Primo Milestone

Primavera EPPM Cloud Hosting Service

We provide Cloud Hosting facilities for Enterprise Project and Portfolio Management (EPPM) and Enterprise Cost and Contract Management (ECCM) software for organisations where the main supplier does not have a cloud solution or where the supplier offering is inappropriate.

Features

  • Secure private hosting
  • Primavera hosting managed by Primavera consultants
  • Bespoke managed secure hosting
  • Remote access

Benefits

  • Privately managed Primavera hosting
  • Support from Primavera consultants
  • Highly resilient and robust
  • Quickly access from anywhere

Pricing

£40 to £100 per user per month

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

3 8 1 6 9 0 4 1 5 0 5 8 1 1 0

Contact

Primo Milestone

Mario Sanvitale

02083265762

mario.sanvitale@milestoneuk.com

Service scope

Service constraints
Maintenance windows tailored to customer expectations.

Support is 8am to 5:30pm UK weekdays excluding bank holidays
System requirements
  • Primavera licences
  • Citrix Receiver (in some configurations)
  • Firewall for Secure VPN (in some configurations)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times – 2 hours for Monday- Friday , 8am to 6pm.

We can offer temporary out of hours support including weekends, but this is additional cost.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
In general we do not offer varying levels of support (e.g. Gold ,Silver Bronze). Instead we tailor an SLA to the customers specific requirements and cost accordingly.

We do assign a technical account manager to each customer.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide on-line training and user documentation. We can provide further training if required, both on-line and on-site
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
At end of contract data can be downloaded directly by the customer. Alternatively this can be delivered by external media (eg external hard drives) if appropriate
End-of-contract process
At any time a during the contract, customer can export their project data locally. We will also allow a free-of-charge grace period of 10 working days at end of contract for customers to complete this work.

If customers want us to provide them with their data in a different format, for example, a copy of their SQL or Oracle database we will not make a charge for that.

We would need to charge on a time and material basis for any other type of work.

Using the service

Web browser interface
Yes
Using the web interface
P6 Users with Admin privileges can:
Configuration control of coding structures,
Resource/role pools
Calendars
Enterprise Project Structure (EPS)/
Organizational Breakdown Structure (OBS)
Security Profiles
Settings that are standards and global in nature

Managing P6 Users, Security, and Licensing

Non-admin users can use the full functionality of the software.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The web interface is accessible via all main web browsers - we recommend Firefox.

Users need to first authenticate with a username and password. All program features are accessible via the web interface, but admin features are restricted to users with the Admin privileges.
Web interface accessibility testing
Please see this link:

http://www.oracle.com/us/corporate/accessibility/templates/t1755-1672346.html
API
Yes
What users can and can't do using the API
The product supports Web Services for integration to other applications. Integrations have been developed for SAP, OracleERP, and many other products.
API automation tools
Other
Other API automation tools
Web Services
API documentation
Yes
API documentation formats
PDF
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
Each customer has its own dedicated virtual servers. We avoid using contended CPU and RAM.

We use Vmware to automatically migrate servers off busy hosts to less busy ones.

Automated alerting for server health warns us of any developing capacity constraints.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Epic Network Support Limited (Holding Company for PML)

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • The Oracle or SQL database containing all projects
  • All servers (DB, application) are virtual and are imaged daily
  • Bespoke backup configurations are available.
Backup controls
All servers are virtual so the servers are backed up in their entirety. This is done 7 nights a week as standard.

More frequent backups can be tailored to customer requirements.

In addition to the server imaging, a customer could add a second backup system that they could manage themselves.
Datacentre setup
Single datacentre with multiple copies
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We tailor every SLA to the customers specific requirements.
Approach to resilience
All servers are virtual and can be moved from a failing host server to a healthy host without noticeable interruption to service. In like manner backed up images can be restored to any of several host servers.

Other details available upon request.
Outage reporting
A dashboard that is continually monitored by ourselves.
email alerts.

Identity and authentication

User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access is only possible through a secure VPN to our offices. Authentication is then required using username and password.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Dedicated device on a segregated network (providers own provision)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Our Parent Company, Epic Network Support Ltd is an Internet Security Consultancy and management frequently review our security.
Information security policies and processes
Come back

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Configuration and Change Management in Summary:

1) All proposed changes are evaluated for their benefits and risks, and all impacts are considered.

2) Changes are prioritised in favour of those that produce the greatest benefit based on the customer business need.

3) All changes are thoroughly tested and each deployment includes a back-out plan to restore the state of the environment in the event that the deployment fails.

4) The configuration management system is updated to reflect the effect of any changes.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our environment is built using industry standard software from leading vendors.
The Primavera application, web server, and database are from Oracle
Operating systems are Oracle and Microsoft
These are hosted on Hewlett-Packard hardware and VMWare hypervisor.

We are regularly informed of vulnerabilities by these vendors. Serious vulnerabilities are disclosed to customers view a view to scheduling in appropriate patches or configuration changes. Less serious vulnerabilities are scheduled on a quarterly basis.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use a suite of advanced monitoring agent software to perform a myriad of software and hardware health checks. External checks (intrusion detection) are performed quarterly.
Response:

Assess the situation.
Communicate to any affected customer
Contain any damage and minimize further risk
Identify the type and severity of the compromise
Protect evidence
Recover systems
Prepare incident documentation
Assess any damage and cost
Review our response and update policies

Response times: We tailor SLAs for each customer. For any serious compromise we would begin assessment immediately and reassign additional resources need to investigate and contain the incident as soon as possible.
Incident management type
Supplier-defined controls
Incident management approach
The primary goal of the incident management process is to restore normal service operation asap and to minimize the impact on customer's business operations, thus ensuring that the best possible levels of service quality and availability are maintained.
Incidents that cannot be resolved quickly by the help desk will be assigned to specialist technical support. A resolution or work-around should be established as soon as possible in order to restore the service.
We have standard procedures for recovering, entire servers, customer databases, individual projects within a database and other individual files.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
Each customer has their own dedicated servers including database servers.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
We strive to reduce energy consumption across every aspect of our business, through a careful program of planning, monitoring and optimisation. This year, we continued to roll out energy-efficient improvements across our network sites, installing new lighting and air-conditioning controls, retiring inefficient cooling systems, developing improved fault detection and investing in solar PV and combined energy storage. We also expanded our support for a more renewable-powered future – investing in a major new solar farm in development in central Queensland.

Progress 2017

• Reduced our emissions intensity by 68 per cent from our FY14 baseline year and exceeded our target of 55 per cent.
• This year we invested $5 million in energy reduction projects that delivered a collective saving 17,345 t CO2e and more than 18,000 MWh of electricity.
• We continue to investigate opportunities to use renewable energy, as well as fuel cells and batteries for energy storage across our network.

Pricing

Price
£40 to £100 per user per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
We can provide access to trial versions of the Oracle Primavera Solution in our datacentre to ensure that customers have all the facilities they require.

Service documents

Return to top ↑