Infosys Limited

Infosys Cloud Foundation, Cloud Build, Cloud migration services

We help build a cloud environment that minimizes the IT footprint, optimizes costs and performance while ensuring effective management and governance. Infosys leverages partnerships with established cloud providers like AWS, Microsoft Azure, Google Cloud and Oracle. Our services focus on automation,RPA,Bots etc

Features

  • Strategy & Incubation
  • Transformation (Build and Migrate)
  • Cloud Journey accelerator tools
  • Cloud Automation
  • Cloud Operation optimization
  • Center of Excellence
  • Cloud Migration assessment framework
  • Flexible Delivery Model

Benefits

  • Infosys has Premium partnership with AWS, Azure, Google and Oracle
  • 500+ engagement, 4750+ certified experts, 15800+ consultants
  • Enterprise Ready Cloud Foundation setup as early as 45 days
  • Reducde time to market using DevOps enabled Infosys Automation framework
  • Cost Flexibility - Variability of costs every Month
  • MTTR - 50% - 70% reduction in time and effort
  • Lower IT Operational cost - ~50% less operational cost
  • Value of agility - Faster delivery of products/services
  • Flexible service level - Minimal changes required for SLA change
  • Automation for Infrastructure-as-code and confguration-as-code

Pricing

£180 to £1,400 a person a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Peter.Gill@infosys.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 0 9 4 3 9 9 0 5 9 7 2 3 9 2

Contact

Infosys Limited Peter Gill
Telephone: +44 7391393866
Email: Peter.Gill@infosys.com

Service scope

Service constraints
None
System requirements
N/A

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email, Ticketing support depends on the operating model for each engagement. Based on the customer business requirement we will have Service Level agreements for response and resolution time.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AAA
Web chat accessibility testing
N/A
Onsite support
Onsite support
Support levels
We provide all levels of support, Level 1, level 2 and Level 3. from Cloud engineer to Cloud Solution archirect to technical account manager to cloud program manager
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide customised solutions for every customer based on the customer requirements.
We provide the design documents, User guides, Online training to the end users.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Ppt, word
End-of-contract data extraction
If Infosys owns the Cloud account, at the end of contract we either
1. Take the backup of the data and share in the format requested by the buyer or
2. Migrate the data to the next service provider and provide the transition
End-of-contract process
End of the contract is subject to terms and conditions of the contract with the respective customer

Using the service

Web browser interface
Yes
Using the web interface
1. Cloud provider web Console is used e.g. AWS webconsole for AWS services, Users can manage all services using Web interface
Web interface accessibility standard
WCAG 2.1 AAA
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
Cloud Service provider offered APIs. Example: AWS API.
we can access, manage and change all the services using API
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • Terraform
  • Puppet
  • Other
Other API automation tools
SDKs available for various programming languages- Java, Python, .Net
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
We can access, manage and change all the services using API

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Auto Scaling of the resources as the demand increase
Usage notifications
Yes
Usage reporting
  • Email
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS, Microsoft Azure, Google Cloud, Oracle Cloud

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
Backup controls
1. Based on the customer requirements and approved backup and recovery tools we will schedule the backup schedules.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
We will implement site-site VPN between buyer's and our/Cloud provide network.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Encrypt data in-transit and data at rest

Availability and resilience

Guaranteed availability
Guaranteed availability is provided by the respective cloud providers
Approach to resilience
Infosys will build the resilience in the system using High Availability, Disaster Recovery and Backup solutions provided by the respective public cloud providers.

For Ex:
1. In case of AWS, AWS regions are groups of independent data-centers. Every region is made up of two or more Availability Zones, which are independent and isolated data-centers. Using EC2 instances across multiple availability zones and also using managed services, like auto scaling, ELB and S3 will provide better resilience and high availability.
Outage reporting
E-mail Notification

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
User, password, MFA, Public Key, Role based Access Using Identity and Access Management services offered by the Cloud Provider.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
Dedicated device on a segregated network (providers own provision)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Bureau Veritas Holding SAS - UK
ISO/IEC 27001 accreditation date
2017
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • ISO 27001:2013
  • SSAE 18 SOC 1 Type II

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Infosys as an organisation is aligned and certified to ISO 27001:2013 which is an Industry recognized information security standard. Infosys’ Information Security Policy framework is aligned and certified to ISO 27001:2013 Information Security Standard. The information security framework is supported by a set of supplementary policies, procedures & standards aimed at achieving the enterprise level information security objectives.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Provides systematic approach to control life cycle of all changes, facilitating beneficial changes to be made with minimum disruption to IT services. Change Management offers ITIL-aligned processes for normal, standard, and emergency change types.
Normal change: Follows complete change lifecycle including peer or technical approval, management, Change Advisory Board (CAB) authorization before being implemented, reviewed, closed.
Standard change: Frequently implemented, repeatable implementation steps, low risk, proven history of success.
Emergency change: Covers fix on fail or retroactive situations where impact to service has been experienced or fail situations where the impact to service is imminent if action is not taken.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Infosys has a defined process to monitor all threats including security vulnerabilities and we engage in periodic vulnerability scanning and penetration testing of systems.

Regular vulnerability assessment & penetration testing(VA/PT) is conducted on sample internet facing infrastructure and applications by Information Security Group(ISG) as well as an independent external agency. Penetration Testing exercise is conducted every quarter on Corporate Critical Infrastructure & Applications on sampling basis. External agency is engaged every alternate quarters (once in 6 months) to perform the VA/PT, for remaining two quarters ISG performs the VA/PT.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Infosys has an enterprise security information and event management platform (SIEM) which collects, correlates, monitors and stores logs from various critical enterprise infrastructure and retains the same for one year. The log monitoring and analysis is done at the 24/7 x 365 operational Global Security Operation Centre (GSOC). There are preconfigured alerts on the platform which triggers as an incident and are worked upon based on the severity defined and the associated standard operating procedure. The incidents are detected, investigated, closed and the track is maintained as knowledgebase
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We follow ITIL incident management process

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
Supplier. Virtualisation technology is provided by the respective public cloud providers
How shared infrastructure is kept separate
Virtualisation technology is provided by the respective public cloud providers

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Cloud service provider like AWS , Azure maintains their datacentre as per EU code

Pricing

Price
£180 to £1,400 a person a day
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Peter.Gill@infosys.com. Tell them what format you need. It will help if you say what assistive technology you use.