Silex Consulting

DevOps

Silex has gained creative, development, marketing and operational experience from building and running some of the biggest websites on the Internet. We have experience in the following: Big Data, Continuous Integration, Configuration Management, System Architecture and Design, System Administration, Deployment frameworks, Technical documentation, Containerisation, Cloud computing and 24/7/365 support.

Features

  • Docker/Kubernetes/Fleet
  • Ansible/Chef/Puppet/Salt
  • Jenkins/CI/Continuous Deployment
  • Python/Ruby/PHP/Java/Scala/Groovy
  • Windows/CentOS/Ubuntu/RedHat/CoreOS
  • Elastisearch/Kibana/Logstash/Zabbix/Nagios
  • Apache/Nginx/HAProxy/Varnish/Tomcat
  • Hadoop/Redis/Mongo/Cassandra/MySql
  • Creative Brand and Product Development
  • Marketing Consultancy & Campaign Management

Benefits

  • Decreased downtime
  • Automated deployments
  • Increased productivity
  • Improved processes
  • Increased scalability
  • Improved Security
  • Global brand marketing exposure
  • Fully integrated 360 degree communications approach
  • Well-versed across all marketing platforms and communication channels
  • Brand development and roll-out strategy

Pricing

£850 per person per day

Service documents

Framework

G-Cloud 11

Service ID

8 0 9 0 4 6 3 0 4 0 1 3 3 2 3

Contact

Silex Consulting

Noel Sharpe

07725817147

noels@silex-consulting.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
We are not aware of any constraints to our support service and we can provide support on site or remotely at any time which is suitable for our customer.
System requirements
  • Infrastructure to run open-source software
  • Continuous and reliable access to the internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
We will respond within a maximum of 2 hours if not immediately at all times.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Our web chat service is accessible over a secure ssl connection. Users can chat to each other or a support assistant directly or in a public channel. Our web chat does not support voice chat.
Web chat accessibility testing
The Valuation Office needed an agile team to carry out user research and usability testing to ensure its new Drupal-based Find Your Business Rates valuation service met user needs, including consideration for assisted digital and users with access needs.

Silex carried out quantitative and qualitative research during the discovery and fed the findings into development during Alpha and Beta. Through web chat support, we continued to gather, and test user needs alongside the iterative development in an agile sprint cycle and commissioned an accessibility audit.

The result was a user-centred service which GDS highlighted as having exemplary design features in its Beta Service Assessment.
Onsite support
Yes, at extra cost
Support levels
We provide a high level of professional support at all times and we designate a cloud support engineer to the customer as a primary point of contact for all queries.

Please see our pricing document for further details on cost.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Silex believe that effective transitioning to a new service provider is achieved through detailed planning, effective leadership, and productive engagement. Our implementation methodology is aligned with Industry Standard PMI; and adapted to manage the variable levels of risk, scale, and complexity associated with any individual client project specific to their challenges and strategic aims.

Silex supplies project management resources and planning expertise required as part of the project. They will facilitate and drive project progress through initiation, planning, executing, monitoring and controlling and finally closing.

We offer a number of standard and extra services to support onboarding.
These are tailored specifically to the needs of individual customers. These
include, but not limited to:
* Full platform documentation available via web or PDF
* Seamless migration services from on-premise to cloud
* Consultancy services for architectural design and contact flow setup
* Consultancy services for 3rd party CRM and other application integration
* Consultancy services for custom reporting and analytics
* Onsite and webinar based training, both standard and ad-hoc
* Onsite launch support, and extended support during launch and bedding in period
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Data can be extracted via API directly, or provided separately in the form of secure download, and delivered via SFTP or other secure transit. Silex will work with a customer to determine the best method and format for each individual case.
End-of-contract process
As part of the on-boarding process, Silex will work with a customer to identify any data or configuration unique to the customer. We will then work with a customer to understand which data requires transferring, and determine the best method and format of transfer. A full exit strategy will be documented and agreed. Additional costs will be incurred for any non-standard data transfer requests.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
We provide a wide range of bespoke software development and marketing services. Where appropriate, we utilise responsive design and maintain a diverse skill-set of user-centric UX specialists.

An example is a product/service Silex recently developed called DropWise, the smart oil filter with an integrated meter. The pioneering service selects usage data in realtime, and to the (oil)drop.

The data is sent to an array of devices, including responsive mobile devices, laptop screens, kitchen hub with an API for oil suppliers... all updated realtime and optimally displaced for the usage occasion.
Service interface
No
API
Yes
What users can and can't do using the API
Silex maintain high calibre software engineers, capable of developing bespoke API's based on user need, user research, integration, eCommerce, including hosted Cloud VPN and IVR services.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
For each buyer the circumstances would be entirely unique. We would create a customised strategy by analysing the buyers exact requirements and providing them with the solution which delivers results in order of value.

