Flexidesk : Desktop as a Service (DaaS)

Thintech team have over 10 years’ experience in virtualisation technology, having delivered over 100,000 desktops and currently support over 60,000 users. Specialising in public, banking and legal sectors, TT can provide a hosted desktop with access to PSN and N3. Their core offering includes dual site resilience with continuous replication.


  • Desktop-as-a-Service (DaaS) platform is a fully customisable
  • Based upon Citrix and Microsoft Windows
  • Virtualise the desktop operating system, applications, user data
  • Flex and Scale the service to meet requirements
  • Enhanced Desktop Experience for End Users
  • Fully serviced and managed with 24x7 support and service
  • Work from anywhere
  • Pay as you go
  • Host your Applications
  • Use your own Licences


  • Seamlessly scale from 5 to thousands of users
  • Increased and enhanced flexibility and mobility
  • Increased security by centrally delivering the desktop experience
  • Simplified management and increased control via Cloud Control
  • Streamline key IT processes reducing management time
  • Standard applications or bespoke application deployment
  • Work anytime, anywhere, across your devices
  • Usage based payment. Per user, per month pricing.


£37.50 per user per month

  • Education pricing available

Service documents


G-Cloud 11

Service ID

4 7 1 7 5 3 4 8 8 4 3 6 8 7 3



Brett Loveday


Service scope

Software add-on or extension
Cloud deployment model
Community cloud
Service constraints
The service requires an internet connection and a suitable end point device to run the hosted desktop.
All attempts are made to ensure continuity of service and our datacentre is configured to be high availability with no downtime. If however the services needs to be taken down, this would be planned in advance and timely notice would issued to all users ahead of such service outage.
System requirements
No system requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
Standard response times are within 15 minutes
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
All aspects of the visitor interface are customisable, therefore allowing any changes required. 2 of the 3 standard templates are W3C compliant and the solution has been tested by a representative from RNIB for use with the well-known screen readers. As the visitor interface is fully customisable, with access to the CSS and HTML, accessibility must be considered when customising/ changing the button/windows/forms.
Web chat accessibility testing
None completed
Onsite support
Yes, at extra cost
Support levels
SLA's Start at 24/7/5 with a 15 min response and vary according to requirement.
Support available to third parties

Onboarding and offboarding

Getting started
By using an onboarding process including visiting every user to migrate their setting and offering a floor walking service.
Service documentation
Documentation formats
  • ODF
  • PDF
End-of-contract data extraction
We provide the data on a encrypted device that the customer supplies and they own the encryption key.
End-of-contract process
We remove the client off of the service and keep the data for 3 months and then the data is deleted.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
Designed for use on mobile devices
Differences between the mobile and desktop service
Mobile uses the native applications and can launch published apps, when you use a Windows desktop it overlays the Window desktop with a touch interface.
Service interface
Description of service interface
Flexidesk™ is accessed via a secure web portal that overlays a full Windows desktop experience on any operating system. The interaction is identical to any Windows experience and will be a seamless experience for the end user.
Accessibility standards
None or don’t know
Description of accessibility
All aspects of the visitor interface are customisable, therefore allowing any changes required including font sizes, colour and contrast.
Accessibility testing
No testing has been completed.
Customisation available
Description of customisation
Own branded desktop own email with signatures own apps each user can customise start menu, run disclaimers.


Independence of resources
We offer dedicated resources per client via our Private Cloud model. The whole environment is monitored and trends for the utilisation of the back end infrastructure ensuing we have spare capacity on standby.


Service usage metrics
Metrics types
We provide usage reports on a monthly basis which include consumption reports of various applications, service tickets, change requests and desktop usage.
Reporting types
Regular reports


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft, Citrix, VMware, Sophos, Migration Wiz, Fuzemail, Datto

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Antivirus ,only access is via encrypted connection email is securely filtered by an external mail filtering service all systems are backed up hourly against ransomware.
Data sanitisation process
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Via an encrypted device or via secure FTP.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
Word (.doc .docx)
Data import formats
  • CSV
  • ODF

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Modified SSL Ciphers to achieve an A+ certification rating. Service is fully encrypted end to end via a relay and there is no direct connection.
Data protection within supplier network
Other protection within supplier network
Via an anti-virus service, firewall and backups.

Availability and resilience

Guaranteed availability
99.9% on SLA
Approach to resilience
Designed with single site resilience. All systems are duplicated with no single point of failure which is replicated daily to DR facility.
Outage reporting
We will call the client and use social media.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
No Generic accounts. All named users have a User name and password and passcode token. Tiered access hierarchy based on job role and/or designated client.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Cloud security at Thintech team is the highest priority. As an Thintech team customer, you will benefit from a data centre and network architecture built to meet the requirements of the most security-sensitive organizations. Measures taken include but not limited to Anti-Virus, Anti-Phishing, Fusemail-Anispam, Anti-Ransomware, System is backed up hourly, Virtual Desktops are read-only, Client and Virtual desktop run Sophos suite antivirus with daily backend scans.
Information security policies and processes
We are currently working towards IS27001 and are using their suggested framework inc policies & processes.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have regular technical workshops where changes are discussed and documented this then goes through the Change Advise Board who approve or reject request. Once approved it is then raised as a Change Request within the service desk and any outage are mutually agreed with client.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Thintech team has a documented vulnerability management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. Where technically possible, real-time updates and status reports are identified and sourced from credible vendor sources, which cover a significant proportion of Thintech team asset population. For other systems and software, assigned personnel have responsibility for regularly reviewing technical forums and specialist groups to promptly identify and evaluate any emerging patches or updates which require our attention.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
- For mail threats we use a products for mail filtering and heurists called FuseMail, all inbound and outbound mail is filtered using Fusemail prior to delivery.
- Anti-Virus software is deployed across the entire estate in the form of Sophos, the only exclusions included are software supplier related exclusions.
- Firewalls and Application Delivery Controllers are used to publish internal resources and secure networking traffic internally and externally.

- An incident is responded to immediately by a 24/7 helpdesk that will be alerted to any threats. Core business owners are notified of potential breaches and also client if necessary.
Incident management type
Supplier-defined controls
Incident management approach
Thintech team has a documented incident management policy and process. This activity is responsible for the progression of alerts generated by automated monitoring systems, issues identified by Thintech team personnel, and incidents identified and reported to Thintech team by its customers and partners. All incidents are promptly reported into a central ticketing system, which ensures that each is promptly assigned to an appropriate resource, and its progress tracked (and escalated, as required) to resolution.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)


£37.50 per user per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