Capgemini UK plc

CCP Cloud Services

CCP Cloud Services can provide ready-to-go cloud services and accelerators that help kick-start projects, enabling a focus on delivering business outcomes. The service can: get to market faster, save time/cost, standardise delivery and operation of digital and cloud usecases, reduce dependency on scarce resources, provide a route to multi-cloud.

Features

  • Can include Kubernetes orchestration, API management and DevOps tooling
  • Designed to National-Cyber-Security-Centre guidelines and for GDPR compliance
  • Can be fully automated and cloud agnostic
  • Can include dedicated customer cloud account assuring data isolation
  • Can be available in 24 hours on AWS and delivering
  • Can be bought easily on pay-per-use with monthly subscription pricing
  • Can provide flexibility to avoid commercial lock-in
  • Platform instances can be provisioned and scaled on-demand
  • Can provide 24/7/365 proactive support with API analytics/integration monitoring
  • Can be services resilient across three availability zones, 99.95% availability

Benefits

  • Can provide standardised development, run and operation of workloads
  • Can deliver quickly and repeatably with set of pre-integrated products
  • Can enable a DevOps and Agile approach
  • Can provide a fully-managed production-ready service to orchestrate containers
  • Can unlock data via APIs enabling innovation of new services
  • Can take advantage of pay-as-you-go service models
  • Can offer flexibility to swap SaaS services avoiding vendor lock-in
  • Can be enabler for mobile-first, cloud-first, IoT strategies, digital transformations
  • Can support evolving hybrid IT landscapes/journey to the cloud
  • Can promote education of workforce and increase their productivity.

Pricing

£5,916.85 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.opps.uk@capgemini.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

6 7 5 4 5 4 9 4 1 7 2 4 8 7 8

Contact

Capgemini UK plc Giovanna Borgia
Telephone: +44(0)370 904 4858
Email: publicsector.opps.uk@capgemini.com

Service scope

Service constraints
Black-box, fixed technology stack service; Currently supports AWS;
System requirements
  • AWS
  • On-premises/hybrid requires private cloud with sufficient compute and networking capacity.
  • Cloud/on-premises deployment requires network connectivity to client data centre.

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to acknowledge receipt of questions within one Working Day. Resolution times will be according to the service level agreement for the service.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Individual service levels are described in the Service Definition. Should you have requirements for other service levels, please contact Capgemini directly to discuss.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The CCP Cloud Services include a user portal containing how-to guides, principles and demo applications. Add-on consultancy services (charged using the applicable rates in the SFIA rate card) can also be made available to accelerate delivery using the service.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Arrangements for Buyer data to be extracted can be agreed at the start of each contract, and the execution of such arrangements can be completed as part of the contract close down procedures
End-of-contract process
At the end of the contract, Capgemini can review with the Buyer: That contractual obligations have been met; That invoices have been raised and paid; That no outstanding, documented issues remain (unless agreed otherwise); That access rights have been terminated and user IDs deleted; That data had been backed up and recovered as appropriate

Using the service

Web browser interface
Yes
Using the web interface
CCP Cloud Services comprise open-source and third-party commercial software that have their own UI.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Open Source products utilised.
Web interface accessibility testing
No additional accessibility testing performed for off the shelf Open Source products
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Each deployment is a dedicated instance of the CCP Cloud Services with encrypted data at rest, giving assurance of data isolation, service levels and performance.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Other
Other metrics
Contact Capgemini for details of any infrastructure or application metrics
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Internal system configuration
  • User stores
  • CI pipelines
Backup controls
Backups are internal system configuration only and can be controlled by the CCP Cloud Services Support Team.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The CCP Cloud Services are deployed in a resilient manner across two datacentres. The Supplier shall use reasonable commercial endeavours to ensure that the CCP Cloud Services Available subject to conditions provided for in the service definition for this service.
Approach to resilience
Please contact Capgemini directly for this information.
Outage reporting
System alerts and outages can be reported centrally through the CCP Cloud Services Online Helpdesk. Optionally, the Buyer can integrate their existing Service Management systems and ITIL processes using our Connect add-on service with pricing information available in the Capgemini SFIA rate card.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Authentication and authorisation controlled via membership of LDAP groups. Sections of the platform that do not need to be public are secured with a VPN solution with multi-factor authentication. APIs are secured through the API Manager by leveraging the OAuth API access standard, and supports common OAuth grant profiles.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DNV GL Business Assurance UK Limited
ISO/IEC 27001 accreditation date
28/11/2016
What the ISO/IEC 27001 doesn’t cover
Contact Capgemini directly for further information
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
HMG Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
Other security governance standards
Please contact Capgemini directly, if other security governance standards are required
Information security policies and processes
Capgemini follows its own information security policy, which is referenced against ISO27001:2013 - Information Technology - Security Techniques - Information Security Management Systems - Requirements, ISO 27002:2013 - Information Technology - Security Techniques - Code of Practice for Information Security Controls, and the Information Security Forum - Standard of Good Practice (2014).

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Capgemini 's configuration and change management processes are set out in its ‘Unified Project Method’ (UPM), but can be adapted to comply with specific requirements by agreement with individual Buyers (tailored services may attract additional charges)
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
The CESG IS1/2-derived process is used as a basis - it is a living document rather than a one-time statement of risk. This is used to inform the impact of any identified vulnerability and an appropriate response.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Anti-virus and Intrusion detection is provided as standard on the platform to identify potential compromises – providing the appropriate alerting. Alerts can be reported via dashboards. Response times are determined by the severity of the incidents raised.
Incident management type
Supplier-defined controls
Incident management approach
Capgemini 's incident management processes are set out in its ‘Unified Service Method’ (USM), but can be adapted to comply with specific requirements by agreement with individual Buyers (tailored services may attract additional charges)

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Third-party
Third-party virtualisation provider
AWS
How shared infrastructure is kept separate
Please contact Capgemini directly for detailed information.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
We don’t use our own datacentres, we utilise public coud providers, typically AWS, Azure and GCP

Pricing

Price
£5,916.85 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.opps.uk@capgemini.com. Tell them what format you need. It will help if you say what assistive technology you use.