Digital Space Cloud Services Limited

Digital Space AWS Management Portal

The Arcus AWS management portal provides a centralised view of your AWS accounts. It lets you quickly see account spend, set email alerts and report on usage. It enables you to buy AWS services in GBP using invoices, rather than a credit card.

Features

• Automated spend threshold notifications via email
• Visibility and transparency over all AWS spend
• Consolidated invoices
• Pre-pay for services
• Suitable for non-technical users
• Set budgets for each account
• Easily export to Excel

Benefits

• Notifications can help you to avoid over-spending
• Track spend across multiple accounts
• Avoid credit card usage & simplify payment
• Simplify management of grant and project funding
• Simple, graphical reporting and alerting
• Decentralise budgetary responsibility but maintain an overview
• Enable further analysis

£0 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@digitalspace.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

393882231961997

Contact

Akhil Sachdev
0333 220 0222
gcloud@digitalspace.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: The Arcus AWS portal is valuable for anyone using, or looking to use, AWS services. It allows you to centralise your AWS billing for all AWS services and provides oversight for your chosen users on all or part of your AWS spend.
• Cloud deployment model: Public cloud
• Service constraints: The Arcus AWS Management portal is provided as a value add service for our AWS resale capabilities.; ; The portal is designed to provide a simple, clean management interface to users who need to see where AWS services and costs are being accrued.; ; The portal is designed to be as resilient as possible and uses highly available AWS services.; ; There is no set schedule for feature roll out, and we are always keen to hear our customers thoughts on what might be useful to them - and incorporate them in our roadmap.
• System requirements:
  • Arcus software, accessed via computer with an internet connection
  • Transfer account resale to Arcus to take advantage of service
  • Supported by range of internet browser access/capability on device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Initial response is based on the priority of the request:; Critical: 10 minutes; High: 30 minutes; Medium: 30 minutes; Low: 1 day; Working hours in each case.; Further details on response and resolution times are provided in the Service Definition for our Arcus AWS Managed Support Service
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Support is available between 09:00-17:00 on UK business days via telephone and email but, as this is a free service, we do not provide an SLA.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Arcus has a simple process to onboard AWS accounts into your organisation (becoming your reseller is a mandatory step). You can then use our management portal free of charge. The cost and billing data is automatically consumed once the account is created and users can see details in the portal.
• Service documentation: No
• End-of-contract data extraction: Users can download their cost/billing data directly from the application
• End-of-contract process: Upon receiving notification of termination of contract your account will be closed and all service provision will cease. Your Arcus data will be available for 30 days from the date of termination and can be exported from the Arcus system in standard CSV files by the customer using standard data management tools. The data can be securely downloaded and, if necessary, Arcus can perform intermediary services to extract the data in a specific CSV format at an additional cost (which will vary according to the volume and complexity of the data itself).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The portal is mobile ready using responsive design methods
• Service interface: No
• API: No
• Customisation available: No

Scaling

• Independence of resources: The Arcus AWS Management Portal is powered by scalable and serverless technologies that ensure consistent performance irrespective of demand

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Amazon Web Services (AWS)

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: AWS are compliant with a number of standards which require protection of data at rest (ISO 27001/27018; SSAE 16/ISAE 3402 SOC-1; SOC 2; SOC 3; PCI-DSS; TRUSTe Certified Privacy Seal; CSA STAR)"
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can download their cost/billing data directly from the application
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Standard HTTPS TLS/SSL encryption is used for data in transit protection.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: This Arcus solution is built on AWS technology using highly available services. The service level aims to achieve 99.995% uptime. Response times are published: https://status.aws.amazon.com.
• Approach to resilience: The service is built around highly available managed platform and serverless technologies that inherently remove single points of failure. The key services operate region wide (multiple AZ's in use) and therefore maintain high operational reliability and redundancy.
• Outage reporting: This Arcus solution is built on AWS technology using highly available services. The service level aims to achieve 99.995% uptime. Response times are published: https://status.aws.amazon.com.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Account administrators can be defined within the system. These Administrator users can then manage other users who have permissions to see the account billing information. Standard users do not have access to administrative functions.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Other
• Description of management access authentication: All users are required to have a username and password to access the system with the option of adding 2 factor (token based) authentication as required. Password complexity and expiry can be configured by the customer to ensure appropriate controls are in place.

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Socotec
• ISO/IEC 27001 accreditation date: 19/10/2015
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 14/03/2017
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Arcus hold ISO 9001: Quality Management Standard.; AWS Advanced Consulting Partner; AWS Government Competency; AWS Solutions Architect Professional; AWS DevOps Professional
• Information security policies and processes: Arcus are ISO27001 accredited and have internal processes that adhere. Arcus implement an ITILv3 approach to support delivery that integrates with our security processes. Salesforce's Information Security Management System and information security policies are based on ISO27002 best practices and ISO27001 certified. Salesforce maintain details of security processes at https://trust.salesforce.com/en/security/

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Arcus will maintain a change log of environmental controls and operate releases through our release manager.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Multiple tiers of vulnerability management. The Product Security team ensures the security of the system, consults with R&D teams and partners, and protects customer data. Cloud Security experts specialise in security research and innovative tool development. A ‘Rapid response’ team reacts to emerging threats as the last line of defence.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Records all login attempts: originating IP address, time and success/fail against each user account. Information can be extracted for analysis against organisational policies. Configurable settings: enforce logins from an approved IP range and/or at certain times of day, maximum session length and automatic account locking after x failed login attempts.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Standard incident management ensures that all recorded incidents are triaged and routed to the appropriate resolver groups and, where necessary, escalated. In specific cases it may be necessary to escalate incidents directly to the provider. We have a standard hand off process to ensure that end-to-end communication is maintained.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £0 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@digitalspace.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.