Shared Cloud

A shared cloud environment provides a cost-effective, agile and powerful storage solution in the SysGroup cloud. SysGroup is tech-agnostic, offering our own cloud alongside expertise in other technologies, including AWS and Azure. The service offers fixed monthly costs alongside a 100% uptime guarantee and advanced security features.


  • Reduced latency
  • Host large-scale databases at fixed low costs
  • 24/7/365 access to qualified technicians
  • Hosted in secure UK-based data centres


  • Reliable and pro-active network monitoring
  • Pay for actual usage
  • High performance levels guaranteed
  • Ideal for batch-processing apps, small or relational databases


£49.95 per virtual machine per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

1 5 4 4 4 5 3 3 8 1 7 6 4 6 0



Andrew Vize


Service scope

Service constraints
Planned maintenance windows will be communicated at least 2 weeks prior to the required maintenance date.
System requirements
  • Bespoke applications will require buyer provided licenses
  • Bespoke Applications will require a 3rd party support agreement

User support

Email or online ticketing support
Email or online ticketing
Support response times
Depending on level of request different response times are available. Emergency support is provided out of hours (6pm to 8am) and weekends
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
Onsite support
Yes, at extra cost
Support levels
Basic shared cloud service - in-hours support and 24 hour emergency support included

Managed Service - £49.95 per Virtual Machine - This includes management of 3rd parties, OS patching, technical support 1st, 2nd, 3rd line.
Support available to third parties

Onboarding and offboarding

Getting started
SysGroup will provide a scope of works document detailing what is available for the buyers use, with connection information. Additionally, a design document is provided, showing how the shared environment connects to the buyers environment.
Service documentation
Documentation formats
End-of-contract data extraction
Users can simply move data from the current service to a new provider in many different formats. SysGroup can also offer a paid for data extraction and move service if required.
End-of-contract process
Upon contract end date, a buyer may choose to remain with SysGroup, so a renewal negotiation is worked through. A buyer may also choose to exit the service completely, where data is then removed from the service and the service is decommissioned in line with GDPR guidelines. Buyers may also require additional support in transferring data to another platform, this is available and would be costed dependant on size and complexity.

Using the service

Web browser interface
Command line interface


Scaling available
Independence of resources
Customer workloads run in ring-fenced resource groups which restrict platform resource usage to those provisioned, protecting other customer workloads, and ensuring that allocated resources can be delivered.
Usage notifications
Usage reporting
  • Email
  • Other


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
What’s backed up
All files, virtual machines, databases can be backed up
Backup controls
Users can determine the policy to back up different virtual machines at different times. This policy can be amended on request
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
SysGroup offer a 100% uptime guarantee. The SysGroup Shared Cloud service is a high availability service that is trusted by many major organisations.

If a user decides to use its own connectivity to link to the service any issues with a 3rd party will not form part of the guarantee

Users are refunded on a % charge basis vs available up-time in any given month.
Approach to resilience
SysGroup operate out of 5 datacentre locations which are operated to a Tier 3 standard. All systems are designed in order to be able to suffer component/device failures with automatic rerouting/failover as appropriate. Data is replicated across different locations in different geographical areas.
Outage reporting
Any outages will be reported to the buyer by email, and also a service representative would also make contact directly, usually as a phone call. An RCA (root cause analysis) document will also be provided after any outages, detailing the specific reason for the outage and remedial activities.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access is restricted to those personnel that are responsible for supporting the service. There will only ever be 2 personnel that have access to full domain passwords. Domain passwords are changed on a monthly basis
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
The following areas are monitored in our information security policy:

1. Culture
2. Data Storage
3. Physical Security
4. Environmental Controls
5. Data Backup & Restore
6. Contingency & Resilience
7. Platform Security
8. Access Controls
9. Cryptography

The Company communicates its Information Security objectives and its performance in achieving these throughout the company whilst adopting an information security management system comprising a technical handbook and procedures which provide direction and guidance on information security matters.

All the Company’s staff are trained in the needs and responsibilities of information security management.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
SysGroup have categorised Changes and Change Requests as detailed below.
• Routine - Day to day minor changes that require minimal authorisation, have no design element with any service impact and require no system downtime.
• Minor - Template changes that have pre-agreed processes but require management authorisation.
• Major - These changes are complicated, service effecting and therefore require design validation and planning.
• Project - Large-scale projects typically involving additional equipment or system re-design that need to be scoped and costed accordingly;
• Emergency - Urgent request typically as a result of a serious service-affecting incident.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular vulnerability scanning (e.g. Nessus)
Realtime AV alerting
Set monthly windows for updates, or emergency windows for zero-day or other critical updates
Subscription to recognised industry security feeds
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Critical systems are configured to detect and log all security related events, and have log and file integrity monitoring enabled, whereby such information is consolidated, processed, and analysed centrally. This allows for incidents to be raised in response to logged security events and/or anomalous behaviour and escalated to the appropriate support team. Urgent incidents (where a security breach is suspected to have occurred) are typically responded to within 1 hour.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The Incident Management process will be instigated in all cases of recurring incidents, and in cases where a temporary work-around has been applied to close an incident and a permanent fix is required. Ownership of any particular problem will depend on the nature and origin of the problem.

The objective of SysGroup’ Problem Management process is to ensure that any Problem is captured, properly identified and effectively resolved with its root cause established in order to prevent recurrence, interruption to, or degradation of the Service.

Users may report this directly to the helpdesk, or identified through our comprehensive monitoring capability.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
How shared infrastructure is kept separate
An organisation's virtual infrastructure is kept on separate and dedicated VLANs behind a dedicated firewall, or which private connectivity to the customers other environments to prevent any possibility one customer being able to access another within the platform.

Energy efficiency

Energy-efficient datacentres


£49.95 per virtual machine per month
Discount for educational organisations
Free trial available
Description of free trial
Dependant on customers ultimate requirements, a basic VM with 2 VCPU, 2 GB of VRAM with 10 GB of Storage, trial period 1 month

Service documents

Return to top ↑