e3 media ltd t/a Great State

Managed cloud hosting services

This service provides managed cloud services to support web applications services deployed to public cloud (e.g. Azure, AWS, Google Cloud, MODCloud, D2S), Our experienced team of infrastructure engineers will provide technical consultancy and architectural guidance to support complex requirements and optimise cost, performance, security and compliance.

Features

• Supported cloud hosting providers: Azure, AWS, Google(GCP), MODCloud, D2S
• Ticketing and service help desk (Zendesk, Jira), 24/7/365 monitoring
• Robust, responsive ITIL 4 incident management, problem, and change management
• Proactive maintenance, technical debt remediation, patching & backup, test automation
• Infrastructure as code (IaC) provisioning using ARM, Bicep, Terraform
• Disaster recovery, business continuity planning and optimisation
• DevOps - Provisioning of Continuous Integration/Delivery and Deployment (CI/CD)
• Provision and management of IaaS, PaaS and SaaS hosting infrastructure
• Transition planning, execution, management and support from on-premise to online(cloud)
• Flexible hours of operation 24/7, 9-5(UK business working hours)

Benefits

• Information security assurance and compliance (ISO 27001, Cyber Essentials Plus)
• Alignment to Government Digital Service (GDS) Standards and assements
• UK Technology Code of Practice, GDPR, Secure by Design compliant
• Specialist multi-discipline team experienced delivering Discovery, Alpha, Beta and Live
• Delivered by Sitecore and Microsoft Gold Partner, Umbraco Platinum Partner
• Maximise operational uptime of services and 24/6/365 monitoring
• Multi-disciplinary support teams and points of escalation
• Reporting, Change Advisory Board (CAB) & Continual improvement
• ISTQB-BCS Certified (ISEB), SC/BPSS cleared test analysts & infrastructure/DevOps/software engineers
• Comprehensive quality management services aligned to ISO:9001, ITIL4, ISTQB Gold

£650 to £1,500 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@greatstate.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

965373428884066

Contact

Public Sector Team
01179021333
publicsector@greatstate.co

Service scope

• Service constraints: Cloud service uptime SLAs will be provided inline with SLAs provided by Azure, AWS and Google Cloud.
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 30 mins, 60 mins or 2 hrs (depending on priority), Weekends or bank holidays under a 24/7 SLA will be 2 hrs across across all priorities.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide robust, responsive ITIL 4 incident management, problem, and change management. Proactive maintenance, technical debt remediation, patching & backup and test automation.; ; Flexible hours of operation 24/7, 9-5 (UK business working hours) and provide multi-disciplinary support teams and points of escalation.; ; We can provide a Service Level Agreement (SLA) to ensure that any issues which arise can continue be dealt quickly and efficiently. ; ; This comprises of two elements; proactive monitoring - of services to identify and isolate potential problems before they become issues and Reactive response - to resolve any unforeseen problems which may arise. ; Support includes the following key elements: ; ; • Event management access management ; • Request fulfilment; • Applications management; • Problem management; • Support service desk for telephone and email support; • Website monitoring; • Incident management; • CMS platform support and maintenance; • Solution support and maintenance; • Monthly reporting
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will carry out comprehensive onboarding onto the service.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customers can be given access and support (where required) to extract data at the end of a contract. Any additional support required to extract or transfer the data may be chargeable at an additional cost.
• End-of-contract process: In the event of service termination, the end of contract process will be to remove all access to the services and stopping of all resource and services.; ; The responsibility of migrating services and data will be with the customer.; Any work or support required to handover to another party or client, extract or transfer data or migration of infrastructure and services will need to be planned in and executed as a separate project and chargeable at an additional cost.

