SysGroup

Shared Cloud

A shared cloud environment provides a cost-effective, agile and powerful storage solution in the SysGroup cloud. SysGroup is tech-agnostic, offering our own cloud alongside expertise in other technologies, including AWS and Azure. The service offers fixed monthly costs alongside a 100% uptime guarantee and advanced security features.

Features

  • Reduced latency
  • Host large-scale databases at fixed low costs
  • 24/7/365 access to qualified technicians
  • Hosted in secure UK-based data centres

Benefits

  • Reliable and pro-active network monitoring
  • Pay for actual usage
  • High performance levels guaranteed
  • Ideal for batch-processing apps, small or relational databases

Pricing

£49.95 per virtual machine per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

154445338176460

SysGroup

Emmy Lippold

01515591777

marketing@sysgroup.com

Service scope

Service scope
Service constraints Planned maintenance windows will be communicated at least 2 weeks prior to the required maintenance date.
System requirements
  • Bespoke applications will require buyer provided licenses
  • Bespoke Applications will require a 3rd party support agreement

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Depending on level of request different response times are available. Emergency support is provided out of hours (6pm to 8am) and weekends
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 A
Web chat accessibility testing N/A
Onsite support Yes, at extra cost
Support levels Basic shared cloud service - in-hours support and 24 hour emergency support included

Managed Service - £49.95 per Virtual Machine - This includes management of 3rd parties, OS patching, technical support 1st, 2nd, 3rd line.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started SysGroup will provide a scope of works document detailing what is available for the buyers use, with connection information. Additionally, a design document is provided, showing how the shared environment connects to the buyers environment.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Users can simply move data from the current service to a new provider in many different formats. SysGroup can also offer a paid for data extraction and move service if required.
End-of-contract process Upon contract end date, a buyer may choose to remain with SysGroup, so a renewal negotiation is worked through. A buyer may also choose to exit the service completely, where data is then removed from the service and the service is decommissioned in line with GDPR guidelines. Buyers may also require additional support in transferring data to another platform, this is available and would be costed dependant on size and complexity.

Using the service

Using the service
Web browser interface No
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources Customer workloads run in ring-fenced resource groups which restrict platform resource usage to those provisioned, protecting other customer workloads, and ensuring that allocated resources can be delivered.
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up All files, virtual machines, databases can be backed up
Backup controls Users can determine the policy to back up different virtual machines at different times. This policy can be amended on request
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability SysGroup offer a 100% uptime guarantee. The SysGroup Shared Cloud service is a high availability service that is trusted by many major organisations.

If a user decides to use its own connectivity to link to the service any issues with a 3rd party will not form part of the guarantee

Users are refunded on a % charge basis vs available up-time in any given month.
Approach to resilience SysGroup operate out of 5 datacentre locations which are operated to a Tier 3 standard. All systems are designed in order to be able to suffer component/device failures with automatic rerouting/failover as appropriate. Data is replicated across different locations in different geographical areas.
Outage reporting Any outages will be reported to the buyer by email, and also a service representative would also make contact directly, usually as a phone call. An RCA (root cause analysis) document will also be provided after any outages, detailing the specific reason for the outage and remedial activities.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access is restricted to those personnel that are responsible for supporting the service. There will only ever be 2 personnel that have access to full domain passwords. Domain passwords are changed on a monthly basis
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 CQS
ISO/IEC 27001 accreditation date 01/07/18
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification CIPHER
PCI DSS accreditation date 01/06/18
What the PCI DSS doesn’t cover N/A
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The following areas are monitored in our information security policy:

1. Culture
2. Data Storage
3. Physical Security
4. Environmental Controls
5. Data Backup & Restore
6. Contingency & Resilience
7. Platform Security
8. Access Controls
9. Cryptography

The Company communicates its Information Security objectives and its performance in achieving these throughout the company whilst adopting an information security management system comprising a technical handbook and procedures which provide direction and guidance on information security matters.

All the Company’s staff are trained in the needs and responsibilities of information security management.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach SysGroup have categorised Changes and Change Requests as detailed below.
• Routine - Day to day minor changes that require minimal authorisation, have no design element with any service impact and require no system downtime.
• Minor - Template changes that have pre-agreed processes but require management authorisation.
• Major - These changes are complicated, service effecting and therefore require design validation and planning.
• Project - Large-scale projects typically involving additional equipment or system re-design that need to be scoped and costed accordingly;
• Emergency - Urgent request typically as a result of a serious service-affecting incident.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Regular vulnerability scanning (e.g. Nessus)
Realtime AV alerting
Set monthly windows for updates, or emergency windows for zero-day or other critical updates
Subscription to recognised industry security feeds
Protective monitoring type Supplier-defined controls
Protective monitoring approach Critical systems are configured to detect and log all security related events, and have log and file integrity monitoring enabled, whereby such information is consolidated, processed, and analysed centrally. This allows for incidents to be raised in response to logged security events and/or anomalous behaviour and escalated to the appropriate support team. Urgent incidents (where a security breach is suspected to have occurred) are typically responded to within 1 hour.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach The Incident Management process will be instigated in all cases of recurring incidents, and in cases where a temporary work-around has been applied to close an incident and a permanent fix is required. Ownership of any particular problem will depend on the nature and origin of the problem.

The objective of SysGroup’ Problem Management process is to ensure that any Problem is captured, properly identified and effectively resolved with its root cause established in order to prevent recurrence, interruption to, or degradation of the Service.

Users may report this directly to the helpdesk, or identified through our comprehensive monitoring capability.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate An organisation's virtual infrastructure is kept on separate and dedicated VLANs behind a dedicated firewall, or which private connectivity to the customers other environments to prevent any possibility one customer being able to access another within the platform.

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £49.95 per virtual machine per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Dependant on customers ultimate requirements, a basic VM with 2 VCPU, 2 GB of VRAM with 10 GB of Storage, trial period 1 month

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