Interoute Communications Limited

Interoute Object Storage

Object Storage is an enterprise class massively scalable distributed storage platform. Providing an economical pay-as-you-go solution for cloud data storage or static website hosting, as well as a complementary storage service for the Interoute Virtual Data Centre (VDC) platform. Scalability is simple and efficient and outperforms traditional enterprise storage.

Features

  • NIST complaint Object Storage platform hosted in Interoute Data Centres
  • Simple billing on a pay-as-you-go basis
  • Access through various connectivity methods including PSN, Private and Internet
  • Optimised for customer security and accreditation requirements
  • Provdes physical layer of segration between customers
  • Role based portal GUI and API for management
  • Built in user controlled high availability
  • Direct integration with Interoute Virtual Data Centre (VDC)
  • Integration into multiple backup and archiving solutions
  • Dedicated environments available

Benefits

  • Delivered in the UK managed and maintained by UK operatives
  • Commercial options available to meet customer financial profiling
  • Hosted within ISO accredited Tier 3 + data centres
  • Service Management including web based portal access, "My Services"
  • Management of services through API and VDC control centre GUI
  • Dual or triple site replication for enhanced availability
  • Scalable platform with no storage limits
  • Data is encrypted in flight and at rest
  • Interoute own network and data centers offering a guaranteed SLA

Pricing

£0.05 per unit per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

446260320257675

Interoute Communications Limited

Marian Coldicott

+442070325494

marian.coldicott@gtt.net

Service scope

Service scope
Service constraints Interoute operate planned maintenance to a published schedule but have no other physical constraints.
System requirements Interoute flexibility allows customers to use their own software

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Interoute operates to CCS level 4 - 24x7x4 for all services. Our Contact Centre can be reached via email, phone or through our "My Services" web portal which is provided free of charge as part of the solution.
Any request is handled through the Contact Centre and we target responding within 30 minutes, in addition for some services we provide a "live chat" function which is available during office hours only.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Live Chat is available to assist clients with the use of the "My Services" web portal which provides:
·        Reporting
·        Invoices and CDRs
·        User Management
·        Search and Filter
·        Incidents and Requests
·        Orders
·        Alarms
·        Performance Monitoring 
·        Secure customer Access 
·        Service Level Agreements
In addition Live Chat is available to answer user specific queries relating to the product or service purchased.
Web chat accessibility testing Whilst Interoute does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
Onsite support No
Support levels Interoute provide support on a 24x7x4 basis including remote monitoring and management for all clients and is provided on a fixed cost basis.
Interoute has an extensive engineering capability made available to clients through the Interoute Customer Contact Centre. In addition the services supported by a Field Engineering team who have the appropriate skills and accreditations to restore services.
Interoute also provide our clients with both service management and technical management, the extent of which is determined on a individual customer basis.
Interoute are able to provide a variety of service levels up to and including 99.99% availability. As standard Interoute operate a 24x7x4 maintenance and management service.
Interoute operate to IS02000 and within the ITIL framework ensuring consistency of service to all customers.
Other KPI's include proactive spot rates, telephony response times, accuracy of reporting and overall customer experience.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Interoute provides a flexible approach allowing customers to purchase some or all services covered by our solution, the level of support therefore varies on depending on the solution taken.
Options for clients include on-line and on-site training and extensive user documentation /guides. In addition all clients are provided with a service manual which contains details on both how to use the service, report incidents and access statistical data including management reporting.
Interoute also provides a forum for clients across our entire base to share information and experiences and provide and feedback.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data can be exported from the Interoute Object Storage platform at any time during the contract via the GUI or API. Interoute does not charge for data or network transactions and therefore no additional cost would be incurred during this process.
Interoute provides assistance for clients when exiting the service. This can include providing the physical infrastructure where the data resides and/or providing temporary connectivity links designed to allow the customer to electronically transfer the data to the new service.
Within 90 days of contract signature Interoute will work with the customer to develop and agree an exit plan which will detail the resources required and the assistance provided to ensure a smooth transition to the new service provider.
Our typical approach is to provide customers with a rate card for Professional Services ensuring the financial implications of exit can be fully understood.
End-of-contract process Interoute can assist by providing professional services including project management, service management, implementation, storage configuration, migration, application assistance, network assistance and technical management.
Interoute will provide a service catalogue listing day rates for these services.
Interoute will act in a professional and co-operative manner in order to assist customers in transitioning services either to a new supplier or back in house at the end of the contract term. The details of the approach will depend upon Interoute’s final solution and the incoming supplier’s design and implementation plans. Interoute recommends the following are considered, as appropriate, to ensure minimal disruption to normal business operations:
Governance
 Agreement and establishment of a governance structure between the customer, Interoute and the incoming supplier, as necessary, with defined meetings and attendees, including the assigned Interoute Exit Manager.
 Detailed risk assessment carried out jointly with the customer to identify all risks which are likely to occur during the transition and with agreed mitigation approach and regular review and tracking of these risks and other issues.
 Interoute adherence to its contractual obligations whilst maintaining flexibility where required to ensure the smooth transition to a new provider.

