Enova Consulting Ltd

EPrints Repository

Enova Consulting Ltd. provides hosting, support and training on the EPrints repository platform. The software can be fully customised to fit individual institutional requirements including non-text based repositories such as those within the arts, humanities and creative sectors. Support is provided depending on each institutional needs and circumstances


  • Remote access to an EPrints Repository
  • Hosted in the cloud within a EU based server
  • Scaleable and easy to setup
  • Can be linked to supported authentication mechanisms
  • Complies with Open Access
  • Provides a platform for research data management
  • Automatic updates/upgrades
  • Automatic backups and disaster recovery procedures


  • Cloud based within a secure and controled environment
  • Data can be encrypted
  • No programming skills required
  • Easy modules to allow REF compliance integration
  • Reporting tools available on request
  • Easy to add multiple repositories for testing purposes
  • Easy to launch, migrate or cancel a repository


£500 per instance per month

  • Education pricing available

Service documents


G-Cloud 11

Service ID

9 6 2 7 4 0 4 5 5 2 8 8 7 3 4


Enova Consulting Ltd

Carlos Silva



Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints No constraints identified
System requirements
  • Windows XP or above
  • Internet Explorer 8 or above or
  • Chrome, Firefox, Safari (latest version)

User support

User support
Email or online ticketing support No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Enova provides on-going support packages for all of its services: Basic (£4,000): The support includes up to 5 days per year. 1 day is used for deployment and management and 4 days for support only. Professional (£6,750): Support includes 9 days per year. Days can be used for support as well as for new tasks and functionality. Enterprise (£10,500): Support includes 15 days per year. Deployment and core service (in the case of EPrints setups) are included. These days can be used for support as well as for new tasks and functionality. Enova will provide both a technical account manager and/or a cloud support engineer depending on each particular need.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Our On-Boarding service happens in the following manner:
• Contract and Call-Off sign-off
• Network setup
• Installation
• Testing
• Training
• Go-live
• Support begins (if needed)
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Enova provides a data transfer service.

For MySQL databases in the form of a .sql file.

For EPrints, WordPress or PHP files in the form of either a .zip file or via GitHub.
End-of-contract process Our Off-Boarding service happens in the following manner:
• Termination notification
• Data transfer/decommission
• Secure data deletion
• Pro-rated refunds sent
• Termination of service

Customers needing to terminate their contracts should provide a 30-
day’s notice period by contacting Enova by email at:

There are no additional fees for terminating the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The main interface where users are able to manage their accounts and add additional services works under a responsive design.
Service interface No
Customisation available No


Independence of resources Enova can configure the hosting solution to escale up or down depending on the particular client's needs. We can supply additional computer power to enhance response time and maximise user experience.


Service usage metrics Yes
Metrics types Enova uses Google Analytics reporting.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Google Cloud Platform, Rackspace, Amazon AWS

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users can either use a defined Git repository (GitHub, Atlassian, etc) where they can download the latest version available, or alternatively a .zip file can be made available containing both the database and core files and folder structure ready to be imported in a different location.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Enova operates at a single service level of 99.9% of availability as

Please contact us if you require any specific service level so that we
can configure the systems and backup procedures accordingly.
Approach to resilience Enova provides support for the core Services in partnership with our
hosting providers Google Cloud, Rackspace and Amazon AWS. This includes:

Configuring, backing up (scheduled), patching and troubleshooting the host operating system and cloud software when appropriate.
Outage reporting By email alerts to specific DBAs and or customer/client when required.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Depending on which services have been purchased, customers can access these services via a web interface. This is only provided to self-managed customers. There is no customer access to the Cloud Compute management interfaces where the enhanced segregation service has been selected.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We follow 11 characteristics for security governance within Enova:

- It is an business-wide issue
- Leaders are accountable
- It is viewed as a business requirement (cost of doing business)
- It is risk-based
- Roles, responsibilities and segregation of duties are defined
- It is addressed and enforced in policy
- Adequate resources are committed
- Staff are aware and trained
- A development life cycle is required
- It is planned, managed and measured
- It is reviewed and audited
Information security policies and processes Individuals and groups within Enova understand and accept their responsibilities in respect of both security policies and processes. The leaders with responsibility for actions also have the authority to perform those actions when required. Enova takes into account the current and future capabilities of IT; the strategic plans for IT to satisfy the current and ongoing needs of the organisation's business strategy. As for our policy, Enova aims at addressing the fundamentals of our business information security structure including: Information security roles and responsibilities, statement of security controls baseline and rules for exceeding the baseline, and rules of behaviour that agency users are expected to follow and minimum repercussions for noncompliance.

At Enova we expect to monitor and report IT security policies and processes collecting the following details:
- Number of incidents damaging the business
- Systems where security requirements are not meet
- Time to grant, change and remove access privileges
- Number and type of malicious code prevented, security incidents, suspected and actual access violations and obsolete accounts

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach As part of Enova's governance practices there are documented policies and procedures for change management at both the operational and technical levels, with appropriate segregation of duties. Components of our services are tracked and monitored 24/7 and any changes documented in a version controlled environment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach At Enova we follow the next components for approaching vulnerability management:
- Identify and track assets
- Categorise assets into groups
- Scan assets for known vulnerabilities
- Rank risks
- Patch management (incl. test and patch application)
- Follow-up remediation scan
Protective monitoring type Supplier-defined controls
Protective monitoring approach Enova can monitor and limit access to potential compromises following a close and confidential discussion with each client. For respond times and incident support please refer to the service definition document attached.
Incident management type Supplier-defined controls
Incident management approach Enova works with pre-defined processes and escalation mechanisms for severity levels ranging from Low (issue not affecting the day to day service) to Critical (service is unresponsive). For response times and service constrains please see the service definition document.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £500 per instance per month
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