Microsoft Azure managed service
Nomensa offer a full-service solution for services on Azure and can provide different levels of engagement and support for managing your cloud platform including initial solution designs, software development (including .net and more), and ongoing support. We build using Container Apps, App Service, Azure Database, Private Links and FrontDoor.
Features
- As much/little involvement for your team as you like
- Web Application Firewall, Entra authentication, Microsoft Defender support
- Sustainable hosting, with 100% renewable energy in UK/Ireland regions
- Horizontal and vertical auto-scaling, as appropriate
- Multiple UK regions, failover between London and Wales (Cardiff)
- Service desk for single point of contact
- Long- and short-term roadmap planning
- Flexible investment on improvements
- Active monitoring and incident response
- Isolated subscription in your tenant or ours
Benefits
- Ensure service reliability without a dedicated in-house team
- Manage operational risk related to technical diversity
- Certified engineers who can provide strategic advice and recommendations
- Scalable, reliable, performant services
- Security patching and remediation of issues
- Security focus aligned to NCSC cloud security guidance
- ISO27001 and CyberEssentials Plus certified
- Cost-effective, flexible approach
Pricing
£100 to £2,000 an instance a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 7 7 6 8 9 4 5 2 1 1 6 8 6 4
Contact
Nomensa Ltd
Stuart Pollock
Telephone: 0117 9297333
Email: gcloud@nomensa.com
Service scope
- Service constraints
- Solution dependent - to be confirmed based on requirements
- System requirements
- Solution specific - to be confirmed with client
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- 1 hour
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- We provide three tiers of support, offering in-hours service, out-of-hours for P1 incidents only and out-of-hours service. These include all appropriate skills and is based on the 'Live Service' lot 3 service and the SFIA rate-card.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- As a managed hosting service, we provide experts to seamlessly migrate you to our hosting environment. This will include determining your exact needs and preferences that will determine which underlying provider is the best fit for you. Our engineers will deploy a dedicated hosting infrastructure for you, and set up CI/CD code deployment.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
-
- PPT
- Diagrammatic
- End-of-contract data extraction
- We will export data and transmit this to you, or work with a new supplier to transfer directly.
- End-of-contract process
- An export of customer data is included. Additional engineering time follows our SFIA rate-card. Any additional services would be agreed in advance.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- We use automatic horizontal scaling of compute and IO, coupled with monitoring of databases to manually scale vertically. We use a CDN and caching to minimise load on services.
- Usage notifications
- No
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Other
- Other metrics
- Firewall activity
- Reporting types
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft Azure
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
- The underlying hosting fabric manages the physical security of data. Any aspects held by Nomensa, such as infrastructure as code and contract administrative are stored on encrypted drives.
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Code artifacts
- Database
- Uploaded media
- Backup controls
- Backups are set-up by Nomensa on the underlying hosting fabric according to user needs.
- Datacentre setup
-
- Multiple datacentres with disaster recovery
- Multiple datacentres
- Single datacentre with multiple copies
- Single datacentre
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- We pass on guarantees of underlying Azure service
- Approach to resilience
- We use containerisation to supply self-healing compute, which automatically restarts in the event of issues. We use infrastructure as code to allow disaster recovery to alternate zones or regions, in the event of major outages. More details are available on request.
- Outage reporting
- We produce monthly reporting on outages. We can offer email alerts or more frequent notification if requested.
Identity and authentication
- User authentication
-
- Username or password
- Other
- Other user authentication
- Service is fully managed, all access is through support channels.
- Access restrictions in management interfaces and support channels
- We use Jira Service Desk's accounts system to restrict access to open tickets.