Using the service

Using the service
Web browser interface Yes
Using the web interface Interoute will provide a client with a URL which provide clients with access to the “My Services” web portal which has an extensive management reporting function. It is positioned as the first line of support and information and provides greater control in managing the relationship with Interoute services and offers:
Reporting
Invoices & CDRs
User Management
Search & Filter
Incidents & Requests
Orders
Alarms
Performance Monitoring
Secure customer Access
Service Level Agreements
Change Management

The portal speeds up communication, efficiently share key information (technical, numbers, results), and:
Increase service control;
Decrease operational management overheads;
Obtain an inside view into system management and performance.
Web interface accessibility standard None or don’t know
How the web interface is accessible The Graphical User Interface within "My Services" is adaptive, so that each user is presented with different menu options according to the access privileges and/or services subscribed to. The portal is a browser-based product with a series of reporting screens and fault logging options.
Ease of navigation is central to its design ensuring users can quickly locate their desired function, meeting the user’s requirements with minimal delay.
Each user is required to go through a secure logging process, once successfully logged in, the user is provided with a homepage with customisable preferences options to ensure that the tool matches their individual requirements. From here, the user can select the functions pertinent to their needs.
Web interface accessibility testing Whilst Interoute does not have any record of documented testing with assisted users, we own the technology which provides our web chat facility and would therefore be in a position to develop a solution to meet the individual needs of an assisted technology user.
API No
Command line interface No