Using the service

• Web browser interface: Yes
• Using the web interface: User will be able to manage the every aspect of the service(s) through the web portal(s) provided by Microsoft Azure, AWS and Google Cloud
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The accessibility of the portals are managed by Microsoft, AWS, Google Cloud
• Web interface accessibility testing: The accessibility of the portals are managed and tested by Microsoft, AWS, Google Cloud
• API: Yes
• What users can and can't do using the API: All aspects of the Microsoft Azure, AWS and Google Platforms can be managed via the APIs
• API automation tools:
  • Ansible
  • Chef
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: All aspects of the Microsoft Azure, AWS and Google Cloud services can be managed via the CLI

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: The service will be designed so that there are multiple levels of isolation and segregation including network, compute and storage to ensure that users are not affected by the demand of other users on the service.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: We call our clients if usage is nearing service limits.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Azure, AWS, Google Cloud

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • SQL databases
  • File shares
• Backup controls: Backup schedules are flexible and can be agreed with the customer during the onboarding phase.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: This information is available on request.
• Outage reporting: Public dashboard and email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through in different ways including username and passwords, multifactor authentication and IP restrictions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 19/07/2023
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: We are accredited for ISO 27001:2013 by QMS International. Cyber Essentials (Plus) certification and annual penetration testing by mti.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Our change management process controls the lifecycle of all changes, enabling beneficial changes to be made with minimum to no impact to services being provided. Changes to systems include additions, modifications, and removal of anything that can impact the IT services provided. The change could impact architecture, services, processes, people etc.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We perform regular maintenance and housekeeping tasks including:; ; • Event scheduling and administration: scheduling and executing of system events such a batch processing, system back-up or mass data transfers. ; ; • Emergency patches and upgrades: process for dealing with emergency patches as and when they are provided by vendors.; ; • Preventive maintenance: actions performed in an attempt to retain an application software item in a specified condition by maintaining updated OS and security patching, measuring performance and utilisation, conducting systematic inspection, and running diagnostic tests to detect incipient failure or degradation and to prevent these where possible at application management level.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All components and services are constantly monitored as part of the managed service monitoring solution (reactive and proactive). Proactive monitoring is based on triggers being set at different thresholds against key metrics such as CPU usage, memory and diskspace. ; ; Depending on the severity of the event identified we will respond appropriately and in accordance with agreed service response times.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management is always preceded by either an event, detected automatically via monitoring or a call/ticket being raised (by phone, direct ticket or email) to the service desk. ; ; This team will provide initial categorisation and triage where appropriate, and will handle all communications via the ticketing system, status page and notifications. This team will also, using the comprehensive runbook developed, undertake immediate set actions or escalations as required to resolve the incident. ; ; We provide monthly reports providing a measurement of performance against agreed service levels and conduct a quarterly review with an operational and strategic focus, aimed at continual improvement.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Microsoft Azure, AWS, Google Cloud
• How shared infrastructure is kept separate: The service will be designed so that there are multiple levels of isolation and segregation including network, compute and storage to ensure that users are not affected by the demand of other users on the service.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: See:; https://azure.microsoft.com/en-gb/global-infrastructure/; https://aws.amazon.com/energy/sustainability/; https://sustainability.google/progress/energy/

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Through our ISO 14001 accreditation, which we have held for 8 years, we work within the ISO environmental management system framework to identify the key aspects where we could have a negative impact on the environment. As a result, we have a detailed policy and systems in place to reduce our impact. Primarily through the areas of air emissions, water discharges, waste management, land contamination, sustainability of natural resources use, local and community environmental issues and technological options. Some of the areas we are working on currently are:; - Working to maintain our carbon neutrality by reducing our direct carbon footprint through the reduction of emissions, discharge, contamination and corporate travel. Having had a third party audit our carbon footprint data, we are now working towards our goal of maintaining our carbon neutrality.; - Looking at our wider indirect carbon footprint and working with our suppliers, through an assessment process and questionnaire, to ensure we are working with likeminded partners.; - Encouraging our employees to decrease their personal carbon footprint through the promotion and use of car-sharing, public transport, our EV scheme and our cycle to work scheme, ultimately leading to a reduction in air emissions.; - Choosing a landlord that has B Corp status to support our goals.; - Offsetting anything that cannot be reduced through recognised and legitimate partnerships.; - Reducing energy usage through using modern energy efficient equipment.; - Moving technology to the cloud to decrease carbon footprint and emissions and increasing the use of renewable energy.; - Reducing raw material usage by digitising where possible.; - Minimising waste by heavy promotion of reuse and recycling; - Researching the benefits of B Corp status for ourselves.; - Spreading the reach to our clients by educating them about sustainable code, through a series events and workshops.

