BRUHATI SOLUTIONS LTD

Bruhati Cloud Hosting Services

Bruhati provide Cloud Hosting services to Architect, Deploy, Setup and Integrate Public Cloud Infrastructure within your organisation. Our Cloud Hosting Services for Azure, AWS, GCP, Oracle, and Salesforce enable you to build, run, and host, highly available & performing services and applications in a multi-cloud ecosystem.

Features

• Define business case and benefit for cloud migration
• Identify cloud migration opportunities to maximise your business objectives
• Establish a cloud operating model
• Cloud migrations, Hybrid Clouds, and Multi-Clouds
• Analytics Cloud, Analytics for Applications, API Gateway, Application Migration
• Archive Storage, Audit, Big Data, Block Volume, Compute
• SQL and NoSQL Database, Data Integration, File Storage, Resource Management
• Azure, AWS, Google Cloud Platform (GCP), Oracle Cloud, Salesforce Cloud
• Automated deployment to assure ongoing change
• Resilient and secure application design & automated data back-up

Benefits

• Deliver best in class Cloud solutions to transform Government departments
• Improved control and development of the IT estate
• Improved Business and IT efficiency
• Reduced IT Operating Costs and Spend
• Security by design & monitoring to protect your data
• Tailored operating model to meet SLA's and KPI's
• End to end Cloud Architecture and Design Delivery Assurance
• Fast Deployment and technical setup
• One supplier to handle all Cloud hosting and Cloud accounts
• Monitor and Manage Cloud utilisation

£1,000.00 an instance

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

819491742673395

Contact

Manuel Di Toma
07554871926
sales@bruhati.com

Service scope

• Service constraints: Any constraints to be identified during initial consultation.
• System requirements: Any requirements on buyer side will be identified during consultation.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response times are SLA specific and dependent on overall solution needs and SLA's provided by the Cloud hosting provider (Azure, AWS, GCP, Oracle, Salesforce).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Ensured the keyboard is accessible and text-to-speech is reader-friendly. We’ve made all the default colour settings WCAG 2.1 AA compliant by default.
• Onsite support: Yes, at extra cost
• Support levels: With standard support offerings, we provide 4 Support levels termed as Critical Priority, High Priority, Medium Priority and Low Priority - all of which have target response times detailed in the SLA. Standard Support comes with the product for a standard fee. For more tailored support, clients can selects a Managed Service option whereby the SLA’s and response times are configured in accordance with their requests. This service can include aspects such as Technical Account Manager, Capacity Management and any other service the client might want to add. The fee for the managed service is determined by the service required.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Standard Training and Full documentation provided - Training and documentation and video's can also be tailored / created to meet specific customer requirements. Train the trainer is also available upon request.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Open standard exporting of Data can be provided at Contract end using tooling capability.
• End-of-contract process: At end of contract - customer typically decide to continue with the service. Alternatively they can choose to export the data to another Service Provider, we can assist with this process.

Using the service

• Web browser interface: Yes
• Using the web interface: Internet Explorer 11; Microsoft Edge; Firefox; Chrome; Safari
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Accessibility of the Management/Admin Console is managed and tested by the Cloud Hosting providers (Azure, AWS, GCP, Oracle, Salesforce).
• API: Yes
• What users can and can't do using the API: All aspects of the service can be managed by using the API's from the Cloud Hosting providers.
• API automation tools:
  • Ansible
  • Chef
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: All aspects of the Cloud Hosting services can be managed using the CLI.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: The hypervisor provided by the Cloud Hosting providers enforce memory and process separation between virtual machines.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Azure, AWS, GCP, Oracle and Salesforce Cloud

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • SQL Databases
  • NoSQL Databases
  • File Storage
  • Deployment configuration
• Backup controls: Backup schedules are agreed during customer onboarding and initial requirement workshops.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The Cloud Hosting provider (Azure, AWS, GCP, Oracle, Salesforce) SLA's will be used.
• Approach to resilience: Cloud Hosting service is designed to be resilient by:; ; 1. Defining the business continuity objectives; 2. Workloads across multiple Availability Zones (where possible); 3. Support Region routing; 4. Establish an incidence management process; 5. Backing up of data
• Outage reporting: Public dashboards and email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through a combination of username and passwords, multifactor authentication, firewalling, IP restrictions, the use of bastion hosts as appropriate.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cloud providers comply ISO/IEC 27001:2013, ISO/IEC 27017:2015, and ISO/IEC 27018:2019

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Jisc is certified as compliant with ISO27001:2005 (Certificate CI/12868IS) by a UKAS accredited certifying body. Services that we have designed, implemented and operate have been subject to risk assessment including ITHCs and penetration testing by independent CHECK providers. We are able to supply our Information Security Policy subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our service is committed to ITIL aligned Change and Configuration Management for effective management and control of its infrastructure. Change management tool incorporates an automated Change Management Database (CMDB) at the heart of its operation, with all service support and delivery modules linked to the CMDB to ensure a complete and accurate view of customer estates. A CAB team exists within the services department and liaises closely with all other teams to ensure changes are successful and our infrastructure is maintained and accurately modelled within the CMDB.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Cloud Hosting support services to ensure we are operating in line with the latest recommendations and are made aware of any potential vulnerabilities. The patch deployment policy is ITIL aligned and undertaken in accordance with our ISO27001 security policy. For exceptional patching, our processes allow for the management of exceptions which require emergency maintenance to protect your service from vulnerabilities. Notifications are sent to ensure that customers are informed of planned works and all patches are tested before deployment to live.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Use of the cloud-native applications for the collection, monitoring, analysis, alerting and reporting of all IT event, log and performance data. A real-time analytics engine is used to correlate events, logs and performance metrics across your cloud and on-premise infrastructure. A comprehensive suite of highly configurable rules allow alerts to be sent in response to malicious activity and performance-impacting events, all of which is included as standard in the service.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ITIL-aligned Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes Customers can report incidents via phone, email or our portal. Our Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes. For Major Incidents, once the Incident has been resolved, the Incident Manager will ensure an Incident Review Meeting is held and a Major Incident Report is created and distributed.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Some Cloud Hosting providers use their own VM (Azure VM, Oracle VM) and others Cloud providers are open to which virtualisation can be used based on customer preference (VMware, Hyper-V, Red Hat etc).
• How shared infrastructure is kept separate: The hypervisor enforces memory and process separation between virtual machines.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: This is defined by Cloud Hosting provider (Azure, AWS, GCP, Oracle, Salesforce) and this information is made publicly available.

