Vysiion Ltd

Vysiion Hybrid Cloud

Vysiion Hybrid Cloud provides an agnostic service for the provision of cloud hosting, compute, network connectivity and storage from multiple vendors including UKCloud, AWS, Azure and any other vendors that come to the market during the G-Cloud 11 term. The service includes implementation and support for OFFICIAL and SECRET requirements.

Features

  • Cloud agnostic
  • Ability to switch vendors quickly
  • Hold data workloads in a hybrid cloud environment
  • Ability to leverage bespoke connectivity solutions
  • Ability to store Crypto material
  • Hold and transact data at OFFICIAL, SECRET and higher

Benefits

  • Ability to utilise multiple clouds
  • Create a true hybrid cloud model
  • Blend the hybrid cloud with private cloud instances
  • Maximise savings
  • Leverage new cloud providers coming to market
  • Leverage bespoke connectivity requirements
  • Leverage Crown Hosting facilities

Pricing

£0.03 per unit per hour

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

229558864526028

Vysiion Ltd

Caroline Andrewes

01249 446500

cloudsales@vysiion.co.uk

Service scope

Service scope
Service constraints All cloud providers have different maintenance schedules.
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Bespoke SLAs depending on customer requirement.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Vysiion provide a range of service levels depending on the desire of the buyer. A Service Delivery Manager is assigned and cloud support engineers and architects are on hand to support the end customer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Vysiion technical architect will liaise with the buyer to determine the best cloud vendor to use. The relevant documentation will be provided and training can be offered at an additional charge.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction Users will be able to extract their data off the cloud platform using their preferred means.
End-of-contract process The buyer is able to keep their data on the cloud platforms but switch intermediary from Vysiion to another partner as desired.

Using the service

Using the service
Web browser interface Yes
Using the web interface Users will be able to access their cloud instance using the web interface of the particular vendor/s they have selected.
Web interface accessibility standard None or don’t know
How the web interface is accessible N/A
Web interface accessibility testing None
API No
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources Working with cloud vendors, they scale with demand.
Usage notifications No

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold UKCloud, AWS, Azure, IBM and any other cloud vendor

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
Backup controls Users can control what back-ups are performed, which may be different depending on the data stored and the cloud vendors used for particular workloads.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability The levels of availability will be dependant on the cloud vendor selected and the particular service chosen. Cloud vendors provide service credit regimes which will be available for the buyer to leverage. Availability is up to 99.999%
Approach to resilience This service is cloud agnostic and therefore allows for a hybrid cloud solution which increases resiliency.
Outage reporting Outages experienced by any of the cloud vendors or by a private cloud entity will be communicated via email alerts, dashboards and APIs.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Vysiion will agree a policy with the customer around access which will be role-based.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACM
ISO/IEC 27001 accreditation date 10/07/2016
What the ISO/IEC 27001 doesn’t cover Nothing
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Vysiion is ISO27001 and Cyber Essentials Plus accredited and has a full suite of associated accredited information security policies that are managed and maintained by our Head of Business Services. We design and implement solutions which meet stringent security requirements and meet current industry standards as well as aligning with customers’ information policies and procedures to ensure we protect our customers’ systems and data from security breaches and cyber attacks. We continually monitor and review our security practices, working closely with officially appointed security advisors and accreditation bodies, and as such are very familiar with current legislation and standards, best-practice guidelines and the approaches required to protect UK government assets. Our employees are security cleared to enable them to deliver services to the highest information security requirements.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We follow ITIL 3 aligned Change and Configuration processes for all changes
All changes to infrastructure and systems are managed through these processes ensuring that standardised methods and procedures are followed for all. The process ensures that all changes are formally assessed, authorised and controlled to minimise any adverse service impact.
Our Change Advisory Board assess and validates all Changes from a business, technical, security and delivery perspective, drawing on subject matter experts when required.
A Forward Schedule of Change is maintained.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We work closely with officially appointed security advisors/accreditation bodies/comply with current legislation/standards e.g. NCSC guidelines. We are registered with NCSC Cyber-security Information Sharing Partnership (CiSP), to exchange cyber threat information in real time/increase situational awareness and receive information about potential threats via suppliers e.g. Microsoft. We deploy automated tools for vulnerability monitoring. Alerts are immediately investigated by an engineer and any identified threats immediately removed from the network, to eliminate the risk of potential infection. Critical patches are tested on a sand-boxed device on-receipt and deployed across the infrastructure once proven to achieve maximum cover with minimum business impact.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Where protective monitoring services are required, Vysiion work with a trusted third party to deliver these processes.
Incident management type Supplier-defined controls
Incident management approach Vysiion has a well-defined ITIL aligned incident management process with a 24/7 service desk and a comprehensive service toolset that allows incidents to be raised by phone, email and portal. Incident reports are regularly provided by email and users can log on to the portal at any time to get the status of an incident. Customer satisfaction surveys are carried out on closure of an incident.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes
Description of energy efficient datacentres Vysiion's hybrid cloud allows customers to select the most appropriate public or community cloud as long as it adhere's to the EU Code of Conduct for Energy Efficient datacentres.

Pricing

Pricing
Price £0.03 per unit per hour
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Certain cloud vendors will offer free trials of their service e.g. UKCloud.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Terms and conditions
Service documents
Return to top ↑