INNOVATION TECHNOLOGY AND BUSINESS SOLUTIONS LIMITED

Cloud Platform Administration and Support

Innova-tsn provides full administration and maintenance of cloud based infrastructure and related services in Azure and AWS, including native cloud services as well as solutions deployed on an organisation’s cloud infrastructure (e.g., Informatica, SAS, Dataiku, etc.).

Features

• Infrastructure and applications administration
• Cloud infrastructure monitoring tasks
• Maintenance of infrastructure, integrations and/or applications
• Covering incidences service requests and improvements.
• SLAs tailored to organisations’ specific requirements.
• Established procedures for incidence management and resolution
• Backlog prioritisation and management (Agile Methodology)
• Native or Custom-made Dashboards plus monitoring tasks automation.
• Specific cost-monitoring mechanisms (e.g., dashboards, alerts).
• On-call services tailored to clients’ needs

Benefits

• Cover internal experience/competences gaps in Cloud technologies.
• Get expert administration and maintenance service.
• Facilitate internal transition from legacy to Cloud-based environments.
• Flexible access to additional resources and/or expertise when required.
• Full tracking of incidences and requests (incl. resources spent)
• Validate impact of cloud services new releases.

£475.00 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rocio.deleon@innova-tsn.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

811145760785014

Contact

Rocio De Leon
+44 790 775 9366
rocio.deleon@innova-tsn.com

Service scope

• Service constraints: There are no service constraints
• System requirements: Complying with security requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Whenever we provide a support service we generate the email accounts necessary for the provision of the service. ; ; We do not have an incident management tool, as it is usually our patients who have one and it is preferable to use their own, it facilitates the preparation of the reports with the SLA's and the transparency of the Service.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide support for levels 2, 3 and 4. Level 0 & 1: Excluded (HelpDesk & Operation). We do provide: Level 2: Cloud Architect or Cloud Engineer. Level 3: Expert Support. (Escalation from level 2). Level 4: Incident management that require liaison with cloud/sw vendors, for issues that require patch or evolution and 3rd party support. ; ; SLAs and cost depend on the specific customer and project. We can provide support during working hours 8x5 or 9x5, working hours with on-call services for incidents outside the regular working hours, or 24x7 if needed and agreed up on. ; ; Innova-tsn always appoints a technical account manager for every project or service. A cloud support engineer will be involved in the project or service as well, with a dedication and reporting duties that might vary depending on the initiative. In some cases s/he can be the first point of contact for the support issues, in other cases the support team and/or the manager will be the ones to ask for his/her direct support. An escalation process from the first line of contact to the manager and/or the experts is always in place.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The onboarding process is tailored to the customer and the initiative. However, Innova-tsn has a general framework that applies and adapts to each project and service. This includes a constant knowledge transfer during the initial part of the project (it can be in the Discovery, Design and/or Deployment and UAT Phases), Weekly meetings to share progresses and documentation for both business and technical users. Once the service is Live, Innova-tsn usually provides a series of workshops designed for business and technical users. The workshops are intended to (when applicable): Describe the service, including scope, processes and SLAs; Describe the technology behind it; Describe new functionalities; Identify and Explain the most common User Stories / Use cases. The processes include the proper process to contact the support service, via email or phone, as well as the usual escalation process and key-people in the service. Furthermore, after the workshop(s), a shadowing or hands-on support phase is usually recommended. In this phase, someone from the service is working alongside the client´s team, with a dedication, to accompany them in the daily tasks.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: It depends to a large extent on the type of service provided.; A database provides an export of all data. ; In a DataLake we give admins access to copy the data to another repository.
• End-of-contract process: In all our services we include a phase of "return of service" in which we describe in detail all the steps we follow to ensure its continuity in another hosting or terminate it.

Using the service

• Web browser interface: Yes
• Using the web interface: Access is via the cla Cloud access panel where the services are hosted. ; Text Input: Users can type messages or queries directly into the interface.; Commands: Certain predefined commands or keywords may trigger specific actions or responses.; Queries: Users can ask questions, seek information, or request assistance on a wide range of topics.; Dialogues: Users can engage in conversational interactions, discussing multiple topics sequentially.; Feedback: Users can provide feedback on responses or suggest improvements to enhance the interaction experience.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: It is a VPN access, you only need to have the VPN client installed.
• API: Yes
• What users can and can't do using the API: If required by the Service and the client, an API can be deployed.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: Only hosting administrators have access. There is no user functionality

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: We do not share infrastructure between customers
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • HTTP request and response status
  • Memory
  • Network
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Our service provider for proyecting data at rest is the public cloud
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • Data
• Backup controls: Users have no control over the copies. The scope is defined in the implementation phase and the team that administers the platform is in charge of this task. ; Users have the ability to request restores and back up of the data at any time
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: The buyers network and our network are independent networks with no access to each other.
• Data protection within supplier network: Other
• Other protection within supplier network: The infrastructure is dedicated to each customer, there is no network sharing.

