DXC Technology Hybrid IT Cloud Services
DXC Hybrid IT Integration Solutions (HITS) enables IT to become a Cloud Service Broker. Business users are able to consume cloud services from multiple providers via a unified catalogue, while IT gains visibility and control over their use, reducing staff workload and optimising budget for cloud services.
Features
- Hybrid IT Integration Solutions
- Cloud Brokerage Service
- Migration and transformation services
- Managed Container Platform as a Service (PaaS)
- Aggregated self-service catalogue for IT and Cloud Services
- Managed hybrid services in a fully integrated solution
- Hybrid IT Integration Solutions (HITS) delivered as consumption-based
- Customised Approval Workflows
- Advanced Financial Management
Benefits
- Provides a seamless integration between cloud consumption and ITIL practices
- IT Department can become a Cloud Service Broker (CSB)
- Provides automated governance of your defined corporate and regulatory policies
- Visibility of spending across the services portfolio
- Increased agility
- Automated and integrated cloud services provisioning options
- Robust governance and compliance enablement
- Enterprise-grade brokering capability
- Suitable up to OFFICIAL-SENSITIVE
- Supported by UK Government SC and DV resources
Pricing
£10000 per instance per year
Service documents
- Pricing document
- Skills Framework for the Information Age rate card
- Terms and conditions
- Modern Slavery statement
Framework
G-Cloud 11
Service ID
386683151635936
Contact
EntServ UK Ltd part of the DXC Technologies Group
DXC Frameworks Team
+44 (0)560 303 4826
Service scope
Service constraints | The HITS solution is appropriate for organisations that use ServiceNow. |
System requirements | ServiceNow ITSM |
User support
Email or online ticketing support | Email or online ticketing |
Support response times | Response time of less than 15 minutes for Priority 1 tickets |
User can manage status and priority of support tickets | Yes |
Online ticketing support accessibility | WCAG 2.1 AA or EN 301 549 |
Phone support | Yes |
Phone support availability | 24 hours, 7 days a week |
Web chat support | No |
Onsite support | Yes, at extra cost |
Support levels |
DXC provides enterprise level support on a 24x7 basis, backed by a comprehensive Service Level Agreement (SLA). The service includes Change, Configuration, Problem, Incident and Event Management. The target managed Cloud platforms will additionally receive Endpoint Protection and Anti-Malware / Anti-Virus, Patch Management, Access Management. Data backup and restoration. A designated Cloud Support Engineer is assigned to each customer. |
Support available to third parties | Yes |
Onboarding and offboarding
Getting started | DXC will provide a comprehensive package of technology and account support to help new customers onboard to the service. |
Service documentation | Yes |
Documentation formats |
|
End-of-contract data extraction | The provision of the underlying cloud platforms can be novated to the new supplier without the need to extract data. As any other data is held on a dedicated HITS management platform (based on a dedicated ServiceNow instance) this can be readily extracted at the end of the contract. |
End-of-contract process | DXC provides notice of impending end of contract period. User can then recover data by a variety of means. DXC close services at end of contract, data is retained post contract until user confirms data has been recovered. |
Using the service
Web browser interface | Yes |
Using the web interface | Users can manage all aspects of the service using the DXC Management Portal. |
Web interface accessibility standard | None or don’t know |
How the web interface is accessible | Users can manage all aspects of the service using the DXC Management Portal. |
Web interface accessibility testing | Users can manage all aspects of the service using the DXC Management Portal. |
API | Yes |
What users can and can't do using the API | When users issue their “build” command to compile the application, the build process can make an API call at the end to fully provision what has been compiled to automate the development process end to end. |
API automation tools |
|
Other API automation tools | DXC Bionix - Our data-driven approach to intelligent automation |
API documentation | Yes |
API documentation formats | HTML |
Command line interface | No |
Scaling
Scaling available | Yes |
Scaling type | Manual |
Independence of resources | The ServiceNow instance, on which the HITS service is built, is dedicated to each customer/department and is therefore not impacted by other users. |
Usage notifications | Yes |
Usage reporting |
|
Analytics
Infrastructure or application metrics | Yes |
Metrics types |
|
Other metrics |
|
Reporting types |
|
Resellers
Supplier type | Reseller providing extra features and support |
Organisation whose services are being resold | AWS, Azure, VMware, ServiceNow |
