Wagtail CMS discovery build, host, support and improve
Affinity is an experienced provider of open-source CMS's, Wagtail development, support, hosting, migration for critical services and applications being one. We specialise in integration with line-of-business applications, thrive on complexity, and offer supporting services, utilising effective user-centric, GDS compliant methodologies. We are accredited with ISO27001, 9001 and Cyber Essentials Plus.
Features
- Affinity’s scalable Wagtail development runs from micro to enterprise solutions
- Affinity cloud hosting (if required) through our strategic partners AWS
- 24/7/365 Wagtail support provided for hosting with automated monitoring/alerts
- Dedicated Wagtail support team with telephone and one-on-one access
- Full Wagtail training services
- Proactive recommendations to improve service at hosting and Wagtail level
- Full lifecycle service - Discovery, Define, Deliver, Support, off-boarding, end-of-life
- Benefit from Wagtails efficient integration and migration options
- Wagtail is easy to customise to meet needs of projects
- Security: Wagtail includes Django’s security features
Benefits
- Knowledgeable Wagtail specific development team
- Experienced and knowledgable cloud hosting architecture team
- Support Wagtail systems with 3rd party hosting and other integrations
- Very flexible SLA (no use-it-or-lose-it policies)
- Significant experience with central Government CMS projects and services
- Affinity has significant Wagtail implementation and integration skills and experience
- Affinity can audit your Wagtail solution as part of on-boarding
- ISO 27001 ISO 9001 accredited. GDPR ready, offering compliance support
- Experienced public sector supplier both central and local government
- Significant experience in assisting clients meet their compliance obligations
Pricing
£100 to £160 a unit an hour
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 0 1 5 5 9 8 0 0 8 6 6 4 2 4
Contact
Affinity Digital (Technology) Ltd
Jonathan Duval
Telephone: 01872 321177
Email: sales@affinity-digital.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No - it is a fully tailorable service from the hosting to the application
- System requirements
- The service is fully tailorable from the hosting to application
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- This is fully tailorable but default is 2 hours
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
-
We supply 9-to-5, Monday to Friday (business hours) as default
We can offer 24/7/365 on Environment Support
Other SLAs can be negotiated, all charged at £100 per hr unless contractually agreed otherwise. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We work with your production and support team to train the trainer, helping to ensure all parties are trained appropriately to run the service
- Service documentation
- No
- End-of-contract data extraction
- We have a well tried and tested off-boarding process that will be agreed and signed up to as part of the on-boarding process
- End-of-contract process
- We will enact our well tried and tested off-boarding process that will be agreed and signed up to as part of the on-boarding process. There are no extra costs to off-board unless you require services or time not allowed for at the time of on-boarding. E.G excessive work around communications with new supplier/s
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Page layout changes any other differences will be agreed at time of scoping
- Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- No
- Customisation available
- Yes
- Description of customisation
- We can customise your application and environment (hosting) to your specific requirements. Appropriately skilled 3rd parties can customise if they follow our processes using our technology and services
Scaling
- Independence of resources
-
We guarantee this in two ways:
(1) For any resources which are not ring-fenced per client, we ensure that they always have the capacity to meet the demands placed upon them by the sum total of all requests. This is achieved through architectural design and supported by monitoring, auto-scaling and alerting.
(2) Some resources are either client specific or ring-fenced per client, thereby ensuring isolation from other clients' workloads.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Metrics can cover:
- Number of site visits
- Average page response times
- Content metrics, such as number of pages, media assets, etc.
- Site availability
- Number of support tickets raised vs closed
- Support ticket SLA reporting - Reporting types
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
- We use AWS services and are able to mirror their data at rest offerings
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- We will supply the data in a pre agreed format, which will be confirmed as part of the on-boarding service
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- XML
- OPEN API
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Our default SLA is %99.95 uptime though for mission critical applications we can increase this %. We have no refund policy but can be off-boarded quickly if we continually fail to meet your expectations.
- Approach to resilience
- Our own hosting architects are supported up by the power of the AWS toolsets, experienced team and global reputation for excellence. Each solution we offer our clients can be as resilient as your budgets and/or service requires. We can supply examples upon request.
- Outage reporting
- We use JIRA's automated and manual reporting to give you realtime alerts and reporting
Identity and authentication
- User authentication needed
- No
- Access restrictions in management interfaces and support channels
- We can lock down access via user name and password and/or to specific IP ranges if required.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BRITISH ASSESSMENT BUREAU LTD
- ISO/IEC 27001 accreditation date
- 18/8/2015
- What the ISO/IEC 27001 doesn’t cover
- There is nothing outside of scope.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Affinity adhere to strict information security policies and processes to safeguard data confidentiality, integrity, and availability. These measures include data encryption for transmission and storage, access control through role-based access and multi-factor authentication, and regular application of security patches. We have structured incident response plans, security awareness training, and physical security measures in place. Regular backups ensure data recovery, and compliance with regulations is ensured through audits. Vendor risk management evaluates third-party security standards, and continual improvement keeps policies updated against evolving threats and business needs. These measures collectively mitigate risks and ensure robust protection of organizational assets.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
- All changes are tracked through Jira, utilising tickets, epics, releases, etc.
- Infrastructure-as-code is used to ensure that infrastructure can only be changed through template changes, and is fully auditable and version-controlled.