Scaling

Scaling
Scaling available Yes
Scaling type Automatic
Independence of resources Interoute runs multiple Object Storage zones, stringent monitoring and controls are applied ensuring performance provided is not affected by other users on the platform.
Interoute Object storage has been designed to provide an customers with a low cost, highly scalable storage platform. Storage is provisioned across multiple storage devices and locations ensuring access to the data is not interrupted by noisy neighbour scenarios.
Therefore, whether other customers are on the platform create ‘noisy neighbours’, Interoute can supply an efficient and performant service.
Usage notifications Yes
Usage reporting
  • Email
  • SMS
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual Machines
  • Applications
  • Databases
  • Files
Backup controls Interoute work with customers to tailor the template replication, snapshot mirroring and backup replication services to meet the DR objectives for each application and data set.
Customers can maintain applications deployed in an “always on” configuration across datacentres so that replicated services are not required for these applications in the event of DR.
For applications not deployed in “always on”, customers can deploy servers from templates and snapshots and mount both data and storage from snapshots and backups.
The backup service is automatically available for restorations as the client will be configured to automatically connect to the second backup repository.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Interoute will design the solution to meet the availability required by the customer up to 99.99%.
The Interoute service is provided across multiple zones and data centres, connected via our privately owned network ensuring resilience.
Interoute standard availability target is 99.99%, in the event that the service falls below the overall availability Interoute will pay service credits based on the availability of individual resources.
Approach to resilience Interoute use multiple data centres and zones connected via our privately owned network ensuring guaranteed resilience.
Interoute’s service is operated and managed by our ISO 27001 accredited Operations Centre monitoring services 24x7 with a CSIRT function to ensure appropriate operations security response. This includes immediate escalation to the Chief Security & Risk Officer if any data security incident is detected on Interoute platforms, systems or services. Interoute’s core equipment is physically located in secure data centres with resilient power, resilient cooling, and fire detection and suppression controls. This include industry standard physical security controls with all access logged and appropriate physical perimeter security controls (ACS and CCTV). All core equipment is configured for high availability, deployed in an N+1 architecture ensuring full resiliency of critical components.
At the logical layer Interoute’s core network connects resiliently and is secured by Interoute’s MPLS core. Each customer is provided with a separate VRF ensuring logical separation of customer traffic across network.
Outage reporting Outages can be reported via phone, email or through the "My Services" web portal. Interoute will notify clients of any planned or emergency outages via the same communication methods which will be captured as part of an operations service manual.
Outages can be reported via phone, email or through the "My Services" web portal. Interoute will notify clients of any planned or emergency outages via the same communication methods which will be captured as part of an operations service manual.
Incident and Request Tickets can be raised using the Tickets feature in the "My Services" Web Portal enabling the user to:
• Raise a new incident
• Update a ticket/incident
• View incidents and their feedback.
When raising a new incident, the "My Services" web portal will take the user through four pages; incident details, technical questions, contact information and a summary page. The drop down menu options and compulsory data entry fields allow easy entry of information whilst capturing the core information to resolve the incident efficiently.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Interoute provide management services via a secure VPN access service which has firewalls at each end ensuring a seperate connection for each client managed.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Lloyds Register LRQA
ISO/IEC 27001 accreditation date 09/10/2006
What the ISO/IEC 27001 doesn’t cover The following controls are not applicable: Access control to program source code Protecting application services transactions
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification QCC Information Security Ltd
PCI DSS accreditation date February 2018
What the PCI DSS doesn’t cover Interoute has achieved Level 1 PCI DSS certification for controls 9 (Physical Security) and 12 (Security Policy) for our Data Centres (Amsterdam, Berlin, Geneva, London 1 and 2, Hoddesdon, Madrid, Paris and Zurich). And provide professional services to help our customers attain PCI DSS certification for their e-commerce solutions.
Our Hosting and Security Product Portfolio provides the building blocks and compliance mechanisms necessary to achieve and maintain PCI DSS certification for critical business technology and online commerce requirements.
Other security certifications Yes
Any other security certifications
  • ISAe 3402
  • HMG BPSS
  • DBS
  • GPG13
  • CPNI
  • CESG
  • SANS Institute
  • DPA
  • PSN
  • ISO 27001 , ISO 7799 and PCI DSS

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Interoute is accredited to and/or meets the following security considerations:
HMG BPSS
DBS
GPG13
CPNI
CESG
SANS Institute
DPA
PSN
ISO 27001
ISO 7799
PCI DSS
All of our solutions comply with the Cloud Security Principles and conform to CESG standards.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Through the set of integrated management tools used by Interoute, we generate and maintain the CMDB which includes information regarding access, general logs, and application logs. Interoute provides a CMDB to identify, control and record an accurate inventory of CIs.The CMDB will provide an audit trail of all changes and can be downloaded to a .csv file for further manipulation.
Interoute defines changes into three categories, soft, hard and complex. All changes will be agreed with the customer and are assessed for both risk and the potential security implication.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Interoute conducts a comprehensive risk assessment of all critical business and operations risks to our critical operations components, inclusive of risk scenarios based on industry best practice security and continuity threats, vulnerabilities and risks. This risk assessment is maintained by our Security & Governance Group audited annual by internal security professionals and external 3rd parties. The fundamental objective is to define the necessary continuity mitigation controls required to maintain operations and quality with integration into our ITIL and ISO 27001 security controls with defined performance metrics.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Security controls are applied to protect Interoute and the customer;
• Customers accessing our Data Centres must comply with site access procedures and codes of conduct.
• Use of facilities and operations must comply with stated contractual obligation to adhere to Acceptable Use Policy.
• Exchange of information and data will be controlled by contracted confidentiality clauses.
• ISO 27001 security management system protects Confidentiality, Integrity and Availability of internal and customer data.
• Security Incident Management processes report, log, respond and resolve security incidents.
Controls in place protecting security of our internal network and systems includes FW, IDS/IPS, DDOS.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Customers are able to report incidents via phone, email or through the "My Services" web portal. The severity of the incident will be determined by the data captured in the service manual. Real time updates are provided during the lifetime of the ticket and can be accessed via the portal.
Management reports are provided via the portal and can be downloaded by the customer. In addtion the service manager will provide a comprehensive report at the regular service review meetings.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £0.05 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Three months free trial is available.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