Cloud Consultancy and Support Service (AWS)
DGM Agility portfolio of services allows the customers to securely adopt the benefits of the Cloud whilst minimising risk.
DGM Agility can provide full 24*7*365 monitoring and managed service function ensuring ongoing support of infrastructure and applications within your cloud platform or a DGM Agility dedicated hosted cloud platform.
Features
- Identification of issues, risk and opportunities
- Service Management and solution reporting
- Right-sizing and reservation recommendations
- Implementation of solution-specific best practices
- Adhering to FinOps Guidelines
- Automated performance and cost alerting
- Advising customers on new Cloud functionality & features
- Customer visibility to live cost and performance via dashboards
- FinOps framework to control cloud costs
Benefits
- Enable customers to maximise business value
- Focus on value, automisation and optimisation
- Focus on continuous improvement
- Effective capacity, resource and forecast planning using historical data
- Customer-defined reporting and alerting thresholds
- 24x7x365 Monitoring and support capabilities
- Automated maintenance and patching windows
- Controlling Cloud Costs
Pricing
£1 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 9 3 5 7 9 9 4 8 7 1 2 2 2 4
Contact
DGM AGILITY LIMITED
Darren Muizelaar
Telephone: 07538122855
Email: darren.muizelaar@dgmagility.com
Service scope
- Service constraints
- Constraints control the ways that you can deploy specific cloud resources for a product. You can use them to apply limits to products for governance or cost control. Typically constraints within your environment will be applied during build and configuration following your specification.
- System requirements
-
- Bring your own licence is supported
- Pay-as-you-go licensing is supported.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
DGM Agility will respond to tickets within agreed Service Level Agreements (SLAs). Any response times will depend on the urgency and priority classification. Typically:
P1 - 15 Minutes
P2 - 30 Minutes
P3 - 60 Minutes - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
-
We use 3rd party off the shelf solutions
Zendesk uses the Voluntary Product Accessibility Template (VPAT), to publish an Accessibility Conformance Report (ACR), which documents an audit of our systems relative to WCAG 2.1 AA performed by a third party accessibility vendor.
We pay attention to Accessibility throughout our release cycle. This includes:
Following the standards and documentation created by our Product Accessibility team.
Training everyone involved in delivering our products around assistive technology and Accessibility best practices. This includes, designers, engineers, product and program managers, and content writers. At a personal level we try to make sure all Zendesk product and engineering employees think about the humans at the other end of the internet by sharing stories and feedback.
Leveraging Garden, our design system, from early design through development to ensure an accessible foundation for all our products
Testing our products before release using both manual and automated techniques.
Conducting regular research with agents, admins and end users who rely on assistive technology to collect feedback and help us prioritize improvements.
Systematically tracking both remediation and new feature progress to drive quality improvements
Engaging third-party auditors to conduct regular compliance audits of our products.
Listening to feedback from customers. - Onsite support
- No
- Support levels
-
Basic - 9-5 - Email, Chat, Telephone
Enhanced - 9 - 5 - Email, Chat, Telephone, MI Reporting
Premium - 9 - 5 - Email, Chat, Telephone, MI Reporting, Service Desk Access & out of normal hours support.
Pricing is detailed within our pricing schedule - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Onboarding to AWS Cloud involves a series of steps to set up your AWS environment, configure resources, migrate workloads, and ensure a smooth transition to the cloud platform.
. Discovery and Assessment
Conduct an initial assessment of the IT environment, including infrastructure, applications, data, and business requirements. Identify workloads and applications suitable for migration to AWS, taking into account factors such as performance, security, compliance, and cost.
. Understand and Develop the Cloud strategy.
Collaborate with you to define your cloud strategy, goals, and objectives for migrating to AWS.
Determine the scope of the AWS deployment, including regions, resource types, service levels, and governance requirements.
. Resource providing and and configuration
Provision AWS resources and services based on your requirements and workload specifications.
