Velocity Solutions


Our cloud service is for small, medium and large size enterprises.

We offer a complete cloud solution including cloud software development, API integration, server development client side development, deployment, maintenance, infrastructure upgrade etc.

We have successfully delivered services on Amazon AWS, Microsoft Azure, 1&1 Cloud hosting, Google Cloud, IBM Cloud.


  • React java script C++ C# Node.js Java
  • Linux, Cloud Servers, XenServer,
  • Remote access
  • Oracle
  • My SQL
  • SQL Server
  • Cloud Infrastructure
  • Server Deployment
  • Technical Architect
  • Full Stack Development


  • Help complete the software infrastructure
  • Saving time and cost
  • Offering range of specialists with upto 15 years in industry
  • Proven track record of successful delivery gives peace of mind
  • Offering resources for both client and server side
  • safeguarding from external hacks
  • Securing customer data
  • GDPR compliant
  • Customized Analytics
  • Offering support anywhere in UK and Europe


£120 to £220 per person per hour

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11


Velocity Solutions

Sheikh Khalil


Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Amazon AWS
Microsoft Azure
Google Cloud
IBM Cloud-software
1&1 Cloud
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints None
System requirements
  • Buyers to provide all software licences
  • Buyer to agree covering security cost e.g. anti virus
  • Buyers to cover secure hosting cost, e.g https
  • Buyers to cover digital certificate cost

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Mon-Fri within few hours of raising ticket.
1-2 days on weekends and Bank Holidays.
Special oncall service is offered for weekends and bank holidays where response time is within 1 hour . SLA would need to be agreed prior to contract.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Yes, at an extra cost
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.1 A
Web chat accessibility testing Zendesk
Onsite support Yes, at extra cost
Support levels First attempt is to resolve issue after raising the ticket on the phone or via email.

If not possible then remote access of the server is taken to resolve the issue.

Final state is to offer onsite engineer visit to resolve issue
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started - Online training via skype video call and screen share
- In person training
- User guide
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction -Full back up copy image of data is provided to user on cloud hosted server.
-User data is purged from Velocity Solns. Ltd. servers one completion of contract
End-of-contract process All services including technical requirement understanding, design, architecture , development, deployment, and support after 1 month of deployment in production in included in cost.

Separate contract for long term support and new requirements.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service For desktop service sometimes users may need to install a thin client which will be downloaded (only few hundred kb of exe file) and connect using that client.

For mobile mostly services working on mobile browsers since all the websites delivered are made to be responsive however for some special cases users may need to install relevant Android or IOS app.
Service interface Yes
Description of service interface Web interface that allows user to input what technologies they would like to user for software system.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing Function testing,
Regression testing,
Stress testing
What users can and can't do using the API By integrating our api in their system , these API are part of third part services delivered by AWS, Azure and Google.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Server configurations
Hardware capacity


Independence of resources We have historically implemented Google's memcache and Raids server technologies to ensure availability of delivered systems.

Load Balancing techniques have also been successfully used to deliver a scalable and reliable systems

UAT (User acceptance system) is used to ensure client's feedback is good before we move forward to Production servers.


Service usage metrics Yes
Metrics types User based information is provided.
History of service usage along with session times is provided
Analytics reports are provided based on user usage of sytem
Customized reports are also developed as per client's needs.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Amazon AWS, Google Cloud, Microsoft Azure, 1&1 Cloud

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Protected by Third party Amazon Cloud or Google Cloud
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Excel
or database copy of Mysql, Sql Server or Oracle
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.99% server uptime

1 hour response time on high priority critical issues.

JIRA ticket based support system backed up with telephone support.
Approach to resilience This information is confidential and only available on special in writing request.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels IP based access only.
VPN access only
user based access only
2-factor authentication enforcement
Complex password
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date Provided by Third Party
CSA STAR certification level Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover Provided by Third Party
PCI certification Yes
Who accredited the PCI DSS certification Provided by Third Party
PCI DSS accreditation date Provided by Third Party
What the PCI DSS doesn’t cover Provided by Third Party
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes -Critical data that is not access on live servers is place to cold storage offline servers.
- Password change policy
-only 2 factor authentication access for admin
- Multi signature admin authentication access.
- Complex password.

Note : detailed document cannot be shared due to security reasons.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Managed by Amazon AWS and or Google Cloud.
Also customisation system configuration and change is provided after details in depth analysis is done of new changes as communicated by clients.
Vulnerability management type Undisclosed
Vulnerability management approach Cloud security is used by Cloudflare
DDOS attack presentation
hardware firewall
software firewall
application port access restriction
Protective monitoring type Supplier-defined controls
Protective monitoring approach Email alterts
frequent validation checks
response with of within an hour
Incident management type Supplier-defined controls
Incident management approach Pre-defined action plan is defined for major escalations
user report incident via tickets
reports provided in form of a document as well as logging actual fix of issue in JIRA.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks NHS Network (N3)


Price £120 to £220 per person per hour
Discount for educational organisations Yes
Free trial available Yes
Description of free trial A trial cloud server access.
A trial software application confirming code quality and delivery of work.

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