Velocity Solutions

BitCloud

Our cloud service is for small, medium and large size enterprises.

We offer a complete cloud solution including cloud software development, API integration, server development client side development, deployment, maintenance, infrastructure upgrade etc.

We have successfully delivered services on Amazon AWS, Microsoft Azure, 1&1 Cloud hosting, Google Cloud, IBM Cloud.

Features

  • React java script C++ C# Node.js Java
  • Linux, Cloud Servers, XenServer,
  • Remote access
  • Oracle
  • My SQL
  • SQL Server
  • Cloud Infrastructure
  • Server Deployment
  • Technical Architect
  • Full Stack Development

Benefits

  • Help complete the software infrastructure
  • Saving time and cost
  • Offering range of specialists with upto 15 years in industry
  • Proven track record of successful delivery gives peace of mind
  • Offering resources for both client and server side
  • safeguarding from external hacks
  • Securing customer data
  • GDPR compliant
  • Customized Analytics
  • Offering support anywhere in UK and Europe

Pricing

£120 to £220 per person per hour

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

2 2 9 2 3 1 3 1 3 4 7 5 5 9 6

Contact

Velocity Solutions

Sheikh Khalil

02036207124

info@velocitysolutions.co.uk

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Amazon AWS
Microsoft Azure
Google Cloud
IBM Cloud-software
1&1 Cloud
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
None
System requirements
  • Buyers to provide all software licences
  • Buyer to agree covering security cost e.g. anti virus
  • Buyers to cover secure hosting cost, e.g https
  • Buyers to cover digital certificate cost

User support

Email or online ticketing support
Email or online ticketing
Support response times
Mon-Fri within few hours of raising ticket.
1-2 days on weekends and Bank Holidays.
Special oncall service is offered for weekends and bank holidays where response time is within 1 hour . SLA would need to be agreed prior to contract.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Yes, at an extra cost
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
Zendesk
Onsite support
Yes, at extra cost
Support levels
First attempt is to resolve issue after raising the ticket on the phone or via email.

If not possible then remote access of the server is taken to resolve the issue.

Final state is to offer onsite engineer visit to resolve issue
Support available to third parties
Yes

Onboarding and offboarding

Getting started
- Online training via skype video call and screen share
- In person training
- User guide
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
-Full back up copy image of data is provided to user on cloud hosted server.
-User data is purged from Velocity Solns. Ltd. servers one completion of contract
End-of-contract process
All services including technical requirement understanding, design, architecture , development, deployment, and support after 1 month of deployment in production in included in cost.

Separate contract for long term support and new requirements.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
For desktop service sometimes users may need to install a thin client which will be downloaded (only few hundred kb of exe file) and connect using that client.

For mobile mostly services working on mobile browsers since all the websites delivered are made to be responsive however for some special cases users may need to install relevant Android or IOS app.
Service interface
Yes
Description of service interface
Web interface that allows user to input what technologies they would like to user for software system.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Function testing,
Regression testing,
Stress testing
API
Yes
What users can and can't do using the API
By integrating our api in their system , these API are part of third part services delivered by AWS, Azure and Google.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Server configurations
Hardware capacity
Users

Scaling

Independence of resources
We have historically implemented Google's memcache and Raids server technologies to ensure availability of delivered systems.

Load Balancing techniques have also been successfully used to deliver a scalable and reliable systems

UAT (User acceptance system) is used to ensure client's feedback is good before we move forward to Production servers.

Analytics

Service usage metrics
Yes
Metrics types
User based information is provided.
History of service usage along with session times is provided
Analytics reports are provided based on user usage of sytem
Customized reports are also developed as per client's needs.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Amazon AWS, Google Cloud, Microsoft Azure, 1&1 Cloud

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Other
Other data at rest protection approach
Protected by Third party Amazon Cloud or Google Cloud
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Excel
or database copy of Mysql, Sql Server or Oracle
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.99% server uptime

1 hour response time on high priority critical issues.

JIRA ticket based support system backed up with telephone support.
Approach to resilience
This information is confidential and only available on special in writing request.
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
IP based access only.
VPN access only
user based access only
2-factor authentication enforcement
Complex password
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
Provided by Third Party
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
Provided by Third Party
PCI certification
Yes
Who accredited the PCI DSS certification
Provided by Third Party
PCI DSS accreditation date
Provided by Third Party
What the PCI DSS doesn’t cover
Provided by Third Party
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
-Critical data that is not access on live servers is place to cold storage offline servers.
- Password change policy
-only 2 factor authentication access for admin
- Multi signature admin authentication access.
- Complex password.

Note : detailed document cannot be shared due to security reasons.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Managed by Amazon AWS and or Google Cloud.
Also customisation system configuration and change is provided after details in depth analysis is done of new changes as communicated by clients.
Vulnerability management type
Undisclosed
Vulnerability management approach
Cloud security is used by Cloudflare
DDOS attack presentation
hardware firewall
software firewall
application port access restriction
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Email alterts
frequent validation checks
cronjobs
response with of within an hour
Incident management type
Supplier-defined controls
Incident management approach
Pre-defined action plan is defined for major escalations
user report incident via tickets
reports provided in form of a document as well as logging actual fix of issue in JIRA.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Yes
Connected networks
NHS Network (N3)

Pricing

Price
£120 to £220 per person per hour
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A trial cloud server access.
A trial software application confirming code quality and delivery of work.

Service documents

Return to top ↑