Design, supply and install CIS network infrastructure components. From Data equipment cabinets, passive fibre optic and data cabling to desktop or containment user outlets. Provide Full JSP 604 SCIDA services and CIS consultation.
- Security cleared (DV) Coordinating Design Authority (SCIDA)
- Security cleared (DV) Network Design
- Security cleared (DV/SC) CIS Network Installation
- CIS Network Equipment Supply
- Security cleared (DV) CIS Network Consultancy
- Full JSP 604 Compliance achievement throughout
- Assurance of JSP 604 compliant designs for all CIS networks
- Rapidly deployable Security cleared (DV/SC) Installation and consultancy services
- MoD experienced consultancy for all current CIS systems
£1000 per instance
- Education pricing available
H S Infra Limited
|Service constraints||Limited support to CIS active equipment configuration. No provision for the configuration of servers, switches and routers.|
|System requirements||Buyers are to use generic email for communications with seller|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Response time usually within 1 hour. Mon - Fri 0800 - 1700|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Level 3 - Online or phone support to CIS network infrastructure. Mon - Fri 0900 - 1700. Price dependant on technical support required. Normally billed at £30 per hour
Level 2 - On site support for technical assistance, SCIDA compliance, CIS network infrastructure consultancy. Price dependant on technical support required. Normally billed at £56 per hour
Level 1 - On site technical assistance and support, including repairs to CIS network infrastructure. Price dependant on technical support required. Normally billed at £70 per hour
|Support available to third parties||Yes|
Onboarding and offboarding
Onsite and offsite meetings with technical experts to ascertain user requirements. Development of User equipment requirement documentation and solutions for delivery.
On site training of delivered CIS network operation.
|Other documentation formats||
|End-of-contract data extraction||Project completion packages which will contain all information set out. Full Operations and Maintenance packages handed over.|
Full design, equipment used, installation costs, SCIDA services, Operation and maintenance package, warranties.
Additional costs would be services such as ground investigations,surveys and any planning permission or building regulations requirements.
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||Assignment of a security cleared dedicated delivery manager per customer or site ensures focus on specific user requirements. Board of directors who allocate priority managers to areas/clients that require additional support.|
|Infrastructure or application metrics||Yes|
|Reporting types||Reports on request|
|Supplier type||Reseller (no extras)|
|Organisation whose services are being resold||Numerous CIS network infrastructure suppliers|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||Never|
|Protecting data at rest||Other|
|Other data at rest protection approach||
Restricted access to data
Levels of access only allow those who need the data to access it
|Data sanitisation process||No|
|Equipment disposal approach||In-house destruction process|
Backup and recovery
|Backup and recovery||No|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||Other|
|Other protection within supplier network||In house data protection policies in accordance with cyber essentials certification|
Availability and resilience
All CIS network equipment and installations are warrantied for 12 months (as long as end user hasn't caused the damage by neglect or mis-use)
All manufacturer warranties for equipment are passed onto the customer
SLA can be engaged with the customer for continued support if required
|Approach to resilience||Available on request|
On site meetings
Identity and authentication
|Access restrictions in management interfaces and support channels||Access is restricted to only key delivery managers. Access controls have to be requested and discussed by directors prior to access permissions being granted|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Devices users manage the service through||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||Cyber Security Essentials|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||Other|
|Other security governance standards||JSP 440, JSP 604 lf 4800. Cyber essentials|
|Information security policies and processes||
Cyber security essentials, SDIP 27.
Reporting structure is from the client to their dedicated delivery manager and then up to the board of directors.
Policies are developed and communicated to all members of the company via in house training.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||From order of equipment the items are tracked. On receipt all serial numbers are collected and onward tracked through to issue to the client. All serial numbers form part of the operation and maintenance package.|
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||Threats to our services will be defined by clear directive from the client. We take on the clients need for security and assurance and design a product to give the client assurance through design and product.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Threats are identified as either 'future possibilities' or retrospectively.
As soon as a threat is identified the delivery manager call a directors emergency meeting. Directors then discuss the method of direction and threat resolution.
Threat response is actioned on immediate report of the issue.
|Incident management type||Undisclosed|
|Incident management approach||
The company has processes for regular occurrences. Throughout complete project lifecycle we operate a full policy and procedure process. This helps both the company and the client utilise the processes to the best ability.
Users can report incidents at any time throughout the working hours schedule.
We provide incident reports and ex-sums as required and set down in the initial requirements/scoping meetings.
|Approach to secure software development best practice||Supplier-defined process|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£1000 per instance|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Terms and conditions document||View uploaded document|