Azure Cloud Hosting

Valto provide managed cloud hosting for data, applications, web services and databases using the Microsoft Azure Public Cloud. This service includes configuration , deployment and management of virtual machines as a bespoke solution tailored to the client's needs.


  • Configurable Virtual Machine Infrastructure
  • Range of machine specifications available
  • Fully managed hosting solution
  • Flexible environments can be changed based on needs.


  • Fast deployment of services
  • Access content remotely
  • Automated back up
  • Reduced Server management resource
  • Cost efficient


£0.34 to £33.94 per virtual machine per day

  • Free trial available

Service documents

G-Cloud 9



Hugh Valentine

0161 240 1440

Service scope

Service scope
Service constraints Service applies only to the Microsoft Azure Public Cloud. Virtual Machines can be deployed based on predetermined hardware configurations.
System requirements Buyers must have licenses for any hosted software

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are as per agreed SLA. Support ticket resolution for standard queries is based on "first come first served" model. Typical responses as follows:
Standard response is within 8 working hours
Priority response within 4 working hours
Emergency response within 2 working hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Buyers have access to either a solutions architect for planning purposes or a support engineer for day to day questions and service amendments. Typical rates are £100 per hour for hosting support services with additional fees for on site support.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide a full walk through of the user dashboard including guidance on deploying and managing Virtual Machines, This can be conducted remotely or on site at additional cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction All data can be extracted and provided as either a physical media or online transfer to a new provider.
End-of-contract process Data is provided to the buyer at the end of the contract if requested. There is an additional cost for migration services to a new provider if required.

Using the service

Using the service
Web browser interface Yes
Using the web interface Buyers can provision additional virtual machines, view consumption and machine performance and request changes to their infrastructure.
Web interface accessibility standard None or don’t know
How the web interface is accessible Users can manage their environment in real time including provisioning of machines and viewing reports of usage.
Web interface accessibility testing Not applicable
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources Instances are hosted in the Microsoft Public Cloud (Azure) which provides scalable capacity across multiple data centres when demand is higher than expected. ExpressRoute connections provide fast, uninterrupted access.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Reseller providing extra support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual machines
  • Files
  • Database including structure
  • Application data
  • Application settings
Backup controls Standard scheduling is daily, users can request back up schedules for key information at a different rate if requred.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability We provide a SLA for uptime and availability based on Microsoft's standard SLA for cloud services. With multiple datacentres with uninterrupted power supplies available and IaaS deployed across multiple physical machines, uptime is equivalent to a Tier III conventional data centre with 99.99% uptime per SLA.
Approach to resilience Multiple datacentres with disaster recovery
Outage reporting Email alerts to the buyer's nominated alert email address

Identity and authentication

Identity and authentication
User authentication Identity federation with existing provider (for example Google apps)
Access restrictions in management interfaces and support channels Users are authenticated using their standard log in for single sign on across other applications (e.g. Office 365). This is federated using Microsoft Active Directory Federated Services (ADFS).
Access restriction testing frequency At least once a year
Management access authentication Identity federation with existing provider (for example Google Apps)
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Security policies provided via Microsoft definitions.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach ITSM / ITIL defined process.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Full security suite via Microsoft is used for firewall. Patches are tested when released to ensure that they do not affect hosted services and applied as soon as possible.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Full monitoring is in place across all environments. Incidents or compromises are detected and action taken per Microsoft Supplier defined guidelines.
Incident management type Supplier-defined controls
Incident management approach On detection - either via system logs, user report through telephone or email - any compromise is analysed and a fix put in place straight away. An incident report is filed with Microsoft if not previously known and a report also provided to the buyer with details of the issue and actions taken.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Other
Other virtualisation technology used Microsoft Proprietary Virtualisation using Azure
How shared infrastructure is kept separate Microsoft Azure Proprietary Isolation Service

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £0.34 to £33.94 per virtual machine per day
Discount for educational organisations No
Free trial available Yes
Description of free trial A basic virtual machine is offered as a free trial per Microsoft. This allows access for 30 days. The trial machine is not generally suited to application hosting and is provided to allow for users to trial the dashboard and setting systems.


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