Hortor Limited

Hortor Limited Cloud Operations Management Software Services

Hortor Limited provides a full set of Cloud Software Operations Management Services, including scoping, UI, data import/export, application analytics/ scaling, in-transit/operational/staff security/asset protection, availability/resilience, identity/authentication support in a secure, certified and documented way, training/demonstrations (including Service Design), and ongoing support of products it builds along with its partners'/other selected products.

Features

  • Full featured support across the Operations Management spectrum
  • Latest tools/techniques supporting Proactive and Preventive assurance are supported
  • End-to-end support of lifecycle Operations Management, including Systems Thinking
  • Service-based Cloud Operations Management Software
  • Cloud Operations Management Software planning and design
  • Cloud Operations Management Software set up/build and configuation
  • Cloud Operations Management Software Documentation/Training (including Service Design)
  • Cloud Operations Management Software Security
  • Cloud Operations Management Software On-Going Support

Benefits

  • Fewer suppliers/less integration needed on path to full spectrum support
  • Best of Breed Proactive/Preventive Operations Management approaches supported
  • Focus on leveraging proactive/preventive disciplines to optimize Operations effectiveness
  • Service-based Lifeycle Managed Cloud Operations Management Software services
  • Cloud Operations Management Software benefits/risks/costs are clearly understood
  • Cloud Operations Management Software products/services work as designed
  • Cloud Operations Management Software services are well understood and used
  • Secure Cloud Operations Management Software services are provided
  • Business critical use of Cloud Operations Management Software services supported

Pricing

£500 per person per day

Service documents

G-Cloud 11

879654818926557

Hortor Limited

Martyn Papworth

07592502644

martyn.papworth@hortor.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints No specific constraints - usually, our constraints are those that our client sets (cost, time, usage criteria, etc.)
System requirements
  • Amazon Web Services (AWS)
  • Microsoft Azure Services
  • IBM Cloud Services
  • Client's own Cloud or physical services
  • Our Cloud or physcial services

User support

User support
Email or online ticketing support Email or online ticketing
Support response times See following for general definitions of Hortor's three service levels (Bronze, Silver and Gold). Hortor Bronze Support means that Hortor will provide an Initial Response and Acknowledgement for issues over an email during working hours only, without specific commitment on time of response, and will provide Software updates when available. For Hortor Silver or Gold Support, Hortor will respond to support requests and will provide workarounds or fixes in accordance with agreed priority: Initial Response & Acknowledgment: P1, 8 hours, P2, Next business day. Targeted Fix Date or Workaround: P1, 2 days, P2, 1 week
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Unknown
Web chat accessibility testing None
Onsite support Yes, at extra cost
Support levels Again, Hortor Limited provides one of three levels of Support: Bronze, Silver or Gold. Every level of Hortor Support provides email and a web-based portal for submitting cases and tracking case status. In the case of Bronze Support and in addition to the above, next business day support will be provided during normal business days. In the case of Silver Support and in addition to the above, same business day support will be provided during normal business days. In case of Gold Support and in addition to the above, 24x7x365 phone-based support will be provided by Hortor Limited. Pricing is dependent on the nature of the platform(s) and/or infrastructure being supported, but generally there is a 1X/2X/4X relationship between bronze, silver and gold support levels. Generally Hortor Limited will provide a technical account manager to provide a single interface for a client's support issues and concerns
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Usually, what we provide depends on the product or service being provided to a client and the client's needs in getting to have the product/service well understood and used for its users and/or customers. Documentation is usually provided (user guides, operations guides, high-level design documents, code frameworks, etc.), along with demonstrations, on-site and/or on-line training that, through experience, gets the client to the adoption level they want by a certain time.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • Word Documents
  • Powerpoint
  • Visio
End-of-contract data extraction Usually, we will provide data extraction methods and directly support this activity set as our client directs.
End-of-contract process Usually, what is included is specific to the product or service we are providing the client, ranging from performing activities for the client as a finished service to assisting them with performing these activities themselves. What is included and what is at addional cost is as contractually negotiated.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Usually, the UI for our application designs are responsive, so that they can be used on both mobile and desktop services
Accessibility standards None or don’t know
Description of accessibility Unknown
Accessibility testing None
API Yes
What users can and can't do using the API Usually this is defined as part of the product or service we provide to our client, and emulation of all user functionality on the API is our preferred target
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation We will support any customer need to modify a "standard" service we provide to support their specific requirements.

Scaling

Scaling
Independence of resources Generally, our products and services are specific to a particular client. We do have services for specific clients that are shared within that client's users, which are designed to meet SLA's as the customer requires (see following).

Analytics

Analytics
Service usage metrics Yes
Metrics types The usage metrics we provide are usually specific to the product or service we are providing to our client, ranging from general login/frequency counters to how specific functions are used.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Generally, we support the protection methods as specified by our clients for the products and service we provide them. We have used most physical (e.g., SSAE-16) and logical (sharding) known today as required.
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Data export methods that we support vary widely based on the product or service we are providing to the client, ranging form simple, delimited flat files to specific databased export/import constructs.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats On request, specific database export constructs
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats On request, specific database import constructs

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability The SLA's we furnish are specific to the product or service we are providing to a client, but generally supports the client's availability metrics where practical. Compensation for not meeting SLA's is contractually agreed, and varies from service credits to re-working unsatisfactory output(s).
Approach to resilience This information is proprietary, but can be made available on request
Outage reporting Outage reporting is a fundamental part of how we support our products and services provided to our clients. We can and have used single- and multi-channel methods to report outages, including dashboards, API's, e-mails, SMS, etc., all tailored to our clients' needs.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels We usually restrict access to management interfaces and support channels based on the customers requirements (most common methods is user id/password along with a second factor authentication method like Authy), with the main goal of ensuring the person/device requesting access is who they say the are and are authorized for the access they are requesting
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Our security certifications are in alignment with the above standards

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Usually, we support security governance as directed by our clients for their products and services.
Information security policies and processes Usually, we support information security policies and processes as directed by our clients for their products and services.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We prefer to use Agile development methodologies. We use Github Workflow (and other standards-based tool kits) for development feature, release and hot-fix branch managment. We are focused on output quality, assured by a static code analysis tool, frequent code review processes and daily automated tests. We are DevOps-based, and employ: 1) Continuous integration and delivery processes based on Jenkins, with (a) Pipelines for build/test/deploy, (b) Nightly builds, and (c) Structured Release promotion 2) A Simplified, well-tested release process based on Docker images. This approach is security assessed at least yearly.
Vulnerability management type Supplier-defined controls
Vulnerability management approach This is proprietary information, but can be shared on request
Protective monitoring type Supplier-defined controls
Protective monitoring approach On Compromises, this is proprietary information, but this can be shared when requested and the need is understood and agreed. Please see the following concerning response times.
Incident management type Supplier-defined controls
Incident management approach Again, Hortor Limited provides one of three levels of Support: Bronze, Silver or Gold. Every level of Hortor Support provides email and a web-based portal for submitting cases and tracking case status. In the case of Bronze Support and in addition to the above, next business day support will be provided during normal business days. In the case of Silver Support and in addition to the above, same business day support will be provided during normal business days. In case of Gold Support, and in addition to the above, 24x7x365 phone-based support will be provided by Hortor Limited.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £500 per person per day
Discount for educational organisations Yes
Free trial available Yes
Description of free trial If there is an application we've previously built for another client, we will consider a free trial to others for up to two (2) months.
Link to free trial Link(s) provided on request.

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