G-CLOUD FRAMEWORK SERVICE DEFINITION. Microsoft Cloud Business Applications

(1)

G-CLOUD FRAMEWORK

SERVICE DEFINITION

(2)

1 Cloudhub360

Cloudhub360 is a UK SME, it provides Cloud applications utilizing Microsoft Applications coupled with multichannel onboarding technology to provide businesses the opportunity to move to more cost effective, safe, & efficient customer contact. Cloudhub360 offers the following solution:

 MS Cloud Applications – Cloudhub360 provides online SaaS Cloud applications utilizing MS solutions integrated with Cloudhub360’s multichannel onboarding solutions.

Applications available are:  Medical records

 Invoice Processing  HR- Onboarding

 Active & Passive Contract Management  Skills based tracking for worker compliance  Custom applications on request

 Mobile Applications

This Service Definition is relevant to all Local Authorities, Central Government Departments,

Registered Social Landlords /Housing Associations and other Public Sector bodies within the United Kingdom.

Cloudhub360 IMS s applying to be considered for the Software as a Service category in G7.

2 SERVICE OVERVIEW & SOLUTION

Cloudhub360 is a shared service/Cloud contract management platform design to protect the end user when using a shared service or Cloud offering.

This service is an online (SaaS) model.

The service is hoswted on Microsoft Azure but can also be accessed via SCC IL3 infrastructure.

Commercial and Operations Team value

The Cloudhub360 communications hub is a gateway for multichannel customer contact. The service offer government departments a fast and comprehensive way to service cost effectively and securely contact with the public or collaboration from other departments. The service is hosted on Microsoft Azure or SCC IL3 infrastructure

Key commercial benefits are:  Speed of deployment  Low cost of ownership

 Pay per use model (after configuration)  Upgrades part of subscription

 Disconnect the public from client networks for added security  Deliver new service channels to the public

 Trusted platform provider in Microsoft solutions proving a familiar solution and lower cost of ownership

 Full multichannel onboarding  Full billing clarity & SLA reports

 Full analytics dashboard specific to your business

The communications hub resides in the Cloud hosted on MS Azure or SCC IL3 environment. Customers can communicate many ways:

(4)

 E-mail

 Specific Mobile applications  Web Chat

 Mobile Apps online or offline

Communication’s are then transacted via customized workflow, data is classified and automatically extracted to client account records. Contact is either fully exported of client’s operators can use cloud applications to further action contact.

3 INFORMATION ASSURANCE

The Cloudhub360 Cloud Platform infrastructure is operated in co-located data centres. The data centre provides an array of controls, monitoring tools, and physical intrusion detection systems to provide controlled access to systems. Solutions can be hosted in MS Azure or SCC IL0-3 Datacentre Accessed via the internet the target accreditation for this service is IL3.

4 BACKUP/RESTORE AND DISASTER RECOVERY PROVISION

Cloud360 solutions are hosted by SCC (A GCloud Pan-Governement accredited supplier) using Tier 3, ISO 27001, ISO 9001 and BS25999 certified Data Centre. SCC is the first UK organisation to pass the accreditation by CESG, part of GCHQ and the UK Government’s National Technical Authority for

Information Assurance, for information security standard IL3. This means we are the first capable of hosting government classified ’Restricted’ data in a multi-tenanted environment

SLA’s with SCC assure availability and security of dedicated servers for both Cloud service and underlying databases. Staging servers are used for intermediary data

processing and publication approval workflow. All servers are subject to backup and restore services with content restoration to within 24 hours of any permanent data loss.

5 ON-BOARDING AND OFF-BOARDING PROCESSES

4.1 On-Boarding

Once a contract is fully executed the on-boarding process commences.

(5)

Page 5 on the contract. The Engagement Manager contacts the customer for introductions and sets up an onboarding meeting – which can be in person or on line and conference call.

The Cloud Environment is build up by the Cloudhub360 Team within 48 hours.

The Cloud Environment is released during the on-boarding meeting when the customer will receive an URL along with a username and password for access.

- .

During the on-boarding meeting additional information is also gathered from the customer: - Maintenance contacts

- Technical contacts - Support Liaisons

4.2 Off-Boarding

Once a contract is expired and no renewal is in place the off-boarding process commences. The Engagement Manager will send an email to the Technical Contact providing a link so that the customer can download its own proprietary data. The customer has 30 days to download its proprietary data. Portability planning is available.

5 Cloudhub360 SECURITY

Upon handoff of the Cloudhub360 Cloud environment, designated customer representatives are provided a specification document outlining items related to their service. This document includes the configuration and connectivity details required to access their system.

By default web connectivity is set up using SSL/HTTPs.

