Fordway

Fordway Endpoint Data Protection and Compliance

Fordway Endpoint Data Protection and Compliance is a fully-automated, enterprise-class solution offered as software as a service (SaaS), covering backup, restoration, compliance and legal. Endpoint Protection and Compliance offers elastic, on-demand backup storage that scales for any number of users, with data stored in either Amazon AWS or Microsoft Azure.

Features

  • Centralised storage ensures protected data. Full visibility for data governance
  • Federated search identifying files locations. Geographic location of mobile devices
  • Automated compliance monitoring and deep audit trails for risk identification
  • Legal hold management enables data to be preserved as required
  • Extensive governance data policy configuration meeting global data privacy requirements
  • Integrated DLP assists in preventing data breach of lost devices
  • Remote wipe (auto- or admin-initiated), geo-location, and enforced encryption
  • Enterprise-grade encryption in-transit (256-bit SSL) and at-rest (AES-256)
  • OS support includes: Windows, Mac, IOS, Android, Linux
  • High availability and enterprise-scale RPO and RTO

Benefits

  • Automated backups to a predetermined schedule with no user disruption
  • Anytime, anywhere access from any device.
  • Immediate self-service restore to swiftly resume work on new device
  • Backup, recovery, archive for cloud applications e.g. Office365 SharePoint, Google
  • Automated installation and integrated mass deployment; straightforward and simple deployments
  • Unified interface enables your IT team with centralised administration
  • Intuitive bandwidth, resource usage and scheduling settings
  • Per user licence model enables unlimited data to be stored
  • Enterprise-class security, compliant with international standards (SOC-1, SOC-2, SOC-3)
  • Up to 99.99999% Customer Data durability and 3-way data redundancy

Pricing

£4 to £10 per user per month

  • Minimum contract period: Month
  • Excluding VAT
  • Trial option available

Service documents

G-Cloud 8

568342993012299

Fordway

Richard Blanford

08448 700100

sales@fordway.com

Support

Support
Name Content
Support service type
  • Service desk
  • Email
  • Phone
  • Live chat
  • Onsite
Support accessible to any third-party suppliers Yes
Support availability 24/7/365
Standard support response times 1 hour for standard incident, 15 minutes for P1 incidents
Incident escalation process available Yes

Open standards

Open standards
Name Content
Open standards supported and documented Yes

Onboarding and offboarding

Onboarding and offboarding
Name Content
Service onboarding process included Yes
Service offboarding process included Yes

Analytics

Analytics
Name Content
Real-time management information available Yes

Cloud features

Cloud features
Name Content
Elastic cloud approach supported Yes
Guaranteed resources defined Yes
Persistent storage supported Yes

Provisioning

Provisioning
Name Content
Self-service provisioning supported Yes
Service provisioning time 1 to 2 hours for clients with current agreement in place
Service deprovisioning time Client dependent, minimum 1 day

Open source

Open source
Name Content
Open-source software used and supported No

API access

API access
Name Content
API access available and supported Yes
API type All Windows APIs, REST, S3,

Networks and connectivity

Networks and connectivity
Name Content
Networks the service is directly connected to
  • Internet
  • Other

Access

Access
Name Content
Supported web browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Offline working and syncing supported Yes
Supported devices
  • PC
  • Mac
  • Smartphone
  • Tablet

Certifications

Certifications
Name Content
Vendor certification(s)
  • Microsoft Gold Partner - 5 comptencies, 3 cloud specialisms
  • VMware Enterprise Partner
  • Dell Premier Partner
  • Cisco Premier Partner
  • HP Partner
  • Commvault Platinum Partner
  • Tegile Partner
  • NetApp Silver Partner

Data storage

Data storage
Name Content
Datacentres adhere to the EU code of conduct for energy-efficient datacentres Yes
User-defined data location Yes
Datacentre tier TIA-942 Tier 3
Backup, disaster recovery and resilience plan in place Yes
Data extraction/removal plan in place Yes

