Datalytics Technology

AWS CodePipeline

AWS CodePipeline is a continuous delivery service for fast and reliable application updates. CodePipeline builds, tests, and deploys your code every time there is a code change, based on the release process models you define.


  • Optimum agility efficiency: Use AWS expertise to assess workloads.
  • Private/public clouds, coupled with AWS private cloud architecture maximising benefits
  • Universal trust: Ensure security and compliance, and manage risk.
  • Uphold governance across your cloud environment.
  • Proven success: Capitalize on AWS global customer experience
  • Transform to cloud computing and ITaaS.


  • Greater Efficiency: resources are virtualized and pooled ensuring physical infrastructure.
  • Greater Agility: IT resources can be provisioned on demand.
  • Rapid Scalability: instantly allocate additional computing resources to meet demands.
  • Lower Costs: infrastructure, energy/facility costs.
  • Greater IT staff productivity: Automated self-service portal
  • Reduce wasted resources: transparent pricing and metering and chargeback tools.
  • Higher utilization of IT investments
  • Enhanced security and protection of information assets


£0 per unit per day

Service documents

G-Cloud 9


Datalytics Technology

James Sheffield


Service scope

Service scope
Service constraints None
System requirements
  • Internet Browser
  • Appropriate antivirus Software

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Monday - Friday 9 am -5.30pm
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels The hours of Support Service availability are defined in each SLA ranging between 24X7X365 to weekdays 09:00 to 17:00.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onsite/online training User documentation
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Hard copies
End-of-contract data extraction No need of data extraction at the end of contract as our software does not hold any data with in it.
End-of-contract process No financial penalties/additional costs at the end of the contract

Using the service

Using the service
Web browser interface No
Command line interface No


Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources Constant monitoring of user activity together with the measures put in place to make sure that the user demands are met appropriately
Usage notifications Yes
Usage reporting
  • Email
  • SMS
  • Other


Infrastructure or application metrics No


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability of the software is defined by the client and their network and documented in agreed SLAs.
Approach to resilience Available on request
Outage reporting Various forms of notifications like text messages, emails will be generated in case of any service outages.

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Implemented within client firewall. Hence only secure access available
Access restriction testing frequency At least every 6 months
Management access authentication Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Strategic alignment of information security with business strategy to support organisational and client objectives . Risk management by executing appropriate measures to manage and mitigate risks and reduce potential impacts on information resources to an acceptable level. Resource management by utilising information security knowledge and infrastructure efficiently and effectively. Performance measurement by measuring, monitoring and reporting information security governance metrics to ensure that organisational objectives are achieved. Value delivery by optimising information security investments in support of organisational objectives
Information security policies and processes Nformation will be protected in line with all relevant policies and legislation, notably those relating to data protection, human rights and freedom of information. Each information asset will have a nominated owner who will be assigned responsibility for defining the appropriate uses of the asset and ensuring that appropriate security measures are in place to protect the asset. Information will be made available solely to those who have a legitimate need for access. All information will be classified according to an appropriate level of security. The integrity of information will be maintained. It is the responsibility of all individuals who have been granted access to information to handle it appropriately in accordance with its classification. Information will be protected against unauthorised access. Compliance with the Information Security Policy will be enforced.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We adhere to a strict PRINCE2 and ITIL methodology and have written procedures for both information and configuration management and change control. Configuration items and Change Control requests are recorded and maintained through their lifespan. We convene regular meetings to discuss change control requests and grant approval/reject accordingly based on the outcomes of the discussions
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Compliant with approved single sign-on and access control solutions which manage risk associated with vulnerabilities and potential threats. Patches and updates are produced on a regular time table as well as emergency fixes as required.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Dependent on the configuration of the user network system
Incident management type Supplier-defined controls
Incident management approach We have defined a service level agreement between the provider and the customer that defines incident priorities, escalation paths, and response/resolution time frames . Clients are to report on the incident report tool or to support desk who will action on them Incident and categorised to types to tier 1,2 and major incidents by the support desk for better data gathering and problem management is done.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £0 per unit per day
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