The Cloudhub360 Cloud environment is developed to block any attempted hack of its systems or data. Port scanning or network scanning tools are strictly forbidden within the environment.

Cloudhub360 does not allow customers to install third-party monitoring or direct access to our core monitoring systems without agreement from the Cloud Operations team.

In the case that the Cloudhub360 Cloud Team determines an anomalous event including, but not limited to, Denial of Service, Malicious Code, Unauthorized Access, Inappropriate Use, Physical Breach, and Data Breach, to be deemed a security incident; the team will immediately activate its Computer Security Incident Response Plan (CSIRT). The plan includes provisions for prompt response including Notification, Analysis, Containment, Eradication, Recovery as well as timely Reporting to appropriate parties.

Inbound and outbound connections to the Cloudhub360 Cloud are logged.

5.1 Secure Encrypted Connection from the Client to the Application

By default web connectivity is set up using SSL/HTTPs.

Cloudhub360 has architected the Cloud Secure Connectivity infrastructure to establish secure connectivity between the Cloud infrastructure and the customer’s access devices. The service is built on a secure computing infrastructure inside an isolated segment of our Cloud network and is

managed by Cloudhub360 Information Systems professionals.

(6)

By default our service computers do not have external access to the public Internet, unless specifically requested by the customer.

During the configuration, we have your network team fill out the requirements and our network engineers apply these parameters to your Cloud environment.

6 SERVICE MANAGEMENT DETAILS

6.1 Technical Boundary

All hosting of data takes place within Cloudhub360’s secure network perimeter. Cloudhub360 solutions is hosted by Azure or SCC The service is operated and isolated in the UK. Backups are maintained at UK locations.

The service, comprising all data stored and the application itself is entirely hosted on a remote data centre and delivered via a secure internet session to end users internet browsers. The technical boundary of the service includes all aspects of it that are running on the remote data centre, the DR data centre, which contains a full copy of the environment and the secure copying procedure between the two data centres. It does not include the delivery of the service via the internet or its delivery via the customer’s corporate network to end users PCs that are not subscribed to or agreed with Cloudhub360 to access the service.

Any additional support requirements will be the subject of discussion with the customer and subject to SFIA rate card.

6.2 Support Boundary

Our Support includes all issues resulting from any faults with the system within the technical boundary as well as additional help and support to end users relating to how application features and

troubleshooting.

While we will endeavour to assist customers with issues resulting from access to the service being limited as a result of security controls on corporate firewalls we cannot guarantee that we will be able to solve these issues if they result from configuration issues with the firewalls themselves.

6.3 User Authorization and Roles

Each user has a unique username and password that must be entered at the start of each TeamMate session. All passwords are stored in encrypted MD-5 hash format.

TeamMate secures user IDs, passwords and other user information such that they are never jeopardized. Roles and authorisation mechanisms ensure that data access and user actions can be limited by each user’s subscription and/or service details

 Blank passwords are prohibited and will never be used



Passwords shall be of a minimum length of eight (8) characters and at least two of the  following character types: Alphabetic, Numeric, Special Character

 Passwords shall not be the same as the User ID

 Users shall be required to change passwords at least once every ninety (90) days



Passwords shall be at least one day old before they can be changed

 The 24 most recent passwords shall not be used when selecting a new password  Group, shared or generic user ids are not created in the hosting environment.  All user accounts (administrator and user) are subject to the same password policies  Passwords are stored in Microsoft Active Directory



Microsoft Active Directory manages failed login attempts. Account lockout duration is 30  minutes. The account lockout threshold is four (4) attempts and reset account lockout



counter after 30 minutes

(7)

Page 7

6.4 General Support details

We operates a 24 hour incident management service which provides a full technical issue resolution service on both TeamMate and customer infrastructure. Our services attracts a service level of 99% whilst our SLA for access to systems and data is 99.99%

Key features of the support services are:

- Telephone and email support

- Clear escalation procedures with accountable, named contacts - Event/Incident logging & Management

- Issue resolution - Escalation process

- Reporting including event closure and customer satisfaction feedback

Standard support operations is available Monday to Friday 08:30 to 17:30 to all SaaS customers and available under a Support 7 maintenance agreement (other support considerations are possible and subject to agreement). Customer support includes the provision of information and assistance on technical issues related to determining why a product may not be performing in accordance with the expectations set by the product documentation. Details of the different levels are summarised in the table below.

Licensed Customers with a valid support policy from Wolters Kluwer’s will be entitled to receive Software updates when they are made generally available to TeamMate customers. Customers of the SaaS solution will automatically be entitled to these updates.

