ISB Global Limited

ISB Cloud Hosting Services (Platform as a Service)

ISB Global (ISB) provides best in class Cloud Hosting Services to their customers. We provide a full service from design, build, ongoing support, tried and tested templates or bespoke hosting solutions. We recommend utilising Amazon Web Services (AWS), which provides a world class cloud computing platform.

Features

  • Platform designed and planned to meet functional and non­functional requirements
  • Service Level Agreement and Support
  • Daily Backups included & Disaster Recovery available (multi zones)
  • Development, Test and Production instances support development lifecycle
  • Application hosting delivered in days not months
  • Adheres to Cloud Security Principles.
  • Real-time monitoring and reporting
  • Linux and Windows infrastructure available for ease of enterprise integration
  • Elastic cloud ensures only pay for the hosting you need
  • Provision of multi-tenancy capability (Saas, Paas, Iaas)

Benefits

  • Simple, user friendly web applications
  • Business Process Automation - workflow and alerts
  • Role based user management
  • Make app/content changes to production without users logging off
  • Fully scalable solution, which will grow with your organisation
  • One code base for multiple formats, devices and app stores
  • Fast and effective app development
  • Enterprise grade application and infrastructure
  • Remote access

Pricing

£450 to £950 per person per day

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

679820845619664

ISB Global Limited

Chris Williams

02082328884

chris.williams@isb-global.com

Service scope

Service scope
Service constraints No -- There isn't any constraints in ISB Cloud Hosting Service, however you can apply your own constraints on your application and systems, using ISB Cloud Hosting Service Catalog.
System requirements
  • PC - Windows 7 and above
  • Desktop browsers - Internet Explorer 10 or later
  • Desktop browsers - Edge (latest stable version)
  • Desktop browsers - Firefox (latest stable version)
  • Desktop browsers - Google Chrome (latest stable version)
  • Desktop browsers - Safari (latest stable version).
  • Mobile apps - iOS 8 or later
  • Mobile apps - Android 4.4 or later

User support

User support
Email or online ticketing support Email or online ticketing
Support response times ISB shall use all reasonable best endeavors to respond to requests for Support Services promptly. The following are our general standard SLA's:

Response Times:
Critical: Complete breakdown -- 1 Business hour
High: Significant breakdown -- 2 Business hours
Medium: Limited breakdown -- 8.5 Business hours
Low: Small breakdown -- 8.5 Business hours

Resolution times (or provision of a workaround):
Critical: Complete breakdown -- 4 Business hours
High: Significant breakdown -- 8 Business hours
Medium: Limited breakdown -- 25.5 Business hours
Low: Small breakdown -- 59.5 Business hours

If a workaround is provided then a issue resolution might be downgraded.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible User can access ISB web chat from our website http://www.isb-global.com and discuss the support issue with our representative. Our rep creates tickets on our Support Portal, depending on the nature and urgency of the problem.
Web chat accessibility testing No Applicable
Onsite support Yes, at extra cost
Support levels ISB always provides a technical account manager, allocated to each customer. Cloud support engineers are provided if required. Level of support depends on Customer requirements and maturity of end users. Costs vary depending on skills needed and duration. Generally our rates range from £450 to £950 per day. We package competitive support deals once support requirements have been scoped. Following support levels are provided:

ISB Level 0 support – user self-service solutions, without the aid of the Help Desk. Includes automated password resets, web portals for requesting product support, and knowledge base lookup.

ISB Level 1 support – access to Help Desk and provision of basic support, analysis and troubleshooting, break/fix instructions, ticket routing and escalation to Level 2 or 3 support, if cannot be resolved.

ISB Level 2 support – provides more advanced support, covering cloud hosting, infrastructure, connectivity, hardware or even application support. Escalation to Level 3 if required.

ISB Level 3 support – expert / SME support services covering full service array or direct contact with software vendor or cloud provider (AWS). ISB is a partner with vendor and can expedite and co-ordinate issue resolution as per SLA.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started ISB provides detailed on boarding activities fro both ISB staff and customer users or key users, at the start of a new engagements.

ISB Cloud Hosting Services provides all types of training services which includes onsite training, online training, and user documentation.

Training does depend on the requirements and IT landscape.

Generally with Cloud Hosting Services ISB provides the hosting and supports the hosted environment with the relevant applications and monitoring services.

If the customer wants to support the cloud hosted environment, once it has been setup, then this can also be arranged and the relevant training can be provided.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction ISB can provide your data at the end of the contract. This can be by database back-up, RDS snapshot or data export/extract. Some basic terms on this topic:

(a) Generally. Upon any End / termination of Agreement:

(i) all your rights under this Agreement immediately terminate

(ii) you remain responsible for all fees and charges you have incurred through the date of termination, including fees and charges for in-process tasks completed after the end date

(iii) you will immediately return or, if instructed by us, destroy all AWS Content in your possession

(b) Post-Termination Assistance. Unless we terminate your use of the Service Offerings pursuant to Section 7.2(b), during the 30 days following the end date

(i) we will not erase any of Your Content as a result of finishing the contract

(ii) you may retrieve Your Content from the Services only if you have paid any charges for any post-termination use of the Service Offerings and all other amounts due

(iii) we will provide you with the same post-termination data retrieval assistance that we generally make available to all customers.

Any additional assistance after ending the contract from us is subject to mutual agreement by you and us.
End-of-contract process The contract caters for termination. Services will be completed till a specific date. Services will be paid for. Hosting services are then terminated. Reference back to standard terms on this:

Generally. Upon any Ending of the Agreement:

(i) all your rights under the Agreement immediately terminate

(ii) you remain responsible for all fees and charges you have incurred through the end date of agreement, including fees and charges for in-process tasks completed after the end date of agreement

(iii) you will immediately return or, if instructed by us, destroy all AWS Content in your possession

(i) we will not erase any of Your Content

(ii) you may retrieve Your Content from the Services only if you have paid any charges for any post-termination use of the Service Offerings and all other amounts due

(iii) we will provide you with the same post-termination data retrieval assistance that we generally make available to all customers.

Any additional post-agreement assistance from us is subject to mutual agreement by you and us.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users who sign in to AWS account through the sign-in page can access your AWS resources through the AWS Management Console to the extent that you grant them permission. You can grant users access to your AWS account resources through the AWS Management Console. It also shows how users can access other AWS account features through the AWS website. There is no charge to use IAM.

You create a password for each user who needs access to the Management Console. Users access the console via your Identity and Access Management (IAM) -enabled AWS account sign-in page. You can manage passwords for your AWS account and for IAM users in your account. IAM users need passwords in order to access the AWS Management Console. Even if your users have passwords, they still need permission to access your AWS resources. When you create a user, that user has no permissions by default. To give your users the permissions they need, you attach policies to them. You can grant users access your AWS account billing and usage information. Users cannot access your AWS account profile information.Users cannot access your AWS account security credentials.

Additional features can be added for users as required.
Web interface accessibility standard None or don’t know
How the web interface is accessible The ISB AWS Management Console provides a web-based way to administer ISB AWS services. You can sign in to the console and create, list, and perform other tasks with ISB AWS services for your account, such as starting and stopping Amazon EC2 instances and Amazon RDS databases, creating Amazon DynamoDB tables, creating IAM users, and so on.

If you're the account owner, you can sign in to the console directly. If you've created IAM users in your account, assigned passwords to those users, and given the users permissions, they can sign in to the console using a URL that's specific to your account.

If your organization has an existing identity system, you might want to create a single sign-on (SSO) option that gives users access to the AWS Management Console for your account without requiring them to have an IAM user identity and without requiring them to sign in separately to your organization's site and to ISB AWS
Web interface accessibility testing Not Applicable
API Yes
What users can and can't do using the API ISB Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the ISB AWS Management Console, you can create an API that acts as a “front door” for applications to access data, business logic, or functionality from your back-end services, such as workloads running on ISB Amazon Elastic Compute Cloud (Amazon EC2), code running on ISB AWS Lambda, or any Web application. ISB Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management. ISB Amazon API Gateway has no minimum fees or startup costs. You pay only for the API calls you receive and the amount of data transferred out. With ISB Amazon CloudFront integration, API Gateway allows you to take advantage of the worldwide network of edge locations to provide your end users with the lowest possible latency for API requests and responses. Amazon API Gateway lets you simultaneously run multiple versions of the same API, allowing you to quickly iterate, test, and release new versions
API automation tools
  • Ansible
  • Chef
  • SaltStack
  • Terraform
API documentation Yes
API documentation formats PDF
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface The ISB AWS Command Line Interface (CLI) is a unified tool to manage your ISB AWS services. With just one tool to download and configure, you can control multiple ISB AWS services from the command line and automate them through scripts. The ISB AWS CLI introduces a new set of simple file commands for efficient file transfers to and from Amazon S3. You can get help when using the ISB AWS CLI, you can simply add help to the end of a command. The AWS Command Line Interface Reference provides the content of all ISB AWS CLI commands' help files, compiled and presented online for easy navigation and viewing on mobile, tablet, and desktop screens. Help files sometimes contain links that cannot be viewed or followed from the command line view; these are preserved in the online ISB AWS CLI reference. All subcommands in the AWS CLI correspond to calls made against a service's public API. Each service with a public API, in turn, has a set of API reference documentation that can be found from the service's homepage. Detailed information on parameters (including constraints on length or content) and errors specific to an action.

Scaling

Scaling
Scaling available Yes
Scaling type Manual
Independence of resources ISB Cloud Hosting Service offers reserve capacity in your chosen AWS Availability Zone.

AWS ensures and provides true multi-tenancy functionality so tenants are totally and securely separated, and resources balanced.

Instances on AWS are divided across several geographical areas, called regions. The West Coast of the US, for example, has two regions: US-West-1, in Northern California, and US-West-2, in Oregon. Each region contains several AZs, or Availability Zones, which are distinct locations within that region. AZs within the same region are connected through low-latency links, but each has its own power and cooling systems, and operates independently from other AZs.
Usage notifications Yes
Usage reporting
  • API
  • Email
  • SMS

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Amazon AWS Cloud Services

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Less than once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Any files, documents, logs
  • Virtual machines images
  • Database backups
  • Amazon Relational Database Services Snapshots
  • Amazon Machine Images (AMI)
Backup controls There is lots of flexibility and options here using AWS:
Regularly back up your EBS volumes using ISB Amazon EBS snapshots, create an Amazon Machine Image (AMI) from your instance to save the configuration as a template for launching future instances.
Deploy critical components of your application across multiple Availability Zones, and replicate your data appropriately. Design your applications to handle dynamic IP addressing when your instance restarts.
Monitor and respond to events. Ensure that you are prepared to handle failover. For a basic solution, you can manually attach a network interface or Elastic IP address to a replacement instance.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability ISB Amazon AWS has a contractually guaranteed availability of 99.9% or
99.95% depending on service and configuration. This is calculated on
24 x 7 availability. AWS support desk is available 24/7.
ISB service desk is available 08:30am – 5:30pm UK Working Days.
If you would like service levels to apply outside of normal service
hours, then please contact us with your requirements, and we can arrange this.
Approach to resilience ISB AWS Service design recovery plans, supporting local backups, deploying replication, and managing reduplication to manage cloud-based recovery for AWS which takes care of all those steps on behalf of our customers. AWS services are fully equipped with the tools to figure out how to do the following:

• Backup/restore
• Fail-over
• Scaling (up and down)
• Monitoring
Outage reporting ISB AWS Web Services publishes our most up-to-the-minute information on service availability in a table published online. User and check back here any time to get current status information, or subscribe to an RSS feed to be notified of interruptions to each individual service. In case users experiencing a real-time, operational issue with one of our services that is not described on the website, clients can contact us using the contact details on our website. There is also an option create personal Health Dashboard for personalized view of our services. This can be specified during setup.

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels In order to maintain a secure service, consumers need to be securely authenticated before being allowed to perform management activities, report faults or request changes to the service. These activities may be conducted through a service management web portal, or through other support channels (such as telephone or email) and are likely to facilitate functions such as provisioning new service elements, managing user accounts and managing consumer data. It's important that service providers ensure any requests which could have a security impact are performed over secure channel.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes ISB AWS follows the Shared Security Responsibility Model, In this case, ISB AWS is responsible for securing the underlying infrastructure that supports the cloud, and you’re responsible for anything you put on the
cloud or connect to the cloud. The IT infrastructure that AWS provides to its customers is designed and managed in alignment with security best practices and a variety of IT security standards, including:

• SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
• SOC 2
• SOC 3
• FISMA, DIACAP, and FedRAMP
• DOD CSM Levels 1-5
• PCI DSS Level 1
• ISO 9001 / ISO 27001
• ITAR
• FIPS 140-2
• MTCS Level 3

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Routine, emergency, and configuration changes to existing ISB AWS infrastructure are authorized, logged, tested, approved, and documented in accordance with industry norms for similar systems. Updates to ISB AWS’s infrastructure are done to minimize any impact on the customer and their use of the services. ISB AWS will communicate with customers, either via email, or through the AWS Service Health Dashboard when service use is likely to be adversely affected. ISB AWS applies a systematic approach to managing change so that changes to customer-impacting services are thoroughly reviewed, tested, approved, and well-communicated.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Amazon Inspector is a security vulnerability assessment service that helps improve the security and compliance of applications deployed on Amazon EC2. It automatically assesses applications for vulnerabilities or deviations from best practices, and then produces a detailed list of security findings prioritized by level of severity. It includes a knowledge base of hundreds of rules mapped to common security standards and vulnerability definitions that are regularly updated by security researchers. There are no additional software licenses or maintenance fees, and no need to purchase hardware.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Systems within AWS are extensively instrumented to monitor key operational and security metrics. Alarms are configured to automatically notify operations and management personnel when early warning thresholds are crossed on key metrics. When a threshold is crossed, the ISB AWS incident response process is initiated. The ISB Amazon Incident Response team employs industry-standard diagnostic procedures to drive resolution during business-impacting events. Staff operates 24x7x365 coverage to detect incidents and manage the impact to resolution. AWS security monitoring tools help identify several types of denial of service (DoS) attacks, including distributed, flooding, and software/logic attacks
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach ISB has implemented a formal, documented incident response policy and program. ISB has it own support logging process which then links to AWS support, if required.
1. Activation and Notification: Incidents for AWS begin with the detection of an event. This can come from several sources including:
a. Metrics and alarms maintains an exceptional situational awareness capability, most issues are rapidly detected from
24x7x365 monitoring and alarming
b. Trouble ticket entered by an ISB employee
c. Calls to the 24X7X365 technical support hotline.
2. Recovery Phase - the relevant resolver will perform break fix to address incident.
3. Reconstitution Phase

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Red Hat Virtualisation
How shared infrastructure is kept separate Security measures that the cloud service provider (ISB AWS) implements and operates – "security of the cloud"
Security measures that the customer implements and operates, related to the security of customer content and applications that make use of ISB AWS services – "security in the cloud"
While ISB AWS manages security of the cloud, security in the cloud is the responsibility of the customer. Customers retain control of what security they choose to implement to protect their own content, platform, applications, systems and networks, no differently than they would for applications in an on-site datacenter.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £450 to £950 per person per day
Discount for educational organisations Yes
Free trial available Yes
Description of free trial If you have never used the ISB AWS CloudHSM service before and you are enrolled in any paid AWS Support tier, you are eligible for a two week free trial of two CloudHSM instances. The trial is for two weeks with a maximum of up to two HSMs.

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