Data-in-transit protection

Data-in-transit protection
Name Content
Data protection between user device and service
  • CPA Foundation VPN Gateway
  • TLS (HTTPS or VPN) version 1.2 or later
  • Legacy SSL or TLS (HTTPS or VPN)
Assured by independent validation of assertion
Data protection within service
  • TLS (HTTPS or VPN) version 1.2 or later
  • Legacy SSL or TLS (HTTPS or VPN)
  • VLAN
  • Other network protection
Assured by independent validation of assertion
Data protection between services
  • CPA Foundation VPN Gateway
  • TLS (HTTPS or VPN) version 1.2 or later
  • Legacy SSL or TLS (HTTPS or VPN)
Assured by independent validation of assertion

Asset protection and resilience

Asset protection and resilience
Name Content
Datacentre location EU, assured by independent validation of assertion
Data management location UK, assured by independent validation of assertion
Legal jurisdiction of service provider UK, assured by independent validation of assertion
Datacentre protection Yes, assured by contractual commitment
Data-at-rest protection
  • Other encryption
  • Secure containers, racks or cages
  • Physical access control
Assured by independent validation of assertion
Secure data deletion Other secure erasure process, assured by independent validation of assertion
Storage media disposal CESG or CPNI-approved erasure process, assured by contractual commitment
Secure equipment disposal Yes, assured by independent validation of assertion
Redundant equipment accounts revoked Yes, assured by independent validation of assertion
Service availability 99.999, assured by contractual commitment

Separation between consumers

Separation between consumers
Name Content
Cloud deployment model Public cloud, assured by independent validation of assertion
Type of consumer Anyone - public, assured by contractual commitment
Services separation Yes
Services management separation Yes

Governance

Governance
Name Content
Governance framework Yes, assured by independent validation of assertion

Configuration and change management

Configuration and change management
Name Content
Configuration and change management tracking Yes
Change impact assessment Yes

Vulnerability management

Vulnerability management
Name Content
Vulnerability assessment Yes
Vulnerability monitoring Yes
Vulnerability mitigation prioritisation Yes
Vulnerability tracking Yes
Vulnerability mitigation timescales Yes

Event monitoring

Event monitoring
Name Content
Event monitoring Yes, assured by independent validation of assertion

Incident management

Incident management
Name Content
Incident management processes Yes
Consumer reporting of security incidents Yes, assured by independent validation of assertion
Security incident definition published Yes, assured by independent validation of assertion

Personnel security

Personnel security
Name Content
Personnel security checks
  • Security clearance national vetting (SC)
  • Baseline personnel security standard (BPSS)
  • Employment checks
Assured by independent validation of assertion

Secure development

Secure development
Name Content
Secure development Yes
Secure design, coding, testing and deployment Yes
Software configuration management Yes

Supply-chain security

Supply-chain security
Name Content
Visibility of data shared with third-party suppliers Yes
Third-party supplier security requirements Yes
Third-party supplier risk assessment Yes
Third-party supplier compliance monitoring Yes
Hardware and software verification Yes

Authentication of consumers

Authentication of consumers
Name Content
User authentication and access management Yes, assured by independent validation of assertion
User access control through support channels Yes, assured by independent validation of assertion

Separation and access control within management interfaces

Separation and access control within management interfaces
Name Content
User access control within management interfaces Yes, assured by independent validation of assertion
Administrator permissions Yes, assured by independent validation of assertion
Management interface protection Yes, assured by independent validation of assertion

Identity and authentication

Identity and authentication
Name Content
Identity and authentication controls
  • Username and two-factor authentication
  • Username and TLS client certificate
  • Authentication federation
  • Limited access over dedicated link, enterprise or community network
  • Username and strong password/passphrase enforcement

External interface protection

External interface protection
Name Content
Onboarding guidance provided Yes
Interconnection method provided Internet

Secure service administration

Secure service administration
Name Content
Service management model
  • Dedicated devices for community service management
  • Service management via bastion hosts
  • Direct service management

Audit information provision to consumers

Audit information provision to consumers
Name Content
Audit information provided Data made available by negotiation

Secure use of the service by the customer

Secure use of the service by the customer
Name Content
Device access method
  • Corporate/enterprise devices
  • Partner devices
Service configuration guidance Yes, assured by independent validation of assertion
Training Yes, assured by independent validation of assertion
Return to top ↑