Configure virtual machines (VMs), storage accounts, databases, containers, and other resources as needed.
Security and Compliance
Implement security controls and best practices to protect AWS resources and data from security threats, vulnerabilities, and compliance risks.
Training and support
Provide training and education for IT staff on AWS fundamentals, best practices, and management tools.
Continuous improvement
Continuously assess the AWS environment based on feedback, performance metrics, and evolving business requirements. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Customer are able to remove their data at any time through the same means they uploaded. Either over their network (internet or express route) or via the AWS Import/Export services.
- End-of-contract process
- In our Online Services Terms, We contractually commits to specific processes when a customer leaves a cloud service or the subscription expires. This includes deleting customer data from systems under our control. If you terminate a cloud subscription or it expires (except for free trials), We will store your customer data in a limited-function account for 90 days (the “retention period”) to give you time to extract the data or renew your subscription. During this period, We provides multiple notices, so you will be amply forewarned of the upcoming deletion of data. After this 90-day retention period, We will disable the account and delete the customer data, including any cached or backup copies. For in-scope services, that deletion will occur within 90 days after the end of the retention period. (In-scope services are defined in the Data Processing Terms section of our Online Services Terms.)
Using the service
- Web browser interface
- Yes
- Using the web interface
- The web interface will be setup and made accessible by DGM Agility. Users can request that the interface be changed adding the customers branding and logo.
- Web interface accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web interface accessibility testing
- We pay attention to Accessibility throughout our release cycle. This includes: We try to make sure all our product and engineering employees think about the humans at the other end of the internet by sharing stories and feedback. Testing our products before release using both manual and automated techniques. Conducting regular research with agents, admins and end users who rely on assistive technology to collect feedback and help us prioritize improvements. Systematically tracking both remediation and new feature progress to drive quality improvements Engaging third-party auditors to conduct regular compliance audits of our products. Listening to feedback from customers.
- API
- Yes
- What users can and can't do using the API
- The users can raise, update and close tickets via the APIs.
- API automation tools
-
- Ansible
- Terraform
- API documentation
- Yes
- API documentation formats
-
- HTML
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- The Cloud platforms used by DGM Agility have secure logical isolation to ensure that workloads are not effected by other systems and service.
- Usage notifications
- Yes
- Usage reporting
-
- SMS
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Amazon AWS
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
- Users can determine what is backed up
- Backup controls
- Users can determine what is backed up, set policies and schedules via the User Interface.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users schedule backups through a web interface
- Backup recovery
- Users can recover backups themselves, for example through a web interface
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection between networks
- For data in transit, We use industry-standard secure transport protocols, such as TLS/SSL, between user devices and Microsoft datacenters. You can enable encryption for traffic between your own virtual machines (VMs) and your users. With AWS Virtual Networks, you can use the industry-standard IPsec protocol to encrypt traffic between your corporate VPN gateway and AWS as well as between the VMs located on your Virtual Network.
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- For data in transit, We use industry-standard secure transport protocols, such as TLS/SSL, between user devices and AWS datacenters. You can enable encryption for traffic between your own virtual machines (VMs) and your users. With AWS Virtual Networks, you can use the industry-standard IPsec protocol to encrypt traffic between your corporate VPN gateway and AWS as well as between the VMs located on your Virtual Network.
Availability and resilience
- Guaranteed availability
-
The platform provides 95.0% uptime per month for a single region. Within the region, marketplace services and products have their own service-level agreements (SLAs). How they are configured will dictate their overall availability within a region. A multi region configuration approach will greatly improve uptime.
Your systems and services deployed on top of the platform will also dictate their overall availability.
As this is generally a pay as you go/consumption model service DGM Agility will ensure we will maximise availability to meet specific project requirements and cost constraints.
Should the platform or service provided by the platform supply fail to meet an SLA then a service credit will be issued by the platform provider. - Approach to resilience
-
Following NCSC guidelines and principles we will advise the customer of any constraints and risks with regard to the location, security and legal jurisdictions that may be required.
