Microsoft Azure Subscription Purchase
As a Microsoft CSP partner, MTI can enable customers to purchase Azure services or solutions via the CSP programme to provide flexible billing and services
Features
- Enables purchase of Microsoft Azure services and solutions
- Provides local support for customer tenancies and subscriptions
- Provide services to help implement and maintain Azure
Benefits
- Flexible and simplified billing on For Azure
- Enables customer to pay only for what they need
- Cost-effective pricing
- Improved levels of administrator and user support
- Saves IT department time in designing, planning and deploying components
- Tailored support for employees and IT departments
- Visibility and guidance from experienced specialist technicians
Pricing
£0.02 per instance per hour
- Education pricing available
Service documents
Framework
G-Cloud 11
Service ID
230983746280473
Contact
Service scope
Software add-on or extension | No |
Cloud deployment model | Public cloud |
Service constraints | This service is only offered for products and services available within Microsoft Azure. Also, not all Azure services are available via the CSP programme |
System requirements |
|
User support
Email or online ticketing support | Email or online ticketing |
Support response times |
Support response times SLA's agreed on a service by service basis |
User can manage status and priority of support tickets | No |
Phone support | No |
Web chat support | No |
Onsite support | No |
Support levels | N/A |
Support available to third parties | No |
Onboarding and offboarding
Getting started | MTi offer an onboarding service called cloud shift which can easily move onprem workloads or alternatively public cloud workloads to this service. |
Service documentation | Yes |
Documentation formats | |
End-of-contract data extraction | Azure makes data available to migrate to any other service the customer requires. |
End-of-contract process | Termination notice is required at which point the customer can then extract the data. |
Using the service
Web browser interface | Yes |
Supported browsers |
|
Application to install | Yes |
Compatible operating systems |
|
Designed for use on mobile devices | Yes |
Differences between the mobile and desktop service | The service is the same from a management perspective |
Accessibility standards | WCAG 2.1 AA or EN 301 549 |
Accessibility testing | Testing follows Microsofts accessibility standard testing. |
API | Yes |
What users can and can't do using the API | All details can be found on the Micrsoft Azure API Management section. |
API documentation | Yes |
API documentation formats | |
API sandbox or test environment | Yes |
Customisation available | Yes |
Description of customisation | The Azure platform has many thousands of profiles and configurations from IaaS to PaaS to ensure it fits the customer requirements. |
Scaling
Independence of resources | Microsoft support many millions of users on Azure across the globe. Through hyperscale datacenters and multiple locations user instances and well balanced. |
Analytics
Service usage metrics | Yes |
Metrics types | Real time data usage is provided via the CSP portal. |
Reporting types | Real-time dashboards |
Resellers
Supplier type | Reseller providing extra features and support |
Organisation whose services are being resold | Organisation whose services are being resold Microsoft |
Staff security
Staff security clearance | Conforms to BS7858:2012 |
Government security clearance | Up to Security Clearance (SC) |
Asset protection
Knowledge of data storage and processing locations | Yes |
Data storage and processing locations | United Kingdom |
User control over data storage and processing locations | Yes |
Datacentre security standards | Complies with a recognised standard (for example CSA CCM version 3.0) |
Penetration testing frequency | At least every 6 months |
Penetration testing approach | ‘IT Health Check’ performed by a CHECK service provider |
Protecting data at rest |
|
Data sanitisation process | Yes |
Data sanitisation type | Explicit overwriting of storage before reallocation |
Equipment disposal approach | Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001 |
Data importing and exporting
Data export approach | Azure have a rich set of tools for the customer to extract their data from physical assets to connectivity downloads. |
Data export formats |
|
Data import formats |
|
Data-in-transit protection
Data protection between buyer and supplier networks |
|
Data protection within supplier network |
|
Availability and resilience
Guaranteed availability | Microsoft provide 99.999% availability |
Approach to resilience | Available on request |
Outage reporting | Available via the portal and via email. |
Identity and authentication
User authentication needed | Yes |
User authentication |
|
Access restrictions in management interfaces and support channels | All management interfaces are support with MFA along with username and passwords and strict controls on Admin levels and access levels. |
Access restriction testing frequency | At least every 6 months |
Management access authentication |
|
Audit information for users
Access to user activity audit information | Users have access to real-time audit information |
How long user audit data is stored for | User-defined |
Access to supplier activity audit information | Users have access to real-time audit information |
How long supplier audit data is stored for | User-defined |
How long system logs are stored for | User-defined |
Standards and certifications
ISO/IEC 27001 certification | Yes |
Who accredited the ISO/IEC 27001 | BSI |
ISO/IEC 27001 accreditation date | 18/10/2018 |
What the ISO/IEC 27001 doesn’t cover | No non conformities were identified as part of this assessment |
ISO 28000:2007 certification | No |
CSA STAR certification | Yes |
CSA STAR accreditation date | BSI |
CSA STAR certification level | Level 3: CSA STAR Certification |
What the CSA STAR doesn’t cover | All areas |
PCI certification | Yes |
Who accredited the PCI DSS certification | Coalfire Systems Inc. |
PCI DSS accreditation date | 27/8/2018 |
What the PCI DSS doesn’t cover | All areas covered |
Other security certifications | Yes |
Any other security certifications |
|
Security governance
Named board-level person responsible for service security | Yes |
Security governance certified | Yes |
Security governance standards | ISO/IEC 27001 |
Information security policies and processes | ISO27001 |
Operational security
Configuration and change management standard | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Configuration and change management approach | ITIL standards are applied as the management methodology. |
Vulnerability management type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Vulnerability management approach | CHECK vulnerability assessments are applied at least every 12 months |
Protective monitoring type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Protective monitoring approach | A SIEM platform is in place to pro actively monitor the security posture. |
Incident management type | Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402 |
Incident management approach | ITIL Standards are followed for Incident Management |
Secure development
Approach to secure software development best practice | Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0) |
Public sector networks
Connection to public sector networks | Yes |
Connected networks |
|
Pricing
Price | £0.02 per instance per hour |
Discount for educational organisations | Yes |
Free trial available | No |