Availability and resilience

• Guaranteed availability: This will depends on what is agreed with the customer and what is described in the contract. Maximum 99.99 %.
• Approach to resilience: It is a pay-as-you-go service in the public cloud; ; Using a pay-as-you-go service in the public cloud is a strategic approach to enhancing resilience to our infrastructure. ; ; -Cost Optimization; -Scalability; -High Availability; -Disaster Recovery; -Flexibility and Experimentation.; -Managed Services.; -Security
• Outage reporting: Through monitoring alerts and publications on the official websites of cloud service providers.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Role-Based Access Control (RBAC): Implement RBAC to assign specific roles to users based on their responsibilities and permissions. ; Multi-Factor Authentication (MFA): Require users to authenticate using multiple factors such as passwords, biometrics, smart cards, or mobile devices. ; Network Segmentation: Segment the network to isolate management interfaces and support channels from other parts of the network. ; IP Whitelisting: Configure firewalls or access control lists (ACLs) to permit traffic only from authorized sources.; Privileged Access Management (PAM): Use PAM solutions to manage and monitor privileged accounts and access to sensitive systems.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 2023
• What the ISO/IEC 27001 doesn’t cover: The certificate covers a comprehensive approach to information security and asset protection in accordance with the ISO 27001 standard, plus data protection extension 27701
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO 27701:2019 (UKAS)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Data Encryption: Information is encrypted both at rest and in transit to protect it from unauthorized access.; Access Controls: Access to data and system resources is strictly controlled based on the principle of least privilege, ensuring that only authorized individuals can access sensitive information.; Regular Security Audits and Assessments: Continuous monitoring and periodic audits are conducted to identify and address security vulnerabilities and risks.; Incident Response Plan: A well-defined incident response plan is in place to handle security breaches or incidents effectively, minimizing their impact and restoring normal operations as quickly as possible.; User Authentication: Strong authentication mechanisms, such as multi-factor authentication, are implemented to verify the identity of users accessing the system.; Security Training and Awareness: Regular training sessions and awareness programs are conducted to educate users about security best practices and potential threats.; Patch Management: Systems are regularly patched and updated to address known security vulnerabilities and protect against emerging threats.; Physical Security: Physical access to data centers and other critical infrastructure is restricted to authorized personnel only.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management processes are crucial in ensuring that software systems and infrastructure remain stable, secure, and efficient throughout their lifecycle. ; Configuration Management Identification: Identifying all configuration items (CIs) within the system. ; Control: Once identified, each CI is placed under control.; Status Accounting: Keeping track of the status of CIs throughout their lifecycle.; Auditing and Verification: Regular audits and verification processes.; Request Submission: Any proposed changes to the system must be formally submitted through a change request. ; Review and Closure: After implementation, the change is reviewed to ensure that it meets the desired objectives.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Vulnerability management is a crucial aspect of maintaining the security of software systems and infrastructure. Here's an overview of a typical vulnerability management process:; Identify; Evaluate; Address; Report.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have a baseline of event monitoring of the platforms, to ensure their availability, but for the client we agree the level of monitoring required and implement the alerts, events and process
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our incident management is the process of identifying, assessing, prioritizing, and resolving incidents in order to minimize disruption to operations and restore normal service as quickly as possible. ; ; Incident Identification:; ; Logging and Recording:; ; Initial Assessment and Triage:; ; Incident Prioritization:; ; Escalation and Notification:; ; Investigation and Diagnosis:; ; Resolution and Mitigation:; ; Communication and Updates:; ; Closure and Documentation:; ; Continuous Improvement:

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Public Cloud
• How shared infrastructure is kept separate: Virtual Local Area Networks: Single physical network into multiple virtual networks. ; Subnetting: Dividing a single IP network into smaller sub-networks.; Firewalls: Firewalls act as a barrier between different segments of a network.; Access Control Lists: We define rules within ACLs to permit or deny traffic based on various criteria ; Physical Segregation: Using separate server racks, network switches; Encryption: We encrypt our data to ensure confidentiality. ; Authentication and Authorization: Implementing strong authentication mechanisms ensures that only authorized users from each organization can access their respective resources.; Monitoring and Auditing: Continuous monitoring and auditing of network traffic.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Monitoring and Reporting: We regularly monitor their energy usage and report it according to the guidelines set by the EU Code of Conduct. ; ; Efficient Cooling: Adhering to the EU Code of Conduct involves implementing efficient cooling techniques such as hot/cold aisle containment, optimizing airflow management, and using free cooling whenever possible.; Server Virtualization and Consolidation: to improve resource utilization and reduce the number of physical servers needed, thereby decreasing energy consumption.; Efficient Data Storage: Efficient data storage practices, such as data deduplication and compression, help reduce the amount of physical storage space required, leading to lower energy consumption for storage infrastructure.; Employee Awareness and Training: Innovs-tsn staff are trained on energy efficiency best practices and encouraged to adopt behaviors that contribute to energy savings, such as turning off unnecessary equipment and optimizing server workloads.; Continuous Improvement: We continuously assess and improve our energy efficiency practices by participating in energy efficiency benchmarking programs, conducting energy audits, and investing in new technologies that further reduce energy consumption.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Innova-tsn are ambassadors of climate change. We enforce a holistic approach that involves integrating sustainability into core business practices, engaging with stakeholders, and taking concrete actions to reduce emissions and build resilience to climate impacts. ; Innovatsn has certified an ISO 14001 environmental management system that represents the assumption by the entire organisation of a series of commitments to the environment that encompass the activity of the company.; ; These commitments are directed both internally, in the activities and tasks of its areas and departments, and externally, in the professional activity that Innova tsn develops in the technological solutions and services it provides to its customers.; In the field service work,