The underline platform is provided by a reputable 3rd party where they provide tools and services to help ensure the platform, systems, services and data remain fit for purpose. Furth details on the specifics on how we do this can be made available upon request. - Outage reporting
-
The platform provided by the 3rd party cloud platform provider provides a service health dashboard. They also provide provide custom alerts, API, and log data to assist with any service outages.
If any service is managed by DGM Agility we will also provide a service dashboard, alerts vail email as part of our basic service package. we do offer additional service alerts via API at an additional cost.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google apps)
- Username or password
- Other
- Other user authentication
-
"A user signs in to the AWS access portal using their user name. When they do, IAM Identity Center redirects the request to the IAM Identity Center authentication service based on the directory associated with the user email address. Once authenticated, users have single sign-on access to any of the AWS accounts and third-party software-as-a-service (SaaS) applications that show up in the portal without additional sign-in prompts. This means that users no longer need to keep track of multiple account credentials for the various assigned AWS applications that they use on a daily basis."
https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html - Access restrictions in management interfaces and support channels
-
"You can use a policy to control access to resources within IAM or all of AWS.
AWS is composed of collections of resources. An IAM user is a resource. An Amazon S3 bucket is a resource. When you use the AWS API, the AWS CLI, or the AWS Management Console to perform an operation (such as creating a user), you send a request for that operation. Your request specifies an action, a resource, a principal entity (user or role), a principal account, and any necessary request information"
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html - Access restriction testing frequency
- Less than once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Other
- Description of management access authentication
-
The 3rd party cloud services use Identity and Access Management (IAM) for authentication. IAM offers granular control, by principal and by resource. When you authenticate to the services, you generally use a scope that includes all platform services
OAuth 2.0 scopes can provide a second layer of protection, which is useful if your code is running in an environment where token security is a concern, such as a mobile app. In this scenario, you can use finer-grained scopes to reduce risk in the event of a compromised token. - Devices users manage the service through
- Dedicated device on a segregated network (providers own provision)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We are cyber essentials certified and recognise the need to ensure that all our staff and 3rd party platforms. We have a series of Standard Operating Procedures and Security Policies in place that all employees are mandated to follow.
- Information security policies and processes
- We carryout bi-annual reviews of all our Policies and procedures, we carryout security training annually where each employee must pass a minimum level to work in any customer environments. The security and compliance director has complete oversight of employees.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
"AWS has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines including ISO 27001, SOC 1 / SOC 2, NIST 800-53, and others.
AWS also uses Operational Security Assurance (OSA), a framework that incorporates the knowledge gained through a variety of capabilities that are unique to Microsoft including the AWS Security Development Lifecycle (SDL), the AWS Security Response Center program, and deep awareness of the cybersecurity threat landscape.
Please see https://aws.amazon.com/solutions/guidance/change-management-on-aws/ - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
"When providing the Antimalware solution for Virtual Machines, AWS is responsible for ensuring the service is highly available, definitions are updated regularly, that configuration through the AWS Management Portal is effective and that the software detects and protects against known types of malicious software. Managed hosts in the scope boundary are scanned to validate anti-virus clients are installed and current signature-definition files exist.
Vulnerability scans are performed on a quarterly basis at a minimum. AWS contracts with independent assessors to perform penetration testing of the AWS boundary." - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
"AWS detection and response services work together to help you enhance your security posture and streamline security operations across your entire AWS environment by continuously identifying and prioritizing security risks, while integrating security practices earlier in the development lifecycle"
Please see: https://aws.amazon.com/products/security/detection-and-response/ - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
"AWS has developed robust processes to facilitate a coordinated response to incidents.
. A CloudWatch alarm or EventBridge rule creates an incident.
.Incident metrics are reported to Incident Manager.
.Responders are engaged.
.Runbook steps complete successfully."
