AMADEUS SOFTWARE LIMITED

Amadeus SaaS for Analytics for Open Source software

Amadeus can provide and manage analytical software and solutions hosted on the three main cloud providers (Azure, AWS and Google).

This service includes: set-up and management of the cloud infrastructure, deployment and management of analytical software (RStudio) and servers, plus Amadeus standard Managed Service support and benefits.

Features

  • Cloud hosted
  • Open Source analytical environment using RStudio
  • Reporting and dashboard capabilities (including dynamic visualisation)
  • Data integration
  • Data management (including ETL processes)
  • Data quality
  • Data modelling
  • Data Science
  • Analytics
  • Visual reporting

Benefits

  • Integrate all data sources and types
  • Utilise advanced analytical, statistical and machine learning techniques
  • Output in multiple formats to suit the consumer
  • Regular reviews and recommendations for the analytical environment
  • On demand support for incidents, updates and user queries
  • Reduced burden on internal IT resources
  • A fully-managed services is provided with adherence to SLAs
  • Back-up, recovery etc. all included
  • Flexible and scale-able environment
  • Different payment options

Pricing

£440 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sara.didonna@amadeus.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 9 4 3 7 8 6 8 9 8 7 1 9 9 7

Contact

AMADEUS SOFTWARE LIMITED Sara DiDonna
Telephone: 01993 848010
Email: sara.didonna@amadeus.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
A "fair usage" policy will apply in respect of volumes of data being transferred to and from the Cloud.
System requirements
Access to internet

User support

Email or online ticketing support
Email or online ticketing
Support response times
Depends on Service Level Agreement (SLA) level (from same working day to within 3 working days).

Response times are different outside the normal working week.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Level 0 - Same day response, same day follow-up
Level 1 - Same day response, follow-up within 1 working day
Level 2 - Within 1 working day response, follow-up within 3 working days
Level 3 - Within 3 working day response, follow-up within 6 working days
Level 4 - Within 6 working day response, follow-up within 10 working days
Support available to third parties
No

Onboarding and offboarding

Getting started
Amadeus provide initial setup of the service. We provide training services and user documentation. We can help users become familiar with using the software and getting the best from the service. We can provide programming assistance, tips and recommendations. We provide ongoing support and Managed Services for users. Further ad-hoc requests can be provided using our Consultancy services.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can extract their data from the service at any time themselves, and at contract end.

Additionally, Amadeus can provide extracted data to users in the desired format and to the location they need.
End-of-contract process
Connectivity will be revoked.
Services will be stopped.
All data will be securely deleted
Infrastructure will be shut down
A data destruction certificate will be issued
Audit logs of destruction actions can also be provided
A final status report will be provided

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Most users would expect to access the service from the desktop.

However, reports can be served to mobile devices.
Service interface
No
API
No
Customisation available
No

Scaling

Independence of resources
Infrastructure is designed and configured for a specific workload which is defined from the original requirements provided by the customer.

Additional techniques can be deployed to increase system capacity if needed.

More capacity can be provisioned in line with any expected increase in demand.

Analytics

Service usage metrics
Yes
Metrics types
These are provided as part of the Managed Services Quarterly review meetings and reports.

Graphs and tables are provided in the reports that monitor performance and ensure the platform is optimised and working as expected.
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
We only select cloud providers who provide encryption at the hardware level. We also use our own keys at the application level to ensure that access to data can only be achieved though use of our own unique keys.

As part of our data sanitisation processes, once there is no longer a need to access data the dedicated keys used to access data are erased once the data has also been erased.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Via a Virtual Private Network (VPN) connection
Using secure file transfer protocol (SFTP)
Using Cloud data transfer tools secured using encryption
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Microsoft file formats
  • Cloud data sources are supported (e.g. S3, BigQuery, etc.)
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Microsoft file format
  • Cloud data sources are supported (e.g. S3, BigQuery, etc.)