7 SERVICE CONSTRAINTS

7.1 Planned Maintenance

Clients will have to do nothing on their computers as all the upgrades will be done on the remote servers by our staff.

Software maintenance is planned and scheduled by us with notifications provided to the key customer contact. This way disruption during core hours, service continuity, impact, outage are all managed under existing processes.

Planned Maintenance means periods of maintenance of which the customer has been given

seven days prior notification by us and which may cause disruption of Service due to non-availability of the specific service(s). Planned Maintenance shall not accumulate to more than eight hours per calendar month and in any case shall not take place between 08:00 and 18:00.

Wherever possible, Planned Maintenance will be carried out without affecting the Service. This will generally be achieved by carrying out Planned Maintenance during periods of anticipated low traffic and by carrying out Planned Maintenance on part, not all, of the network at any one time.

7.2 Emergency Maintenance

Where Emergency Maintenance is necessary and is likely to affect the Service, we will endeavour to inform the affected parties as soon as possible and in any case within one hour of the start of the Emergency Maintenance.

8 SERVICE LEVELS

(8)

During the term of you subscription, we shall use reasonable commercial efforts to ensure that the Online Service is available to you 99.9% of the time in any calendar month.

In the event you experience additional Unavailability due to our failure to provide the Online Services you will be eligible to 1) receive Credits, as described below or 2) an extension of the license term for such licensed software equal to such credit.

To receive a service credit, the customer must submit a request to us within fifteen (15) days following the month in which the outage event(s) occurred. The service credits set forth in the table below are customer’s sole and exclusive remedy when the uptime levels listed below fall below the stated levels.

You understand and acknowledge that you may also engage in conduct that may cause your cloud based environment to be unavailable and that we are not responsible for downtime experienced by a customer as a result of customer activity or neglect.

Our Service Level commitment covers equipment and software under Cloudhub360’s direct control; including hardware (network, systems, storage) and software supported by the Cloudhub360 Cloud framework.

8.1

.

Award of Service Credits:

Availability Service Credits

99.90% – 99.84%

1.00%

99.83% - 99.74%

3.00%

99.73% - 95.03%

5.00%

95.02% or Less

7.00%

8.2 Payment of Service Credits:

“Applicable Monthly Service Fees” means the total fees actually paid by you for the Online Services that are applied to the month in which a Service Credit has accrued.

“Downtime” means the total minutes in a month during which you report that the Online Services are unavailable to you multiplied by the number of affected users, excluding unavailability of the Online Services due to limitations described above in section 9 ‘Service levels’.

“Service Credit” is the percentage of the Applicable Monthly Service Fees credited to you following claim approval.

“Monthly Uptime Percentage” for the Online Services is calculated by the following formula: (Total number of minutes in a month – Downtime)/Total number of minutes in a month * 100. Note: The above terms shall be adjusted and used in support of new Data Centers as they are brought online around the world.

Note: Services credits are listed as hours.

If we fail to meet the minimum Monthly Uptime Percentage described above for the Online Services, you may submit a claim for a Service Credit.

You must submit a claim to technical support at Cloudhub360 that includes: (i) a detailed description of the event that resulted in Downtime; (ii) information regarding the duration of the Downtime; (iii) the number and location(s) of affected users (if applicable); and (iv) descriptions of your attempts to resolve the incident at the time of occurrence.

(9)

Page 9 information reasonably available to us and make a good faith judgment on whether a Service Credit is owed. You may not unilaterally offset any invoice for claimed Service Credits

9 TRAINING

As part of the on-boarding process a meeting is scheduled with the customer to review the Cloud Environment configuration and explain the access methods.

10 INVOICING PROCESS

You shall pay all fees or charges to your account in accordance with the fees, charges, and billing terms set forth in an Order Form. Except as stated in this Agreement, all payment obligations are non- cancelable and all amounts paid are non-refundable. All pricing terms are confidential.

Cloudhub360 will invoice you for fees and charges according to the terms of an Order Form. Our fees and charges are exclusive of all taxes, levies, or duties imposed by governmental authorities, and you shall be responsible for payment of all such taxes, levies, or duties. You agree to provide

Cloudhub360 with complete and accurate billing and contact information. This information includes Your legal company name, street address, e-mail address and name and telephone number of an authorized billing contact and Subscription Coordinator. You agree to update this information within 30 days of any change to it. If the contact information You have provided is incorrect, we reserves the right to terminate your access to the Online Service in addition to any other legal remedies. As part of the Online Service, we may collect anonymous usage data to prepare an invoice. Cloudhub360 shall treat such data as Your confidential information. Unless otherwise specified in the applicable Order Form, payment of invoiced fees and charges is due net 30 days from the date of invoice receipt. If You believe Your bill is incorrect, You must contact us in writing within 60 days of the invoice date of the invoice containing the amount in question to be eligible to receive an adjustment or credit. Cloudhub360 will provide a detailed consumption bill itemizing services used.

11 TERMINATION TERMS

The customer acknowledges that it has purchased the Services for the Minimum Period and any Renewal Term(s)), as defined in the Order Summary.

This Agreement and Order Forms under this Agreement commences on the respective Effective Date and may only be terminated according to this section. Cloudhub360, in its sole discretion, may terminate Your password, use of the Online Service if You have materially breached this Agreement, and such breach has not been cured within 30 days of notice of such breach. You agree and

acknowledge that, upon termination of this Agreement under this section, Cloudhub360 shall have no obligation to retain Your Cloudhub360 metadata database and may irretrievably delete it 30 days after termination. Cloudhub360 will make available post-termination assistance at its standard hourly rates – as defined by the SFIA rate card. You may terminate this Agreement, if Cloudhub360

materially breaches this Agreement and such breach has not been cured within 30 days of notice of such breach.

(10)

Page

12 DATA EXTRACTION /REMOVAL CRITERIA

12.1 Data standards in use

 Cloudhub360 employs the following data standards: XML, CSV, PDF, Microsoft Word, Microsoft Excel, SQL compliant db within its service(s)

 We defines specific data standards for commissioning of data, reporting of data,publication of data, transference/migration. Consistency in defining these standards allows quicker, validated and efficient importing & processing of data in a structured form.

12.2 Consumer generated data

Cloudhub360 commits to returning all consumer generated data (e.g. content, metadata, structure, configuration etc.) and a list of the data that will be available for extraction. Where there is a risk of confusion, data that will not be available for later extraction will also be published.

12.3 Data extraction

The formats/standards into which data will be able to be extracted include but are not limited to XML, CSV, Microsoft Word, Microsoft Excel, Text, XPS, OpenDocument. Other common services/technologies to which an export/import mechanism is available could include Web Services, BI tools (e.g. Crystal Reports). Specific extraction requirements are not included in the price of this service. Such requirements would be considered by Cloudhub360 and use of the SFIA rate card would be used.

12.4 Price of extraction

Requirements would be considered by Cloudhub360 and use of the SFIA rate card would be used to fulfil the request at Cloudhub360’s discretion.

12.5 Purge & destroy

Cloudhub360 has a commitment to protect the assets provided by customers and partners. We confirm that we do not hold persistent customer data and will purge/destroy data at the client’s request.

13 DATA PROCESSING AND STORAGE LOCATION(S)

The Online Services are operated by Cloudhub360 from UK locations.

14 DATA RESTORATION / SERVICE MIGRATION

Cloudhub360’s Cloud backup policies and procedures are designed to reduce downtime to the customer should an unforeseen incident occur that impacts the quality or availability of the customer’s data. These backup procedures are designed as part of an overall effort to provide high levels of availability to our Cloud customers.

The Cloudhub360 Cloud team will back up the following customer components on a nightly basis:  environment including metadata

 Customer access control lists

 Virtual environment parameters and settings  Applicable audit logs

(11)

Page 10

15 CUSTOMER RESPONSIBILITIES

You are responsible for all activity occurring under Your user accounts, shall use the Online Service in accordance with the User Guide and shall abide by all applicable local, state, national and foreign laws, treaties and regulations in connection with Your use of the Online Service, including those related to data privacy, international communications and the transmission of technical or personal data.

You shall:

(i) notify Cloudhub360 immediately of any unauthorized use of any password or account or any other known or suspected breach of security of the Online Service;

(ii) promptly report to Cloudhub360 and use reasonable efforts to stop any copying, cloning or distribution of the Online Service;

(iii) use appropriate administrative and security measures to ensure that the Online Service is not used to distribute personal data without the consent of the individual to whom the data pertains,

(iv) not impersonate another Online Service user or provide false identity information to gain access to or use the Online Service; and

(v) ) remain responsible for the accuracy, quality, integrity, legality, appropriateness, and intellectual property ownership or right to use of the data source accessed by the Online Service. For the purposes of applicable privacy and data protection laws, You will be considered the data controller of all data and information stored as part of the Online Services.

16 TECHNICAL REQUIREMENTS

Any technical requirements, service dependencies and technical interfaces will be defined and agreed with the client at the project initiation stage.

Our service works with all major virtualisation platforms: o VMWARE

o Xen o Hyper- V o Citrix

17 BROWSERS

Our service is supported for use with Internet Explorer Version 8 and Version 9.

G-CLOUD FRAMEWORK SERVICE DEFINITION. Microsoft Cloud Business Applications