Please see: https://docs.aws.amazon.com/incident-manager/latest/userguide/what-is-incident-manager.html
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- KVM hypervisor
- How shared infrastructure is kept separate
- The platform provides logical separation and in some instance physical separation upon request. This includes all IaaS /PaaS services. The cloud service provides a wide selection of compute instances and services that can scale up and down automatically. These compute instances and services offer isolation at multiple levels to secure your data without sacrificing the flexibility with configuration that is required. The Cloud services has a control plane to operate and maintain the service described as an account, resource group or project, data cannot be accessed or influenced by other customers
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
-
AWS is committed to building a sustainable business for customers and the planet, and proudly supports customers in achieving their own sustainability targets. We invite organizations to join The Climate Pledge, a commitment to becoming net-zero carbon by 2040, 10 years ahead of the Paris Agreement. More than 200 organizations have signed The Climate Pledge to date, committing to use their scale to decarbonize the economy through real business change and innovation.
Please see https://sustainability.aboutamazon.com/products-services/the-cloud?energyType=true
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
We are committed to sustainability and recognising our responsibility to minimising impact of our operations and services on the environment. We have a fully integrated approach to environmental management, meeting the principles of the Environmental Protection Act 1990, WEEE Directives, Greening Government Commitments and ISO14001.
Our Method Statement comprises two elements confirming our commitment to ensuring that opportunities under contract deliver the Policy Outcome and Model Award Criteria;
(1) Actions our organisation is taking
(2) Activities we’ll undertake to support the contract
(1) Examples demonstrating our commitment to Fighting Climate Change;
• Carbon Reduction Plan target to become NetZero by 2030 and have flagged UN SDG targets 9 and 12 as our priorities.
• Our UK offices are powered by renewable energy
• We have a Climate Positive Workforce with our Carbon emissions offset through our partnership with Ecologi at 10.8 tonnes CO2 per employee/year.
• We Promote Sustainable travel: Our people use sustainable commuting methods through Cycle-to-Work, season ticket loan and secure bike-parking schemes.
• Installing state-of-the-art conferencing facilities realising a significant reduction of office-to-office commuting.
• Reducing waste: We have introduced waste management systems in our offices, minimised single-use water bottles and operate paperless offices.
(2) Activities we’ll undertake to reconnect people with the environment and increasing awareness to protect and enhance it.
We will track and optimise the carbon footprint of the target estate using industry leading Carbon calculators. We’ll promote embedding sustainability as a digital design principle inline with Greening Government Commitments and support awareness of CO2e reduction and best practice.
We will minimise the carbon footprint of our work using technology to work remotely by default.
To enable awareness, and to influence the supply chain and local communities, we will share best practice with the project team, its supply chain and educate the local community.Tackling economic inequality
Tackling economic inequality
As an equal opportunity employer, we are committed to creating an attractive working environment which promotes equal career opportunities for all employees regardless of social identity. Our Board is 50% women.
We identify inequalities in employment, skills and pay through our Whistle Blowing Policy, Annual staff survey and our Affinity groups like LGBTQ+/Multicultural.
We continue to tackle inequalities via our Equality, Diversity & Inclusion Policy (aligned to Equality Act 2010, including the Public Sector equality duties), our status as a Level 1 Disability Confident Employer, and by aligning to the 5 principles of the Government Good Work Plan.
We address inequality by focusing on:
• inclusive, accessible recruitment practices: we proactively engage local deprived communities with all roles advertised through Vercida Group, a D&I resourcing specialist
• offering a range of quality employment opportunities;
• providing an inclusive working environment which promotes career progression;
• educating our people to act with tolerance and compassion;
• compliance with equal pay reporting.
To support in-work progression, our career paths offer broad opportunities to choose a career that accommodates personal goals. We ensure that:
• Our Academy provides equal opportunity to training and recognised certification designed and developed to supplement knowledge, coaching and skills gained from the day-to-day tasks and responsibilities to enhance career development.
• Everyone has a mentor they meet regularly to discuss career progression and well-being.
