AMADEUS SOFTWARE LIMITED

SAS Cloud Analytics and Managed Service

With 30 years experience, Amadeus can help you modernise legacy platforms through the design, implementation and management of SAS Viya analytics solutions hosted in the cloud, making it cost effective and available anywhere, anytime.

Includes: modernisation assessment, per-user pricing, cloud deployment, software deployment, user training, and Managed Service support

Features

• Easy, cloud-based access to advanced statistical analysis & reporting
• Open source and SAS integration using Viya
• Advanced statistical analysis with powerful SAS Analytics
• Intuitive, fourth-generation programming language
• Experienced SAS certified consultants with deep understanding of analytics lifecycle
• Big data and advanced analytics on the cloud
• Data visualization, presentation & delivery
• Scalable delivery approach including agile and other project management methodologies
• Prebuilt library of ready-to-use procedures in a web-based environment
• Includes Base SAS, SAS/STAT and SAS/GRAPH

Benefits

• Streamline your reporting and find hidden stories in your data
• Modernise your analytics environment, empowering users
• Open source (R, Python) integration enabling wide collaboration
• Utilise advanced analytical, statistical and machine learning techniques
• Integrate all data sources and types
• Reduce on-premise support costs reducing TCO
• Flexible and scale-able environment
• A fully-managed services is provided with adherence to SLAs
• Transparency of data sources, data lineage and transformations
• Maximise the return on existing analytical talent

£2,000 a user a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@amadeus.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

817253418152194

Contact

Jo Green
01993 848010
info@amadeus.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Amadeus is boutique data and analytics consulting company. We provide a complete range of consultancy services to organisations on a journey to develop and mature their Data Science capability using open source and SAS. We solve business issues, provide technical resource, and design, build and customize applications.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Managed services support is normally within working hours, but can be extended by agreement
• System requirements: Access to internet

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depends on Service Level Agreement (SLA) level (from 2 hours to within 3 working days). ; ; Response times are different outside the normal working week.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We offer On Demand support with responses;; ; LV 0: within 2 hours including weekend and out of hours; LV 1: within 2 hours on business working days; LV 2: within 4 hours on business working days; LV 3: within 1 business working day; LV 4: within 2 business working days; ; We also offer Schedule Maintenance which is a more proactive service; ; We provide a dedicated support team of platform engineers, software developers and technical account management.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Amadeus provide initial setup of the service. We provide training services and user documentation. We can help users become familiar with using the software and getting the best from the service. We can provide programming assistance, tips and recommendations. We provide ongoing support and Managed Services for users. Further ad-hoc requests can be provided using our Consultancy services.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can extract their data from the service at any time themselves, and at contract end. ; ; Additionally, Amadeus can provide extracted data to users in the desired format and to the location they need.
• End-of-contract process: Connectivity will be revoked.; Services will be stopped.; All data will be securely deleted; Infrastructure will be shut down; A data destruction certificate will be issued; Audit logs of destruction actions can also be provided; A final status report will be provided

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Most users would expect to access the service from the desktop. ; ; However, reports can be served to mobile devices.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: SAS software does allow integration with Open Source technologies such as Python and R via REST APIs and the SAS SWAT capability
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The capabilities of the analytical environment provided by SAS are wide but fixed in nature. We can tailor implementation, support, training and provide consultancy support for integrations with other applications and open source.

Scaling

• Independence of resources: Infrastructure is designed and configured for a specific workload which is defined from the original requirements provided by the customer.; ; Additional techniques can be deployed to increase system capacity if needed.; ; More capacity can be provisioned in line with any expected increase in demand.