  Covid-19 recovery

  In the aftermath of the COVID19 pandemic, Innova-tsn focused on two specific actions to recover: by adopting new ways of working and, related to the former, ensuring that workplaces are adapted to help promote Covid-19 recovery (accommodating remote working, social distancing, sustainable travel, etc.) with protocolised actions plan shared with all people in the company.; The emergence of COVID19 saw a new scenario in the world of work and socially; characterised by:; ; Alert situation declared by Governments; Confinement of the population; Recommendation not to go to work unless absolutely necessary.; Declaration of some (possible) cases of contagion in Innova-tsn's offices. ; Clients (overwhelmingly) opt for teleworking for their employees and for suppliers who were in their offices; Organisations are required to analyse the situation and define a contingency plan to ensure the continuity of workflow; ; Ensure that each service team has the tools to telework (connection, PC).; Ensure that teams usually in the office can telework from home.; Ensure that teams usually at the client's premises can telework from home.; Confirm accompaniment of profiles with less experience; Sending PCs home; Permanent monitoring of the health status of the entire team; Ensure continuity of projects and services; Monitoring of the continuity of the service, ensuring the agreed quality levels.

  Tackling economic inequality

  Innova-tsn understands that tackling economic inequality is a complex and multifaceted issue that requires a comprehensive approach involving stakeholders, policies, and interventions. We have developed a robust approach that targets the socio-economic factors and ensures fair and transparent practices. ; Innova-tsn carries out an annual salary register and a salary audit that results in a diagnostic study of the equality situation in the company, both from the perspective of gender and age, seniority, level of studies, category, salary, etc. ; The results obtained are translated into a plan that includes equality objectives.; In accordance with the principles set out in the corporate social responsibility policy, Innova-tsn makes a series of commitments to its team in particular to eliminate economic inequality.

  Equal opportunity

  Innova-tsn ensures that everyone, regardless of their background, has an equitable chance to succeed and thrive in various aspects of life, including education, employment, healthcare, and social participation. Here are some ways to address equal opportunities:; We Implement policies and practices that prohibit discrimination based on factors such as race, ethnicity, gender, sexual orientation, disability, religion, or socioeconomic status. This includes promoting diversity and inclusion in hiring, providing equal pay for equal work, and fostering a culture of respect and tolerance.; ; We are proud to say that we create an inclusive workplaces: foster inclusive work environments where diversity is valued and everyone feels respected, supported, and empowered to contribute their unique perspectives and talents. This includes implementing diversity and inclusion training, establishing employee resource groups, and offering flexible work arrangements to accommodate diverse needs.; ; We base our recruitment practices solely around skills and competency and we provide targeted support and resources to marginalized communities that face systemic barriers to equal opportunities, such as racial minorities, LGBTQ+ individuals, people with disabilities, and low-income families. ; ; As part of our equal opportunities process, we regularly monitor and evaluate progress towards achieving equal opportunities across various sectors and demographics. This involves collecting disaggregated data on key indicators of inequality, conducting impact assessments of policies and programs, and soliciting feedback from affected communities to inform future actions.

  Wellbeing

  Innova-tsns welfare policy refers to the set of measures adopted by the organisation to reward its work team through salary, but also through other types of rewards condensed into what could be called emotional pay, considered as a determining factor when it comes to preserving the welfare of the professional team. ; Innova-tsn's remuneration policy includes concepts such as training, flexibility, work development, conciliation and motivation, as well as salary and social benefits to reward employees without falling into inequality, trying to respond to the specific needs of the workforce and their expectations through a plan that takes into consideration aspects.

Pricing

• Price: £475.00 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We are open to having the conversation where we can understand the time period needed for the free offering to ensure that our clients can garner the full functionality and value of our service.; We do this on a case-by-case incident.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rocio.deleon@innova-tsn.com. Tell them what format you need. It will help if you say what assistive technology you use.