Code Computerlove Ltd

Azure Specialist

If your preferred business solutions are within the Azure cloud subscription - or you wish to move into the Azure space, then we can design the subscription model that suits your needs.

Features

  • Bespoke technical solutions
  • Decoupled Platform as a Service
  • DevOps & Automation
  • Content Management Systems
  • Enterprise Architecture
  • Continuous Integration & Deployment

Benefits

  • Solutions designed to meet your strategic needs
  • Best in breed technology used for each decoupled service
  • Fully automated and mature DevOps practices employed
  • Cloud and SaaS CMS used as should be
  • Provide EA consultancy to help design wider business footprints
  • Development processes, testing and deployments fully automated

Pricing

£10000 per unit per month

  • Education pricing available

Service documents

G-Cloud 10

943403170076703

Code Computerlove Ltd

Steve Peters

0161 276 2080

steve.peters@codecomputerlove.com

Service scope

Service scope
Service constraints We would require YOU to own the Azure Subscription.
We will help define it for you.
We will not resell it to you.
System requirements
  • SQL Server / SQL as a Service
  • Windows licences if VM

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We use a product called Leankit with our clients to create transparency for feature/request priorities
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 1 Support for incident management if combined with Out of Hours cover (costs agreed within contract)

Your daily contact would be the Product Owner for the team that you are aligned with (your team would also contain Technical Architecture, Software Development, DevOps, Front End Development, Performance & Optoimisation, Analytis, UX & Design)
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Our working practices are collaborative by nature, so users (technical or not) would be part of the teams work - so given training & support on interfaces
Service documentation No
End-of-contract data extraction Any subscriptions are the clients ownerships, so we as a supplier would simply be asked to be removed from access controls
End-of-contract process Any additional work that needs to be done prior to the end of the contract would be covered under standard engagement terms.

Using the service

Using the service
Web browser interface Yes
Using the web interface Azure's default mangement & subscription environment
Web interface accessibility standard WCAG 2.0 AA or EN 301 549
Web interface accessibility testing N/A
API No
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources The Azure model is designed to do this,
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Business KPI's
  • Application Metrics
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Structured / Unstructured Data Storage
  • Webserver assets
  • Sourcecode
  • Automation processes
Backup controls This should be defined early in the relationship, so that backup can be automated.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We create SLA's with our clients, that reflect the service needs, spend and architecture that has resulted from (cost, scope & time).

In best case scenarios, we would expect 99.9%
Approach to resilience Decoupled architectures allow for resilience and scalability at each service layer.
Outage reporting Application Monitoring Tools
Application Insights
Client preferred Tooling
Email alerts
Dashboards

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels User access controls.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes As part of Mediacom and WPP group, we aspire to WPP policies, which can be requested

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach As all work with a client is done using collaborative practices, all features/tasks/change control is visible within our preferred process control system: LeanKit
Vulnerability management type Undisclosed
Vulnerability management approach Notifications from vendor software / systems within subscription
Azure
Microsoft
Protective monitoring type Undisclosed
Protective monitoring approach Vulnerability is checked for as part of continuous build processes.
Full disclosure with client, so that priority and steps can be agreed.
Core hours response would be immediate.
Out of hours our SLA is 30 mins response
Incident management type Undisclosed
Incident management approach The is a defined escalation path for incidents.
Users / Clients would be able to contact via email during incidents.
Incident reports would be conducted on bridge calls, and washed up with a formal incident report and recommendations.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Azure
How shared infrastructure is kept separate Azure subscriptions take care of this

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £10000 per unit per month
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