IVC Technologies Ltd

Hosting

Levels of hosted services
Dedicated server
VPS where the server is shared but only one client to each virtual server
Data centres are UK based and synchronised and managed, backed up and virus protected

Features

  • Multiple backups with air gap back up against ransomware
  • Protection from hardware or software failure and malware
  • Flexible storage can expand when required with minimal time lag
  • Performance monitoring
  • Web application security software appropriate to the clients requirements
  • Protection from hardware or software failure and malware
  • Balance tasks and resource across multiple servers using software
  • Systems management tools software appropriate to the clients requirements
  • Where appropriate provision of wireless and wired networking
  • Real time monitoring for failures or

Benefits

  • Provides maximum protection for valuable data including ransomware attack
  • Provides flexible solution depending on usage. Easy to expedite expansion
  • Provides the client with access to large scale flexible storage
  • Extensive experience of RDBMS allows performance tuning and security
  • Sophisticated software kept updated to foil latest threats
  • Firmware kept updated against threats
  • Gives best possible response times with no client input
  • Allows systems to be optimised to provide speed and reliability
  • Experience and monitoring to balance bandwidth across different resources
  • Awareness of threats allows installation of suitable tools

Pricing

£100 to £1000 per person per year

  • Education pricing available

Service documents

G-Cloud 9

381761126384025

IVC Technologies Ltd

Sarah Wilkinson

0193542121

tenders@ivctech.com

Service scope

Service scope
Service constraints As an organisation we have always tailored our service to the clients requirements rather than just offer package solutions. Any upgrades are carried out after liaising with the client to arrange a convenient time
System requirements No specific requirements each clients system is tailored for them

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The average response over the last 10 years has been less than 30 mins with 80% solved in that time
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels 24x7 1hr software
24x7 4hr response for hardware
9-5 5 days per week
Any other arrangement to suit the client
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We carry out a requirements survey and implement the system to suit
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Depends on the contract. Most have a copy on a local server with the capacity for storage but not much processing power. Other it would be supplied as CSV or other text delimited file.
End-of-contract process Contacts are individual to each client normally 3 months deposit and 3 months notice to quit. At the end of the contact we would normally supply data in a CSV but for most the data is on an in house server as previously mentioned.

Using the service

Using the service
Web browser interface Yes
Using the web interface We have always set the systems up for our clients and that way we can offer the best level of support.
However if a particular requirement needed a web interface we would provide one with the appropriate level of security and ease of use
Web interface accessibility standard None or don’t know
How the web interface is accessible We don't have a standard but design to suit the client requirements
Web interface accessibility testing We have never had the requirement so have not tested.
Any web interface is a rare occurrence as we always respond quickly to phone calls and emails.
API No
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface Users would not normally get access

Scaling

Scaling
Scaling available Yes
Scaling type Manual
Independence of resources By monitoring and system upgrades where required
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Several layers of designed by us with positive - positive - positive then negative layers where positive means users have to be enabled then at the end rights removed. This can depend on the applications being hosted
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach In-house destruction process

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Rsync to DR server
  • Air gap to RDX drive or other removable storage
Backup controls The process is automatic. If a DR server is on a client site then there is normally removable storage which the client changes each night. We recommend one for each day of the week and one for each month plus one kept for archive at year end.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks IPsec or TLS VPN gateway
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Depends to some extent on applications used. If they are our applications then 99.9%. Connectivity is 99.9%. Other hosted applications would depend on the author/support on that product
Approach to resilience Without too much disclosure we host in up to 4 locations none of which are the popular data centres.We use leased lines into the centre offering the maximum bandwidth currently available. We also use wireless technology which is independent of BT / Open reach. After these two we offer both ADSL and 4G as emergency access
Outage reporting Phone and email alerts.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication In certain cases we use 2 - factor Remote access via dedicated link then user name and password.
After that we have further levels of security at user and user group levels
Access restrictions in management interfaces and support channels Built into our software is the ability to give individual users and groups of users access to different data.
What a user can do with the data is then further restricted. It may be full access, full access but with copying original data to another area or possibly just read only access.
Changes to data are recorded with new and old values saved.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Devices users manage the service through
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards Other
Other security governance standards BCS (British Institute for IT) standards
Information security policies and processes Different levels of employee are authorised to differing levels of access this can be by individual users or groups of users. Security is based on the principle that users have no way of knowing what data is denied them. Thereby not encouraging attempts to break security

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Where coding is carried out on behalf of a client we use SCCS plus a layer of version control of our own definition. OS updates are installed a tested on our in house test and development environments prior to release to a client. Very occasional exceptions are where a flaw in Microsoft has been discovered and may require immediate intervention.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We would make this available only to a client.
To disclose too much would increase vulnerability.
We use a variety of both proprietary and open source (tailored) tools.

We monitor several sites advising of possible threats not restricted to but including BCS
Protective monitoring type Supplier-defined controls
Protective monitoring approach Any critical data changes are logged with who made the change and where from.
These can be displayed as they happen on a monitored screen or sent via email.
Critical data changes would be spotted within a few seconds and the location identified. The device can then be denied access
The exact methodology will be disclosed only to a client
Incident management type Supplier-defined controls
Incident management approach We have a structured approach to incident management designed by ourselves in conjunction with Hewlett Packard and IBM both who have used our services. There is a structured escalation process which can start after 15 mins automatically.
Users can report by phone which is answered promptly or by email. A ticket is created and emailed to the user plus there immediate spline management or the systems supervisor in the organisation

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used KVM hypervisor
How shared infrastructure is kept separate Each router can only access the virtual servers that the client uses. In addition most of our infrastructure is Linux based so users would not have passwords to other servers. Many of our users however have dedicated servers managed by ourselves

Energy efficiency

Energy efficiency
Energy-efficient datacentres No

Pricing

Pricing
Price £100 to £1000 per person per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