Social Value

• Fighting climate change:

  Fighting climate change

  Bruhati Solutions Ltd recognises that it has a responsibility to the environment beyond legal and regulatory requirements. We are committed to reducing our environmental impact and continually improving our environmental performance as an integral part of our business strategy and operating methods. We endeavour to: • Comply with all relevant regulatory requirements. • Continually improve and monitor environmental performance. • Continually improve and reduce environmental impacts. • Incorporate environmental factors into business decisions. • Increase employee awareness and training.
• Covid-19 recovery:

  Covid-19 recovery

  It’s critical that we make it possible for our clients to continue operations and help respond to the unique demands that are being faced during these times. Bruhati has been doing the mission-critical work that keeps every organisation – especially those in the public sector – operational and successful. During these challenging times, you can count on Bruhati to support your organisation. Everyone’s health and welfare are a priority, as most Bruhati employees are working from home. We have extensive online collaboration capabilities to help ensure business continuity and we’re working tirelessly to help everyone stay safe while at the same time continuing to serve our clients. Bruhati aims to: ● Create employment, re-training and other return to work opportunities for those left unemployed by COVID-19, particularly new opportunities in high growth sectors. ● Support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services. ● Support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.
• Tackling economic inequality:

  Tackling economic inequality

  Social purpose is a priority for Bruhati, from creating new businesses and new employment opportunities, to improving education and training, Bruhati is committed to tackling economic inequality at root. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society. ● Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors. ● Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications. ● Influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.
• Equal opportunity:

  Equal opportunity

  Bruhati Solutions Ltd recognises that discrimination and victimisation is unacceptable and that it is in the interests of Bruhati and its employees to utilise the skills of the total workforce. It is the aim of Bruhati to ensure that no employee or job applicant receives less favourable facilities or treatment (either directly or indirectly) in recruitment or employment on grounds of age, disability, gender / gender reassignment, marriage / civil partnership, pregnancy / maternity, race, religion or belief, sex, or sexual orientation (the protected characteristics). Our aim is that our workforce will be truly representative of all sections of society and each employee feels respected and able to give of their best. We oppose all forms of unlawful and unfair discrimination or victimisation. To that end the purpose of the Bruhati policy is to provide equality and fairness for all in our employment. All employees, whether part-time, full-time or temporary, will be treated fairly and with respect. Selection for employment, promotion, training or any other benefit will be on the basis of aptitude and ability. All employees will be helped and encouraged to develop their full potential and the talents and resources of the workforce will be fully utilised to maximise the efficiency of the organisation. Our staff will not discriminate directly or indirectly, or harass customers or clients because of age, disability, gender reassignment, pregnancy and maternity, race, religion or belief, sex, and sexual orientation in the provision of Bruhati’s goods and services. All employment policies and arrangements have a bearing on equality of opportunity. Bruhati policies are reviewed regularly.
• Wellbeing:

  Wellbeing

  Bruhati Solutions Ltd is committed to the protection and promotion of the mental health and wellbeing of all staff to provide a working environment that promotes and supports the mental health and wellbeing of all employees. Bruhati shall continuously strive to improve the mental health environment and culture of the organisation by identifying, eliminating, or minimising all harmful processes, procedures and behaviours that may cause psychological harm or illness to its employees. Bruhati shall promote mental health throughout the organisation by establishing and maintaining processes that enhance mental health and wellbeing. Bruhati aims to: ● Reduce discrimination and stigma by increasing awareness and understanding. ● Complete an employee survey to identify mental health needs. ● Give employees information on and increase their awareness of mental wellbeing. ● Include information about the mental health policy in the staff induction programme. ● Provide opportunities for employees to look after their mental wellbeing, for example through physical activity, stress reducing activities and social events. ● Provide systems that encourage predictable working hours, reasonable workloads and flexible working practices where appropriate. ● Ensure all staff have clearly defined job descriptions, objectives and responsibilities and provide them with good management support, appropriate training and adequate resources to do their job. ● Manage conflict effectively and ensure the workplace is free from bullying and harassment, discrimination and racism. ● Establish good two-way communication to ensure staff involvement, particularly during periods of organisational change. ● Ensure that employees have a clearly defined role within the organisation and a sense of control over the way their work is organised. ● Ensure that job design is appropriate to the individual, with relevant training, supervision and support provided as required. ● Ensure a physical environment that is supportive of mental health and wellbeing.

Pricing

• Price: £1,000.00 an instance
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Cloud Hosting Service providers offer a free trial.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bruhati.com. Tell them what format you need. It will help if you say what assistive technology you use.