Awingu Remote Access and Working Solution
Awingu enables users to securely connect to a work environment securely with no more equipment than a device with a modern web browser. Suddenly enabling a mobile workforce became very easy. By design you can deploy Awingu on the infrastructure of your choice.
Features
- Remote Access
- Secure vpn-less access via browser without downloads
- Browser only remote access
- Access to files, internal web sites and application remotely
Benefits
- Most secure form of remote access
- No risk of mass data loss via VPN
- No challenging deployment of software, simply go to a URL
- Significantly lower cost than Citrix
Pricing
£40 to £100 a user a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
9 4 3 8 0 9 3 2 0 2 3 3 4 7 7
Contact
DO Business Services Limited
David Overton
Telephone: 07712 410 268
Email: david@davidoverton.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- This service will require Microsoft licenses for the software used that is owned by Microsoft. Awingu itself is licensed via this service
- System requirements
-
- Windows Server or Desktops to run user software
- Windows RDS CALs
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Normal initial response time to a ticket is under 1 hour during service hours.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Oyr web chat is delivered using a Microsoft Teams based solution, therefore anything that can be delivered with Teams can be delivered here.
- Web chat accessibility testing
-
We rely on Microsoft for the testing of their product. To that end, as described at https://support.microsoft.com/en-gb/office/accessibility-overview-of-microsoft-teams-2d4009e7-1300-4766-87e8-7a217496c3d5 we can offer the following:
Compatible with assistive technologies, like
Screen readers
Dictation software
Eye control (on Windows 10)
Voice control (on iOS and Android)
Screen magnifiers
Switch access (on iOS and Android) - Onsite support
- Yes, at extra cost
- Support levels
-
Our service level offerings are:
Bronze: 9am-5:30pm, non-bank holiday weekdays
Silver: 8am-8pm, Monday - Friday
Gold: 8am-8pm, 7 days a week
Platinum: 24x7 - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
Our onboarding information process consists of the following steps:
1) Application identification and provision for remote access
2) Testing via UAT
3) Release to production portal
We provide on-site and remote training, end user videos and getting started guide and a customised Wiki for the users - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- When the contract ends, we terminate the service. We can export meta data, such as the usage logs, however we do not keep customer data on the service. The configuration information is not part of the data that can be provided to the customer.
- End-of-contract process
- At the end of the contract the service is either terminated, or extended. As no data resides within the service, there is nothing to hand back to an organisation.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Awingu is delivered via a browser, so works on any mobile device. While it is possible to use on a phone we recommend a tablet, laptop or desktop. The experience for the user will be governed by screen size as this is a browser based product
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- The service interface is not designed to be used by end users, however on select occasions it can be made available.
- Accessibility standards
- None or don’t know
- Description of accessibility
- The service interface is plain html and as such can be interacted with via screen readers and other assistive technologies.
- Accessibility testing
- No testing done by DO Business Services Limited.
- API
- Yes
- What users can and can't do using the API
- All aspects of the system can be controlled with the API
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- The user interface can be customised and the applications delivered to each user can be customised.
Scaling
- Independence of resources
- We size appropriately and can scale as needed
Analytics
- Service usage metrics
- Yes
- Metrics types
-
We can provide regular reports that show:
- Number of users (concurrent and used)
- Number of sessions
- Application usage (qty of sessions, duration)
- Feature usage - Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- The only data that can be exported is audit data and this is provided through a service request.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
We offer three levels of reliable architecture than enable different levels of SLA.
We start at 99% and can provide solutions that move to 99.9% of the solution we control and provide.
In the event of failing the SLA in a month we will offer a service credit of 1 month - Approach to resilience
- This information is available on request
- Outage reporting
-
We report outages, by default, via e-mail and if the customer has an API we can call, we will also report via that api.
There is a dashboard that we can provide access to, however this has some admin capabilities, so it is limited to a select few at the customer rather than all users.
We can make an API call available for the customer to access status information of the service too.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
-
Access to admin and support functions is limited by security group, login username and password, that must exist in the customer AD group as well as MFA to ensure stolen credentials by themselves cannot compromise the system.
Access to Awingu does not in itself provide the ability to access the customer servers or software with any admin or management capability - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Cyber Essentials
- Information security policies and processes
-
When we control the datacentre, we apply the following principles:
- All data is encrypted, whether in transit or at rest
In all circumstances:
- All data from Awingu to the client is encrypted
- All data from Awingu to client servers is encrypted
- All access, including Admin access is audited and by default has MFA enabled
- Suspicious activity is reported to the client and investigated in-house
- No customer data is held in/on the Awingu system, so always remains with the customer.
- We read and follow NSCS, Microsoft and Awingu security recommendations and patch systems as soon as possible.
Our staff must follow our security procedures at all time. If they fail to do so, they will face disciplinary action. Any concerns about security must be raised to a director to ensure follow-up and visibility
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
All changes have to be approved by Change Management. This requires approval by the customer as well as our technical and security teams.
All components of the Awingu service are tracked with full audit capability enabled. We track every change and access to the system. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Our systems have a very small footprint exposed to the outside world to minimise security risks. All systems are kept fully patched and admin access is monitored for unusual or unexpected behaviours.
Any potential threats identified are checked with our suppliers to understand if they are a risk to the service. If they are, we immediately take remedial action. We may take remedial action in any event before we get confirmation.
We get threat information from NHS Digital, NCSC, Microsoft Security Response Centre, our suppliers and our in house team. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We run constant monitoring systems looking for suspicious activity. All suspicious activity is checked and if necessary actions will be taken to remove the issue. We may be reliant on customer solutions in terms of account management.
We respond 24x7 to security issues often within minutes of becoming aware of an issue. - Incident management type
- Supplier-defined controls
- Incident management approach
-
We have a number of pre-defined incident responses that range from user information through to full processes executed by ourselves. Where we integrate with customer systems our response may be to log a call with the customer IT teams for them to implement a change.
Where possible, we will follow standard CRB processes, however if security or service provision require an immediate response, this will be taken in conjunction with the customer in agreed scenarios.
All major incidents go through a root cause analysis and a document is produced.
Users can log incidents via e-mail or Web chat
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Working remotely has a positive impact on reducing travel requirements and therefore our CO2 footprint. Awingu enables users to travel less every day and be more productive, getting more done as a result. - Covid-19 recovery
-
Covid-19 recovery
Due to Covid-19 more people want to have a flexible work-style, while some need to be able to work from more remote locations. The remote access provide a secure way to enable these users to work from where they are safe and comfortable. Rather than having to travel or be furloughed, staff can continue to be productive. - Wellbeing
-
Wellbeing
Due to Covid-19 more people want to have a flexible work-style, while some need to be able to work from more remote locations. The remote access provide a secure way to enable these users to work from where they are safe and comfortable. Rather than having to travel or feeling insecure in a work environment, staff can continue to be productive without these stresses.
Pricing
- Price
- £40 to £100 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- We can provide access to a trial solution for 2 weeks. We will install and configure the solution in this time and provide limited licenses to enable access during this time.