DBaaS Ltd

Web Design, Mobile Design and IT Support Services

We provide the cost effective solutions with the migration of existing system&technological upgrade with a fresh UI for better look & feel. Technologies that we serve RESTful Web Services,Angular, Node JS, HapiJs, Laravel, Codeigniter,Python.Technologies that we serve @ DBaaS Native Applications - Android, iOS & Hybrid Applications - Ionic, Flutter.

Features

  • E- Commerce Solutions & QOS – Quick Order System.
  • HTML5,CSS,Bootstrap4, Dreamweaver,FLASH & JavaScript.
  • Corporate Branding & Business Profile Designs/ PPTs.
  • Domain & Hosting, E-mail, SMS support, Website, Server Maintenance
  • All offline business is migrated to E-store and E-commerce
  • e-commerce solutions as the best solution of USP.
  • Mobile Technologies in iOS, Android and Hybrid Applications.
  • Web Design Technologies and perfect ERP or CRM solutions.
  • QAT and Functional Testing services across domains.
  • Managed Services in terms of agility, flexibility and cost savings.

Benefits

  • Provides the perfect ERP or CRM solutions
  • Migration of existing & technological upgrade with a fresh UI
  • Leading-edge design and technical suggestion
  • Database management and Back up services
  • 24×7×365 services for continuous support, maintenance
  • DBaaS, PaaS, IaaS as Outsourcing or On-Premises Support
  • Essentials (BAU), LIVE Services and Migration Services
  • More info: https://www.dbaasltd.com
  • Support, managed or consulting services any platform

Pricing

£350 to £1,300 a user a day

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@dbassltd.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

9 1 9 1 5 8 7 9 9 6 5 0 0 0 7

Contact

DBaaS Ltd DBaaS Ltd
Telephone: +44 07480 080202
Email: admin@dbassltd.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The service excludes any third-party software licensing&third-party support costs(unless these are included in the infrastructure provider pricing)•The service does not include support for database-specific content including data change or deletion or data integrity checks.•The service does not include support to major database RDBMS change&release activities,this is available as a service option•The service excludes the implementation of service requests. These are charged separately on a T&M basis•The service excludes support for security accreditation and testing •The service excludes visits to customer sites,including the attendance of service reviews; attendance will be subject to prior agreement with any expenses incurred charged additionally
System requirements
  • 8 GB RAM
  • Windows 10 or Windows 11
  • 256 GB SSD
  • AWS or Azure Cloud Partner
  • Office 365 License-Standard
  • Mac Pro or Mac Airbook

User support

Email or online ticketing support
Email or online ticketing
Support response times
We respond to all questions within 8 business hours. Normal business hours are 09:00-5:00 Mon-Fri excluding UK holidays. We regularly respond to questions within 4 business hours, and we immediately work on all inbound questions to establish urgency and set appropriate priorities. We provide an SLA based on the clients requirements. Weekends : 10am to 4pm on Saturday and 11am to 3pm on Sunday with extra costs.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), 7 days a week
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
Chatbot
Onsite support
Onsite support
Support levels
We provide a service desk for our managed services customers. Also, assigned consultants or architects will respond in 8 business hours of response time. Our Support offering is not driven by a standard service catalogue; and also provides the tailored support levels to meet your specific needs to provide the right level of support to meet your business requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Yes, we used to provide online training, user documentation, or Onsite training for the service.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • PDF
  • Word Document
  • Visio
  • Powerpoint
End-of-contract data extraction
We do extract all the data of users and prepare the contract handover to your during the contract period ends.
End-of-contract process
We do full KT (knowledge transfer) and cross-training to the team members and permanent members of the staff. Preparing the full confluence documents in the intranet or global usage in the organizations. Preparing the full online training or in-house training for the business to the technical team and technology to business and non-technical to business teams.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
No
Service interface
No
User support accessibility
WCAG 2.1 AAA
API
Yes
What users can and can't do using the API
User familiarizes with the API activities and how to integrate services to another application.
setup via java thin client or nodejs or java or any relative coding's.
No limitations to how users can setup
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
We keep monitoring 24/7 with a proactive team independently and managing all aspects of business activities to be monitored without affecting the BAU and live services.
All users will be under full SLA support as requested and ensure there is zero tolerance and zero downtimes.

