Capgemini UK plc

Cybersecurity - Managed Security Service (MSS) Web Content Filtering

Content Filters allow administrators to analyse and manage all web traffic, protect web browsing PC’s from infection and also enforce company policy for cloud based services.

Features

  • Prevent Access to websites
  • Filtering based on time (Allow access at certain time-of-day)
  • Centralised management
  • Per-user browsing reporting
  • Global Website Reputational database
  • Visibility of encrypted traffic

Benefits

  • Can increase Network Protection
  • Can increase Productivity
  • Can improve legal compliance
  • Helps optimise bandwidth use
  • Helps restrict the unintentional introduction of Malware
  • Can provide enhanced liability protection
  • Can prevent data leaks

Pricing

£733.00 per unit per month

Service documents

G-Cloud 9

461116485071730

Capgemini UK plc

Giovanna Borgia

+44(0)370 904 4858

publicsector.opps.uk@capgemini.com

Service scope

Service scope
Service constraints Any constraints will be identified through discussion with the buyer.
System requirements Capgemini’s policy is leveraging clients existing investments wherever possible.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We aim to acknowledge receipt of questions within one day. Resolution times will be according to the SLA for the service.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels A technical account manager or equivalent is available to act as a point of contact in respect of the service 9 to 5 (UK time), Monday to Friday.
Longer hours are optionally supported unless already provided for in the offer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We help users make use of our services through training and documentation as appropriate on a case by case basis.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Contact Capgemini directly, if documentation is required in other formats
End-of-contract data extraction Arrangements for Buyer data to be extracted can be agreed at the start of each contract, and the execution of such arrangements can be completed as part of the contract close down procedures.
End-of-contract process At the end of the contract, Capgemini can review with the Buyer:
that contractual obligations have been met,
that invoices have been raised and paid,
that no outstanding, documented issues remain (unless agreed otherwise),
that access rights have been terminated and user IDs deleted and
that data had been backed up and recovered as appropriate

Using the service

Using the service
Web browser interface No
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources The BAU part of the service is scaled for agreed activities. During exceptional demand, e.g. security incidents, BAU activities may take longer to execute, however additional resources can be deployed to address shortfalls.
Usage notifications Yes
Usage reporting
  • Email
  • Other

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types Other
Other metrics Contact Capgemini directly for details of any other metrics required.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach Please contact Capgemini directly, if other data protection arrangements are required.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery No

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks Please contact Capgemini directly, if other data protection arrangements are required
Data protection within supplier network Other
Other protection within supplier network Please contact Capgemini directly, if other data protection arrangements are required.

Availability and resilience

Availability and resilience
Guaranteed availability The service levels, availability levels and any associated service credits will be detailed in the Supplier Terms and the Service Definition.
Approach to resilience Please contact Capgemini directly for this information.
Outage reporting We will use the means defined in the service definition, or as agreed during project initiation or the next earliest opportunity

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Remote support access by Capgemini personnel to the buyer’s network, systems and applications is provided via a secure, standard, two tiered Citrix implementation with Transport Layer Security. Tier One is located in the Capgemini Data Centres.
Because the Client Access Point is located on the buyer’s network, the buyer must provide Capgemini personnel credentials and user accounts, in order to access systems or applications on their network. The buyer’s existing security systems, policies and procedures inherently apply. The buyer must provide a file share for Capgemini so that none of their data leaves their network.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
Devices users manage the service through Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 04/09/2015
What the ISO/IEC 27001 doesn’t cover Please contact Capgemini directly for information regarding ISO/IEC27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Capgemini follows its own information security policy, which is referenced against ISO27001:2013 - Information Technology - Security Techniques - Information Security Management Systems - Requirements, ISO 27002:2013 - Information Technology - Security Techniques - Code of Practice for Information Security Controls, and the Information Security Forum - Standard of Good Practice (2014).

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Capgemini 's configuration and change management processes are set out in its ‘Unified Project Method’ (UPM), but can be adapted to comply with specific requirements by agreement with individual Buyers (tailored services may attract additional charges).
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Scanning subscriptions and schedules are created to meet buyer’s requirements for vulnerability discovery.
Assets are prioritized based on their business criticality.
Vulnerability Analysis is completed against the vulnerability scanning raw output and used to produce detailed and targeted reporting at a low level for technical delivery teams and a high level for management view of risk surfaces.
Technical reports help technology support teams to calibrate patching cycles to allow vulnerabilities found to be remediated effectively by potential risk priority. Capgemini manages the information ingestion and assists in remediation activity planning across parties.
Rescans are subsequently undertaken to verify closed vulnerabilities.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach (1) We can identify potential compromises through a variety of means including SIEM, user reports and vulnerability scanning.
(2) Potential compromises and events of interest are triaged by our Security Operations Centre and investigated to eliminate false positives. Confirmed events are then treated as security incidents according to their assessed severity.
(3) Timescales depend on the detection route and complexity following triage analysis.
If further information required please contact Capgemini directly.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Capgemini 's incident management processes are set out in its ‘Unified Service Method’ (USM), but can be adapted to comply with specific requirements by agreement with individual Buyers (tailored services may attract additional charges).

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £733.00 per unit per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