ESRI (UK) LIMITED

ArcGIS in the Cloud

ArcGIS is a geographic information system (GIS) that connects maps, apps, data and people enabling smarter, faster decisions. Everyone in your organisation may discover, use, make and share maps from any device, anywhere, anytime. Web and mobile GIS, high-performance desktop, server and spatial databases on your preferred cloud.

Features

  • Any part the ArcGIS Platform deployed on your own cloud
  • Powerful visualisation of large amounts of data
  • Spatial analytics to identify and quantify the impact of decisions
  • Full administration to control and manage people and content
  • Designed as a secure system with controlled access
  • Tools and APIs for developers
  • Free Esri UK Online basemaps and gazetteers
  • UK-based software support direct from Esri UK
  • Ready-to-use suite of apps for immediate productivity
  • Ready-to-use maps including a Living Atlas of the World

Benefits

  • Assurance: Stable investment with the world's largest GIS provider
  • Open: Open Standards and APIs for easy integration and customisation
  • Agile: Quickly meet your organisation’s increased demand for GI capability
  • Cost-effectiveness: Use and reuse existing cloud contracts to deploy GIS
  • Capability: Flexibility to deploy part or all of ArcGIS
  • Hybrid cloud: Add virtual CPUs to your on-premise applications
  • Faster application delivery: Implement your GIS applications faster
  • Short term peaks: Meet short term demand for GIS
  • LaunchKit: Maximise return on investment
  • LaunchKit: Understand best practice

Pricing

£42000 per unit per year

Service documents

G-Cloud 10

319514009686342

ESRI (UK) LIMITED

Clare Bean

01296 745500

info@esriuk.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints The service does not include the provision of customer data uploads by Esri UK (although this service can be bought through our complementary G-Cloud services)
Dependent on the service management options chosen, the service may or may not include any subsequent patching of the server once handed-over to the customer.
System requirements
  • A standard broadband internet connection
  • Modern web browser: Safari, Firefox, Chrome, Edge, Internet Explorer 9+
  • Amazon Workspaces client required for Desktop in the cloud

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Target response times:
P1 - 2 hours - System inoperable. No users can run application.
P2 - 2 hours - Critical component inoperable preventing “full production” use of system although other areas of system can be used.
P3 - 4 hours - Elements of system not providing the functionality as expected or intermittent failures in system processing. In all cases, system can be used for “full production”.
P4 - 8 hours - Problem does not impact use or productivity of system but is frustrating to use, or there is an error in the documentation.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Please see the Esri UK Standard Support Policy in the Terms and Conditions document
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Esri UK sales, contactable at sales@esriuk.com, will handle order processing, account creation and set-up, account management and billing functions for your ArcGIS Online Subscription. User instructions, Help and extensive tutorial videos are available online.
Service documentation Yes
Documentation formats
  • HTML
  • Other
Other documentation formats Videos
End-of-contract data extraction Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Enterprise. All uploaded data and generated data will be available for extraction.
End-of-contract process User-uploaded content can be downloaded by permitted users from their cloud GIS content repository at the end of any subscription period. The customer will take responsibility for ensuring that all customer GIS and other data stored on the hosting platform is removed.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None
Accessibility standards WCAG 2.0 A
Accessibility testing Unknown
API Yes
What users can and can't do using the API All features of the service are available via API
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Web Application Templates used to access the service can be configured with customer's individual logos, colour schemes etc. Some templates are fully configurable to allow complete control of what functions you wish to make available to users.

Scaling

Scaling
Independence of resources Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them.

Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level.

AWS continuously monitors service usage to project infrastructure needs to support availability commitments/requirements. AWS maintains a capacity planning model to assess infrastructure usage and demands at least monthly, and usually more frequently. In addition, the AWS capacity planning model supports the planning of future demands to acquire and implement additional resources based upon current resources and forecasted requirements.

Analytics

Analytics
Service usage metrics Yes
Metrics types ArcGIS Enterprise includes a complete dashboard of service use broken down by data, users, groups and other variables.
Reporting types
  • API access
  • Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach AWS adheres to independently validated privacy, data protection, security protections and control processes. (Listed under “certifications”).

AWS is responsible for the security of the cloud; customers are responsible for security in the cloud. AWS enables customers to control their content (where it will be stored, how it will be secured in transit or at rest, how access to their AWS environment will be managed).

Wherever appropriate, AWS offers customers options to add additional security layers to data at rest, via scalable and efficient encryption features. AWS offers flexible key management options and dedicated hardware-based cryptographic key storage.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Enterprise. All uploaded data and generated data will be available for extraction.
Data export formats
  • CSV
  • Other
Other data export formats
  • Shapefile
  • File Geodatabase
Data import formats
  • CSV
  • Other
Other data import formats
  • Shapefile
  • File Geodatabase

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% on the infrastructure supporting the application, none on the application.
Approach to resilience The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximizing the effectiveness of the recovery and reconstitution efforts and minimizing system outage time due to errors and omissions.

AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.

Individual application resilience will vary depending on service configuration.
Outage reporting Public dashboard; personalised dashboard with API and events; configurable alerting (email / SMS / messaging).

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Less than 10 staff, whose roles require it, have access to management interfaces and support channels. These are protected through username and password authentication.
Access restriction testing frequency Less than once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards The infrastructure supporting the service is accredited to ISO/IEC 27001. Our Governance standards comply to ISO/IEC 27001 and Cyber Essentials.
Information security policies and processes Esri UK implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our configuration and change management process is audited and accredited to ISO9001.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our infrastructure partner performs vulnerability scans on the host operating system, web applications, and databases in the environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our infrastructure partner deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:
• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts
Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set thresholds.
Incident management type Supplier-defined controls
Incident management approach Our infrastructure partner adopts a three-phased approach to manage incidents:
1. Activation and Notification Phase
2. Recovery Phase
3. Reconstitution Phase
To ensure the effectiveness of the their Incident Management plan, they conducts incident response testing, providing excellent coverage for the discovery of defects and failure modes as well as testing the systems for potential customer impact.
The Incident Response Test Plan is executed annually, in conjunction with the Incident Response plan. It includes multiple scenarios, potential vectors of attack, the inclusion of the systems integrator in reporting and coordination and varying reporting/detection avenues.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £42000 per unit per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