ArcGIS in the Cloud
ArcGIS is a geographic information system (GIS) that connects maps, apps, data and people enabling smarter, faster decisions. Everyone in your organisation may discover, use, make and share maps from any device, anywhere, anytime. Web and mobile GIS, high-performance desktop, server and spatial databases on your preferred cloud.
- Any part the ArcGIS Platform deployed on your own cloud
- Powerful visualisation of large amounts of data
- Spatial analytics to identify and quantify the impact of decisions
- Secure administration to control and manage people and content
- Tools and APIs for developers, living atlas
- Free Esri UK Online basemaps and gazetteers
- Ready-to-use suite of apps for immediate productivity
- 3D GIS – Fly-Throughs, Terrain, Viewshed, Line of Sight
- Digital Environmental Impact Assessment Surveys
- Phase 1 Habitat (Sweet, Collector)
- Assurance: Stable investment with the world's largest GIS provider
- Open: Open Standards and APIs for easy integration and customisation
- Agile: Quickly meet your organisation’s increased demand for GI capability
- Cost-effectiveness: Use and reuse existing cloud contracts to deploy GIS
- Capability: Flexibility to deploy part or all of ArcGIS
- Hybrid cloud: Add virtual CPUs to your on-premise applications
- Faster application delivery: Implement your GIS applications faster
- Short term peaks: Meet short term demand for GIS
- LaunchKit: Maximise return on investment
- LaunchKit: Understand best practice
£50000 per unit per year
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
- Modern Slavery statement
ESRI (UK) LIMITED
|Software add-on or extension||No|
|Cloud deployment model||Hybrid cloud|
The service does not include the provision of customer data uploads by Esri UK (although this service can be bought through our complementary G-Cloud services)
Dependent on the service management options chosen, the service may or may not include any subsequent patching of the server once handed-over to the customer.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Target response times:
P1 - 2 hours - System inoperable. No users can run application.
P2 - 4 hours - Critical component inoperable preventing “full production” use of system although other areas of system can be used.
P3 - 8 hours - Elements of system not providing the functionality as expected or intermittent failures in system processing. In all cases, system can be used for “full production”.
P4 - 16 hours - Problem does not impact use or productivity of system but is frustrating to use, or there is an error in documentation.
09:00-17:30 GMT Monday-Friday excluding English Bank Holidays
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Please see the Esri UK Standard Support Policy in the Terms and Conditions document|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Esri UK sales, contactable at firstname.lastname@example.org, will handle order processing, account creation and set-up, account management and billing functions for your ArcGIS Online Subscription. User instructions, Help and extensive tutorial videos are available online.|
|Other documentation formats||Video|
|End-of-contract data extraction||Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Enterprise. All uploaded data and generated data will be available for extraction.|
|End-of-contract process||User-uploaded content can be downloaded by permitted users from their cloud GIS content repository at the end of any subscription period. The customer will take responsibility for ensuring that all customer GIS and other data stored on the hosting platform is removed.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||None|
|Description of service interface||The customer accesses the service using a standard Web Browser as described in the Service Definition.|
|Accessibility standards||None or don’t know|
|Description of accessibility||We have an ongoing commitment to accessibility and are WCAG 2.0 AA, compliant with minor issues.|
|Accessibility testing||We test all our service interfaces with users of assistive technology, using the Voluntary Product Accessibility Template.|
|What users can and can't do using the API||All features of the service are available via API|
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||Web Application Templates used to access the service can be configured with customer's individual logos, colour schemes etc. Some templates are fully configurable to allow complete control of what functions you wish to make available to users.|
|Independence of resources||
Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them.
Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level.
AWS continuously monitors service usage to project infrastructure needs to support availability commitments/requirements. AWS maintains a capacity planning model to assess infrastructure usage and demands at least monthly, and usually more frequently. In addition, the AWS capacity planning model supports the planning of future demands to acquire and implement additional resources based upon current resources and forecasted requirements.
|Service usage metrics||Yes|
|Metrics types||ArcGIS Enterprise includes a complete dashboard of service use broken down by data, users, groups and other variables.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Other|
|Other data at rest protection approach||
AWS adheres to independently validated privacy, data protection, security protections and control processes. (Listed under “certifications”).
AWS is responsible for the security of the cloud; customers are responsible for security in the cloud. AWS enables customers to control their content (where it will be stored, how it will be secured in transit or at rest, how access to their AWS environment will be managed).
Wherever appropriate, AWS offers customers options to add additional security layers to data at rest, via scalable and efficient encryption features. AWS offers flexible key management options and dedicated hardware-based cryptographic key storage.
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||Data can be easily downloaded as CSV or Shapefile using the tools within ArcGIS Enterprise. All uploaded data and generated data will be available for extraction.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
Please refer to the Service Definition and Terms and Conditions for availability details.
|Approach to resilience||
The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximizing the effectiveness of the recovery and reconstitution efforts and minimizing system outage time due to errors and omissions.
AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.
Individual application resilience will vary depending on service configuration.
|Outage reporting||Public dashboard; personalised dashboard with API and events; configurable alerting (email / SMS / messaging); email service to customers.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Less than 10 staff, whose roles require it, have access to management interfaces and support channels. These are protected through username and password authentication.|
|Access restriction testing frequency||Less than once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||The infrastructure supporting the service is accredited to ISO/IEC 27001. Our Governance standards comply to ISO/IEC 27001 and Cyber Essentials.|
|Information security policies and processes||Esri UK implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Our configuration and change management process is audited and accredited to ISO9001.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Our infrastructure partner performs vulnerability scans on the host operating system, web applications, and databases in the environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Our infrastructure partner deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:
• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts
Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set thresholds.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Our infrastructure partner adopts a three-phased approach to manage incidents:
1. Activation and Notification Phase
2. Recovery Phase
3. Reconstitution Phase
To ensure the effectiveness of the their Incident Management plan, they conducts incident response testing, providing excellent coverage for the discovery of defects and failure modes as well as testing the systems for potential customer impact.
The Incident Response Test Plan is executed annually, in conjunction with the Incident Response plan. It includes multiple scenarios, potential vectors of attack, the inclusion of the systems integrator in reporting and coordination and varying reporting/detection avenues.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£50000 per unit per year|
|Discount for educational organisations||No|
|Free trial available||No|