Grey Monarch Limited

Universal Automation Centre in the Cloud

Universal Automation Center provides background job scheduling, orchestration and workload automation of executable tasks, jobs and file transfers across multiple platforms and technologies including: Microsoft Windows, Unix (AIX, HP-UX, Solaris etc.), Linux, IBM z/OS, SAP, Tandem, IBM iSeries, SOA, and RDBMS. User access is provided by a fully web-based interface.

Features

  • Enterprise wide workload automation
  • Schedule and Orchestrate background tasks, programs and file transfers
  • Event driven automation and orchestration across the organization
  • 100% Web based drag and drop task orchestration
  • Open agents for any Operating System platform
  • Custom Dashboards and Graphical Workflows
  • Guaranteed Secure Managed File Transfer

Benefits

  • Complete automation of processing tasks across multiple platforms
  • Create simple of complex dependencies between tasks
  • Get instant notification of business processes that might miss SLAs
  • View and manage your business processes from any device
  • Embed secure file transfers within your business processes
  • Create graphical drag-and-drop connectors between tasks
  • Get automatic alerts of task failures or processes running late
  • Start with automating as few tasks as you like...
  • ...and scale up to millions of tasks per day

Pricing

£1400 to £3000 per instance per month

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

8 0 1 6 8 5 5 7 9 8 8 3 8 3 6

Contact

Grey Monarch Limited

David Lloyd

0844 736 5879

david.lloyd@greymonarch.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
None
System requirements
None, this is a fully hosted Software as a Service

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 4 business hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The standard support level supplied inclusive within the SaaS offering is 8am to 6pm Mon-Fri.
Out of hours support can be provided for an additional fee of £10 per day. A Technical account manager is also assigned to each customer account.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Training for the service is provided on-site as a two day course.
Service documentation
Yes
Documentation formats
  • ODF
  • Other
Other documentation formats
Online tutorials
End-of-contract data extraction
Data can be downloaded to CSV or Excel.
End-of-contract process
The monthly subscription fee includes all of the hardware, software, maintenance and support.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The mobile service is generally used for real-time notifications and user interactions.
Service interface
No
API
Yes
What users can and can't do using the API
The API can be used for externally triggering schedules, workflows and events to start between systems and applications. Universal Automation Center can also call external API's to process tasks and activities to run on third-party systems.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Universal Automation Center is provided as single tenancy (private cloud) allowing users to fully customize the solution.

Scaling

Independence of resources
This service is provided within a 100% private cloud with no server sharing, operating system sharing, disk sharing or application sharing.

Analytics

Service usage metrics
Yes
Metrics types
User activity and application uptime
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be exported via on-screen menus into either XLSX pr CSV format
Data export formats
  • CSV
  • Other
Other data export formats
Excel
Data import formats
  • CSV
  • Other
Other data import formats
Excel

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Microsoft dedicated network protection

Availability and resilience

Guaranteed availability
99.95% up-time. A lack of availability owing to customer-side connectivity issues and customer system downtimes are not taken into account with regard to SLAs.
Approach to resilience
Resilience is built in at various levels including physical nodes, strorage controllers, disks, internet connectivity, remote access and firewalls. Our service uses UKFast data centres which operate at Tier 3 standards for uptime and availability. They use concurrently maintainable systems including UPS, standby diesel generators and high density infrastructures in excess of 15kW per rack.
Outage reporting
Dashboards and eMail alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Secure VPN, Server level username/password, Application level username/password, specific user roles which define access rights
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
LRQA
ISO/IEC 27001 accreditation date
23/06/2016
What the ISO/IEC 27001 doesn’t cover
All processes are covered
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Ultima Risk Management
PCI DSS accreditation date
22/08/2016
What the PCI DSS doesn’t cover
Office network not covered
Other security certifications
Yes
Any other security certifications
  • Cyber essentials / cyber essentials+
  • SOC 2

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our full IT Security Policy document is available upon request but the essential principles are;
All IT Systems are to be protected against unauthorised access.
All data stored on IT Systems are to be managed securely in compliance with all relevant parts of the Data Protection Act 1998.
The responsibility for the security and integrity of all IT Systems and the data stored thereon (including, but not limited to, the security, integrity and confidentiality of that data) lies with the IT Department unless expressly stated otherwise.
All IT Systems are to be installed, maintained, serviced, repaired and upgraded by Grey Monarch Technical Services (the “IT Department”) or by such third party/parties as the IT Department may from time to time authorise.
All breaches of security pertaining to the IT Systems or any data stored thereon shall be reported and subsequently investigated by the IT Department and, if necessary, escalated to the IT Director.
All Users must report any and all security concerns relating to the IT Systems or to the data stored thereon immediately to the IT Department, and, if necessary, escalated to the IT Director.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All components, hardware and software, can be identified by their version number, release number and modification level. The software architecture allows for hot patching whereby extremely focused updates can be applied without affecting other components within the system. Any changes are subject to our change control procedures and are tested within development and QA environments before being applied to any production environments. Scheduled maintenance will be required at regular intervals. Scheduled maintenance is excluded from any service availability.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The service infrastructure is ISO27001 certified and, as such, is subject to continual assessment to ensure that vulnerabilities are identified, risk assessed and treated/patched accordingly. Patches are prioritized according to risk and relevance to the service. Critical patches are typically applied within 24 hours of being available.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The service infrastructure undergoes continual Security Incident and Event Monitoring (SIEM) according to CESG and ISO27001 best practises. This monitoring is provided by a mixture of automated and manual monitoring and analysis. Incidents and any potential compromises are assessed and responded to according to their risk assessment. Critical incidents are responded to immediately.
Incident management type
Supplier-defined controls
Incident management approach
Pre-defined processes exist for common events. All incidents, whether internally identified, or reported by users are logged within our ticketing management system. Reported incidents are initially analysed and risk assessed. Either preventative measures or patches/fixes will be applied according to the severity and scope of any incident. Critical incidents will be escalated accordingly. Reports will be provided via eMail or telephone where appropriate and of a high risk nature.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)

Pricing

Price
£1400 to £3000 per instance per month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