Qubic Group plc

Compute & Application Hosting

Think Nexus Computing is a comprehensive range of services that encompasses Cloud Computing including Qubic, Public, Private or Hybrid Cloud solutions as well as on-premises computing, along with the associated infrastructure and support. Qubic’s solution is built around Qubic's Cloud Nexus directly delivering Cloud Computing or acting as an aggregator.

Features

  • Private, Public and Hybrid Cloud Aggregators
  • On premise hybrid computing (HP Greenlakes)
  • Self Service
  • Managed Service
  • Single Monthly Bill
  • Scalability and Flexibility
  • Application Agnostic
  • High availability and resilient
  • Fast provisioning

Benefits

  • Fast, single connection to multi environments via Qubic Cloud Nexus
  • Benefits of OpEx model with on premise capability
  • Allows organisations with own resources to capitalise lower cost model
  • A complete managed service over multi-Cloud Provider and/or Hybrid environment
  • Reduces cost of transaction
  • Ability to scale system to address peaks and reduce costs
  • Organisation can go 100% cloud if required
  • Loss of organisations location does not impact ongoing operational capabilities
  • Makes organisation far more agile

Pricing

£0.11 to £0.51 a virtual machine an hour

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

3 3 3 4 9 1 1 3 8 4 7 1 4 4 1

Contact

Qubic Group plc Charlie Riddle
Telephone: 02086017000
Email: Charlie.Riddle@qubicgroup.com

Service scope

Service constraints
Planned Maintenance with Prior Notice
System requirements
  • Operating system to be either Windows or Linux
  • Windows 2016 or 2019 license to be supplied by Qubic
  • Windows 2016 or 2019 license supplied by customer

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Ticket response times depend on the severity of the incident being reported.
Priority 0 - Major issues relating to severe system outages are responded to 1 hour and aimed resolution within 2 hours.
Priority 1 - Critical issues relating to severe system degradation responded to 2 hours and aimed resolution within 4 hours.
Priority 2 - Medium issues impacting an individual or single user preventing base functionality responded within 3 hours and aimed resolution within 6 hours
Priority 3 - Low issues impacting a single user responded within 4 hours and aimed resolution within 8 hours.
Further available at www.qubicgroup.com
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Round the Clock (24/7) includes:-
NOC Monitoring (24/7)
NOC fix, helpdesk support, remote server support, On-site server support
Available at additional costs:-
Monthly patches and updates, Antivirus, anti-spam monitoring and fix, system changes, user modifications, admin tasks
Hardware warranties and software license management
Prices start £200 per on prem or physical server/£150 per virtual machine

Working Hours (9 - 5) includes:-
NOC Monitoring (24/7)
NOC fix, helpdesk support, remote server support, On-site server support
Available at additional costs:-
Monthly patches and updates, Antivirus, anti-spam monitoring and fix, system changes, user modifications, admin tasks
Hardware warranties and software license management
Prices start £125 per on prem or physical server/£75 per virtual machine

Extended Hours Support (8 - 8) includes:-
NOC Monitoring (24/7)
NOC fix, helpdesk support, remote server support, On-site server support
Available at additional costs:-
Monthly patches and updates, Antivirus, anti-spam monitoring and fix, system changes, user modifications, admin tasks
Hardware warranties and software license management
Prices start £125 per on prem or physical server/£75 per virtual machine

Desktop support available from
24/7 Full support £30 per user
Extended Hours (8 - 8) support £25 per user
Working Hours (9 - 5) support £18 per user
Support available to third parties
Yes

Onboarding and offboarding

Getting started
As part of the migration to Qubic Group a dedicated Project Manager is assigned who will work closely with the customer to design the migration plan.

This plan will include:-
Installation of new hardware
Provisioning of new hardware/virtual machines
Any onsite training requirements for users
Rollout of support services including information on how to contact Qubic's support teams
Decommissioning of old hardware including removal from site
Cancellation and closing down of any legacy contracts with former suppliers
As well as a project manager each customer will be assigned an Account Manager to hand hold their relationship with Qubic during the lifespan of the relationship
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
As part of the exit of a customer from Qubic Group our Cancellation team will validate and confirm the process of the data migration away from Qubic Group.

Data can be extracted and sent to a customer as per customers requirements and will always be encrypted for security.

The original data with Qubic Group can continue to be stored until the customer confirms that the data can be deleted, subject to commercial storage considerations being clarified.
End-of-contract process
At the point of cancellation of a contract all services included in the contract will continue until the contract end date/point of exit.

As part of the cancellation process it will be clarified what actions are required in relation to:-

Returning of any data stored;
Returning of any hardware stored in the Qubic Group datacentres;
Cancellation of any 3rd party contracts in relation of the services provided.

Additional costs will be incurred if any (but not exclusively limited too) of the above actions require engineers or resources to perform additional tasks not included in the original contract.

Costs will also be incurred if any 3rd party agreements which are to be cancelled or terminated but have not reached the end of the contract and as such incurr a cancellation fee or charge.

Using the service

Web browser interface
Yes
Using the web interface
Service order portal currently being developed
Web interface accessibility standard
WCAG 2.1 A
Web interface accessibility testing
Service order portal currently being developed
API
No
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface
Command line interface can be used with Linux/shell/bash scripts and windows based servers command line and powershell. these allow you (depending on permissions) provision new servers and instances and manage server service and resources. Users can make changes by opening command prompt or powershell or access to the linux instance. Limitations are dependent on permissions.

