TECHNOLOGY TRANSFORMATION GROUP LTD

Azure Apps & Cloud Engineering

We build apps that will solve your problems and provide you with a future proof and secure platform. We build cutting-edge Azure cloud Apps while seamlessly transporting your workload securely into Azure’s hosting platform. We do: PaaS development, Mobile app development, API development, Cloud engineering, MSP transformation and SD-WAN Networking

Features

• Build, deploy, manage cloud apps
• Design, optimise, secure cloud infrastructure
• Integrate cloud services across your organisation
• Automate cloud deployments and infrastructure
• Develop web, mobile, and API applications
• Leverage AI and data analytics in the cloud
• Migrate and modernise existing applications
• Scale applications based on demand
• Ensure high availability and disaster recovery
• SD-WAN Networking

Benefits

• Faster development & deployment
• Scalable & cost-effective solutions
• Seamless integration across services
• Automated infrastructure management
• Web, mobile and API apps customised to drive growth
• Unlock business agility and flexibility whilst improving your security
• Effortless app migration & modernisation
• Automatic scaling based on demand
• High availability & disaster recovery
• Transform foundations into secure, productive cloud-based experience

£850 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mehran.alborzpour@thettg.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

838041751026452

Contact

Mehran Alborzpour
07949775566
mehran.alborzpour@thettg.com

Service scope

• Service constraints: While our primary emphasis lies within Azure, we remain adaptable to accommodate diverse customer needs by incorporating alternative platforms as necessary.
• System requirements:
  • Any device with an internet browser
  • Permissions subject to the scope of the development work
  • Azure, AWS or Google Cloud subscription(s)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide support 365 days a year.; Typical First Response: 0-2 hours ; Typical Resolution Time: 30 mins - 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We've conducted web chat testing sessions with assistive technology users to ensure our platform is accessible to all.
• Onsite support: Yes, at extra cost
• Support levels: We have first, second and third line support plans. All support plans offer access to cloud support engineers who can assist with technical troubleshooting and problem resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide online training and user documentation
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The client has full access to their data for extract,, or they can ask us to extract the data for them.
• End-of-contract process: The contract will terminate at end-of-contract. There is no additional cost at contract termination.

Using the service

• Web browser interface: Yes
• Using the web interface: Can provision various Azure services relevant to app development and cloud infrastructure.; Can configure basic settings for these services.; Can deploy web, mobile, and API applications developed.; Can automate deployments.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: We've conducted testing sessions with assistive technology users to ensure our platform is accessible to all.
• API: No
• Command line interface: Yes
• Command line interface compatibility: Windows
• Using the command line interface: We provide a comprehensive approach to setting up the desired level of access to our services. Beginning with an initial consultation, we thoroughly assess the client's access requirements, considering factors such as user roles, permissions, and organisational workflows. Leveraging industry best practices, we configure access controls within our service platform, tailoring them to align with the client's specific needs and preferences. This includes setting up role-based access control (RBAC) and integrating with existing identity management systems or third-party tools as needed. We prioritise user training and support, ensuring that client personnel understand how to effectively utilise the access controls and security features implemented. Additionally, we offer ongoing support to address any questions or issues related to access management. Regular reviews of access control settings are conducted to optimise them in response to evolving business requirements and regulatory standards.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Utilise a multi-tenant architecture; infrastructure is shared among various users.; Use virtualisation.; It is possible to configure quotas and limits on resource usage
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Subscriptions, Ironscale, Webroot, Exclaimer, Printix

