AMETNES LIMITED

Ametnes Cloud

Ametnes helps software engineers provision and automatically manage a wider selection of open source software tools such as databases, messaging and caching tools at affordable prices across multiple public and private cloud platforms.

Features

• Managed database service
• Multi cloud service
• Managed messaging service
• Managed caching service
• Public cloud service
• Private cloud service

Benefits

• Wider selection of database, caching and messaging
• Available in private and public clouds

£0.01 to £0.04 a unit an hour

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.s@ametnes.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

952271490688977

Contact

Michael Sekamanya
+447985401496
michael.s@ametnes.com

Service scope

• Service constraints: Currently supported public clouds include;; 1. AWS; 2. Google Cloud; 3. Azure; ; Currently supported private clouds where Linux OS is permissible.
• System requirements: Linux Operating System environments

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Responses come within 24 hours
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide two support levels; 1. Free email support, where customers can communicate with us through our online platform.; ; 2. Technical support which is prices based on the product purchased.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We have usage examples as part of our online documentation.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users can request for all their data to be extracted.
• End-of-contract process: - Access to the self-service online portal for provisioning service resources is included in the price.; - Technical support is provided for at extra cost.

Using the service

• Web browser interface: Yes
• Using the web interface: User are able to; create, update and delete service resources in the web interface.; ; Some functionality isn't available in the web interface but the user can use the API we provide
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: 1. Via a computer based web browser; 2. Via smart mobile devices as tablets and mobile phone
• Web interface accessibility testing: All our testing is done with automated tests and is generalised for all users.
• API: Yes
• What users can and can't do using the API: Users can create, update and delete service resources by talking to the API using any of their favourite programming language such as Python, Javascript.; ; User can also use Terraform as part of their Infrastructure as Code pipeline process.
• API automation tools: Terraform
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Service resources are not shared between users. Resource including memory, cpu and hard disk are reserved for each users' exclusive use.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Databases
  • Cache
  • Logs and events
• Backup controls: Users can choose what gets backed up.; All data service resources can be backedup.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: This information is available on request
• Approach to resilience: This information is available on request
• Outage reporting: We currently report outages by email alerts

Identity and authentication

• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access restrictions are managed via user login and password. Each user has restricted access to only the information they are authorised to view. Each login session times out after a specific period of inactivity.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We have security goals and objectives that involve responsibility, strategy, acquisition, performance and conformance. Our strategy is to be current with security trends, threats and take a proactive preventative approach. We aim to update and patch our systems as soon as any security vulnerabilities are discovered.
• Information security policies and processes: This information is available on request

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: This information is available on request
• Vulnerability management type: Undisclosed
• Vulnerability management approach: This information is available on request
• Protective monitoring type: Undisclosed
• Protective monitoring approach: This information is available on request
• Incident management type: Undisclosed
• Incident management approach: This information is available on request

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: KVM hypervisor
• How shared infrastructure is kept separate: We achieve this by restricting communication between different organisations' infrastructure. This involves strict security networking policies.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We run our services on top of leading cloud infrastructure providers (such as AWS, Google Cloud and Azure) that adhere to the EU Code of Conduct for Energy Efficient datacenters.

Social Value

• Fighting climate change:

  Fighting climate change

  This information is available on request
• Covid-19 recovery:

  Covid-19 recovery

  This information is available on request
• Tackling economic inequality:

  Tackling economic inequality

  This information is available on request
• Equal opportunity:

  Equal opportunity

  This information is available on request
• Wellbeing:

  Wellbeing

  This information is available on request

Pricing

• Price: £0.01 to £0.04 a unit an hour
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial is available for the public cloud offering. It includes; 1. Provisioning non-premium service resources such as databases, caching tools.; 2. Premium service resources such as networking resources aren't included.; 3. Trial period is for 1 month or $100 usage credits whichever comes first.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.s@ametnes.com. Tell them what format you need. It will help if you say what assistive technology you use.