Scaling

Independence of resources
Silex continually monitor all services provided. The available resource consists of multi-tiered remote support staff covering the major disciplines needed to support DevOps services.

Included are:
* Proactive monitoring
* Helpdesk function of resources Incident and ticket management
* Change control

Our agile team of developers monitor demand placed upon the team and infrastructure, ensuring that sufficient resources are available for all customers. Additionally, each customer has an agreed maximum scaling level before needing assistance from support.

Our approach ensures that each customer can reach their maximum level without issue experienced by themselves or other customers.

Analytics

Service usage metrics
Yes
Metrics types
Metrics include but not limited to:
* Number of inbound / outbound requests/calls made over a defined period
* Amount of inbound / outbound time over a defined period
* Number of requests/services over a defined period
* Total volume of data stored (as defined)
* Total time employed
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Encryption of physical media as and when required by
contractual agreement.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Users can easily export data using the following methods
1) Using API interface for direct downloads
2) Ad-Hoc downloads or data transfers arranged with Silex engineers
3) Direct access to Cloud repositories such as Dropbox, WeTransfer, and OneDrive.
Data export formats
  • CSV
  • Other
Other data export formats
  • WAV (for recordings)
  • Adobe Illustrator (.ai), CorelDraw (.cdr) - for design work
Data import formats
  • CSV
  • Other
Other data import formats
  • WAV (for recordings)
  • Microsoft Office Suite (as needed)

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Contracts with customers are negotiated individually; however as a guideline the following applies:
* Overall uptime SLA of 99.9%.
* 10% service credit for uptime below 99.9% but above 99.0%.
* 30% service credit for uptime below 99.0%.
Approach to resilience
Silex follows a principle of resiliency by design. All aspects of our service are deployed in a High Availability (HA) configuration across multiple data
centres.
* Diversity of geography, hosting partners, carriers, and hardware is employed at all levels, from Layer 1 to Layer 7.
* Data centres utilise industry-leading redundant power and air handling technologies and customer data is stored across RAID5 configured drives in geographically diverse locations.
Outage reporting
Should an incident or outage events occur, Silex will communicate status and resolution to customers via the following channels:
* System status dashboard
* Email Alerts
* SMS Alerts
* Telephone

Exact method of reporting can be tailored individually for each customer according to their requirements and impact to service.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
All accounts created are based on Role Based Access Control (RBAC). Accounts can be set up with only the access needed to support their role. Customers can create multiple profiles to match their individual business needs.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
All Silex software engineers are SC cleared.

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
CSA CCM version 3.0
Information security policies and processes
As a leading DevOps provider, data security is of paramount importance. Silex has adopted a comprehensive Information Security Policy that has been deployed throughout our enterprise, including all contracted resources.

The need to ensure the confidentiality, integrity, and availability of both corporate and customer information has been a driving force in enabling us to produce and manage robust processes within this area.

Silex security policies and processes comply with GDPR to ensure that any risks are identified, measured and mitigated with controls (i.e. policies, training or technical restrictions.

Our management has set a clear policy direction and demonstrated support for, and commitment to, information security through the implementation and ongoing maintenance of the Information Security Management Systems policy throughout the organisation.

An ongoing training program ensures that all employees are aware of their responsibilities in relation to information security and that feedback methods are in place to measure the effectiveness of all processes on a continual basis.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Silex's change management process ensures that all change requests are
formally assessed, scheduled, authorised, implemented and tested to minimise impact to services, and to save the business time and resource in reacting to a failed change.

Key steps are:
* Registration and classification, including of devices affected
* Review of change proposal, including security assessment
* Approval
* Planning and testing
* Implementation
* Review & close the change
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
* Patch management: Silex has implemented an open-source system to distribute and install security patches.
* Vulnerability scans: Silex scans both internal and external data to access potential vulnerability threats.
* Penetration tests: Penetration testing is undertaken at each development milestone.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Silex actively monitor events across our infrastructure, and carry out analysis of data collected. The monitoring is carried 24/7 and any suspicious behaviour is raised with Silex in real-time.

Silex uses antivirus on server and client device equipment to ensure Malware is identified and correctly addressed. We also utilise IPS/IDS technology to identify possible compromises/threats. This overall approach ensures that Silex respond to any incidents within 24hrs of occurrence. If a potential compromise is found it is treated with the utmost importance and responded immediately.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Silex has a fully documented security incident management process in place.

Incidents are:
* Reported via a reporting portal or a confidential whistle-blowing line.
* Classified so they can be handled as quickly as possible.
* Classified according to the category and severity of issue. The priority will be determined by the impact and urgency of the resolution.

Incident report updates are provided via email or via the management portal. Once resolution has been applied, a final report will be produced and sent to the senior management team.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£850 per person per day
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