Analytics

• Service usage metrics: Yes
• Metrics types: These are provided as part of the Managed Services Quarterly review meetings and reports.; ; Graphs and tables are provided in the reports that monitor performance and ensure the platform is optimised and working as expected.
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: SAS Institute and chosen cloud provider

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: We only select cloud providers who provide encryption at the hardware level. We also use our own keys at the application level to ensure that access to data can only be achieved though use of our own unique keys.; ; As part of our data sanitisation processes, once there is no longer a need to access data the dedicated keys used to access data are erased once the data has also been erased.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Via a Virtual Private Network (VPN) connection ; Using secure file transfer protocol (SFTP); Using Cloud data transfer tools secured using encryption
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • SAS data sets and other SAS file formats
  • Microsoft file formats
  • Cloud data sources are supported (e.g. S3, BigQuery, etc.)
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • SAS data sets and other SAS file formats
  • Microsoft file format
  • Cloud data sources are supported (e.g. S3, BigQuery, etc.)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Enforcement of firewall rules to filter the traffic between the service hosted by Amadeus and the customer.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Enforcement of firewall rules to filter the traffic between the service hosted by Amadeus and the customer.

Availability and resilience

• Guaranteed availability: Cloud availability is in part determined by the availability of the services that Amadeus configure as part of this service.; ; We don't provide specific guarantees for availability on the Cloud. However, we expect Cloud services to be available at least 99.9% of the time.; ; We also factor some downtime due to software maintenance and update requirements. These are usually performed out of business hours as part of our Manged Services. ; ; Our Managed Services are provide according their own SLAs.
• Approach to resilience: Data back-ups are enforced as standard by Amadeus. As part of the quality assurance post-deployment, back-up and recovery test procedures are run to confirm the operation of these procedures. ; ; We can create bespoke back-up policies in line with the business requirements.; ; Some Cloud providers enable us to include fail-over capabilities. This allows for a secondary site in an entirely different geographical region with the UK or chosen region. Fail-over procedures are also tested by Amadeus.
• Outage reporting: Amadeus operate a pro-active monitoring regime based on real-time alerts and metrics. If alert thresholds reach a critical point, Amadeus will react and investigate immediately. ; ; If the customer is affected, Amadeus will alert and inform the customer by email.; ; Once remediation actions have been completed, Amadeus will consider additional actions to ensure optimal performance of the platform where necessary.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access via multi-factor authentication. Users are required to adhere to a minimum password complexity with password rotation every six months by default.; ; We enforce a security policy for all users authenticating through Cloud Services. ; ; A full user security policy is defined in our security SOPs.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Amadeus security policies are derived by adopting industry best practices and recommendations. ; ; Amadeus work with the Cloud providers as part of the shared responsibility model. Cloud providers are directly responsible for, and have certification for the physical hardware and assets. ; ; Amadeus uses all available security configuration tools provided by the Cloud to ensure a secure environment.; ; Cloud security Standard Operating Procedures are included as part of the Amadeus Quality Management System.
• Information security policies and processes: As part of our security standards, there are specific processes and instructions to assure the security and integrity of systems deployed in the Cloud. Additionally, security scanning tools and quarterly review meetings ensure that new security threats are considered, and can be resolved or prevented.; ; Amadeus' Quality Management System includes the following SOPs and Work Instructions:; - SOP 8.1 Cloud Security Principles; - WI8.1.1 Securing AWS Environments; - WI8.1.2 Securing GCP Environments; - WI8.1.3 Securing Azure Environments

