Capito

iland Disaster Recovery as a Service (DRaaS) iland®

iland Secure Disaster Recovery as a Service (DRaaS) allows your IT
workloads to be replicated from virtual or physical environments
to iland's advanced security cloud infrastructure. With over a
decade of disaster recovery expertise, iland can help ensure that
your solution is tuned to your business priorities and compliance
needs.

Features

• Zerto Integration
• Veeam Integration
• GDPR Compliance
• ISO 27001
• ISO 27701
• ISO 9001
• CSA STAR
• Supports multi-site hybrid back-up
• Customer can manage their own back-ups via a portal
• Global 24/7/365 fully managed and supported

Benefits

• Regulatory Compliance
• Web based monitoring portal easily accessible
• Extensive support
• Complete control of data sovereignty
• Easily scalable
• UK Data Centres
• Proactive Monitoring
• Backup and Restoration

£0.02 to £41.50 a virtual machine a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at DigitalMarketplace@capito.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

451854498313321

Contact

Rachael Millar
01506 460 300
DigitalMarketplace@capito.co.uk

Service scope

• Service constraints: Supported virtual workloads: VMware
• System requirements: N/A

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 9 to 5 (UK time), Monday to Friday
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Iland's web chat support meets WCAG 2.1; AAA accessibility standards.
• Onsite support: Onsite support
• Support levels: Our support teams are available 9 to 5 (UK time), Monday to Friday to respond to alerts, take calls, make decisions, and act to ensure that your services are operating effectively every second of the day. ; ; The support desk is accredited to ISO20000-2011 and ISO27001-2013 standards and the technical operations staff can cover everything with a guaranteed qualified engineering response within 15 minutes of notice. ; ; Effective Account Management plays a central and fundamental part of the successful delivery of services to Capito’s customers. Capito has a unique account management structure that consists of:; ; • Business Development Manager; • Account Manager ; • Internal Account Manager; • Pre-Sales; • Sales Support; • Bid Management; • Service Delivery Manager ; ; The Capito structure allows for good management, with no single point of failure and frequent customer contact.; ; 1. 24 hours x 7 days a week 2. No tiering of; support levels 3. Engineering and Account; Management (T3-T3) available
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Capito provide a full on-boarding service with supported online training supporting user documentation.; ; All new customers to iland are onboarded via our Cloud Services Team, this ensures as smooth an onboarding as possible. Additionally, a full library of technical guidance and documentation is available via the iland Success Centre.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Data can be extracted through multiple solutions and Capito will work with the end user to determine the most appropriate solution that meets their requirements.; ; All data may be extracted using industry standard formats.
• End-of-contract process: Capito will immediately stop providing the agreed service. ; ; Payments due or payable by you under this agreement will become due and payable immediately, including any unpaid charges due for the remainder of the initial term or any renewal term (except where the agreement has ended for Capito's material breach ; ; Within 30 days after this agreement ends, each of us will return all confidential information of the other in its possession at the time this agreement ends and will not make or keep any copies of that confidential information except as required to comply with any applicable legal or accounting record keeping requirement.; ; iland's cloud services engineering team and 24x7 support is included with the price of the contract. iland also offers professional services that are independent from the cloud services, and those services are subject to their own separate pricing. Reach out to iland for more details.

Using the service

• Web browser interface: Yes
• Using the web interface: The web interface is fully featured and customers can fully deploy,; configure and manage their environment from the web interface.; Additionally, all web interface functionality is available via API.; ; Capito deliver service desk facilities primarily via the customer control panel. Capito provides customers with a web-based Control Panel, which provides a broad view of information and services surrounding their solution which allows authorised users to create and manage cloud services as well as raise, track and report on support tickets.
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Iland's website interface meets WCAG 2.1 AAA accessibility; standards.; ; No testing has been completed with assistive technology users.
• API: Yes
• What users can and can't do using the API: Customers are able to perform a range of actions via the iland API,; all activity which can be completed via the GUI, can also be; accomplished via the API. Documented access and controls for; iland APIs are provided to customers.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: Dependent upon the solutioning. Designed with your business; requirements in mind, the iland Secure Cloud Console is an intuitive,; yet powerful interface that offers unmatched visibility and control; into your cloud services at iland. It gives you the transparency; needed to closely monitor and manage your cloud resources; effectively in terms of cost, performance, regulatory compliance; and support. It also provides the flexibility to customize permissions; using enhanced Identity Access Management policies.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Contractually determined.; Capito provision the Cloud Storage service from highly available data centre infrastructure.; ; Each Data Centre is fully powered, secure, resilient and newly equipped to handle the demands of future computing trends such as high density computing, virtualisation, energy conservation, distributed storage and multi site disaster recovery. Offering a total of 7,000 m² of advanced Data Centre technology in 8 major UK cities, we are not hindered by lack of space, legacy operating systems or practices.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Iland

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Databases
  • All Virtual machines under a virtual Data Center
• Backup controls: Capito Managed Service provides full support for backups.; for iland you can also manage Via subscription SKU options at the contract level, with daily backups at the following retention policies: 7 days, 30 days, 90 days, 1 year (30 daily plus 13 monthly backups), and 7; years (30 daily plus 13 monthly plus 7 yearly backups)
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
• Other protection between networks: Point to Point or MPLS circuits SDWAN solutions over Internet connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Encryption at Rest - AES 256; ; Other protection within network. Mechanisms are in place to restrict unauthorised internal and external access to data with access to data appropriately segregated. Firewalls configured not to permit traffic from a source IP or Media Access Control (MAC) address other than its own Data in transit protection for Capito services are subject to audit at least annually under ISO 27001 and PCI-DSS certification requirements.

