Capita Business Services Limited

Capita S3 SafeGUARD Back-up as a Service

Unifying Backup & Recovery, DR, Archiving and Search, SafeGUARD provides a highly secure data management service to protect all your data. Eliminating the burden of performing traditional local backups, the service offers centralised visibility of all data and allows you to stream your data on demand from backups and archives.

Features

  • Encryption (AES-256) to secure your data in the cloud
  • Deduplication to reduce transmitted and stored data volumes
  • Located in UK Data Centres
  • Incremental-only backups to reduce backup window
  • Rapid restore and recovery
  • Archiving and search functionality
  • Centralised management Console for ease of management
  • Automated reporting including exception-reporting
  • Includes Capita-approved integrated SIMS/FMS backup options
  • Backed by a strong service level agreement and S3 support

Benefits

  • Reliable alternative to traditional backup with full disaster recovery
  • Reduced backup window through advanced data reduction techniques
  • Reduced operation effort with simple ‘set and forget’ backups
  • Reduced bandwidth and low system overhead via data reduction techniques
  • Management console providing single point of view for all data
  • Simple, transparent pricing, no bandwidth charges, no hidden costs
  • Reduces primary storage requirements through automated archiving
  • Reduced maintenance overhead through automatic software updates
  • Recover anything, anywhere and at any time
  • Supported by data management specialists with experience since 1988

Pricing

£0.10 to £0.45 per gigabyte per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 1 3 9 4 4 2 8 9 5 1 0 7 4 6

Contact

Capita Business Services Limited

Capita Business Services Ltd

08702407341

engagewithus@capita.co.uk

Service scope

Service constraints
An installed client software agent is used to protect devices running supported operating systems and applications. Please refer to the system requirements and compatibility matrix.
System requirements
  • Internet connectivity
  • Backup software client installed on a supported operating system
  • Resource availability (low) on systems to be protected

User support

Email or online ticketing support
Email or online ticketing
Support response times
Subject to an agreed SLA.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Business hours support is included as part of the service. Please refer to the Service Definition Document and End User Agreement. Users can upgrade if required to S3 Support Advantage, which offers 24/7 support, a Technical Account Manager and agreed levels of on-site resource. Please contact S3 for further information on S3 Support Advantage.
Support available to third parties
No

Onboarding and offboarding

Getting started
A technical adviser from S3’s dedicated Support team will provide the relevant advice as to the most efficient way to on-board the End User in pre-agreed and defined timeframes. All relevant software, training and support to run and maintain the Service will be provided by S3. For further information, please refer to the Service Definition Document.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
All data is fully recoverable for up to 30-days after contract ends. Longer terms can be negotiated.
End-of-contract process
All data is fully recoverable for up to 30-days after contract ends. Longer terms can be negotiated.

Using the service

Web browser interface
Yes
Using the web interface
A central management console allows IT departments to monitor and manage online backups, set-up schedules and automate administration and processes - true management by exception, reducing the time spent managing backups for data in hybrid or cloud storage. Reporting is a key function, with scheduled reports and information on online backup status, enabling IT departments to intimately track, administer and manage backups and restores.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The management Console has full role based access security and audit logs.
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
The default graphical user interface of the SafeGUARD software can be replaced completely with customised branding and UX design through the API whilst maintaining the full functionality of the software. SafeGUARD comes complete with a full reporting suite and centralised management console, all of which can be accessed through the extensive API.
API automation tools
Other
API documentation
Yes
API documentation formats
PDF
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface
Backup and restore can be performed via the command line. This required that a backup selection has been performed via an installed client first.

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
The service is underpinned by a scale out infrastructure which is scaled ahead of being needed so there is always availability to support demand. As the infrastructure scales, it scales in both performance and capacity. A comprehensive Service level Agreement (SLA) is offered to Customers.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
Memory
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
S3 SafeGUARD

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files
  • Virtual Machines
  • Databases
  • NAS
  • Desktops
  • Laptops
  • Servers
Backup controls
The S3 SafeGUARD Backup Service provides an online storage platform which enables a Customer to back up a specified device. The associated software that is provided by S3 to enable use of the Service allows automated or manual backup, as well as Customer initiated data recovery. Backups can be scheduled to run unattended at a particular time and at a frequency defined by the Customer. Different backup selections can be scheduled to run at different times and frequencies.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
The SafeGUARD software fully encrypts the Customer’s data using 256-bit AES encryption and transfers the Customer's fully encrypted data via any TCP-IP enabled network connection over TCP port 443. Data is encrypted before leaving the Customer’s device in relation to which the Service is provided and remains so until recovered by the Customer.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
S3 uses reasonable endeavours to provide the Services in accordance with the Service Level Agreement which is that the Service is available at a minimum of 99.5% per month. In calculating availability, no account shall be taken of time the Service is unavailable due to any installation work or due to any maintenance in relation to the Service. If S3 fails to achieve the Services Level targets specified for the Service, the End User may claim a credit (limited per month) based on the monthly recurring charge for the Service. Please refer to Schedule 3 - Service Level Agreement in the SafeGUARD End User Agreement for further details.
Approach to resilience
The data centres provide high levels of uptime. Ensuring electricity is always available, the primary data centre facility provides a minimum of N+1 power redundancy, meaning every mission-critical component has at least one backup power feed that kicks in when there’s an outage. Data centres also have enough fuel on site to provide 24 to 48 hours of emergency power using backup generators with guaranteed fuel delivery.
Outage reporting
Any outages are reported to Customers via email alerts

Identity and authentication

User authentication
  • Username or password
  • Other
Other user authentication
One set of security credentials (account name, password and encryption key) is required for each device, and the security credentials may not be shared between devices. Security credentials include an encryption key. The key can be combination of alphanumeric characters of the customer’s choosing and is used when the encryption algorithm encrypts files to keep data confidential. Without the key, no one can access the data.
Access restrictions in management interfaces and support channels
The management interface offers role based access meaning you can restrict each user to allow only the functionality required. An audit trail allows tracking of changes made by different users.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Less than 1 month
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Less than 1 month
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
IMSM (International Management Systems Marketing)
ISO/IEC 27001 accreditation date
2013
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
S3 is ISO9001 and ISO27001 accredited and as such adheres to the policies and procedures set out under these schemes.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Further information can be provided upon request.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Further information can be provided upon request.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Further information can be provided upon request.
Incident management type
Supplier-defined controls
Incident management approach
Further information can be provided upon request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
TBC

Pricing

Price
£0.10 to £0.45 per gigabyte per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A 14-day unlimited, full version, free trail is available on request.

Service documents

Return to top ↑