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Azure Backup
  • Azure Site Recovery
  • Bespoke back-up and disaster recovery
  • Files
  • Applications
  • Virtual machines
  • Databases
  • Websites
  • Office 365
  • SharePoint and Teams
• Backup controls: All systems are backed-up as per the client's requirements and what service they want.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Uptime commitment of 99.95%
• Approach to resilience: We have established the environment for our customers across multiple Microsoft Azure data centres located within the UK. The data centre setup is designed with a focus on resilience and reliability. Each data centre is equipped with redundant power supplies, cooling systems, and network connectivity to ensure continuous operation even in the event of hardware failures or maintenance activities. Additionally, the data centres are geographically distributed to minimise the risk of localised outages and provide high availability to users across the UK. Data replication and backup mechanisms are implemented to safeguard against data loss and ensure business continuity. Furthermore, advanced security measures, such as network firewalls, encryption, and multi-factor authentication, are in place to protect sensitive data and infrastructure from cyber threats. Overall, the Azure data centre setup offers a robust and resilient environment for hosting customer applications and data, meeting the stringent requirements for reliability and performance.
• Outage reporting: Our monitoring system is meticulously configured to detect various types of issues across the systems. In the event of an outage, the service promptly reports it through email alerts. These alerts are customised to provide all pertinent information, including the nature of the outage, affected systems or services, and potential impact on operations. The email alerts are designed to be clear and actionable, enabling clients to quickly understand the situation and take appropriate measures to address it. Additionally, the alerts may include recommendations or instructions for troubleshooting or escalation procedures, depending on the severity and urgency of the outage. Our goal is to ensure that clients are promptly notified of any issues affecting their systems, allowing them to minimise downtime and maintain the reliability and performance of their services.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access by the following means: Role-Based Access Control (RBAC); Least Privilege Principle; Multi-Factor Authentication (MFA), Conditional Access and Access Controls and Permissions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 11/03/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Risk Assessment and Management: We regularly perform risk assessments to identify potential threats, vulnerabilities, and risks. Access Control and User Management: We implement access control policies and processes to regulate access to systems, applications, and data based on the principle of least privilege. We utilise multi-factor authentication (MFA), and regularly review user access rights to ensure they align with business needs and security requirements. Encryption and Data Protection: We protect data both at rest and in transit by encrypting sensitive data using strong encryption algorithms. Supplier Risk Management: We regularly assess the security of third-party suppliers and service providers, conducting due diligence assessments. Security Awareness Training: We conduct security awareness training and education programs to all employees, contractors, and third-party partners Security Monitoring and Logging: We employ security monitoring tools and solutions to continuously monitor network traffic, system activities, and user behaviour for signs of suspicious or malicious activity. Continuous Improvement and Review: We regularly review and update information security policies and processes to address emerging threats, technology advancements, and organisational changes. Compliance to Regulatory Requirements: We have developed policies and processes to ensure compliance with regulations such as GDPR.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We adhere to A.12.1.1 in ISO/IEC 27001. We do this by: Policy and Procedures: We document policies, procedures, and guidelines for managing changes to information systems, including hardware, software, networks, processes, and procedures. Change Management Process: We have implemented a change management process that includes steps for requesting, assessing, authorising, implementing, and reviewing changes. Change Authorisation: We have implemented mechanisms for authorising changes based on predefined criteria, such as risk assessments, impact analysis, and approval by designated authorities. Change Review and Audits: We conduct reviews and audits of the change management process to assess its effectiveness and areas for improvement.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We adhere to A.12.1.1 in ISO/IEC 27001. We do this by: Risk Assessments: We conduct regular risk assessments to identify potential vulnerabilities in information systems, networks, and applications. Vulnerability Identification: We implement processes for identifying and cataloguing vulnerabilities within our IT infrastructure, including hardware, software, and configurations. Patch Management: We implement patch management processes to ensure that security patches and updates are promptly applied to vulnerable systems and software. Security Configuration Management: We implement security configuration management practices to reduce the attack surface and minimise the likelihood of exploitation of vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We adhere to ISO/IEC 27001. We do this by: Monitoring Controls: We implement monitoring controls to detect security incidents, unauthorised activities, and anomalies in real-time or near real-time. Event Logging and Collection: We have configured systems, applications, and network devices to generate detailed logs and audit trails of security-relevant events and activities. Incident Detection and Response: We have developed procedures for detecting, analysing, and responding to security incidents identified through monitoring activities. Periodic Review and Analysis: We conduct reviews and analysis of monitoring data to identify trends, patterns, and recurring security issues.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We adhere to ISO/IEC 27001. We do this by: Incident Logging, Recording, Classification and Prioritisation: We maintain detailed records of security incidents, including incident descriptions, timestamps, affected systems or assets, and initial assessment findings. We also classify and prioritise security incidents based on their severity, impact, and urgency. Response Planning and Coordination: We have developed incident response plans and procedures that outline roles, responsibilities, and actions to be taken in response to security incidents. Root Cause Analysis: We conduct thorough investigations and root cause analysis to determine the underlying causes and contributing factors of security incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The data centres employ state-of-the-art cooling systems and airflow management techniques to ensure efficient heat dissipation and reduce the energy required for cooling operations. Additionally, advanced power distribution and management technologies are utilised to minimise energy wastage and optimise power usage across the data centre infrastructure. Furthermore, the data centres leverage renewable energy sources wherever feasible, such as solar or wind power, to reduce reliance on fossil fuels and decrease carbon emissions. Regular monitoring and analysis of energy consumption patterns enable continuous optimisation efforts and identify areas for further efficiency improvements. Moreover, the design and construction of the data centres prioritise energy-efficient building materials and practices to enhance overall sustainability. Through these measures, the data centres demonstrate a commitment to meeting the stringent energy efficiency standards outlined in the EU Code of Conduct

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We support environmental sustainability by promoting the use of digital solutions such as Microsoft's cloud services, which help reduce the carbon footprint associated with traditional on-premises infrastructure. This leads us to enabling organisations to optimise their IT resources, reduce energy consumption, and minimise the environmental impact of their operations.

  Covid-19 recovery

  Our service plays a vital role in supporting COVID-19 recovery efforts by providing access to essential technology solutions for remote working, collaboration, and digital transformation. Furthermore, we encourage companies to leverage Microsoft's cloud-based productivity tools, communication platforms and collaboration software to enable flexible work arrangements, maintain continuity of operations and deliver essential services

  Tackling economic inequality

  We contribute to tackling economic inequality by providing cost-effective licensing solutions that enable public sector organisations to access Microsoft's software at competitive prices. Through the flexible licensing options and tailored pricing models, we ensure that organisations of all sizes and budgets, including those with limited resources, can benefit from the latest innovations and productivity tools offered by Microsoft.

  Equal opportunity

  We promote equal opportunity by giving the as much access to technology and digital skills training.

  Wellbeing

  We prioritise employee wellbeing by fostering a supportive and inclusive work environment and promoting work-life balance. Through our partnership with Microsoft, we advocate the use of technology solutions that promote employee wellbeing, such as collaboration tools, mental health apps and wellness programs.

Pricing

• Price: £850 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We provide various trials of developed systems which are bespoke to the customer.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mehran.alborzpour@thettg.com. Tell them what format you need. It will help if you say what assistive technology you use.