RDF GROUP PLC

RDF Cloud Hosting Services

RDF Group Cloud Hosting Services help organisations move from traditional legacy systems and infrastructure to cloud-based architectures and applications. We support our clients to deliver cloud-based systems and services that meet the UK Government Technology Code of Practice and Digital Service Standard.

Features

  • overall cost and risk reduction
  • change management
  • cloud strategy and adoption services
  • cloud managed service
  • Business Analysis as a Service
  • Developement as a Service
  • Project Management as a Service
  • DevOps as a Service
  • Architecture as a Service
  • On/Off site capability

Benefits

  • reduce operational expense
  • secure and low risk hosting services
  • guided transition with the assistance of our consultants
  • Gain the flexibility to address growing needs
  • All resource employed permanently mitigating any IR35 Risk
  • No utilisation or long term commitment needs
  • On/Offsite capability
  • Costs Fixed allowing you to budget and forecast effectively

Pricing

£250 to £900 per person per day

Service documents

Framework

G-Cloud 11

Service ID

3 0 4 0 2 8 8 9 2 1 6 5 4 3 4

Contact

RDF GROUP PLC

Iain Marr

01312202645

iain.marr@rdfgroup.com

Service scope

Service constraints
RDF are able to expand our offering and services to scale to client needs. Each individual project is assessed for risk, resource need and capacity.
We do not use in-house penetration testing. We hire 3rd parties to maintain objectivity in our security assessment procedures.
System requirements
System requirements will be specified during client engagement

User support

Email or online ticketing support
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
RDF Group can provide standard support Monday-Friday 8-6pm. A technical account manager or cloud support engineer will be appointed, as requested.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
To help users get started, RDF provides dedicated staff to train and set up accounts for access to documents and tutorials to help our clients begin using our service. In addition, clients can nominate higher responsibility individuals and provide bespoke one to one training on more critical tasks.
A dedicated team will be available to engage regularly at the client's request.

Should an organisation require additional support as part of the on-boarding process, such as project management, detailed technical design (etc) - this can be made arranged during client engagement
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Data can be extracted and supplied to users in whichever format they choose. RDF are flexible to suit our client's needs. If larger migrations are required then this can be performed with the assistance of our dedicated support team. Resource is made available on request.
End-of-contract process
Where a client chooses to terminate their subscription with RDF, we are able to provide support for data extraction and/or migration where reasonable. We will agree a point of service termination with the client when the transition is complete. At this point, our dedicated support and technical teams will cease to provide any services. We will work to ensure that this transition is seamless.

Using the service

Web browser interface
Yes
Using the web interface
Users can use a web interface to access their own data hosted by RDF. Changes are made through a bespoke designed and developed interface tool depending on the client need. The nature of permitted changes will be dependent on agreed user privilege and critical changes will not be permitted unless agreed with our engineers.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
Each bespoke interface developed for a client is taken though a rigorous delivery process. WCAG 2.0 AA standards are embedded in our analysis, design, development and testing processes. Assistive technology users are active in each step of the process, ensuring that these standards are met. Bespoke interfaces must be signed off by our accessibility team and our 3rd party accessibility consultants before release to a client.
API
Yes
What users can and can't do using the API
API capabilities are determined with clients on an individual basis. Typically our API's allow:

Integration with databases, messaging systems, portals, and even storage components.

Application level API's where CRM and ERP (etc) applications interact with and manipulate data
API automation tools
  • Ansible
  • OpenStack
  • SaltStack
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
Command line interface
Yes
Command line interface compatibility
Linux or Unix
Using the command line interface
This service is set up for each client and training is offered on-site where the client agrees.
Changes are made through scripts and commands typical to UNIX command lines
Limitations are applied to user types as agreed with clients

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Our key performance indicators, detailed in client agreements are constantly checked against SLA’s to ensure compliance and We have a dedicated team for each client ensuring that software is kept up to date and security updates are applied urgently, in addition to a dedicated technical support team. We also offer managed service dedicated teams, who are employed on a PAYE basis which mitigates any IR35 risk to end customer and can be used as augmented contract resource. Our resources can be provided as teams or as individuals covering specialisms such as project management, analysis, development and DevOps.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • Other

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Documents
  • Emails, instant messaging conversations on in-house apps
  • Code, virtual machine data, databases
  • Call data
  • VOIP calls and data
Backup controls
Schedules, content and structure of data are agreed with the client during our initial engagement. Our teams will work with the client to ensure that their data is stored securely and backed up in accordance with their needs.
Datacentre setup
Single datacentre with multiple copies
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
SLA subject to individual contract as required.
Approach to resilience
Available on request
Outage reporting
We are able to provide a live dashboard in addition to Email alerts. Additional measures can be agreed with the client during engagement.

Identity and authentication

User authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Access is only granted to users that have been approved by both RDF and the client. Any users not approved will not have access to the service and will not be given any log in details. Any approved users will be given credentials from the technical support team, and only given access to areas agreed with the client. Technical support team will only communicate with approved individuals. Any non-approved individuals will need to be approved by the nominated client management contact.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001. GCN. PSN. NCSC

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
RDF employ a third party to perform penetration testing and ensure that all software is up to date with the latest vulnerability patches analysed and implemented in an impartial manner. Gaps and vulnerabilities are logged and given a severity and urgency level, before being added to a backlog of high priority changes to be added to the system. Changes are performed in line with our SLA's with the client and reports are regularly generated to keep clients updated about changes and patches made to the system. We can also provide managed test teams to work on/offsite.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
RDF have a protective monitoring system where all logs are centralised and checked on a daily basis for security breaches using several key search filters. Alerts are sent out for high risk activity and are pro-actively responded to by the operations and security teams.
Incident management type
Supplier-defined controls
Incident management approach
Incident management processes are agreed with each client during engagement. Typically, incidents are logged with our support team and managed in accordance with our agreed SLA's. Incidents are marked with a severity and then progressed by our technical support teams.
Clients are regularly provided with reports regarding incidents, frequency and content of these reports are agreed with clients during engagement

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
No

Pricing

Price
£250 to £900 per person per day
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