FOURWAYS TECHNOLOGY LTD

AWS Hosting

Windows Server Hosting AWS

Features

  • Manage your AWS accounts
  • Define and manage your organization
  • Secure and monitor your accounts
  • Control access and permissions
  • Share resources across accounts
  • Audit your environment for compliance
  • Centrally manage billing and costs

Benefits

  • Easy to use
  • Flexible
  • Cost-Effective
  • Reliable
  • Scalable and high-performance
  • Secure

Pricing

£150 to £10,000 a virtual machine a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.lambe@fourways-technology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

9 0 7 8 2 0 3 5 3 6 4 1 6 4 2

Contact

FOURWAYS TECHNOLOGY LTD Colin Lambe
Telephone: 0141 264 2729
Email: colin.lambe@fourways-technology.co.uk

Service scope

Service constraints
Internet speed must be god to run on AWS cloud.
System requirements
  • Processor - Depends on spec
  • RAM - Depends on spec
  • Hard drive - Depends on spec
  • Server operating system
  • VMM console operating system
  • SQL Server
  • Virtualization
  • Installation components
  • Servers in the VMM fabric

User support

Email or online ticketing support
Email or online ticketing
Support response times
P1: Urgent: 1 Hours
P2: High: 4 Hours
P3 Medium 8 Hours
P4 Low 1 Business days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
1st Line Call Logging
2nd Line Escalation
3rd Line Escalation
Application Support
SQL Support
Linux Support
Ntwork Engineers
Cyber Security
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We would gather requirements from the user ie spec of the servers and then we would build from a requirements document, we would document the full build and hand over to the client. The client then has the opportunity to ask any questions and option to take support packages on this.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Customer would make a Data request to our team and we would offer what format they would like this, when we hand the data over we would make sure this is done securely.
End-of-contract process
We would offer a renewal of the service within 3 months of the contract expires, if the customer does not want to renew then they have to give us 1 months notice and we would send out a exit questionnaire and rather hand service over to new provider or move the data for the customer to new location.

Using the service

Web browser interface
Yes
Using the web interface
Only admins can can log in to the web interface and only admins can make changes, any change would have to go through change control.
Web interface accessibility standard
WCAG 2.1 AAA
Web interface accessibility testing
We have not done testing on this but use this daily, aws interface has been awarded this standard.
API
No
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface
Only admins would be allowed to run command lines to make changes

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
The live monitoring advises us on the stats of the servers, If we have to increase the recourse we would contact the customer and advise them of this. Any change would be completed out of hours.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Cloud Replication
  • File & Folder
  • Database
  • Network Attached Storage
Backup controls
Only it admins can have access to the backup schedule, we would sit down with the client and agree the best backup solution and then we would implement this.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
Other protection between networks
Accessing AWS through the web interface, All interfaces would use 2 factor authentication
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Amazon guarantees that any services included in the SLA will be available for 99.99%
Approach to resilience
Resiliency
The ability for a system to recover from a failure induced by load, attacks, and failures.
A resilient workload has the capability to recover when stressed by load (more requests for service), attacks (either accidental through a bug, or deliberate through intention), and failure of any component in the workload's components.
A resilient workload not only recovers, but recovers in an amount of time that is desired. This is often called a recovery time objective (RTO). Within a workload, there is often a desire to not degrade, but to be capable of servicing the workload's requests during the recovery of a component. The study and practice of this implementation is known as Recovery Oriented Computing.
Define the allowable time of recovery.
Identify where your workload can use redundant components in parallel with no knowledge of past interactions ("state").
Identify where your workload can fail over to a backup component that will have minimal data loss with respect to previous requests.
Identify where your workload must restart to recover functionality.
Implement automation to replace redundant components automatically when they fail.
Implement automation to fail over to backup components when the primary component fails.
Outage reporting
A public dashboard
an API
email alerts
phone call to the customer

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Access restrictions in management interfaces and support channels
Use password and RSA keys. We also use policy's from Active Directory
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
Devices users manage the service through
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We are currently going through our ISO/IEC 27001 and I am doing my Certified Information Security Manager. We are using the process for ISO .
Information security policies and processes
We adhere to ISO27001 but are planning certification

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Request for Change
An Incident that causes a change
An Existing problem that results in a change
An and user requesting for a new change
Change as a result of an ongoing maintenance
Change Evolution & Planning
Reason for change - Justifies why change is needed along with risk/benefit analysis.

