Consider IT

Private Cloud Hosting

Virtualise your servers and services on our secure private cloud hosted in Scotland's only Tier III datacentre

Features

  • Enterprise solution from Juniper and VMWare
  • Fully customisable
  • 100% UK data sovereignty
  • Fully supported by our Network Operations Centre
  • Enterprise class SLAs of 99.995%
  • Fully customisable internet breakout options, MPLS, etc.

Benefits

  • Pay as you grow, no large capex requirement
  • Hosted in Uptime Institute Tier III Constructed Facility Datacentre
  • Scotland-based
  • 24/7 Network Operations Centre

Pricing

£200 per instance per month

Service documents

Framework

G-Cloud 11

Service ID

3 9 6 1 0 3 9 4 0 0 8 8 2 9 4

Contact

Consider IT

Stuart Gilbertson

0131 510 0110

hello@considerit.co.uk

Service scope

Service constraints
N/a
System requirements
10mbps minimum bandwidth required

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 1 - Response within 30minutes
Priority 2 - Response within 1 hour
Priority 3 - Response within 4 hours
Priority 4 - Response within 4 hours (business hours only)
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Our monitoring systems ensure the service is proactively managed and monitored on a 24x7x365 basis.

Consider IT's Network Operations Centre (NOC) is fully manned 24x7x365.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
New customers will receive details to their provisioned services which allows them full unrestricted access to their instances via their pre-agreed IP address. Consider IT can assist, for an additional fee, in the set-up of any operating system configuration changes, software installs, etc.
Service documentation
No
End-of-contract data extraction
Consider IT do not charge for off-boarding as standard.

The client has full access to their instances and can arrange to extract data through whatever preferred means they have.

Consider IT can support the client exiting the service, exporting virtual machines at an additional cost.
End-of-contract process
At contract end, the instances will be suspended for a period of 14 days, thereafter they will be permanently deleted.

Using the service

Web browser interface
No
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
All services are hard-provisioned.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Virtual Machines
  • Databases
  • Files
Backup controls
Backups are configured as per customer's requirements and Consider IT's NOC will manage this and provide regular reports.
Datacentre setup
Single datacentre with multiple copies
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
Private network or public sector network
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Consider IT operates a 99.995% uptime SLA. If an SLA is missed, the customer will receive pre-agreed service credits (SLA's are agreed and determined at the contract negotiation stage as part of the overall solution).
Approach to resilience
All technology components have been built to be fully resilient, including, compute, storage, network and ISPs
Outage reporting
Outage reporting is made available via our online public dashboard.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
All management platforms are segregated and separate to production cloud systems and access is strictly limited.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
26/02/2018
What the ISO/IEC 27001 doesn’t cover
N/a
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Independent audit reviews of our ISO 27001 standard policies.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Change management is performed for all changes through our ticketing system.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Consider IT operates a vulnerability management process where all networks and infrastructures are scanned on a monthly basis to identify known vulnerabilities via SIEM platform
Protective monitoring type
Undisclosed
Protective monitoring approach
Available on request.
Incident management type
Undisclosed
Incident management approach
Available on request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Third-party
Third-party virtualisation provider
VMware
How shared infrastructure is kept separate
Available on request

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Details on request

Pricing

Price
£200 per instance per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