- Access restriction testing frequency
- Never
- Management access authentication
- Other
- Description of management access authentication
- No direct management access
- Devices users manage the service through
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- You control when users can access audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- You control when users can access audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- British Assessment Bureau
- ISO/IEC 27001 accreditation date
- 01/11/2023
- What the ISO/IEC 27001 doesn’t cover
- Our ISO27001 accreditation covers all of our services
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- No
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- We hold CyberEssentials Plus and ISO27001. We have an ISMS that is responsible for managing security policies and processes. We internally and externally audit our compliance.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Infrastructure is defined as Infrastructure-as-Code, which follows our secure development policy and is versioned. Security impact is evaluated through a combination of expert review and automated checkers.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- We use software bill-of-materials generation and scanning to evaluate threats. We will work with you to ensure that vulnerabilities are patched or mitigated according to severity and priority.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- Client-specific monitoring as agreed.
- Incident management type
- Undisclosed
- Incident management approach
- Incident management through support-desk.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- We use third-party datacentres that comply.
Social Value
- Social Value
-
Social Value
- Tackling economic inequality
- Equal opportunity
Tackling economic inequality
Tackling economic inequality: Nomensa are gold-accredited Investors in People, demonstrating our emphasis on learning and development and ensuring this has impacts beyond our business and into the local community. We continue to work closely with local schools, colleges, universities and other organisations to help build the local digital skills economy for the current and next generation. Recognising the benefits of a diverse workforce, we’re committed to creating employment opportunities, particularly for those facing barriers to employment. Each year, two interns join us as part of Hargreaves Lansdown’s Strive Internship, which offers paid internships to BAME students. Organisational growth has enabled us to increase the number of apprenticeship, graduate and internship roles we offer. Since 2013, 52 apprentices, interns and graduates have developed their skills and progressed their careers with us. We also partner with charity Envision, who work with young people from less advantaged backgrounds to “make change happen whilst building their skills beyond the classroom”. Envision is a UK based charity that empowers young people from less advantaged backgrounds who are underrepresented in the world of work to develop essential skills and confidence through tackling social issues affecting their community. This year our mentor team won Mentors of the Year across the programme as well as the group of young people winning the overall award for Envision finalists 2023/24. As part of our commitment to social responsibility and community involvement, we have our Employee Volunteer Day initiative. Employee Volunteer Day is an opportunity for all employees to take a day off from work to support a charitable cause of their choice. So far, our volunteering hours include: • Supporting Bristol University outreach to school’s program providing coding and development support to events for school children. • Volunteering at career days. • Support on steering groups for Vocscur’s LGBTQ+ partnership.Equal opportunity
Equal Opportunity: We recognise the importance of a diverse workforce and are committed to providing a working environment that is free from discrimination. We promote the principles of equality and diversity across everything we do and work to ensure that our workforce is not only representative of UK population but treated fairly and equally. As part of our E&D policy, we encourage applications and provide the support for candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief. We know our work to meet this ambition is never finished and constantly strive towards identifying improvements to our people, processes, supply chains and environment. We continue to proactively monitor, evaluate and improve our offering, but we currently have in place the following processes: • Inclusive recruitment training and use of inclusive practices, including blind CVs, utilising alternative recruitment networks that aim to support underrepresented groups (e.g. Technojobs) and providing specialist support throughout the recruitments process, being recognised as a Disability Confident Committed company. • Early careers paths established using apprenticeship route (Level 3-Level 6) and exploring opportunities for structuring new and existing roles in line with T-level and higher apprentice frameworks. Attracting typically under-represented groups within the sector, our initiatives have already seen 52 Graduates/Apprentices since 2013. • Intern schemes, including already participating in Hargreaves Lansdown’s Strive Internship, which aims to offer up to 75 paid internships to minority ethnic students, alongside the Envision mentoring scheme, where we provide mentoring to local schools, recently winning mentors of the year 2024 and the group of young people we mentored from Digitech winning the overall event. • Employee-led working groups and assigned individuals leads, including a equality diversity and inclusion group, who proactively monitor, plan and implement new initiatives, schemes and processes.
Pricing
- Price
- £100 to £2,000 an instance a month
- Discount for educational organisations
- No
- Free trial available
- No