SR Cloud Solutions Ltd

Amazon Web Services Cloud Hosting

SR Cloud Solutions have highly experienced AWS certified staff, who work with our customers to provide tailor-made solutions that fit within desired budgets, while still meeting business needs. Amazon Web Services provides a flexible, resilient, secure, cost-efficient cloud strategy. All our staff are UK based with a 24x7x365 service desk.

Features

  • AWS accredited UK based consultants and support team
  • AWS migration professional services with full project management
  • Experts in delivering AWS Database Services
  • Configurable Geo-replication to other AWS regions
  • Auto scaling to increase /decrease number of EC2 instances
  • Free access to Cloudcheckr for compliance and cost optimisation
  • Elastic Load Balancing to distribute incoming traffic
  • Advanced data analytics tools - Athena, EMR, Redshift, Kinesis
  • Amazon Elastic Container Service to run applications on managed cluster
  • Amazon object/block level storage options using EBS, EFS, S3

Benefits

  • Build, Deploy and Manage business applications faster
  • Experts in cloud cyber security to safeguard your data
  • Agility and speed to grow your infrastructure on demand
  • Deployable anywhere with AWS global regions
  • 24x7x365 Remote Monitoring & Management
  • OPEX PAYG monthly - no long term contracts or commitments
  • Specialist right sizing VMs and created Reserved Instances saving costs
  • Experts in providing connectivity into AWS using Direct Connect
  • Free AWS Compliance & Best Practice reports from Cloudcheckr
  • Free Cloudcheckr cost optimisation to efficiently manage AWS workloads

Pricing

£0.01 to £0.01 a unit

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamie@srcloudsolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

2 0 7 7 0 2 9 3 9 5 7 8 7 0 8

Contact

SR Cloud Solutions Ltd Jamie Ritchie
Telephone: 02036039960
Email: jamie@srcloudsolutions.co.uk

Service scope

Service constraints
No service constraints. AWS is a highly available, resilient, secure public cloud service with 99.9% SLA and 24x7x365 support
System requirements
N/A

User support

Email or online ticketing support
Email or online ticketing
Support response times
Standard AWS Support SLAs

General Guidance < 24 hours
System Impaired < 12 hours
Production system impaired < 4 hours
Production system down < 1 hour
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Web chat is accessible via our homepage at srcloudsolutions.co.uk
Web chat accessibility testing
Full testing has been completed with assistive technology users
Onsite support
Onsite support
Support levels
Priority Response Resolution
Critical (P1) 1 Hour 4 Hours
High (P2) 1 Hour 8 Hours
Medium (P3) 4 hours 2 Days
Low (P4) 1 Day 5 Days
Planned (P5) 2 Day 14 Days
Support available to third parties
Yes

Onboarding and offboarding

Getting started
An initial meeting will be held with the new customer to gather the requirements so we ensure we can align an appropriate solution to fit the needs. This meeting will involve a Technical Solutions Architect, and a Project manager / Account manager.
This meeting will include the gathering of information to produce a Statement of Work, the SoW will provide a breakdown of tasks involved for the project, roles & responsibilities, timelines, costs, training requirements, quality assurance and testing procedures.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Word
  • Hard Copy
End-of-contract data extraction
This is provided in an agreed format at the end of the contract through our established off boarding process. The data is usually provided in excel format (CSV) as standard although other formats may be available upon request.
End-of-contract process
Following notification of cancellation we will engage with the customer to confirm the termination date and agree time frames for supplying the customers information to them. If additional/bespoke reporting requirements are requested this would be costed on a POA basis and provided as required.

Using the service

Web browser interface
Yes
Using the web interface
All Azure services are managed via the Azure Resource Manager web portal at https://portal.azure.com

Features that cannot be managed via the Azure web portal can be done using Azure powershell cmdlets.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
Information relating to Azure API integration services can be found here --> https://azure.microsoft.com/en-gb/resources/videos/azure-friday-an-overview-of-azure-integration-services/
API automation tools
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
  • HTML
  • PDF
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
The AWS Command Line Interface (CLI) is a unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.
AWS tools for Powershell are used to provision and manage services directly.

