Pulsion Technology Limited

AWS Managed Hosting

We provide fully managed hosting, development and support across all Amazon Web Services (AWS) services allowing clients to experience the massive scalability and cost effectiveness of the AWS platform. AWS is the world’s most comprehensive and broadly adopted cloud platform, offering over 165 fully featured services from data centres globally.


  • Managed cloud hosted solutions deployed using infrastructure as code
  • Affordable hosting paying only for what you use
  • Elastic and scalable infrastructure which scales on demand
  • Fully redundant across multiple data centers and even countries
  • Pro-active monitoring of entire infrastructure using cloud managed services
  • Managed security updates, patching, backups
  • Secure managed networking and access control
  • Regulatory compliance and assurance for cloud services
  • Comprehensive cloud environment audit logging


  • Support with the migration of legacy environments to the cloud
  • Specialist cloud support from our team of experts
  • Secure hosting for Government workloads
  • Manage workloads more efficiently and cost-effectively
  • Cloud solution design and implementation from AWS certified experts
  • Compliant with 14 Cloud Security Principles, ISO27001 and GDPR
  • Licensing advice and optimisation to ensure best value
  • Clear, straightforward monthly cloud billing
  • Lower operating costs, remove the overhead of on-site staff


£500 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dcurrie@pulsion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

8 9 1 6 1 5 4 9 4 6 9 1 8 9 2


Pulsion Technology Limited Daniel Currie
Telephone: 0141 352 2280
Email: dcurrie@pulsion.co.uk

Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
There are no constraints.
System requirements
  • Functional internet browser
  • Working connection to the internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA's are variable depending on Client requirements. Our standard response time is within 2 hours for 'critical' issues, within 4 hours for 'high priority' issues, and within 1 business day for all other issues.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
We work to client approved support levels. As such, we will review our standard support offering against the aims and objectives for your software support. Our offering will then be suitably tailored to provide the best possible service. As standard, we offer a technical account manager and dedicated in-house support team - an online Help Desk with direct phoneline and email support - a test version of your software - maintenance of a dedicated support wiki - agreed escalation points - and regular performance reviews in-line with the SLA's. All of our pricing is highly competitive and will be determined, based on the complexity and demand of your support requirements.
Support available to third parties

Onboarding and offboarding

Getting started
We provide a combination of training and user documentation, which caters for both novice and experienced users. Firstly, we will collaborate with you to discuss the likely user tasks and establish both short and long-term aims of the training/documentation. We will then agree the most suitable training method(s), which typically include Group Sessions, Train the Trainer, and working with a dedicated training system. User Documentation will be clear and concise, to compliment the training session(s) and minimise your reliance on external support.
Service documentation
Documentation formats
End-of-contract data extraction
Our client owns all IPR and therefore there is no requirement for data extraction.
End-of-contract process
The contract pricing outlines everything in our proposal, to be delivered within the agreed timescales. Additional costs would only occur if the client requests further services that are outwith the original scope (e.g. additional functionality or extra training). At the end of the contract, the client will approve all of our work with a simple sign-off. As the client maintains all IPR for our services, they will then have full capability to maintain the service.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
We use a mobile first design strategy. This initially confirms and tests the design for the smallest screen (i.e. a smartphone), before progressively moving to larger screens (i.e. a tablet, then desktop). This ensures that the key UI/UX features are displayed on all devices, and provides a quality User Experience, with minimal differences between the mobile and desktop service.
Service interface
Description of service interface
Our service interface is customised for each Client.
Accessibility standards
Accessibility testing
We adhere as closely as possibly with Gov UK's service manual for testing with assistive technologies.
What users can and can't do using the API
Our use of an API varies depending on the individual clients requirements. Full details will be provided in the API documentation, if an API is required.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Our service allows for full customisation before, during and beyond the project delivery. Before the delivery, we determine the initial scope of UI/UX requirements with our client. At this point, we are essentially working with a blank canvas and our team can customise all aspects of the solution. Both the Client and their users can shape the level of customisation at this point. During the delivery, we work in-line with PRINCE2 and agile principles. This gives the Client full transparency throughout the project, via regular progress meetings and UAT. As such, both the Client and their users can influence further customisation (to all UI/UX features), throughout the delivery phase. After the delivery, our client can determine multiple user access permissions (e.g. Administrator) which can be used to customise functions of the solution. Users may also have customisable features, such as editing their user profile. We provide full support and training for customising functionality.


Independence of resources
This service offers a stand-alone client-only design. As such, we will follow a design which is dependent on the client’s specified user stories and expected usage. We will work with the client to monitor performance, which will be reported at an agreed frequency, in a method that is client-approved. Where practical, we will also assist in scaling the service.


Service usage metrics
Metrics types
We provide service metrics through Google Analytics.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Users can request data exportation and Pulsion will provide this service for them.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We guarantee 99.9% availability. In the extremely rare event that this is not the case, we will treat this as a Critical Issue and will work continuously on the problem until it is resolved. User refunds will be agreed prior to our engagement, and will reflect the significance of the issue and time exposure.
Approach to resilience
This information is available on request.
Outage reporting
We set up instant notifications, which tell us if our there is a service outage. We then contact our Client directly, to inform them of this issue. This is not an automated process, but it managed by our dedicated support team.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
We use IP restrictions, on top of authentication.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Our ISO 27001 certification underpins all of our relevant processes.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials Plus
Information security policies and processes
We are ISO 27001 and Cyber Essentials Plus accredited. Reporting comprises of automated notifications to Pulsion for any incident which suffers an outage, or required administrative access or an update. A breach in security would be reported to senior staff (i.e. Staff Member > Line Manager > Head of Service). All incidents and breaches in security will be immediately reported to the client, via our dedicated account manager. We ensure that policies are followed through regular external audits, as well as frequent internal reviews.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We operate a change request process, which ensures both the requester and approver focus on five key points: has the change been tested; is there a rollback plan; which resources are required; what risks are involved; have relevant parties been informed. We approve change requests through relevant management representatives, as well as client contacts, where appropriate. We also record change requests against the appropriate project, and update related version documentation accordingly.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We assess potential threats to our service through continuous monitoring and by receiving instant notifications for required patches. Notifications come immediately from trusted vendors only. Once we receive a notification, we will begin the process of deploying a patch as soon as possible. This will often require testing from the offset, to ensure that no levels of customisation are broken. All patches are communicated with the Client, from first notification, straight through to deployment.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We perform a comprehensive range of testing methods on all of our development work, prior to deployment. This is conducted by our in-house Quality Assurance specialist, and serves to immediately detect compromises and vulnerabilities. Once identified, we may conduct additional testing after deployment, to specifically ascertain if the issue applies to our work. If it does, we will take action to patch this as soon as possible. If it doesn’t, we will assess the severity and choose an appropriate action, after discussion with the client. We respond to all incidents within client-approved service levels.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incidents are reported to line management via task management system as per our Integrated Management System processes, as well as by email and/or in person. Reporting would carry on up to CEO/Managing Director level where deemed appropriate. Account managers will inform affected clients where applicable through similar means – email, phone call and/or in person.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)


£500 a unit a day
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dcurrie@pulsion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.