• Detailed development feedback is given twice a year measured against transparent performance criteria by their line manager who have attended Inclusive leadership training.
• Promotions happen once a year and all promotions are communicated throughout the company.
Our planned activity and targets:
By Q3 2022 start our apprenticeship programme to help reduce the digital skills gap
By Q4 2022 Disability Awareness training providedEqual opportunity
There are 14.1 million disabled people in the UK. 19% of working age adults are disabled (Family Resources Survey, 2019 to 20), however, disabled people are twice as likely to be unemployed as non-disabled people.
We recognise the inequalities that have been amplified during the pandemic, in particular to those with disability. As a Disability Confident Employer, we have incorporated Disability awareness training as part of our mandatory training for our UK workforce from April 2022 onwards. We are committed to becoming a Disability Confident Level 2 employer by June 2022.
We are an equal opportunity employer and publish our Diversity and Inclusion Policy. We continuously focus on any barriers that may prevent underrepresented groups from being appointed to a position, especially management positions. All UK Jobs are advertised through an inclusive and accessible job platform via our partnership with Vercida group, a D&I resourcing specialist.
We recognise our role, is to use our expertise to make sure people with disabilities can connect and contribute to the workplace in the best way possible, to ensure they are thriving at work and within their role for the organisation.
Our Inclusive leadership management training plays a vital role in creating and sustaining an inclusive working environment. This ranges from implementing the people management policies that will impact on how a person with a disability experiences work, to managing absence or a flexible working model to support the individual. Our inclusive and accessible development practices support managers to; attract the most suitable talent; be confident about supporting colleagues with a disabilities / health condition through on-boarding, training, and progression; understand how to identify and reduce, through workplace adjustment, the barriers that would prevent someone from reaching their potential; ensure fair treatment for all colleagues and create and inclusive working environment and culture.Wellbeing
Throughout the pandemic we prioritised helping our staff and local communities to manage and recover from the impact of COVID-19. We implemented initiatives to reduce the demand on public services and improve how we support physical and mental health such as introducing company-funded private healthcare for our people and became a Disability Confident employer.
Our Method Statement comprises two elements confirming our commitment to ensuring that opportunities under a contract deliver the Policy Outcome and Model Award Criteria;
(1) Actions our organisation is taking
(2) Activities we’ll undertake to support the contract
(1) Example activities of how we influence staff, suppliers, customers and communities to support health and wellbeing, including physical and mental health and demonstrate our commitment to the Award Criteria;
• signatory of Mental Health at Work commitment
• Implemented the Mental Health at Work 6 Core Standards and enhanced standards
• We utilise our Intranet to promote an active healthy lifestyle, use of our benefits like Cycle to Work Scheme, annual Fitness challenges and awareness of mental health encouraging open discussions with a clear route to support.
• Our people have equal access and opportunity to regular training through our Academy to enhance their career prospects. They receive ongoing career progression planning through their mentor.
• Encouraging our people to seek help and feel supported through structured appraisals and access to our Mental Health specialists.
(2) Activities we’ll undertake on to promote personal and community health and well-being.
As the delivery partner, we propose to co-design with the project team, a charity partner and a CPD accredited provider to offer education and training on Health and Wellbeing to unemployed people affected by Covid19. Our aim is to support them to find employment in the Health and Wellbeing sector. This will benefit both the individuals and the community.
Pricing
- Price
- £1 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
More than 100 AWS products are available on AWS Free Tier today. Three different types of free offers are available
depending on the product used. Click an icon below to explore our offers. - Link to free trial
- https://aws.amazon.com/free/?trk=d035b742-5d07-4b6e-83ae-1bf5dd974f42&sc_channel=ps&s_kwcid=AL!4422!10!72086958851624!72087482484408&ef_id=3135cfe5088018dcb524a9eb8bba4666:G:s&all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sort-order=asc&awsf.Free%20Tier%20Types=*all&awsf.Free%20Tier%20Categories=*all