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
The hosting environment is configured to automatically scale to accommodate high demand usage during peak periods, or in the event of a Global Pandemic Outbreak.
Extensive workforce planning is undertaken to ensure suitable support resources are also available during peak times.
Usage notifications
No

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Storage
  • Database
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Amazon Web Services

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
Data Warehouse
Backup controls
Customer and SR Cloud Solutions work together to ensure adequate backups and security are in place to protect data as per the customers required standards.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
SR Cloud Solutions work with clients to determine appropriate network security and firewall settings to ensure service availability while preventing unauthorised internal or external access to customer data.
Data is encrypted at rest and in transit.
We also utilise AWS Direct Connect to secure networks.

Availability and resilience

Guaranteed availability
SLAs for AWS are available from Amazon depending on the cloud service selected and the level of availability chosen during configuration.
Approach to resilience
AWS services can be configured at multiple AWS regions, within these regions there are multiple availability zones for added resiliency. AWS has 22 worldwide regions, 69 Availability Zones, and 199 edge locations.
Outage reporting
Website notification
Direct email
Telephone/account management team

Identity and authentication

User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access is managed through AWS IAM (Identity Acess Management) controls configurable by the customer.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
EY CertifyPoint
ISO/IEC 27001 accreditation date
12/03/2018
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
15/12/2017
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
N/A
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire Systems Inc
PCI DSS accreditation date
25/01/2018
What the PCI DSS doesn’t cover
N/A
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Plus
  • ISO 27017
  • ISO 27018
  • SOC 1/2/3

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus; ISO 27017; ISO 27018; SOC 1/2/3
Information security policies and processes
AWS implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment.

Employees maintain policies in a centralised and accessible location. AWS Security Assurance is responsible for familiarizing employees with the AWS security policies.

AWS has established information security functions that are aligned with defined structure, reporting lines, and responsibilities. Leadership involvement provides clear direction and visible support for security initiatives.

The output of AWS Leadership reviews include any decisions or actions related to:

• Improvement of the effectiveness of the ISMS.
• Update of the risk assessment and treatment plan.
• Modification of procedures and controls that affect information security to respond to internal or external events that may impact the ISMS.
• Resource needs.
• Improvement in how the effectiveness of controls is measured.

Policies are approved by AWS leadership at least annually or following a significant change to the AWS environment.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes to AWS services and features follow secure software development practices, including security risk reviews prior to launch. Developer access to production environments is via explicit access system requests, subject to owner review and authorisation.

Teams set bespoke change management standards per service, underpinned by standard AWS guidelines.

All production environment changes are reviewed, tested and approved. Stages include design, documentation, implementation (including rollback procedures), testing (non-production environment), peer to peer review (business impact/technical rigour/code), final approval by authorised party.

Emergency changes follow AWS incident response procedures. Exceptions to change management processes are documented and escalated to AWS management.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
AWS Security performs vulnerability scans on the host operating system, web applications, and databases in the AWS environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.

AWS Security monitors newsfeeds/vendor sites for patches and receives customer intelligence via http://aws.amazon.com/security/vulnerability-reporting/.

AWS customers are responsible for all scanning, penetration testing, file integrity monitoring and intrusion detection for their Amazon EC2 and Amazon ECS instances/ applications. Scans should include customer IP addresses (not AWS endpoints). AWS endpoint testing is part of AWS compliance vulnerability scans.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth-usage. Devices monitor:

• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts

Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set-thresholds.

Requests to AWS KMS are logged/ visible via the account’s AWS CloudTrail Amazon S3 bucket. Logs provide request information, under which CMK, and identify AWS resources protected through the CMK use. Log events are visible to the customer after turning on AWS CloudTrail in their account.
Incident management type
Supplier-defined controls
Incident management approach
AWS adopts a three-phased approach to manage incidents:

1. Activation and Notification Phase
2. Recovery Phase
3. Reconstitution Phase

To ensure the effectiveness of the AWS Incident Management plan, AWS conducts incident response testing, providing excellent coverage for the discovery of defects and failure modes as well as testing the systems for potential customer impact.

The Incident Response Test Plan is executed annually, in conjunction with the Incident Response plan. It includes multiple scenarios, potential vectors of attack, the inclusion of the systems integrator in reporting and coordination and varying reporting/detection avenues.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
By utilising Amazon Web Services infrastructure as a Service/Platform as a Service, the worldwide AWS regional data-centres follow Amazon's best practice for energy efficiency.

Pricing

Price
£0.01 to £0.01 a unit
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free trials available on request.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamie@srcloudsolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.