Droplet Computing enables IT Departments to take existing applications and place them into an environment that is decoupled from the native OS, making the applications portable. Applications no longer have a dependency on the underlying OS, and can then be delivered to ANY DEVICE via a browser online or offline.
- Decouple applications from underlying hardware and operating system.
- Securely deliver legacy applications onto newer hardware and OS.
- Access applications on any device or chipset via the browser.
- Work both online or offline on any device.
- Safe sandbox environment making apps invisible to the underlying OS
- Applications are delivered in their native format on any device.
- Remove your applications dependency around the Operating System.
- Remove the dependency on the chipset (x86 and ARM)
- Remove the dependency around being Internet connected
- One users license can be installed on upto 3 devices
- Run legacy or bespoke applications on any device or chipset.
- Remove the vulnerability of running applications on an unsupported OS
- Choice of devices Windows, Android, Chrome or MacOs.
- Same look and feel to applications whatever device.
- Remove the high costs associated with running legacy applications.
- Provide users with offline or online access to their applications
- Droplet containers run on a simple web server plus storage.
- Run both Windows and Linux applications on the same device.
- Applications sync when a user reconnects to the internet.
- Real time statistics on what applications are used.
£3.97 to £6.18 per user per month
- Education pricing available
01506 460 300
|Software add-on or extension||No|
|Cloud deployment model||Hybrid cloud|
|Service constraints||End point device needs to have the capacity to run applications installed.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Severity 1 (Critical Service Incident) - Within 15 mins
Severity 2 (Critical Service Incident) - Within 1 hour
Severity 3 (Non-Critical Service Incident) - Within 4hours
Severity 4 (Minor Support Request) - Within 8 hours
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Our support teams are available Monday to Friday, 9am-5pm, with 24/7 availability to log incidents.
Effective Account Management plays a central and fundamental part in the successful delivery of services to Capito’s customers. Capito has a unique account management structure that consists of:
• Business Development Manager
• Account Manager
• Internal Account Manager
• Sales Support
• Bid Management
• Service Deliver Manager
The Capito structure allows for good management, with no single point of failure and frequent customer contact
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Capito will provide users with onsite training as part of our service deliverables.|
|End-of-contract data extraction||Data resides on the customers endpoint devices at all times|
|End-of-contract process||Costs included cover your end user licensing and support costs for the term of the contract.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||No difference applications are delivered natively as normally accessed via a desktop.|
|Accessibility standards||None or don’t know|
|Description of accessibility||Cloud service available through browser and customers can be provided with front end interface|
|What users can and can't do using the API||Can be used by IT Admins to automate delivery and configuration of containers|
|API sandbox or test environment||No|
|Independence of resources||
Capito provision the Droplet Computing Service at the network edge from our highly available data centre infrastructure.
Each Data Centre is fully powered, secure, resilient and newly equipped to handle the demands of future computing trends such as high density computing, virtualisation, energy conservation, distributed storage and multi site disaster recovery. Offering a total of 7,000 m² of advanced Data Centre technology in 8 major UK cities, we are not hindered by lack of space, legacy operating systems or practices.
|Service usage metrics||Yes|
|Metrics types||Capito will provide regular monthly billing based on the number of users who have consumed the service|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Droplet Computing|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||N/A data resides on endpoint devices at all times|
|Data export formats||Other|
|Other data export formats||N/A|
|Data import formats||Other|
|Other data import formats||N/A|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Capito will ensure 100% uptime for Cloud Hosting Platform services as monitored by Capito systems, in line with industry best practice.
Only a Cloud Hosting Platform activated by a Customer at the time of a failure will be covered by this SLA.
Should a Cloud Hosting Platform fall below the 100% uptime, Capito will work with the Customer and use all commercially reasonable endeavours to recover the Cloud Hosting Platform and any associated data.
|Approach to resilience||
Regular testing and maintenance of infrastructure and the N+1 policy applied to data centres provides the basis of continuity controls.
This is enhanced by the provision of multiple communication routes and the replication of the network infrastructure across Data Centres.
The Data Centres are also located outside flight paths, flood plains, have no seismic threat, and are a minimum of 3km outside sites who could pose a potential accident or hazardous threat (as governed by HSE). Therefore, in the event of any given location being lost, the primary impact would be on office facilities, but with 6 UK Offices and 10 UK Data Centres providing hosting services and support, this impact is limited and mitigated with standing arrangements to relocate staff to the nearest site.
|Outage reporting||Email Alerts & SMS|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Access to all service interfaces (for consumers and providers) is constrained to authenticated and authorised individuals.
Remote management access is authenticated and directly associated to authorised individuals rather than group accounts.
All managed systems monitored and access logged and tracked for auditing purposes
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI|
|ISO/IEC 27001 accreditation date||20/04/2016|
|What the ISO/IEC 27001 doesn’t cover||**|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Capito's adheres to the Security Classification Definitions as described in the Government Security Classifications Policy (GSCP). This is outlined and defined in the Quality Manual and forms part of Capito's overall integrated management system, which consists of UKAS / APMG / NCSC accredited systems. Notably; ISO 27001:2013 Information Security Management; ISO 20000-1:2011 IT Service Management; ISO 9001:2015 Quality Management; ISO 14001:2015 Environmental Management. All are regularly audited for compliance by an accredited certifying body. These standards require Capito to have robust controls in place to manage data, documents and records. Displaying evidence that Capito has appropriate and measured controls in place to manage OFFICIAL information that if lost, stolen or published in the media could have more damaging consequences (for individuals, an organisation or government generally).
All data centres have been independently assessed on a number of occasions by local authorities and UK Government Departments, Senior Information Risk Owner’s (SIRO) as suitable for holding and processing their sensitive information to OFFICIAL level.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Our change management processes are in line with ISO27001 control A.12.2 Controlled mechanism for making changes to the operational environment are in place.|
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||
Capito vulnerability management process is aligned with ISO27001:2013 control A12.6.1 which addresses 3 key areas:
• Timely identification of vulnerabilities
• Assessment of or exposure to a vulnerability
• Defined measures to address the risk
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||
Capito Protective Monitoring process is aligned with ISO27001:2013 control A.12.4 which details:
• Event Logging
• Protection of log information
• Admin & operator logs
• Clock synchronisation
• Incident Management
|Incident management type||Undisclosed|
|Incident management approach||
Capito incident management process is aligned with ISO27001:2013 control A.16.1 which details:
• The full incident management procedure
• Responsibilities & procedures
• Assessment of and decision on security events
• Response process
• Evidence collection
• Learning from incidents
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£3.97 to £6.18 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
* Full Droplet container license
* Unlimited applications can be installed and tested
* Optional virtual or physical Web Server
* Normally 30 days period
|Link to free trial||https://www.capito.co.uk/free-trials/free-trials/droplet-computing|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|