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
We guarantee users are not affected by the demand of other users on the service. This is configured by use of instance/environment restrictions to ensure resources do not exceed the recommended levels. Qubic monitors the usage levels and expands the core environment as required.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
AWS, Microsoft Azure, Citrix, Microsoft Office,

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Data Files
  • Operating systems
  • Virtual Machines
  • Databases
  • Physical Machines
  • Configuration
  • Bare metal
  • System state
  • Images
  • Resilient fail overs
Backup controls
A backup policy and process document is established during migration which sets out all the parameters of the backups to be taken including
data to be backup
backup process ie full, incremental etc
time of backups
snapshots policy
data retention policy
restore policy
restore testing including establishing a regular backup restore test
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
Point to Point private WAN network extension
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Qubic Group SLA is that the service is available 99.999% as measured over the calendar month with the exception of:-
• any planned and notified maintenance;
• any period of force majeure;
• any act or omission of the customer either directly or indirectly causes the service interruption.
In the event of service interruption the customer can claim from Qubic Group service credits which are calculated as per the terms of conditions available from Qubic Group.
Services credits must be claimed within 28 days of the period of outage.
Approach to resilience
The Qubic Group datacentres are N+1 and Tier 3 datacentres with all operations designed to be resilient.

Further information is available on request.
Outage reporting
In the highly unlikely event of outage impacting services to Qubic Groups customers the communication to customers is managed centrally from the ticket/service desk system.

All communication will be logged into the system with regular updates. Those customers impacted receive the necessary updates via email and the customer facing portal if they have access to it.

Any customer logging a service ticket in the event of an outage will also receive updates on their ticket as well as the main central ticket.

Account managers will also be on hand to call customers and discuss the outage.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
All users are assigned access based on users defined roles with only the relevant access for their role being provided.

A full audit trail is available of all logons and actions undertaken to provide a full history of user access and management.

Access management reviews are conducted on a regular basis to ensure correct levels of access are maintained by users per role.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS International
ISO/IEC 27001 accreditation date
25/11/2014
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • IASME Governance
  • CiSP
  • ISO9001:2015

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Qubic Group is ISO9001 and 27001 accredited.
Within the Qubic Group we have a strictly adhered to Information Security Management System (ISMS) Policy and Procedure.
The ISMS Policy and Procedure is reviewed and set by the The Information Management Forum within Qubic Group. This forum is made up of:-
ISMS Manager who oversees the forum.
The remainder of the forum is made up of Qubic Managing Directors, Operations Manager, Service Manager, and Senior Data Engineer.
The forum is responsible for Policy and Procedure reviews, documentation, training awareness and induction, incident management and ISMS audits.
The Policy and Procedure is located on the company shared drive for all staff to access.
All new joiners are required to read and sign off the policy and procedure as part of their induction process.
All existing other staff sign off the policy and procedure annually.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
IT change management is a controlled process and any required internal changes to the computing environment are registered by raising a Case Record in the CRM system.
The nature of the change, rationale and any security implications are recorded. Changes to customer networks are similarly requested and logged in the CRM system.
All concerned parties are informed of the status of the request as changes progressed and implemented.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Technical vulnerabilities identified as a result of the implementation of the ISMS are reviewed and addressed as detailed in this Manual.
Patches required to address vulnerabilities in systems are white line tested by a third party provider before being authorised for deployment.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Qubic Group use proactive monitoring tools to continuously monitor the status of the environments and infrastructures that are delivered to customers.

The monitoring tool will issue an alarm if one of the set parameters is breached or the status of the service falls into a defined category. The alarm will be picked by the Qubic Group Network Operations Centre (NOC) and the issue will then be investigated and resolved.

All alarms are initially investigated as a P0 Critical incident.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Where a Incident is reported, a ticket is raised and allocated to a Qubic engineer who will ascertain the severity of the issue by contacting the customer and working with them to diagnose the incident.
All incidents will be logged within the Qubic ticketing system.
Where a workaround has been implemented and rectification works are required to fully complete the incident Qubic will engage the ‘Problem Management team’ made up of Senior Directors, Management, and Technical Staff who would jointly agree the plan of action to rectify.
A Major Incident Report (MIR) is completed and shared with the customer.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Other
Other virtualisation technology used
VmWare and HyperV
How shared infrastructure is kept separate
Within our shared physical IaaS/PaaS platform - Qubic segregates clients’ systems and data by assigning each client IaaS their own VLAN and segregated virtual firewall (vFirewall) technology.  
If required, we can also provide dedicated PaaS platforms to clients and again these are segregated via VLANS and vFirewalls technology. All client networks are either physically or virtually segregated from each other.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Our London Data Centre is a participant of the EU Code of Conduct on Data Centres’ Energy Efficiency

The Code of Conduct has an equipment and system-level scope, focusing on two primary areas – the IT load (IT capacity available for the power consumed) and facilities load (equipment and systems that support the IT load, such as cooling systems, PDUs, and UPS).

Our Kent based Data Centre operates a revolutionary evaporation cooling system, completely negating the need for mechanical cooling, providing a positive impact for both the company's efficiency and the wider environment.

For 100% of the year, the data centre utilises fresh air cooling, brought in from outside and filtered to clean room standards to eliminate contamination, passing into the data centre via a bank of multiple fans.

A reverse osmosis plant purifies water which the system then uses to produce a very fine mist. Within a large chamber, this moisture is used to raise the humidity of the slow moving air which passes through, decreasing its temperature. The evaporation system also acts as a room humidifier, and is supported by dual water mains, ensuring that it is resilient against mains failure. This approach is 2N resilient.

Pricing

Price
£0.11 to £0.51 a virtual machine an hour
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Qubic Group is able to offer a Free Proof of Concept AWS environment for a 1 month period to demonstrate the power and resources available in AWS as well as the pricing policy and structure to demonstrate where cost savings can be delivered

Depending on requirements

Engineer resources are chargable

Service documents