Staff security
Staff security clearance | Conforms to BS7858:2012 |
Government security clearance | Up to Developed Vetting (DV) |
Asset protection
Knowledge of data storage and processing locations | Yes |
Data storage and processing locations |
|
User control over data storage and processing locations | Yes |
Datacentre security standards | Complies with a recognised standard (for example CSA CCM version 3.0) |
Penetration testing frequency | At least once a year |
Penetration testing approach | Another external penetration testing organisation |
Protecting data at rest |
|
Data sanitisation process | Yes |
Data sanitisation type |
|
Equipment disposal approach | Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001 |
Backup and recovery
Backup and recovery | Yes |
What’s backed up |
|
Backup controls | Backup schedules are agreed during customer Onboarding. |
Datacentre setup | Multiple datacentres with disaster recovery |
Scheduling backups | Users contact the support team to schedule backups |
Backup recovery | Users contact the support team |
Data-in-transit protection
Data protection between buyer and supplier networks |
|
Data protection within supplier network |
|
Other protection within supplier network |
VLAN VPCs |
Availability and resilience
Guaranteed availability | Resilience configurations offering server availability up to 99.99% |
Approach to resilience | The HITS service can be configured to run from multiple ServiceNow instances located over geographically isolated datacentres. Underlying Cloud platforms can also be configured to run over multiple datacentres (Availability Zones and Regions). |
Outage reporting | Email alerts and dashboard |
Identity and authentication
User authentication |
|
Access restrictions in management interfaces and support channels | Access to management interfaces and support channels is restricted through a combination of username and passwords, multifactor authentication, firewalling, IP restrictions, the use of bastion hosts as appropriate. |
Access restriction testing frequency | At least every 6 months |
Management access authentication |
|
Devices users manage the service through |
|
Audit information for users
Access to user activity audit information | Users receive audit information on a regular basis |
How long user audit data is stored for | User-defined |
Access to supplier activity audit information | Users have access to real-time audit information |
How long supplier audit data is stored for | User-defined |
How long system logs are stored for | At least 12 months |
Standards and certifications
ISO/IEC 27001 certification | Yes |
Who accredited the ISO/IEC 27001 | BSI |
ISO/IEC 27001 accreditation date | 23/09/2015 |
What the ISO/IEC 27001 doesn’t cover | N/A |
ISO 28000:2007 certification | No |
CSA STAR certification | Yes |
CSA STAR accreditation date | 29/11/2016 |
CSA STAR certification level | Level 3: CSA STAR Certification |
What the CSA STAR doesn’t cover | N/A |
PCI certification | No |
Other security certifications | Yes |
Any other security certifications |
|
Security governance
Named board-level person responsible for service security | Yes |
Security governance certified | Yes |
Security governance standards | ISO/IEC 27001 |
Information security policies and processes | DXC information security policies and processes are accredited to ISO 27001 and comply with National Laws and Industry Policies where applicable. |
Operational security
Configuration and change management standard | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Configuration and change management approach | Configuration and Change Management conducted to ITIL Standards. |
Vulnerability management type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Vulnerability management approach | Vulnerability and Patch Management are delivered in line with specific policies which are verified as part of the CSA Star and ISO27001 certifications. |
Protective monitoring type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Protective monitoring approach | Protective Monitoring is provided in line with GPG13 requirements. |
Incident management type | Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402 |
Incident management approach | Incident Management follows documented Security Incident Management Policies and Process which are verified as part of the ISO27001 and CSA Star Certifications. |
Secure development
Approach to secure software development best practice | Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0) |
Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart | No |
Energy efficiency
Energy-efficient datacentres | Yes |
Description of energy efficient datacentres | Amazon maintain their own datacentre certifications. |
Pricing
Price | £10000 per instance per year |
Discount for educational organisations | No |
Free trial available | No |