Impact & Risk assessment - Potential Impact and risk are calculated and documented including configuration items, CIs.
Cost benefit analysis - Estimated cost versus potential benefits are compared.
Implementation planning - Steps for implementing change that includes project members, timelines and methodology.
Change Approvals
Change implementation & Review
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We use end point detection and response, we get daily reports advising us of out of date software. we will then put this into the patching schedule. We will then discuss this with customer as there may be reasons for this being out of date. Customers get patching and vulnerability reports.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our edr goes out to the internet to find the treat early, if we detect a compromise we will remove the machine from main network for further review. EDR back the machine up every 30 minutes.
Incident management type
Supplier-defined controls
Incident management approach
Incident Logging
Incident Classification
Incident Prioritization
Investigation and Diagnosis
Incident Resolution and Closure

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
We try not use shared infrastructure if possible. if this was a saas (software as a service) Product we would use tenant isolation.

Any other model would use isolation policy's and subnets, vlans to control this

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Businesses in Europe can reduce energy use by nearly 80% when they run their applications on the AWS Cloud instead of operating their own data centers, according to a new report by 451 Research, a global research firm. The report, commissioned by AWS, also found that migrating compute workloads to AWS across Europe could decrease greenhouse gas emissions equal to the footprint of millions of households. In addition, businesses could potentially reduce carbon emissions of an average workload by up to 96% when AWS reaches its goal of purchasing 100% of its energy from renewable sources.

Social Value

Fighting climate change

Fighting climate change

Addressing climate change requires us to understand not only how human actions impact the climate system but also how changes to the climate will impact our planet, our communities and our businesses. Data is core to measuring, modelling and managing these processes, and governments, non-governmental organizations, and corporations around the world have done a lot of work to collect and generate datasets that support this goal. However, given the large size of most of this data and its complexity, only those with access to large computer storage and analytical capabilities are able to access and use those datasets. This significantly limits the number of people, the diversity of thought and experience, and the expertise at the table as we try to address this complex problem.
What if we were to democratize access to data and compute so that anyone, anywhere in the world could contribute to climate science? The Amazon Sustainability Data Initiative seeks to accelerate sustainability research and innovation by minimizing the cost and time required to acquire and analyse large sustainability datasets. ASDI supports innovators and researchers with the data, tools, and technical expertise they need to advance sustainability initiatives.
Enabling simpler access to foundational data on AWS
ASDI is committed to making climate-relevant data easier to access and analyze. ASDI’s growing data catalog comprises petabytes of open data. Users do not need to have an AWS account to access the data. The ASDI team works with data providers (e.g., US National Oceanic and Atmospheric Administration to remove barriers to accessing datasets by hosting them on the Amazon Web Services (AWS) Cloud. The AWS Data Sponsorship Program covers the costs for storing ASDI data in the cloud as well as egress related costs.
Covid-19 recovery

Covid-19 recovery

The COVID-19 pandemic challenged governments’ ability to respond quickly to new community needs with existing resources and within existing digital environments. Open source solutions help governments create customized, secure digital services such as increased screening faster and at a lower cost than services built from scratch.

Starting with a common set of open-sourced building blocks allows governments to focus on customization where it is most needed—on customizing local user needs to deliver citizen services.

Early on, it was clear that no one-size-fits-all set of services would work for pandemic response. Both Boyd and Cain emphasized the variation in user needs. For example, in Hackney, the first priority for most citizens was a source of accurate, up-to-date information that people could access on their smart phones. This led Hackney to rapidly deploy the Find Support Services Map. At the same time, other citizens required personalized and immediate assistance with food, shelter, or medical care. Identifying these critically vulnerable persons was also possible using open source solutions.
Equal opportunity

Equal opportunity

Fourways Technology IS COMMITTED to taking positive steps to ensure that:
 all people are treated with dignity and respect, valuing the diversity of all;
 equality of opportunity and diversity is promoted;
 services are accessible, appropriate and delivered fairly to all;
 the mix of its employees, volunteers and management committees reflects, as far as possible, the broad mix of the population of its local community;
 traditionally disadvantaged sections of the community are encouraged to participate in policy decisions about, and the management of the services provided.
Wellbeing

Wellbeing

Fourways Technology has a wellbeing policy

Pricing

Price
£150 to £10,000 a virtual machine a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at colin.lambe@fourways-technology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.