  Tackling economic inequality

  We work towards tackling economic inequality in any way we can, at the moment we are focusing on employment, education and training, development of scalable and future-proofed new methods, and identifying and managing cyber security risks through:; - Developing programs that support flexible working conditions, including remote work opportunities. This can make employment more accessible to individuals in remote or underserved areas, or to those with additional responsibilities, helping to spread economic opportunities more evenly across regions.; - Incorporating health and wellbeing programs that support employees' mental and physical health this also addresses economic inequalities by providing support that might not otherwise be available to lower-income employees.; - Implementing inclusive hiring policies that actively seek candidates from diverse backgrounds.; - Support for underrepresented candidates by providing careers advice, including mentoring, mock interviews and CV advice, and opportunities for in-work progression and career development into known skills shortages or high-growth areas.; - Offering opportunities for work experience or similar activities.; - Providing apprenticeships and industry placement opportunities.; - Support for educational attainment resulting in recognised qualifications.; - Activities to support relevant sector-related skills growth in the workforce, for example, careers talks, curriculum support, literacy support, safety talks, and volunteering.; - Partnerships with non-profits to extend the reach of our programs, especially in underserved communities.

  Equal opportunity

  We promote equal opportunity to our potential and current employees in many ways and we are constantly working on the following:; - Working on internal unconditional bias through discussion, training and process changes.; - Ensuring our job ads are not discriminating and don’t use any stereotypes or biased language.; - Ensuring that everyone in the company feels that they are in a safe place and their voices are heard and respected and feel safe in the knowledge that they will never face retaliation for a complaint or raising a concern.; - Giving numerous escalation and support channels; - Providing resources and educational material that include examples of different types of discrimination – whether this is indirect discrimination, unconscious biases or offensive. language. Helping our employee’s awareness of issues they may not have recognised as discrimination before.; - Celebrating differences and gaining advocates from other parts of the business, such as with our Great Women initiative.; - Ensuring leadership promotes, internally or externally, who we are as a company and who we want to be.; - Bringing guest speakers in to talk to our employees helps to bring new viewpoints and conversations around the question of diversity to our workforce.; - Employees are able to balance their work and their life in a way that suits them allowing differences to be catered for equally.; - Every employee works with their line manager on clear expectation setting aligned with goals that are both achievable and challenging (SMART objectives). Supported by training and development and regular 121s with their manager.; - Carrying out company surveys to ensure staff members feedback is heard.

  Wellbeing

  The wellbeing of the people that work for Great State is a key focus for us as a business – we have therefore implemented a range of initiatives, including: ; - Providing access to and funding Private Healthcare which includes confidential counselling, discounted gym memberships and discounts on everyday retail items.; - Supporting employees to achieve their goals by providing 121’s, objectives and training to encourage mental wellbeing.; - Setting up friendly fitness challenges to motivate employees to care for their physical health and develop our company’s interpersonal relationships.; - Offering salary sacrifice schemes to aid financially, whilst encouraging more sustainable commuting with the EV and Cycle to Work scheme.; - Arranging regular get-togethers to aid healthy relationships with colleagues to enable mutual support and trust.; - Creating a comfortable work environment to improve physical and mental health, with standing desks, healthy food and drink options, ergonomic seating and wellness and social spaces.; - Recognising and rewarding employees for hard work, increasing confidence and making people feel valued for their contribution, through kudos on our HRIS, rewards, etc. ; - Encouraging staff to take responsibility for their own wellbeing by creating a culture that talks about health and wellbeing and supporting employees to take steps to improve themselves. ; - Providing wellbeing workshops, such as yoga.; - Offering flexible working to suit different working styles, schedules and preferences.; - Offer annual flu shots to keep the workforce healthy.; - Offer employees the option to take a sabbatical leave after a certain period of employment. This can be used for personal development, volunteering, or simply to take a break, which can significantly improve mental and emotional health.

Pricing

• Price: £650 to £1,500 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@greatstate.co. Tell them what format you need. It will help if you say what assistive technology you use.