Altiatech Ltd

Cloud Services

Highly scalable cloud services that provide you with the flexibility to access what you need with both storage and computing power. Whether you are deploying new virtual machines, moving applications or implementing a datacentre migration, your move to the cloud will increase operational efficiency and save time and money.

Features

• Strategy and roadmaps for public or hybrid cloud solutions
• Infrastructure, application and data migrations to the cloud
• Strategic identity planning and guidance for organisations of all sizes
• Power Platforms and LogicApp adoption
• Business readiness to capacity demands
• Secure Infrastructure and Platform as a Service (IaaS/PaaS)
• Data Governance
• Deep Integration
• Microsoft Gold Partner Cloud Platforms

Benefits

• Fulfil hybrid and cloud infrastructure strategies
• Improved data governance across systems, processes and organisations
• Reduce the cost of maintaining retired legacy systems
• Cloud adoption using experienced consultants, getting it right first time.
• Highly available Infrastructure and Platform services to meet demand
• IT Infrastructure Services that suit the needs of your organisation
• Highly Scalable
• Seamlessly access and manage applications, data, services and systems
• Better data security and improved customer confidence

£0.01 a unit an hour

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at innovate@altiatech.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

887949155424762

Contact

Monsur Ali
03303325842
innovate@altiatech.com

Service scope

• Service constraints: None
• System requirements: N/A

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Normally within 1-2 hours for critical events, up to 24 hours at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Severity A - Critical Business Impact – your business has experienced a significant loss or degradation of services, requiring immediate attention.; ; Severity B - Moderate Business Impact – you have a loss or degradation of services, but your organization can still function.; ; Severity C - Minimum Business Impact – you have an issue, but it has a small impact on your business.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: New customers can be technically on-boarded within a matter of days using Altiatech’s automated secure configuration templates. A standard requirement gathering exercise will be managed by Altiatech to review the customer’s technical prerequisites, including - network connectivity, email domain name configuration, key points of contact, system integration requirements and hand over and training. Prior to the execution of the Order, the Supplier and the Buyer will agree the scope of the plan for the G-Cloud Services and a timescale for delivering to ensure continuity of service. Altiatech can provide additional consultancy to facilitate on-boarding and off-boarding should a Buyer have specific requirements they may wish Altiatech to consider. A typical onboarding process will consist of the following activities: • Agree scope of service, including duration, applications to be made available and any additional networking requirements • Provision of service • User testing • Full deployment • Provision of user documentation
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The service is designed so that customers have the ability to extract their data from the service at any time. Upon termination or expiration of the customer’s subscription, the customer may contact Altiatech and request that their accounts be disabled and all data deleted. Requests to Altiatech can be made in line with our Data Protection Policy.
• End-of-contract process: Contract Termination of G Cloud services is in accordance with the Altiatech G-Cloud Terms and Conditions. Our services are for a minimum of one year. Thereafter, options for an annual rolling contract or monthly rolling contracts will commence, with different pricing per month between annual rolling contract versus monthly rolling contract. Termination of an annual rolling contract is a minimum thirty (30) days’ notice period before the end of the annual contract period and thirty (30) days’ notice for a monthly contract. Altiatech will hold annual commitment reviews to maintain service quality and appraise ongoing delivery and customer experience. Termination of annual contracts before the minimum term are liable for the full contract year, unless there is evidence of force majeure, or some other mutual agreement has been reached.

Using the service

• Web browser interface: Yes
• Using the web interface: Platforms allow users to create and access their own resources such as compute and storage from the web interface. Changes can be made on demand by users and organisations can monitor their own consumption and view their billing with up-to-date transparency. Our main public cloud is Microsoft Azure.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: https://www.microsoft.com/en-gb/trust-center/compliance/accessibility
• API: Yes
• What users can and can't do using the API: Users can perform the same operations via APIs that they can normally do by the web interface.
• API automation tools: Terraform
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: Users can perform the same operations via command line that they can normally do by the web interface.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Cloud services are supplied via Tier 1 vendors who have their own ability to scale, and therefore do not encounter performance issues from software provision. Public cloud is highly available and its data centres have in-built redundancy and capacity to meet growing usage demands.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft, Google, Amazon

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual machines
  • Databases
  • Storage accounts
• Backup controls: Via the web interface, APIs, command line within the framework of the organisation's backup policies.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Our SLAs provide service credits to customers should the monthly uptime fall below 99.5% availability.
• Approach to resilience: We ensure that the architecture does not contain single points of failure. These are duplicated to ensure that should a node fail, the system will continue to function.
• Outage reporting: All major cloud platforms have a publicly accessible status dashboard that can be viewed anytime.; ; We will e-mail users if there is an outage to keep organisations informed of the progress to resolve the issue.; ; Alerts can be tailored to the organisation requirements via APIs.

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Use of Privileged Access Management (PIM) and/or elevated admin credentials.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 29/07/2021
• What the ISO/IEC 27001 doesn’t cover: Systems development (N/A); Software development (N/A); Monitoring and review of supplier services (suppliers have their own controls)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Altiatech are certified to the ISO/IEC 27001 standard and have adopted Information and Security, Data Protection and Acceptable Use policies, amongst others, that contribute to high quality security management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Assets, including virtual, and physical, are tracked through the organisation's IT Service Management Tool of choice. This includes a history of changes applied to them throughout their lifetime. Security impact is always considered with configuration and change approaches with tests undertaken in dev environments that mitigate security and performance risks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: ADD LINKS for each cloud
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Using proactive network monitoring tools, threat detection and containment tools, we are able to identify compromised points within our services. Our responses are immediate with advanced threat management tools and immediately trigger notifications to support engineers for investigation within 15 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: We have pre-defined processes for events, reporting processes and incident reports that are aligned to ISO27001 and ISO20000.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Microsoft Azure; https://azure.microsoft.com/en-gb/global-infrastructure/sustainability/#overview; ; Amazon Web Services; https://sustainability.aboutamazon.com/environment/the-cloud; ; Google Cloud; https://cloud.google.com/sustainability

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  Altiatech is a minority ethnic led business that is has both Muslim ownership and leadership. Our social value is evident in our practice of annually donating a proportion of Altiatech's profits to charitable causes as part of "zakah" obligations, as required according to Islamic principles.

  Equal opportunity

  Altiatech is a minority ethnic led business that empowers people from many diverse backgrounds. Our social value is evident in the personnel we employ that have experienced disadvantage, as well as the new recruits we train who are young and inexperienced with little education beyond secondary schooling. By focusing on creating opportunities for our workforce, Altiatech's reach extends to wider families.

Pricing

• Price: £0.01 a unit an hour
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at innovate@altiatech.com. Tell them what format you need. It will help if you say what assistive technology you use.