Analytics

Service usage metrics
Yes
Metrics types
We used to provide service in the application of storage Access, Portable wifi Data dongle devices.
Reporting types
  • API access
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Extraction and conversion of raw data from their existing format into a format required by another application. Exporting data is also a way of backing up data or moving it between two different versions of programs.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
A service level agreement (SLA) is a documented agreement between a service provider and a customer that identifies both the services required & expected level of service.
The agreement varies between vendors, services, and industries. Handle all incoming Support Queries in accordance with SLA response times attached on DBaaS Ltd Onboarding process page, provided always attempted first (but been unable) to resolve the relevant issue through its own internal IS resources; Communicate via telephone and e-mail; Be available during standard service hours, and only provide telephone or email support through people who are fluent in the English language. Supplier is prevented or delayed in performing its obligations due to Force Majeure.
In these circumstances, the Contract Price shall be adjusted and any necessary refund or credit effected in accordance with the Authority’s reasonable instructions.
Approach to resilience
Provide a full detailed resilient plan and technical documents wrapper around the Service which shall include, but is not limited to, our IT strategy, service resilience, performance monitoring, and reporting, service reviews to monitor progress and discuss issues (e.g. quality of delivery, resource, troubleshooting, risks and issues with proposed mitigations).
Performing all activities within various Systems Development Life Cycle (SDLC) types including Waterfall, Agile, and DevOps.
Ensure a timely response to address the need, with resilience to provide substitute or replacement capability when required to avoid service disruption.
Engaging Operations teams to get a buy-in on approach and coordination and scheduling of work to secure technical resource(s) (where applicable) to assist in an emergency.
Be versatile across multiple channels including web, social and print media.
Contain elements/icons that can be used across various digital and print mediums including a website.
We need to reflect the tone of the buyer's instance – less emphasis on the ‘touchy feely’ environmental green tropes and more a focus on innovation, action, and technical solutions
Outage reporting
SERVICE LEVEL REPORT 1) Before the 10th calendar day of each month (or the previous day, if the 10th calendar day in the relevant month is not a Working Day), the DBAAS Ltd shall provide GCloud services with a report containing accurate figures of performance against each Service Level including, with regards to Availability, the levels of Scheduled and Unscheduled Downtime in the previous month and in the previous three (3) month period on a cumulative basis and on a rolling basis, together with details of any instances of non-compliance with the Incident Resolution Service Levels.
Handle all incoming Support Queries in accordance with SLA response times attached on DBaaS Ltd Onboarding process page, provided always attempted first (but been unable) to resolve the relevant issue through its own internal IS resources; Communicate via telephone and e-mail; Be available during standard service hours, and only provide telephone or email support through people who are fluent in the English language.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Gain access to cloud-based data lakes and data warehouses.
Their goals are to increase the agility, security, and reliability of their applications, lower costs, and improve data analytics capabilities.
Moving cloud-based platforms and software deployment to a new location is a multi-step process that involves tasks that must be identified, planned, implemented, and tested.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Information Security Management System (ISMS)
ISO/IEC 27001 accreditation date
30/06/2021
What the ISO/IEC 27001 doesn’t cover
Nothing to say, it covers most of the services as per Our ISO 27001 accreditation means that we have put all necessary measures in place to ensure that our clients' information is always protected.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
30/06/2021
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/A
PCI certification
Yes
Who accredited the PCI DSS certification
Barclays
PCI DSS accreditation date
30/06/2021
What the PCI DSS doesn’t cover
N/A
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • Memset Hosting
  • GCHQ Certified Master of Cyber Security
  • CISSP
  • CMFS
  • CEH
  • CVI