Availability and resilience

• Guaranteed availability: Iland and Capito 100% SLA Provided.
• Approach to resilience: Multi-data centre configurations.; More information available upon request.
• Outage reporting: Email alerts & a public dashboard: status.ilandcloud.com an API email; alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to all service interfaces (for consumers and providers) is constrained to authenticated and authorised individuals. ; ; Remote management access is authenticated and directly associated to authorised individuals rather than group accounts. ; ; All managed systems monitored and access logged and tracked for auditing purposes.; ; This is governed by iland's Access Control policy, which follows; the principle of least privilege. Additionally, iland manages; authentication and authorization to iland systems, including the; restriction and credentialing of access administrators.; Additionally, iland relies upon Microsoft Domain Structure for; Identity Governance and Access Management systems.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 23/03/2017
• What the ISO/IEC 27001 doesn’t cover: As detailed within the SOA
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
• Other security governance standards: SSAE 18 SOC 2 Type 2
• Information security policies and processes: EU GDPR ISO 27001 ISO 27701; PCI-DSS SSAE 18 Cyber Essentials; Capito's adheres to the Security Classification Definitions as described in the Government Security Classifications Policy (GSCP). This is outlined and defined in the Quality Manual and forms part of Capito's overall integrated management system, which consists of UKAS / APMG / NCSC accredited systems. Notably; ISO 27001:2013 Information Security Management; ISO 20000-1:2011 IT Service Management; ISO 9001:2015 Quality Management; ISO 14001:2015 Environmental Management. All are regularly audited for compliance by an accredited certifying body. These standards require Capito to have robust controls in place to manage data, documents and records. Displaying evidence that Capito has appropriate and measured controls in place to manage OFFICIAL information that if lost, stolen or published in the media could have more damaging consequences (for individuals, an organisation or government generally). ; ; All data centres have been independently assessed on a number of occasions by local authorities and UK Government Departments, Senior Information Risk Owner’s (SIRO) as suitable for holding and processing their sensitive information to OFFICIAL level.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Capito's change management process is in line with ISO27001 controls A.12.2 Controlled mechanism for making changes to operational environments. iland implemented change management policies/procedures to define change controls for the addition, deletion, or alteration of systems/infrastructure components. All changes to software, hardware, or other systems/infrastructure tracked in accordance with iland's Change Management policy. A change management plan is in place to manage the modification and maintenance of systems/components. Proposed changes are submitted, tracked, and approved via ticketing solution. All changes are developed/tested in nonproduction environments prior to implementation, and rights to production migration are controlled in accordance with role requirements.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Iland has dedicated vulnerability management policies and processes to identify and assess vulnerabilities timely. These policies & processes are in place to monitor, assess, rank, and remediate vulnerabilities identified within iland's remedia; tions timeline (24 hours for critical, 48 hours for; important, 72 hours for moderate, and 240 hours for low). iland systems conduct regular vulnerability scans. Various evaluations are in use by iland to identify and assess potential risks or vulnerabilities, including audit logging, capacity monitoring of critical infrastructure, quarterly vulnerability scans, annual risk assessments, and periodic third-party; evaluations or audits.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Capito Protective Monitoring process is aligned with ISO27001:2013 control A.12.4 iland has professional monitoring to monitor critical systems,; which provides alerting for issues relevant to security or availability of assets. Additionally, iland monitors identifies vulnerabilities, including software flares, patches, malware, system misconfigurations. iland delivers support 24 hours x 7 days a week to customers and iland's; protective monitoring processes are governed by iland's policies & processes. iland's support and engineering teams reply to incidents in accordance with business and legal requirements. iland provides documentation for customers regarding up-time and performance levels via publicly accessible websites for transparency on availability/monitoring activities.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Capito incident management process is aligned with ISO27001:2013 control A.16.1.; iland has dedicated incident management policies and processes in place for the timely identification and assessment of incidents. Following identification and assessment, guidance is in place to define actions to remediate threats posed by security incidents through patching vulnerabilities, removal of unauthorized access, and other remediation actions deemed necessary. iland users may report incidents through the iland Secure Console, by reaching out to iland's support team or their project manager. iland's Incident Management process is audited annually during iland's ISO 27001 and SSAE18 SOC2 independent audits.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Logical and physical segmentation.; Each tenant’s servers are segregated into their own VLAN Capito consults with clients to determine if servers need configured to further split server farms over separate security zones. This ensures that uncontrolled network communications do not occur through adjacent architectural tiers storage presentation is segregated through the use of fibre-channel zoning, prohibiting any host from accessing unauthorised storage areas

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Iland's UK Data Center Locations maintain ISO 14001 and ISO; 50001 certifications and have a policy titled "Environment and; Energy Management Statement" that outlines their commitment; to comply with the EU Code of Conduct for Data Centres and; EN50600.

Pricing

• Price: £0.02 to £41.50 a virtual machine a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The Secure DRaaS with Veeam 30-day Free-Trial; provides new prospects (or existing customers using; other iland services) the opportunity to try out all the; features of the Secure DRaaS with Veeam service; platform with no up-front commitment or costs; associated for 30 days with 3 TB Accelerated Storage.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at DigitalMarketplace@capito.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.