Fujitsu Services Limited

Optimise Data Protection

Enterprise class Backup and Archive. Pay as you go, per month, by the number of GB on customer servers, desktops or laptops. Fujitsu DataCentre hosted with choice of Private / Internet connectivity. Simple to budget and standard retention. Full compliance search capabilities across all data sets. Customisation options available.


  • A data Backup, Recovery and Archive
  • Hosted on central always-on infrastructure in Fujitsu UK data centres
  • The service is utility charged by the GB per month
  • The service can complement or replace traditional on-site backup
  • Enterprise class levels of performance, scalability and reporting
  • Data residency locations are assured


  • Fast start up to an already existing service infrastructure
  • Scale up, scale down – pays as you go
  • Removal of customer hardware and software asset refresh issues
  • Removal of customer licence management requirements
  • No per user or per server charges
  • No transaction charges


£0.21 per gigabyte per month

Service documents

G-Cloud 9


Fujitsu Services Limited

Government Frameworks Desk


Service scope

Service scope
Service constraints None.
System requirements Connectivity to the Fujitsu data centre is required

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Please see the Service Definition for details of service.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support No
Support levels A Service Delivery Manager will be identified before the service commences. The service is detailed in the Service Definition. While the service is consumed using self-service interfaces. Support of the service infrastructure is as follows: The Service shall be made available 24x7 hours x 365 days (except for specified downtime during maintenance windows). The standard hours of support provided by Fujitsu’s Service Desk (2nd and 3rd line) are 08:00-18:00 Monday to Friday (excluding local UK&I
public holidays). Outside these hours, service calls will be routed to an out of hours service desk.Priority 1 incidents (see table 1) are exceptions that will be actioned and managed on a 24x7x365 hours basis.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started A start-up service available. User and Administration guidance material available.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data can optionally be exported to remove able media or securely deleted.
End-of-contract process Data may be retained until expiry (charges continue). Data may be exported on request at additional cost. Remaining data is securely erased.

Using the service

Using the service
Web browser interface Yes
Using the web interface The service is consumed using self-service interfaces.
Web interface accessibility standard None or don’t know
How the web interface is accessible To be confirmed.
Web interface accessibility testing To be confirmed.
Command line interface No


Scaling available Yes
Scaling type Manual
Independence of resources The service is designed to expand and contract and is actively managed in terms of capacity and performance.
Usage notifications Yes
Usage reporting Other


Infrastructure or application metrics Yes
Metrics types Disk
Reporting types Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up Please see Service Definition.
Backup controls The option for Backup and Recovery is targeted at physical or virtual servers and desktop or laptop devices within a customer estate. Those devices may be conventionally hosted or reside within any of the Fujitsu Cloud services, in addition to 3rd party services. Please see the Service Definition or more information.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Private network or public sector network
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.99%. Please also see the Service Definition.
Approach to resilience This could be made available on request.
Outage reporting Email alerts.

Identity and authentication

Identity and authentication
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Role based access control defined and controlled by customer's directory service. 2 factor authentication employed.
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Bureau Veritas
ISO/IEC 27001 accreditation date 05/12/2015
What the ISO/IEC 27001 doesn’t cover The service is covered.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Accreditations - Security Standards: ISO 27001 (BS7799) - the British Standard for Information Security Management. ISO 17799 - the International standard for Information Security Management. Fujitsu delivers the Services using a secure ISO27001:2013 compliant support environment. This element of the service comprises - Definition, maintenance and implementation of the Fujitsu standard Information Security Management System (ISMS); Physical protection of the defined infrastructure within Fujitsu’s ISO27001:2013 accredited Data Centres; Undertaking appropriate audits and assessments to ensure ongoing compliance; Implementation and enforcement of Fujitsu’s security policies and supporting processes and procedures; Prevention of unauthorized physical or logical access to the Services; Identification of threats to relevant assets and implementation of proactive controls to diminish risk probability and/or impacts; Visibility and involvement in the maintenance of the Fujitsu standard ISMS at all levels of Fujitsu management.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach For Customer-initiated operational Change Requests, Fujitsu will:
a) impact assess any Customer initiated Change Requests
b) where Fujitsu is willing and able to perform the Change Request, at provide a quote for the additional Charges associated with implementing the Change Request; and
c) action and implement approved Change Requests.

For Fujitsu-initiated Change Requests (such as system upgrades), Fujitsu will follow their change management procedure to include raising, classifying, assessing, planning and implementing the change
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Central Fujitsu assessment.Fujitsu shall monitor the service for potential threats and vulnerabilities. When new security patches are made available from a vendor, these shall be applied following the vendor described deployment approach. Regular patch deployment with ability for emergency ad hoc deployment. Patches are deployed based on the threat level and existing mitigation approaches that are in place.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Further information can be made available on request.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Fujitsu will follow their existing Security Incident Management process should a security incident be recognised or reported. Users can report security incidents by contacting Fujitsu's support team. The appointed Service Delivery Manager will provide details of Security Incidents and appropriate reporting during regular review meetings.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £0.21 per gigabyte per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