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
Enforcement of firewall rules to filter the traffic between the service hosted by Amadeus and the customer.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Enforcement of firewall rules to filter the traffic between the service hosted by Amadeus and the customer.

Availability and resilience

Guaranteed availability
Cloud availability is in part determined by the availability of the services that Amadeus configure as part of this service.

We don't provide specific guarantees for availability on the Cloud. However, we expect Cloud services to be available at least 99.9% of the time.

We also factor some downtime due to software maintenance and update requirements. These are usually performed out of business hours as part of our Manged Services.

Our Managed Services are provide according their own SLAs.
Approach to resilience
Data back-ups are enforced as standard by Amadeus. As part of the quality assurance post-deployment, back-up and recovery test procedures are run to confirm the operation of these procedures.

We can create bespoke back-up policies in line with the business requirements.

Some Cloud providers enable us to include fail-over capabilities. This allows for a secondary site in an entirely different geographical region with the UK or chosen region. Fail-over procedures are also tested by Amadeus.
Outage reporting
Amadeus operate a pro-active monitoring regime based on real-time alerts and metrics. If alert thresholds reach a critical point, Amadeus will react and investigate immediately.

If the customer is affected, Amadeus will alert and inform the customer by email.

Once remediation actions have been completed, Amadeus will consider additional actions to ensure optimal performance of the platform where necessary.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access via multi-factor authentication. Users are required to adhere to a minimum password complexity with password rotation every six months by default.

We enforce a security policy for all users authenticating through Cloud Services.

A full user security policy is defined in our security SOPs.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Amadeus security policies are derived by adopting industry best practices and recommendations.

Amadeus work with the Cloud providers as part of the shared responsibility model. Cloud providers are directly responsible for, and have certification for the physical hardware and assets.

Amadeus uses all available security configuration tools provided by the Cloud to ensure a secure environment.

Cloud security Standard Operating Procedures are included as part of the Amadeus Quality Management System.
Information security policies and processes
As part of our security standards, there are specific processes and instructions to assure the security and integrity of systems deployed in the Cloud. Additionally, security scanning tools and quarterly review meetings ensure that new security threats are considered, and can be resolved or prevented.

Amadeus' Quality Management System includes the following SOPs and Work Instructions:
- SOP 8.1 Cloud Security Principles
- WI8.1.1 Securing AWS Environments
- WI8.1.2 Securing GCP Environments
- WI8.1.3 Securing Azure Environments

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Amadeus receives notification from the software vendor of any pending updates to their software. We test updates on our own internal servers to identify any issues and potential problems. We then agree a time with the customer an appropriate time to release the updates to their environment.

After updates have been applied, Amadeus test core features and, depending on the outcomes, commit or revert the release. If the update needs to be reverted, Amadeus will restore from a back-up to the point immediately prior to the update.

All this is communicated to the client clearly via a support ticket.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Within our security standards, there are specific processes and instructions to detect and managed vulnerabilities.

Amadeus uses Cloud-native security threat and detection services to scan and remediate major and critical security flaws if present. Scans are routinely carried out on a quarterly basis to review platform security.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Amadeus includes additional Cloud services to track and audit actions performed on the Cloud. Threat Detection services are configured to alert us if any new major vulnerabilities are discovered.

We receive alerts when critical performance thresholds are met.

Notifications of important actions are also communicated to Amadeus. For example, before the deletion of data.

All notifications come to the Amadeus Managed Services team and can be addressed immediately where necessary.
Incident management type
Supplier-defined controls
Incident management approach
Amadeus utilise both Cloud support subscriptions, and operate its own Managed Services incident management processes.

Initially, any incidents reported from the Cloud will be investigated by Amadeus. If we cannot resolve the issue, it will be escalated to Cloud Support.

As part of the Cloud support subscription, Amadeus will be notified of any Cloud-specific incidents and on-going remediation tasks.

All other software-related issues are treated separately by Amadeus Managed Services.

We use our Ticket Management System as our management point between ourselves and our customers.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£440 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sara.didonna@amadeus.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.