- Deployments of application and infrastructure updates are through GitHub actions, so are fully auditable.
- Details of changes are documented through Jira tickets, changelogs and release notes.
- Testing signoff required before changes can progress to production. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We track vulnerabilities through tools such as Amazon ECR image scanning, which uses the CVEs database, and GitHub Dependabot.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Our protective monitoring processes aim to swiftly identify and respond to potential compromises, minimising the impact on organizational assets and ensuring the integrity, confidentiality, and availability of critical systems and data. We use a variety of continuous monitoring tools and techniques, potential compromises are identified through anomaly detection, unusual patterns of behaviour. If a potential compromise is discovered our security team receive automated alerts in order to implement predefined escalation procedures involving relevant stakeholders. Depending on the severity and nature of the compromise, affected systems or components may be isolated from the network to prevent further damage or unauthorized access.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
Users can report incidents through their Jira service desk access.
Incident reports are created as soon as possible and contain information such as, Start/End date time, priority, summary, incident lead and communications lead. Reports are shared with the relevant users and are constantly updated as the incident investigation and resolution progress.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Even as a small business in the IT service sector, we recognise the responsibility we have in considering our potential impact on climate change. Our carbon footprint has significantly reduced over the last 4 years. We have now adopted a fully remote workforce, removing the daily commute. When we have to travel, we consider the most environmentally-friendly way to travel, based on the number of people travelling and the destination. In our supplier evaluation procedure, we ask the right questions of our potential suppliers and make purchasing decisions based on a common culture and approach. We believe that the more times an organisation gets asked about its responsibility to climate change, the higher it will climb on their agenda. Decommissioned kit is safely donated to charitable and worthy causes or through green disposal and recycling schemes. But we know there is more we can do. Within our 5-year plan we are exploring what options we may have for carbon offsetting and for offering green employee perks and incentives, and also whether becoming B-Corp certified is right for Affinity.Tackling economic inequality
The matter of economic inequality is particularly relevant to us as a Cornish company. Cornwall has high levels of deprivation and has a low-wage, seasonal economy. Wages are around 80 per cent of the national average (https://www.local.gov.uk/case-studies/responding-cost-living-challenges-cornwall-council). Affinity is helping to address the economic inequality of our region through the creation of skills-based, non-seasonal jobs in Cornwall: although our workforce is distributed across the UK, 73% of our PAYE staff base is employed from within the region. We are also supporting regional economic growth through the attraction of inward investment to the region from our national client base. Affinity strongly believes in paying a fair wage to all of our colleagues, at all levels, including any contract staff we may use from time to time. This commitment is reflected in our accreditation as a Living Wage Employer - https://www.livingwage.org.uk/accredited-living-wage-employers.Equal opportunity
We consciously ensure that the needs of all individuals at Affinity are catered for, starting with their first engagement with us at the recruitment stage and then throughout their employment here. Being a fully remote workforce means that colleagues are able to work from home or any location that suits their needs. We offer complete choice and flexibility when providing equipment to enable them to do their best work, comfortably and safely, based on their individual needs. We support flexible working patterns, which allows people to fit their work around family, care, religious or health commitments or challenges. Above all, we recognise the benefits of diversity and inclusion. Our colleagues include several employees approaching and beyond the statutory age of retirement (current age range is 24-69), colleagues from multiple ethnic origins and religious groups, and a growing number of female colleagues - including c-suite executives - in an industry sector that has been traditionally male dominated. Of additional relevance is our Investors In People accreditation. By measuring ourselves against the values of the We Invest In People framework (https://www.investorsinpeople.com/accreditations/we-invest-in-people/), we can be confident in our provision of fair, equal and progressive opportunities for all staff and colleagues.Wellbeing
Affinity is only as good as the people in it. We are firmly in the service sector and place significant value on our colleagues. This includes taking responsibility for supporting them in building healthy habits, for fostering a culture which supports their mental and physical wellbeing, and for providing an environment in which everyone can thrive. We are proud of our Investors In People accreditation. By building the values of the We Invest In People framework (https://www.investorsinpeople.com/accreditations/we-invest-in-people/) into our daily operations, and measuring ourselves against these values, we can be confident that employee connection, psychological safety and wellbeing are all a central part of our organisational culture. We have a qualified therapist, coach and counsellor on our team who works with our leadership team to support us in delivering positive leadership. He also works across the whole company to encourage strong, positive relationships, and a healthy and supportive culture, through regular staff training and events. And he is available to all staff, for times when they need one-to-one support in dealing with mental health and wellbeing. But we think there is more we can do. Within our annual plan, we are considering the introduction of new measures to bring wellbeing even higher up our agenda. This includes exploring: wellbeing incentives for our staff, rewarding them for healthy habits, incorporation of the Employee Wellbeing module within our BambooHR system (https://www.bamboohr.com/hr-software/employee-wellbeing) so that our support of staff mental and physical wellbeing is assessed as part of our HR processes, expanding on our existing We Invest In People accreditation, with the additional We Invest In Wellbeing accreditation (https://www.investorsinpeople.com/accreditations/we-invest-in-wellbeing/) the appointment and training of a mental health first aider.
Pricing
- Price
- £100 to £160 a unit an hour
- Discount for educational organisations
- Yes
- Free trial available
- No