approach: Will be provided by ITHQ upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  ITHQ runs a corporate social responsibility programme, Life In IT, in South East England. This initiative focuses on reconditioning tech devices, which are donated by businesses as they upgrade their infrastructure. By redistributing these devices to local non-profit organisations and schools, we prevent valuable technology from being wasted and facilitate access to digital education resources for underserved communities. This program not only extends the lifecycle of technology but also significantly reduces economic barriers to accessing necessary educational tools.

  Equal opportunity

  To specifically address equal opportunity, our Life In IT programme prioritises collaboration with schools that support students from diverse backgrounds, including low-income families, minorities, and those with disabilities. We provide customised technology solutions that cater to a wide range of learning needs and styles, thereby ensuring all students have the opportunity to succeed. By doing so, ITHQ is committed to creating a more inclusive educational environment where every student, regardless of their socioeconomic status or background, can benefit from equal access to high-quality digital education.

Pricing

• Price: £30 a device a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@ithq.pro. Tell them what format you need. It will help if you say what assistive technology you use.