ESRI (UK) LIMITED

Ordnance Survey Map Services

Ordnance Survey maps for your Geographic Information System (GIS), or via an Application Programming Interface (API) in other applications. Use free Ordnance Survey OpenData™ products, or a chargeable premium data service. Delivered as Data as a Service (Daas) to Public Service Mapping Agreement (PSMA) customers.

Features

  • Ready to use across the ArcGIS Platform
  • Ready to use mapping
  • Automatically updated services, including MasterMap
  • Free and premium services
  • GB services in British National Grid
  • Integrate with external data and ArcGIS Online
  • Scalable mapping services over Geoservices REST API and OGC WMTS
  • Public Sector Mapping Agreement (PSMA) bundled data and services
  • Basemapping can be added to ArcGIS Online organisation account

Benefits

  • Cost-effective: GIS data without expanding on-premise infrastructure
  • Scalability: Meet short term demand for mapping and addressing data
  • Resilience: Leverage the cloud for resilience
  • Cost: Remove the cost of having to update your data
  • Flexibility: Choose from a wide range of products and services
  • Agile: Instantly get your data and mapping
  • Knowledge: Find where your assets and information are
  • Experience: Benefit from Esri UK’s cartographic knowledge
  • Localisation: British look and feel to your application
  • Cost: Use the free services to reduce project cost

Pricing

£819 per licence per year

  • Education pricing available

Service documents

G-Cloud 10

253076399636310

ESRI (UK) LIMITED

Clare Bean

01296 745500

info@esriuk.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Ordnance Survey Map Services can be used in conjunction with many other software services such as "ArcGIS in the Cloud" and "ArcGIS Online"
Cloud deployment model Public cloud
Service constraints Please see the Terms and Conditions document
System requirements
  • A standard broadband internet connection
  • Modern web browser: Safari, Firefox, Chrome, Edge, Internet Explorer 9+
  • Minimum term 12 months (60 day trial also available)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Target response times:
P1 - 2 hours - System inoperable. No users can run application.
P2 - 2 hours - Critical component inoperable preventing “full production” use of system although other areas of system can be used.
P3 - 4 hours - Elements of system not providing the functionality as expected or intermittent failures in system processing. In all cases, system can be used for “full production”.
P4 - 8 hours - Problem does not impact use or productivity of system but is frustrating to use, or there is an error in the documentation.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Please see the Esri UK Standard Support Policy in the Terms and Conditions document
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Esri UK sales, contactable at sales@esriuk.com, will handle order processing, account creation and set-up, account management and billing functions for your ArcGIS Online Subscription. User instructions, Help and extensive tutorial videos are available online.
Service documentation Yes
Documentation formats
  • HTML
  • Other
Other documentation formats Videos
End-of-contract data extraction Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Online. All uploaded data and generated data will be available for extraction.
End-of-contract process All user content (data and maps) can be downloaded by permitted users from their user-specific content repository. Maps and layers created by users and uploaded to ArcGIS Online may be made “private” or deleted. Administrators may remove the accounts of users who are registered as members of their organisation. At least one Administrator account must be maintained whilst a subscription is active. Further information on administering an organisation is published online.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None
Accessibility standards WCAG 2.0 A
Accessibility testing Unknown
API Yes
What users can and can't do using the API All features of the service are available via API
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Web Application Templates used to access the service can be configured with customer's individual logos, colour schemes etc. Some templates are fully configurable to allow complete control of what functions you wish to make available to users.

Scaling

Scaling
Independence of resources ArcGIS Online is designed from the ground up to be a completely scalable and elastic multi-tenancy service. It currently has over 1 million users and serves 1 billion maps per day. It utilizes the capacity of two major cloud infrastructure providers to meet customer demands. Each cloud provider offers SLAs for their infrastructure - Esri provides an SLA for ArcGIS Online.

Analytics

Analytics
Service usage metrics Yes
Metrics types Current and historical health information of ArcGIS Online is available at http://status.arcgis.com/. In addition, detailed information is available on the subscriber’s ArcGIS Online account in the activity dashboard. This includes information on user activity, popular and unpopular content, and geographical extents of items.
Reporting types
  • API access
  • Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Online. All uploaded data and generated data will be available for extraction.
Data export formats
  • CSV
  • Other
Other data export formats
  • Shapefile
  • File Geodatabase
Data import formats
  • CSV
  • Other
Other data import formats
  • Shapefile
  • File Geodatabase

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Esri uses commercially reasonable efforts to make the data, services and software hosted by Esri ArcGIS Online available with a quarterly uptime percentage of 99.9% as further detailed in Esri’s ArcGIS Online Service Level Agreement (SLA).
Approach to resilience ArcGIS Online has a full Continunity Plan designed in alignment with FISMA securiy control requirements. ArcGIS Online cloud Infrastructure providers ensure their business continuity plans align with ISO 27001 standards.
Outage reporting General site information for ArcGIS Online is available via the Status page of the Trust.ArcGIS.com website. Informaiton about customer specific incidents can be viewed via the MyEsri Support portal.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Access to information systems audit tools are restricted to authorized personnel within ArcGIS Online. Access to information system diagnostic and configuration ports is restricted to authorized personnel within ArcGIS Online.
Access restriction testing frequency At least every 6 months
Management access authentication Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • FISMA Low
  • FedRAMP
  • SSAE16 SOC1 Type 2

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • Other
Other security governance standards ArcGIS Online has been granted FISMA (Federal Agency Production System Security Accreditation) Low Authority to Operate. FISMA Low controls align with NIST Special Publication 800-53 which maps to ISO controls. 
ArcGIS Online uses cloud infrastructure providers compliant with ISO 27001, FedRAMP and SSAE16 SOC1 Type 2.
Information security policies and processes As part of the overall FISMA accreditation, baseline security requirements are constantly being reviewed, improved and implemented as part of a Continuous Monitoring Program.
ArcGIS Online's ISMP is based upon NIST standards as part of FISMA accreditation. A mapping of FISMA security controls to ISO 27001 controls is available in NIST Special Publication 800-53 , Appendix H. Cloud infrastructure providers implement ISO 27001 certified ISMP's.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Esri maintains separate non-production systems for testing and validating new development and systems infrastructure capabilities as outlined in the internal ArcGIS Online Configuration Management Plan, aligning with FISMA Low requirements.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Cloud infrastructure providers virtualization technologies are regularly evaluated internally and by independent assessments. A number of key security parameters are monitored to identify potentially malicious activity on the systems which includes the use anti-malware software on systems accepting customer datasets/information. Cloud infrastructure provider anti-virus controls align with ISO 27001 requirements. ArcGIS Online releases which include patches and bug fixes are performed quarterly. If security vulnerabilities are found or reported, they are assessed by security staff. Any vulnerabilities that have an assessed risk of high or critical are patched immediately outside of normal patching routines.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Cloud infrastructure providers virtualization technologies are regularly evaluated internally and by independent assessments. A number of key security parameters are monitored to identify potentially malicious activity on the systems which includes the use anti-malware software on systems accepting customer datasets/information. Cloud infrastructure provider anti-virus controls align with ISO 27001 requirements. ArcGIS Online releases which include patches and bug fixes are performed quarterly. If security vulnerabilities are found or reported, they are assessed by security staff. Any vulnerabilities that have an assessed risk of high or critical are patched immediately outside of normal patching routines.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident management is delineated within ArcGIS Online's Incident Response Plan documentation aligning with FISMA requirements.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £819 per licence per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