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
We do follow the CyberEssentials Plus and Memset Hosting.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration&Change Management we follow to control the environment releases by raising a change in the Buyer's support system&linking it to the initial SR/Incident. The approval is sought in a regular CAB meeting scheduled to take place once a week. We can hold emergency CABs-or-seek approval outside CAB from our release manager. We try to limit these approvals outside CAB to a minimum. When working with the support company, the team will attend the CAB meeting to represent the change, but the support company may be asked to fill out some technical details in a 3rd party RFC document.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Automated vulnerability management scanning tools should be run on a monthly frequency and against all solution components and their supporting infrastructure. Vulnerability scanning tools should provide vulnerability risk scores in accordance with the common vulnerability scoring system (CVSS) version 3. Penetration testing (CREST/CHECK/TIGER scheme). Patch management (including any policies and procedures). Version control, Remediation action plans (please detail SLA timescales for high, medium and low CVSS scored vulnerabilities). There also needs to be a requirement for user accountability (logging and monitoring). Is BYOD permitted? If so, is it corporately managed.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring Services that support its strategic communications, and media outreach activities and track and measure the success of its PR campaigns; across all sites. We do protective monitoring processes means appropriate technical and organizational measures which may include: pseudonymizing and encrypting Personal Data, ensuring confidentiality, integrity, availability, and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of such measures adopted by it.
Incident management type
Supplier-defined controls
Incident management approach
We can predictive intelligence, which uses detailed incidents reports to respond to requests and Performance analytics to create data visualizations, anticipate trends, prioritize resources, and improve performance, and Incident management and problem management to restore services quickly after an unplanned interruption or a major incident Asset management to get a complete, connected view of all assets We can be able to communicate via telephone and e-mail; Be available during standard service hours, and provides telephone or email support through people who are fluent in the English language. a)Incident and Problem Management c)Ticketing Management d)Service Request Management.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Police National Network (PNN)
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Social Value

Fighting climate change

Fighting climate change

We do more to understand your carbon emissions. Drive more efficiently. In particular, observe speed limits and avoid rapid acceleration and excessive braking. Don’t drive aggressively. Commute by carpooling or using mass transit. Plan and combine trips. Drive more efficiently. Switch to “green power.” Switch to electricity generated by energy sources with low or no routine emissions of carbon dioxide.
Covid-19 recovery

Covid-19 recovery

In light of the Coronavirus disease (COVID-19), it is the intention of buyer's to be as flexible as possible in relation to the procurement process for the GCloud hosting to support the tender however this will remain within the parameters of the Public Contract Regulations 2015 (PCR 2015).
Please note that Suppliers will use reasonable endeavors to notify all tender participants of any potential risks which may delay the procurement process and its subsequent award and implementation.
Tackling economic inequality

Tackling economic inequality

DBaaS Ltd is committed to tackling economic inequality at the root. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.
Equal opportunity

Equal opportunity

1. The Authority and Supplier shall continue to monitor the performance and objectives of this Contract throughout its duration and to make any amendments or changes necessary to this Contract, or its performance or objectives in order further to promote equality, and equal opportunity.
2. The Supplier shall notify the Authority immediately in writing as soon as it becomes aware of any investigation or proceedings brought against it in relation to equality, or equal opportunity whether under the Act or otherwise.
3. Where any investigation is conducted, or proceedings are brought which arise directly or indirectly out of any act or omission of the Supplier, its staff, employees, workers, consultants, agents, or Sub-Contractors and where there is a finding against the Supplier in any such investigation or proceedings, the Supplier shall indemnify and keep indemnified and hold harmless the Authority and the Chief Constable with respect to all costs, charges, and expenses (including legal and administrative expenses on an indemnity basis) incurred by the Authority during or in connection with any such investigation or proceedings and further indemnify and keep indemnified and hold harmless the Authority from and against all and any compensation, damages, costs, losses, fines, penalties or another award (including any interest) the Authority may be ordered or required to pay.
4. If a finding of unlawful discrimination or breach of equal opportunities legislation (including but not limited to the Act) is made against the Supplier or against the Authority arising from the conduct of the Supplier or any of its employees, workers, consultants, agents or Sub-Contractors, the Supplier shall take immediate remedial steps to prevent further recurrences and shall advise the Authority of the steps taken.
5. Where any investigation is undertaken by a person or body empowered to conduct such an investigation and/or proceedings are instituted.
Wellbeing

Wellbeing

The DBaaS Ltd promotes the health, safety, and wellbeing of patients, service users, and the public by raising regulation and voluntary registration of people working in health and care.
DBaaS Ltd is to drive UK global leadership in Intelligent Mobility, promoting sustained economic growth and wellbeing through integrated, efficient and sustainable systems, innovative accelerators, and processes to people values: Care, Collaboration, Courage, and Integrity.

Pricing

Price
£350 to £1,300 a user a day
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Demo covers the basic information about the solutions provided on the free version using masking data and doesn't have testing or real activities data.
Actual real or users data is not included
Periods will be 3 months maximum derived based on the certain limits based on the cloud services providing.
Link to free trial
Not Available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at admin@dbassltd.com. Tell them what format you need. It will help if you say what assistive technology you use.