Hitachi Consulting UK Ltd

Workload Migrations to Cloud

Hitachi’s approach to workload migrations is fast, effective and reliable solution that seamlessly synchronises the transition to the cloud. Whether your organisation is planning to move legacy applications to the cloud or looking for a cloud migration. Hitachi’s Cloud Migration for Oracle offers a comprehensive plan.

Features

  • Comprehensive and accurate assessment of current IT landscape and processes
  • Profiling of existing business processes and application/technology usage
  • Comprehensive coverage for Oracle Technology Cloud product offerings in IaaS/PaaS.
  • Analysis of existing customisations and integrations.
  • Analysis of transaction volumes.
  • Creation of comprehensive cloud adoption roadmap including migration recommendations
  • Automated migration of key configurations from legacy to Cloud Applications
  • Assisted migration of legacy data to Cloud.
  • Cost benefit analysis and business case creation.

Benefits

  • Increased availability of systems and services
  • Ease of access – any device, any-time, anywhere
  • Faster deployment of new apps
  • The ability to auto-scale
  • Significantly reduces time, effort and costs of migrating to Cloud
  • Accelerated and de-risked value realisation through automation
  • Automated migration of configuration and data saves effort
  • Build on modern best practices recommended by Oracle
  • Facilitates and expedites decision making for Cloud migration planning
  • Reduces the effort required to understand your Cloud options

Pricing

£176 per person per day

Service documents

Framework

G-Cloud 11

Service ID

5 9 1 4 2 5 2 0 1 9 5 3 5 2 0

Contact

Hitachi Consulting UK Ltd

Jessica Chandler

020 7947 4500

jessica.chandler@hitachivantara.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Any other Oracle Cloud SaaS
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No.
System requirements
  • Most major web browsers are supported.
  • Licencing is part of the subscription.

User support

Email or online ticketing support
Email or online ticketing
Support response times
As per standard SLA's.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide 2nd and 3rd line support. Costs vary according to the nature and extent of services supplied. We provide various roles, including support engineer, lead support engineer, service delivery manager and technical account manager.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
All training options are available and would be agreed with the client as part of the change management plan.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Online documentation
  • Excel
End-of-contract data extraction
Data can be extracted into Excel or other similar formats.
End-of-contract process
There are no specific end of contract services included in the standard contract as extracting any necessary data can be done by the client themselves.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Some user self-service tools have specific mobile applications but most elements are supported via web browser. Capability dependant on mobile device.
Service interface
No
API
Yes
What users can and can't do using the API
There are an extensive set of API's allowing integration with the majority of transaction types and static data.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Can be extended but not customised.

Scaling

Independence of resources
The Cloud subscription will guarantee a consistent level of service for each subscriber.

Analytics

Service usage metrics
Yes
Metrics types
Service status and service usage.
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Oracle

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Via API's or into Excel.
Data export formats
  • CSV
  • Other
Other data export formats
Excel
Data import formats
  • CSV
  • Other
Other data import formats
Excel

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Oracle works to meet a Target System Availability Level of 99.5% of the production service, for the measurement period of one calendar month, commencing at Oracle’s activation of the production environment. Oracle measures the System Availability Level by dividing the difference between the total number of minutes in the monthly measurement period and any Unplanned Downtime by the total number of minutes in the measurement period, and multiplying the result by 100 to reach a percent figure.
Approach to resilience
Oracle deploys the Oracle Cloud Services on resilient computing infrastructure designed to maintain service
availability and continuity in the case of an incident affecting the services. Data centres retained by Oracle to host
Oracle Cloud Services have component and power redundancy with backup generators in place, and Oracle may
incorporate redundancy in one or more layers including network infrastructure, program servers, database servers,
and/or storage. Oracle periodically makes backups of Your production data in the Oracle Cloud Services for Oracle's sole use to
minimise data loss in the event of an incident. Backups are stored at the primary site used to provide the Oracle
Cloud Services, and may also be stored at an alternate location for retention purposes. A backup is typically
retained online or offline for a period of at least 60 days after the date that the backup is made.
Outage reporting
Oracle will provide You with access to a Customer notifications portal. This portal will provide metrics on the System
Availability Level for Cloud Services purchased under the ordering document. For those Cloud Services for which
such metrics are not available via the Customer notifications portal, Oracle will provide metrics on the System
Availability Level upon receipt of a Service Request submitted by You to Oracle requesting the metrics.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Access to the Cloud Customer Support Portal is limited to Your designated technical contacts and other authorised users of the Cloud Services.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Description of management access authentication
We can also provide single sign on.

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI Assurance UK Ltd
ISO/IEC 27001 accreditation date
03/08/2016
What the ISO/IEC 27001 doesn’t cover
Not applicable.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Responsibility for our Information Security Policy lies with the Head of Information Security (HIS) and the UK Leadership Team. We deliver our security objectives through our Information Security Management System which takes account of legislation and best practice, including: Data Protection Act 1998; Sarbanes Oxley; ISO 27001 and 9001; and Computer Misuse Act 1990. We routinely identify all assets, assess the threats and risk levels and define what action needs to be taken to protect those assets. All security incidents, breaches, “near-misses” or concerns are required to be reported immediately to the HIS and Information Security Manager. In case of a breach, all critical IT systems are tied into a monitoring system which notifies IT personnel of any breach or anomaly. Our IT security and governance practices are reviewed annually by the Hitachi Ltd auditors. These reviews are cover all key systems utilising a framework based on the COBIT standards.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Oracle performs changes to cloud hardware infrastructure, operating software, product software, and supporting application software to maintain operational stability, availability, security, performance of the Oracle Cloud. Oracle follows formal change management procedures to review, test, and approve changes prior to application in the production service. Changes made through include system and service maintenance activities, upgrades and updates, and customer specific changes. The change management procedures are designed to minimise service interruption during the implementation of changes. Oracle works to ensure that change management procedures are conducted during scheduled maintenance windows, while taking into consideration low traffic periods and geographical requirements.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Oracle Software Security Assurance (OSSA) encompasses every phase of the product development lifecycle and is Oracle's methodology for building security into the design, build, testing, and maintenance of its products. It’s goal is to ensure that Oracle's products remain as secure as possible and is a set of industry-leading standards, technologies, and practices aimed at fostering security innovations and reducing the incidence of security weaknesses in Oracle products. Key programs include Oracle's Secure Coding Standards, mandatory security training for development and the use of automated analysis and testing tools. Oracle has adopted transparent security vulnerability disclosure and remediation policies.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Oracle has adopted security controls and practices that are designed to protect the confidentiality, integrity, and availability of all customer data. Oracle continually works to strengthen and improve its security controls and practices which are aligned with the ISO/IEC 27002 Code of Practice. Oracle Oracle personnel are subject to the Oracle information security practices which govern their employment. Rather than focusing on individual components, Oracle Cloud takes a holistic approach to information security, implementing a multi-layered defence security strategy where network, operating system, database, and software security practices and procedures complement one another with strong internal controls, governance, and oversight.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Support Services consist of: Diagnosis of problems or issues with the Oracle Cloud Services, Reasonable commercial efforts to resolve reported and verifiable errors, Support during Change Management activities, Assistance with technical service requests 24 hours per day, 7 days a week, 24 x 7 access to a Cloud Customer Support Portal, Live Telephone Support to log service requests, Access to community forums, Non-technical Customer service assistance during normal Oracle business hours (8:00 to 17:00) local time. The severity level of a service request is selected by both you and Oracle, and is based on 4 severity levels.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£176 per person per day
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