ATRAIDES TECHNOLOGIES LIMITED

Cloud Software

We provide Cloud Architecture High Level and Low Level Architecture based on your cloud initiatives according to Cloud Best Practices and Cloud Security Standards

Features

• Conceptual Architecture
• High Level Logical Architecture
• Low Level Architecture

Benefits

• Highly Available Environments
• Disaster Recovery Architecture
• Secure Infrastructure in the Cloud
• Architect Cloud environment that meet customers business requirements and SLAs

£1,200 to £1,800 a unit a day

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jsoomro@atraides.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

415903737480222

Contact

Javaid Soomro
07944372456
jsoomro@atraides.com

Service scope

• Service constraints: Architecture solution will be limited to single cloud provider
• System requirements: Buyer to source applications and licences

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Provide Cloud consultancy to customer
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Initial meeting with the customer to understand their requirements and then providing a proposal detailing the solutions, scope of work and timelines to deliver the architecture.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All customer data remains on systems owned and controlled by the customer.
• End-of-contract process: Initial Consultancy and high level conceptual architecture.; Logical Architecture

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Enable Multitenancy, High Availability and Auto Scaling features on the Cloud
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Physical access control is maintained by Microsoft at their Azure Data Centers
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.95% and refunded as per Azure Policies
• Approach to resilience: Standard Azure best Practices meeting customer's SLA
• Outage reporting: Email Alerts and standard Azure notifications

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Identity and Access Management
• Access restriction testing frequency: Less than once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Azure Standard

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Standard version control
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Operational support is provided by customer managed teams or vendors
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Standard Azure processes
• Incident management type: Undisclosed
• Incident management approach: Not in scope of service

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Microsoft Azure
• How shared infrastructure is kept separate: Logical Network Separation and use of Firewalls.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Azure Standard ratings

Pricing

• Price: £1,200 to £1,800 a unit a day
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Free 1 Hours Consultation

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jsoomro@atraides.com. Tell them what format you need. It will help if you say what assistive technology you use.