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Amadeus receives notification from the software vendor of any pending updates to their software. We test updates on our own internal servers to identify any issues and potential problems. We then agree a time with the customer an appropriate time to release the updates to their environment. ; ; After updates have been applied, Amadeus test core features and, depending on the outcomes, commit or revert the release. If the update needs to be reverted, Amadeus will restore from a back-up to the point immediately prior to the update.; ; All this is communicated to the client clearly via a support ticket.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Within our security standards, there are specific processes and instructions to detect and managed vulnerabilities. ; ; Amadeus uses Cloud-native security threat and detection services to scan and remediate major and critical security flaws if present. Scans are routinely carried out on a quarterly basis to review platform security.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Amadeus includes additional Cloud services to track and audit actions performed on the Cloud. Threat Detection services are configured to alert us if any new major vulnerabilities are discovered. ; ; We receive alerts when critical performance thresholds are met. ; ; Notifications of important actions are also communicated to Amadeus. For example, before the deletion of data.; ; All notifications come to the Amadeus Managed Services team and can be addressed immediately where necessary.
• Incident management type: Supplier-defined controls
• Incident management approach: Amadeus utilise both Cloud support subscriptions, and operate its own Managed Services incident management processes.; ; Initially, any incidents reported from the Cloud will be investigated by Amadeus. If we cannot resolve the issue, it will be escalated to Cloud Support.; ; As part of the Cloud support subscription, Amadeus will be notified of any Cloud-specific incidents and on-going remediation tasks.; ; All other software-related issues are treated separately by Amadeus Managed Services.; ; We use our Ticket Management System as our management point between ourselves and our customers.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  The company is committed to operating all offices in accordance with company environmental policies and all applicable laws and regulations and will specifically: ; • Train and encourage our employees to conduct their activities in an environmentally responsible manner. ; • Conserve natural resources through careful planning and efficient use. ; • Actively promote recycling both internally and amongst its customers and suppliers. ; • Handle and dispose of wastes through safe, environmentally responsible methods. ; • Conserve energy by improving the efficiency of its use in our operations. ; • Conduct regular environmental assessments at our facilities, make recommendations for continual environmental improvement and take action as appropriate. ; • Be committed to comply with relevant environmental legislation. ; ; We are actively seeking to reduce our carbon footprint by ; • Reducing and eliminating the need for air travel ; • Encouraging a hybrid working model to reduce commuting to the office ; • Adopting the Bikes to Work scheme ; • Reducing the demand for heating and lighting in the office wherever possible ; • Adopting automatic switch off lights ; • Our building has infrared Pulsar heating for cost efficient heating of open office space ; • Actively encouraging recycling throughout the building; • Evaluating paperless delivery of our training courses
• Covid-19 recovery:

  Covid-19 recovery

  Amadeus is very flexible in returning to normal after covid, current situation permitting. We have introduced a hybrid working model which is more flexible to our employees’ chosen working structure. We are continuing to follow government and NHS guidelines to keep our workforce as safe as possible. We are making increasing use of local suppliers and services in the local community for our office. ; ; We are recruiting five graduates per quarter. These graduates are between the ages of 16-24, an age group disproportionately impacted by Covid-19. Providing these graduates with data analytics, and wider skills for work provides them a pathway to securing a career in a high demand area.
• Tackling economic inequality:

  Tackling economic inequality

  Amadeus is committed to creating new jobs and promoting skills both internally and on behalf of our customers. ; ; We are now recruiting 5 young recently qualified graduates every quarter. We are teaching them on the path to become data scientists and providing them their first job. After training we arrange for them to be permanently employed with one of our customers. We always start by seeking to employ locally based staff but do offer remote working if this is preferred by the individual. ; ; We review staff salaries on an annual basis and provide a share of profits to our staff as a bonus when the business is successful.
• Equal opportunity:

  Equal opportunity

  Amadeus Software Limited believes that everyone has the right to be treated with dignity and respect at work. We have adopted an equal opportunities policy which commits the company to fair, unbiased, and objective employment practices and a work environment which is free of harassment and victimisation. It is the responsibility of every employee to assist the company in meeting this commitment. For this reason, acceptance of and adherence to the company’s equal opportunities policy form part of every employee’s statement of main terms of employment. We have an equal opportunities statement that is included in our staff handbook and can be viewed on request by customers. ; ; Amadeus seeks to employ a workforce that reflects the diverse community at large because the Employer values the individual contribution of people irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation. ; ; Amadeus seeks to provide a working environment free from unlawful discrimination because of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation.
• Wellbeing:

  Wellbeing

  We have a rewards and benefits package which includes more than average holiday entitlement. We try to be extremely flexible for employees who are having difficulties of any sort, e.g. family matters, illness, bereavement, and mental health. We try and get the whole company together on a regular basis for both work and social activities. We have a significant commitment to the ongoing training and development including support for obtaining recognised industry certifications to our staff in support of their role, own interests and ambitions. ; ; We are conscious of our staff health and wellbeing and encourage a healthy diet by providing fresh fruit as snacks in the office. ; ; We offer subsidised private healthcare for those that require it.

Pricing

• Price: £2,000 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@amadeus.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.