Umbraco Cloud Hosting
Moriyama host websites in Azure, Amazon EC2 and other private cloud providers. Our turnkey solution allows Umbraco to be load balanced in Azure websites and allows your website to be automatically scaled to handle additional capacity during a spike in traffic.
- cloud hosting
- umbraco gold partner
- azure specialist
£2000 to £5000 per instance per year
+44 (0)203 745 4285
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Our SLA is available on request|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Our SLA document is included in our profile.
Support is 9 to 5 UK business hours - excluding weekends and public holidays.
Our SLA includes target resolution and response time depending upon incident priority.
A priority 1 issue is resolved within 4 hours.
|Support available to third parties||Yes|
Onboarding and offboarding
Our training services are documented on our website.
Our onboarding process includes initial deployment to the infrastructure.
|End-of-contract data extraction||Database backups and file system backups can be requested - or accessed directly by the customer.|
|End-of-contract process||Services may be handed over to the customer if they engage in a billing agreement with the hosting provider e.g. Microsoft Azure - else resources can be de-provisioned at no extra cost|
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||Customer can choose a shared of fully isolated environment|
|Infrastructure or application metrics||Yes|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Supplier-defined controls|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Scale, obfuscating techniques, or data storage sharding|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||Backup schedule agreed with customer.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users can recover backups themselves, for example through a web interface|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||We pass the SLA of the hosting provider (e.g. Microsoft Azure) to the customer.|
|Approach to resilience||We use Microsoft Azure - multiple region failover is available upon request.|
|Outage reporting||We send email alerts to our customer upon outage - and they can request regular uptime reports from our support team|
Identity and authentication
|Access restrictions in management interfaces and support channels||We use Azure AD B2C to secure customer accounts.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||
|Devices users manage the service through||Directly from any device which may also be used for normal business (for example web browsing or viewing external email)|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Our policy document is available upon request.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We use git to version control our deployments.
We use TeamCity to build, deploy and rollback releases.
We use Microsoft tools to ensure code quality - including unit tests.
We use Octopus deploy to deliver releases to environments.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We have any inhouse automated tool for scanning for, and reporting vulnerabilities.
We patch criticial issues on the of reports.
We use external tools and vendor bulletins to watch for new vulnerabilities.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Our inhouse tool will monitor and track authentication and login attempts - and report any suspicious activity.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Incident reporting is through our in house support system.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£2000 to £5000 per instance per year|
|Discount for educational organisations||No|
|Free trial available||No|