Vysiion Ltd

Vysiion Hybrid Cloud

Vysiion Hybrid Cloud provides an agnostic service for the provision of cloud hosting, compute, network connectivity and storage from multiple vendors including UKCloud, AWS, Azure and any other vendors that come to the market during the G-Cloud 12 term. The service includes implementation and support for OFFICIAL and SECRET requirements.

Features

  • Cloud agnostic
  • Ability to switch vendors quickly
  • Hold data workloads in a hybrid cloud environment
  • Ability to leverage bespoke connectivity solutions
  • Ability to store Crypto material
  • Hold and transact data at OFFICIAL, SECRET and higher

Benefits

  • Ability to utilise multiple clouds
  • Create a true hybrid cloud model
  • Blend the hybrid cloud with private cloud instances
  • Maximise savings
  • Leverage new cloud providers coming to market
  • Leverage bespoke connectivity requirements
  • Leverage Crown Hosting facilities

Pricing

£0.03 a unit an hour

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudsales@vysiion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

3 6 2 7 4 0 3 9 7 0 5 4 2 7 8

Contact

Vysiion Ltd Vysiion Public Sector Team
Telephone: 01249 446500
Email: cloudsales@vysiion.co.uk

Service scope

Service constraints
All cloud providers have different maintenance schedules.
System requirements
N/A

User support

Email or online ticketing support
Email or online ticketing
Support response times
Bespoke SLAs depending on customer requirement.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
Vysiion provide a range of service levels depending on the desire of the buyer. A Service Delivery Manager is assigned and cloud support engineers and architects are on hand to support the end customer.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Vysiion technical architect will liaise with the buyer to determine the best cloud vendor to use. The relevant documentation will be provided and training can be offered at an additional charge.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
Users will be able to extract their data off the cloud platform using their preferred means.
End-of-contract process
The buyer is able to keep their data on the cloud platforms but switch intermediary from Vysiion to another partner as desired.

Using the service

Web browser interface
Yes
Using the web interface
Users will be able to access their cloud instance using the web interface of the particular vendor/s they have selected.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
N/A
Web interface accessibility testing
None
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Working with cloud vendors, they scale with demand.
Usage notifications
No

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
UKCloud, AWS, Azure, IBM, Google, and any other cloud vendor

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Never
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
No
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
Backup controls
Users can control what back-ups are performed, which may be different depending on the data stored and the cloud vendors used for particular workloads.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The levels of availability will be dependant on the cloud vendor selected and the particular service chosen. Cloud vendors provide service credit regimes which will be available for the buyer to leverage. Availability is up to 99.999%
Approach to resilience
This service is cloud agnostic and therefore allows for a hybrid cloud solution which increases resiliency.
Outage reporting
Outages experienced by any of the cloud vendors or by a private cloud entity will be communicated via email alerts, dashboards and APIs.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Vysiion will agree a policy with the customer around access which will be role-based.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ACM
ISO/IEC 27001 accreditation date
10/07/2016
What the ISO/IEC 27001 doesn’t cover
Nothing
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Vysiion is ISO27001 and Cyber Essentials Plus accredited and has a full suite of associated accredited information security policies that are managed and maintained by our Head of Business Services. We design and implement solutions which meet stringent security requirements and meet current industry standards as well as aligning with customers’ information policies and procedures to ensure we protect our customers’ systems and data from security breaches and cyber attacks. We continually monitor and review our security practices, working closely with officially appointed security advisors and accreditation bodies, and as such are very familiar with current legislation and standards, best-practice guidelines and the approaches required to protect UK government assets. Our employees are security cleared to enable them to deliver services to the highest information security requirements.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We follow current ITIL aligned Change and Configuration processes for all changes
All changes to infrastructure and systems are managed through these processes ensuring that standardised methods and procedures are followed for all. The process ensures that all changes are formally assessed, authorised and controlled to minimise any adverse service impact.
Our Change Advisory Board assess and validates all Changes from a business, technical, security and delivery perspective, drawing on subject matter experts when required.
A Forward Schedule of Change is maintained.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We work closely with officially appointed security advisors/accreditation bodies/comply with current legislation/standards e.g. NCSC guidelines. We are registered with NCSC Cyber-security Information Sharing Partnership (CiSP), to exchange cyber threat information in real time/increase situational awareness and receive information about potential threats via suppliers e.g. Microsoft. We deploy automated tools for vulnerability monitoring. Alerts are immediately investigated by an engineer and any identified threats immediately removed from the network, to eliminate the risk of potential infection. Critical patches are tested on a sand-boxed device on-receipt and deployed across the infrastructure once proven to achieve maximum cover with minimum business impact.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Where protective monitoring services are required, Vysiion works with vendor specific technologies and services or a trusted third party security specialist to deliver these processes.
Incident management type
Supplier-defined controls
Incident management approach
Vysiion has a well-defined ITIL aligned incident management process with a fully manned 24/7 service desk/NOC and a comprehensive service toolset that allows incidents to be raised by phone, email and portal. Incident reports are regularly provided by email and users can log on to the portal at any time to get the status of an incident. Customer satisfaction surveys are carried out on closure of an incident.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Vysiion's Hybrid Cloud allows customers to select the most appropriate public or community cloud as long as it adhere's to the EU Code of Conduct for Energy Efficient datacentres.

Pricing

Price
£0.03 a unit an hour
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Certain cloud vendors will offer free trials of their service e.g. UKCloud.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudsales@vysiion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.