Secure VM’s take the guess work and trust question out of the hoster and client relationship, allowing the client to deploy Private Cloud solutions onto a platform, secure in the knowledge that no one else can look at, export or change the data or settings.
- Compute On-Demand (IaaS)
- Total Security and Control of Your Virtual Chines
- Delivering Protection
- Protection Without Limitation
- Rock Solid Protection
- Guarantee your data’s protection
- Meet compliance requirements
- Gain full security control with your hosted platform
- Datacentre high-availability, back-up and recovery services
- Encrypted back-up & file transfer
- Only the end user has the decryption key
- Hoster cannot gain access to VMs other than power control
- Hoster cannot access the virtual hard disk files
- Hoster cannot changes settings of VMs
- Hoster cannot connect to VMs in any way
£200 per virtual machine per month
- Education pricing available
- Free trial available
|Service constraints||Compatible client software and hardware required.|
|System requirements||Internet connectivity required.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Email Response 4 hours
Telephone Support 3-6 rings
All other times Telephone support for SLA governed services using a PIN.
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Onsite support|
Assigned Account Manager
Service costs calculated on a per user basis
Named support group
Named escalation paths
|Support available to third parties||Yes|
Onboarding and offboarding
Provisioning questionnaire provided to start on-boarding process to capture required information, or a Readiness Assessment can be arranged for Acuutech to ensure required information and/or systems are in place.
Onsite or online training available on request, along with documentation.
|End-of-contract data extraction||
Data extraction process will be agreed as part of service termination.
All data transferred using industry stranded encryption methods.
Upon service termination any additional costs incurred will be agreed in advance.
These could be additional services required.
Using the service
|Web browser interface||Yes|
|Using the web interface||
User login in to the service using a browser by entering their username and password.
Upon login the user has the ability to start, stop, restart and connect to the virtual server(s).
|Web interface accessibility standard||None or don’t know|
|How the web interface is accessible||Via management portal URL or remote connection.|
|Web interface accessibility testing||None done by Acuutech, but has been done by vendor.|
|Command line interface||No|
|Independence of resources||Services are scaled within hardware restraints ensuring there is required resources required for assigned allocation.|
|Infrastructure or application metrics||Yes|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Microsoft & Citrix|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||Less than once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Other data at rest protection approach||All data in transit encrypted using industry standards|
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||A third-party destruction service|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||Change of backup set to be advised via service-desk request|
|Scheduling backups||Users contact the support team to schedule backups|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Standard SLA of 99.999% for service component availability:
Citrix (where applicable)
Service credits issued retrospectively on monthly basis.
|Approach to resilience||
Our datacentres provides robust and reliable power.
Redundant HV power system diversely-fed from the grid with a dedicated onsite step-down substation.
Back-up diesel generation at N+1 to support site load in the case of HV failure.
Maximum diversity and separation of UPS system and power distribution through dedicated A & B supplies.
A robust HVAC system delivers stable air flow, temperature and humidity for efficient equipment operation. Designed to Tier 3, the HVAC system provides a minimum of N+1 redundancy and all CRAC units and pumps have dedicated back-up UPS systems.
Connectivity provided via multihomed service using multiple Tier 1 carriers.
Further details for the specific service is available on request.
Private dashboard available
Identity and authentication
|Access restrictions in management interfaces and support channels||Access restricted by VLAN, access control and security permission levels.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
|Devices users manage the service through||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||The British Standards Institution|
|ISO/IEC 27001 accreditation date||26/03/2017|
|What the ISO/IEC 27001 doesn’t cover||Nothing. All services are covered by our accreditation.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
As per our defined ISO:27001 processes, which include (but not limited to):
Policies & Procedures
Information Security Reviews & Audits
Assured by independent validation.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Scope requirements of service.
Statement of works submitted for approval/sign-off.
Implementation plan agreed.
CAB meets to approve/decline change.
Implement change as per CAB approval process.
Quality checked as per CAB approval process.
End of life and off-boarding managed through CAB.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||This is managed in accordance with ISO:27001 and assured by independent assessment.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||This is managed in accordance with ISO:27001 and assured by independent assessment.|
|Incident management type||Supplier-defined controls|
|Incident management approach||This is managed in accordance with ISO:27001 and assured by independent assessment.|
|Approach to secure software development best practice||Supplier-defined process|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||Yes|
|Who implements virtualisation||Supplier|
|Virtualisation technologies used||Hyper-V|
|How shared infrastructure is kept separate||
Our main hypervisor is Hyper-V, however VMware and Citrix XenServer are available.
Services are separated by use of VLANs and permission restrictions.
|Price||£200 per virtual machine per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Trails available on request dependant on service requirement|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|