DotSquares Limited

Cloud Management Services

The Service is for clients looking to design, develop, implement and support cloud based software for their organisation.

Features

• Cloud Services - AWS/Azure/GCP
• Email Services - MS 365 Business / Google WorkSpace
• Bare Metal Server
• Backups - Acronis / Snapshot
• Domain Services - TLD / CCTLD / GTLD
• DB & Web Management / Monitoring / Security

Benefits

• Quick Scalability Services
• Stable Infrastructures
• Better Network Uptime
• No Up Front Infrastructure Investment
• Variety of Payment Options
• Easy to Deploy & Manage
• Go Live & Staging Server Support

£15 to £15 a gigabyte an hour

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul@dotsquares.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

766737364006491

Contact

Paul Thomas
+44 208 0901819
paul@dotsquares.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft Licensing (recurring and perpetual), Adobe Licensing, Google Licensing
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No Constraints
• System requirements: Dependent on Customer Requirements Solution provided Accordingly

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response Time at Weekend Within 1 Hour
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Chat / File Transfer / Chat Recording / Screen Share
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: L1 / L2 / L3 Support Levels - Availability based on Issue Severity ; Technical Engineer for Support Issues - system will flag issues based on severity
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Full documentation with welcome call for all users. Familiarisation training of services available, possible terms and cost
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • MS Word
  • MS Excel
  • MS PPT
• End-of-contract data extraction: Data provided via secure download to user in appropriate format (dependent upon specific customer requirements)
• End-of-contract process: Complete Backups included ; Full Payment Clearance

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Services Pages Optimised for Mobile Devices for Ease of Access and Use
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: All Users can purchase a suite of solutions or individual services

Scaling

• Independence of resources: Load Balancing & Autoscaling

Analytics

• Service usage metrics: Yes
• Metrics types: Daily / Weekly / Monthly Usage
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: AWS, Azure, Google, Other Cloud Services

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: All Export functionalities provided e.g. CSV, PDF Etc.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • PDF
  • Spreadsheet
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.99% availability ; ; OEM responsibility needs to be a factor BUT we adopt a shared approach to this involving a great deal of third party interactions.
• Approach to resilience: Available on Request
• Outage reporting: Email information is provided and data centre will update on specific incidents related to them. Each provider will also ensure a public dashboard is available critical information such as outage or planned maintenance.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Hard tokens and thumbprints used in conjunction with OEM suppliers to restrict channels where appropriate.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: SN Registrars (Holdings) Limited
• ISO/IEC 27001 accreditation date: 04 August 2021
• What the ISO/IEC 27001 doesn’t cover: All parts of service are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27001
  • CMMI Level 3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: 1. Incident management procedures exist to enable a quick, effective and orderly response to suspected ; security incidents. The procedures cover the following:; 1.1. Analysis and identification of the cause of an incident;; 1.2. Remedial action to reduce the impact of the incident and to recover any missing or quarantined assets;; 1.3. Planning and implementation of controls to reduce the probability or impact of future occurrences;; 1.4. Collection of evidence;; 1.5. Communications with staff or customers affected by recovery from the incident.; 2. Staff is made aware of the company procedure for reporting security incidents, and understands that ; they are required to report such incidents as quickly as possible.; 3. The IT Manager maintains a formal reporting and incident response procedure, defining the action to be ; taken to raise an action and incident report

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Customer has ability to raise a request via phone, chat, ticket, email which is tracked and monitored through online portal. Component change requests are analysed and confirmed, then final confirmation with client, then implementation. ; Company conforms to full CMMI Level 3 Practices.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are analysed at server and desktop level.; ; White list IPs.; ; Regular updates as per end supplier schedules with patches deployed after testing as soon as ready, including latest version of OS, DB server & Applications.; ; Teams are members of forums and Supplier organised groups to join conversations on potential threats.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: ISO 27001 standards applicable.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Conforms to ISO 27001 Standards

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Dotsquares have several programmes in place to help in the fight against climate change. The obvious one being energy consumption in data centers. Bur Dotsquares are also looking to refactor code on projects/solutions over 18 months old. If there is any saving in execution time in achieving this then of course it will be translated into the energy being used to send and receive requests, both at server and browser level.
• Covid-19 recovery:

  Covid-19 recovery

  Being a digital solutions provider we are lucky in that there is no real COVID-19 recovery for us. Our services never stopped and in fact due to increased demand with organisations understanding that digital was now their only recourse to maintain operations we had to increase headcount. What we have done is move to the next level of CMMI (Level 4) so that we have the processes and policies in place to provide clients with the best levels of service that we can.
• Tackling economic inequality:

  Tackling economic inequality

  Dotsquares has been mindful of economic inequality for several years now. In the UK we have provided meals for the homeless as part of our drive with Salesforce. Our Company Secretary leads these initiatives here in the UK (https://www.sussexindianpunjabisociety.com/shilpi-chandra-member-nominated-for-above-beyond/). At our development centres we provide a range of services to underprivileged children such as free meals, free facemask/hand sanitizer during COVID and working alongside the local Mother Theresa home to lead the tech industry in Jaipur providing support.
• Equal opportunity:

  Equal opportunity

  At present Dotsquares is operating at a ratio of 17% female employees across the organisation. This is looking to be increased to 25% by 2024. Being an organisation with a wide geographic reach we have many different minorities working for the organisation from English, Indian, Asian, African and American backgrounds. We firmly believe that operating a diverse organisation we can reflect that back in the solutions that we provide our clients and focus many different minds and backgrounds to ensure the solution is the best fir for that particular client.
• Wellbeing:

  Wellbeing

  Dotsquares understands that wellbeing, be that mental or physical, has a marked impact on the success of the organisation. Poor mental health takes a heavy toll on individuals and businesses, not least with the pandemic and work from home restrictions. Dotsquares has continued the engagement they started with the global lockdowns, by providing weekly calls with dedicated counsellors and professionals. Our HR function fully focus on the people and embody such employee-centric policies as understanding each individual employee experience to ensure their wants and needs are met. This is met with an enhanced feedback mechanism across all sites to share views and opinions through meaningful conversations.

Pricing

• Price: £15 to £15 a gigabyte an hour
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Cloud PoC ; Cloud services ; ; Limited time period on approval

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul@dotsquares.com. Tell them what format you need. It will help if you say what assistive technology you use.