macseu

MACS Platform for IBM Maximo, IBM Control Desk and IBM TRIRIGA

MACS platform as a service for IBM-Maximo, IBM-Control Desk and IBM-TRIRIGA provides the ideal managed environment solution for your CMMS/CAFM/IWMS/Service Desk systems. We host or manage your licensed systems on yours/our platforms to reduce the cost of infrastructure purchase, management and updating. There are options for levels of security.

Features

  • Fully scalable service that can grow with your business.
  • Rapid on-boarding service available with MACS Quick Start.
  • Resilience at all levels of the infrastructure.
  • Reliability of service delivery.
  • Reduced costs and overheads.
  • Application support available on request.
  • Added features available for BI Analytics.

Benefits

  • Monthly payment, hence OPEX not CAPEX.
  • Optional high security version to protect sensitive data.
  • Flexibly add computing capacity according to need.
  • High availability to ensure high user productivity.
  • Lower cost than retaining dedicated on premise computing resources.
  • Reduce costs further with optional application support from MACS.
  • Cohost your BI solution with your application for reduced latency.

Pricing

£4,800 a unit a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@macs.eu. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

7 3 2 6 3 6 4 0 6 4 9 8 6 9 3

Contact

macseu Alex Brain
Telephone: 02084327430
Email: g-cloud@macs.eu

Service scope

Service constraints
No
System requirements
  • Supported licenses for IBM Maximo or
  • Supported licenses for IBM TRIRIGA or
  • Supported licenses for IBM Control Desk.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response is within two hours during normal office hours. Out of hours service is an optional extra.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support is provided to ensure that the service is available for 95% of the agreed operating hours. Further support is provided to ensure that an RPO of 4 hours and an RTO of 12 hours is achievable. If optional application support is provided there are three levels of service. Level 1, for the resolution of easily rectified configuration issues; level 2 for those issues that are more involved, such as custom code or automation scripts; level 3 for passing on issues to IBM for a hotfix to base code.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Users have the option of installing their own applicationsand preparing the data or of commissioning MACS to assist. A VPN is provided for access to the virtual private cloud; the virtual servers are available within the cloud and ready for the client to begin installation. Assistance is available with gaining inital access. MACS will set up any URLs, NAT, firewalls, load balancing and security measures for the platform. This will be relayed to the purchaser following a brief consultation period to verify requirements.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Data is provided as a complete backup of the database.
End-of-contract process
Six months prior to the end of the contracted service period, the client and the provider shall assess whether or not an extension is desirable or allowable. Should the decision be to terminate the service the offboarding process shall be initiated. A date shall be agreed for the cessation of services upon which the database shall be disabled and the data exported. Following the successful export of the data, custom classes and report formats, the entire system will be securely wiped of data and software to ensure no leakage of artifacts to susequent clinets.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Clients do not share computing resources. Sufficient resources are allocated to cope with the expected demand of the client within their VPC. Clients may share database resources between their own non-production and production systems, however demand is monitored and resources flexed accordingly.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
Reporting types
Regular reports

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
IBM

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Daily database backups
  • Hourly transaction file backups
  • Ad hoc VM backups whenever changes occur to application configurations.
Backup controls
Databases are backed up according to a schedule dictated by the RPO and RTO requirements. Virtual machines may be backed up at the client's request following configuration changes. Ad hoc database backups may be made to support good practice when applying application configurations.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The network and infrastructure is guaranteed for 100% uptime. The database availability is guaranteed for 95% uptime. No refund is offered.
Approach to resilience
VM Replication
Database Replication
-Transactional replication
-Log shipping
-Mirroring
Array-based Replication
DNS Failover
Outage reporting
Email alerts.

Identity and authentication

User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Under our ISO 27001 Standard Operating Procedure (SOP) Access control is based on the role of the employee and is documented under an Access levels process. This is controlled by the security officer and access is granted to the central management team and reviewed under our internal and external audits for ISO 27001
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS International GmbH
ISO/IEC 27001 accreditation date
08/01/2020
What the ISO/IEC 27001 doesn’t cover
This Certificate remains valid while the holder maintains quality administration systems in accordance with the standards and guidelines above, which will be yearly, during the contract period, audited by QMS Quality Management Systems International GmbH. This Certificate is the property of QMS Quality Management Systems International GmbH and must be returned in the event of cancellation
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • Cyber Essentials Plus.

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus Accredited
Information security policies and processes
Available on request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Primary contact person will maintain and add information to these requests including an impact analysis for realizing the changes and improvements.
On a quarterly basis all request and changes will be reviewed by the Customer key user team and the MACS primary contact.
All approved changes will be bundled in releases after which detailed planning will be made for development, testing, acceptance and promotion to production.
Carrying out modifications, extensions, installation of patches, etc. on the Maximo product itself via releases is not covered by this contract.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Information about technical vulnerabilities of information systems/application being used are monitored via the MACS technical team, the organisation's exposure to vulnerabilities is evaluated regularly, and appropriate measures taken to address the associated risk. MACS follow the patch policy of all deployed products. All systems shall be kept up to date based on software updates provided by the supplier.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
ISMS SR (information incidents) are notified by all employees in the servicedesk or otherwise emailed to the security officer. The security officer has a console designed to monitor all incidents from first notification to completion.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident management is covered under our ISO 27001 Standard Operating Procedures. All incidents are reported in our Servicedesk as an internal service request with the marking Information Security (SR type = ISMS) and dealt with separately. The Security Officer will be notified always of every new incident and he/she shall check at that time whether the reported incident is an information security incident. If it is an information security incident, it will be dealt with in the proper way and the reporter will be notified of the steps taken.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Pricing

Price
£4,800 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at g-cloud@macs.eu. Tell them what format you need. It will help if you say what assistive technology you use.