i3 Digital

i3 Digital G-Cloud AWS Service Provision

Authorised resale to UK government Clients of AWS services by a UK owned and operated provider. Full ITIL-compliant service management for production and other work loads to service levels with a service credit regime.

Features

  • EC2 compute services Elastic Load Balancer Simple Email Service (SES)
  • Virtual Private Compute
  • EBS and S3 storage
  • Simple Notification Service (SNS)
  • Simple Queue Service (SQS),Route 53
  • CloudFormation, CloudWatch and DirectConnect
  • Deployment Services available
  • Service Management available
  • ISO9000, ISO2000 (ITIL) and ISO27001 compliant provider

Benefits

  • Extended notice of service withdrawal terms
  • Ability to add SLA with financial recompense

Pricing

£2000 per virtual machine per year

Service documents

G-Cloud 9

290455786748201

i3 Digital

i3 Digital Limited

0203 874 3576

diarmuid@i3digital.com

Service scope

Service scope
Service constraints No constraints beyond AWS advertised services and configuration
System requirements
  • Windows Server License
  • GFI Max antivirus and monitoring
  • CMS Software License (Kentico/Episerver/Sitecore)

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Dependent upon priority / severity. Urgent: within 1 hr Low Priority: within 1 working day
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels The support packages available from i3 Digital Ltd are as follows:
• Business Class Support monthly availability of 1 hour of time within Normal Working Hours
• 24 Hour Support
monthly availability of 2.5 hours of time
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started All new clients will be issued with a service level agreement detailing how they can connect with our support services.
Service documentation No
End-of-contract data extraction I3 Digital ensures that all client data can be exported at the end of contract.
End-of-contract process The contract price includes all agreed services and support. Additional support and service upgrades are available on request at additional cost.

Using the service

Using the service
Web browser interface No
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources Each service is hosted on it's own AWS instance to prevent demands from other uses impacting on the service.
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics No

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Amazon Web Services

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Never
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • System Files
  • Database Files
  • Virtual System Images
Backup controls The backup selection list will be agreed with the i3 Digital server support team at the beginning of the contract.
Datacentre setup Single datacentre
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability The target uptime for primary services is 99.9% each month (corresponding to no more than a downtime of 45 minutes in a calendar month).This uptime refers to the availability of all network connectivity, hardware devices and firewall systems that i3 Digital Ltd manages for the Customer. Periods for which Services are not available because of scheduled outages or outages, which can reasonably be determined as resulting from the Customers action is not included in a determination of downtime and i3 Digital Ltd shall have no liability therefore.
Approach to resilience This information is available on request.
Outage reporting Outages are reported directly to affected clients via e-mail and telephone. This is carried out by i3 Digital staff within one hour of any outage. Any outages are also communicated publicly via i3 Digital's social media channels.

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Management interfaces can be restricted to public IP addresses provided by the client.
Access restriction testing frequency At least once a year
Management access authentication Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SGS (UK) Limited
ISO/IEC 27001 accreditation date 10/07/2008
What the ISO/IEC 27001 doesn’t cover Our ISO 27001 Certification covers all aspects of the business.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ISO 27001

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Before completing any change to the setup, a change request must be completed and approved by the i3 Digital server management team and an appointed client contact. The RFC document must include and appropriate test process with requested outcomes along with relevant information for roll back in the event of a change failing to complete.
Vulnerability management type Undisclosed
Vulnerability management approach Patches are applied each month following successful testing on our development systems.
Protective monitoring type Undisclosed
Protective monitoring approach Service level alerts are automatically fed back to our management team. Alerts are processed immediately and appropriate action taken where necessary. In the event of a Services failure during Business Hours the Customer shall be notified within an estimated 15 minutes of the incident being identified. After 30 minutes, we shall use reasonable commercial effort to notify the Customer of progress at regular intervals until resolution. Any incident that has adversely impacted on our operations, we shall provide a report to the Customer outlining the results of an investigation of the cause and measures introduced to prevent reoccurrence.
Incident management type Supplier-defined controls
Incident management approach Service level alerts are automatically fed back to our management team. Alerts are processed immediately and appropriate action taken where necessary. In the event of a Services failure during Business Hours the Customer shall be notified within an estimated 15 minutes of the incident being identified. After 30 minutes, we shall use reasonable commercial effort to notify the Customer of progress at regular intervals until resolution. Any incident that has adversely impacted on our operations, we shall provide a report to the Customer outlining the results of an investigation of the cause and measures introduced to prevent reoccurrence.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider AWS
How shared infrastructure is kept separate Virtual servers are isolated via network VLANs.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £2000 per virtual machine per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