Award winning Backup (BaaS) & DR (DRaaS) including Office365 - Nexprotect

NexProtect is a Hybrid-Cloud Backup and DR as a service (BaaS) (DRaaS) with fixed term pricing. Our unique commercial model with a fixed cost over 12 - 36 months, means no more surprise bills for Data Egress & includes Office365 backup


  • Hybrid Cloud Based Backup & DR
  • Agentless backup for VMware & Hyper-V
  • Fast file, folder, full system, application, bare metal recovery
  • Office 365 protection for Exchange Online, Sharepoint and OneDrive
  • Instant Recovery of data and applications with Virtual Standby functionality
  • Highly optimised, bandwidth efficient replication to the cloud
  • End to End data encryption
  • UK Based Data Centres & 24x7 Telephone Support
  • Fixed price service – Fixed cost over 36-60 months
  • No data Egress or failover costs


  • Onsite Appliance or no hardware.
  • Fast set up and easy to manage.
  • Fast recovery of Files, Databases and full BMR.
  • Protect your Cloud Based Applications as well as local.
  • In the event of a disaster, failover to our cloud.
  • Bandwidth included in the price.
  • Total data separation - No shared Cloud Hardware.
  • Total data sovereignty
  • Predictable costs - No Data Egress or Failover charges
  • Cloud portability - No lock-in.


£50 per terabyte per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11



Troy Platts


Service scope

Service scope
Service constraints None
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Severity 1 Within 30 minutes (business hours) within 1 hour (out of hours).
Severity 2 Within 4 business hours.
Severity 3 Within 8 business hours.
Severity 4 Within 12 business hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Standard - provides the customer with Email Support during our core business hours, Incident Management and access to our online Customer Portal to log incidents, view the Knowledge Base and follow incidents.

Service Desk - Standard with the addition of Monitoring and Telephone support.

Service Desk Plus - As above plus incidents and problems are recorded, classified, prioritised, tracked and resolved by the Nexstor Service Desk within the agreed Service Level Agreement. Nexstor will provide Quarterly Reporting based on this.

Fully Managed - Our Fully Managed solution offers our Service Desk Plus service as well as the following core functions:

Out of Hours Telephone Support (24 x 7 x 365)
Patch Management (Operating System and Enterprise software)
Change Management
On-site Support
External Vendor Management
Monthly Reporting

All costs are negotiable and dependent upon multiple factors including data volumes, contract length etc.

Every client has a technical account manager and service desk contact.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Depending on the Customers requirements, we will provide documentation and either onsite or online training.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction We send the users data back to them on an appliance, that is fully encrypted.
End-of-contract process At the end of the contractual period, should the client no longer wish to continue with the service, the end user will receive all of their data back within 7 days on an encrypted appliance. The client then gets 30 days to wipe the appliance and return in the packaging supplied. Shipping costs will be covered by us.

Using the service

Using the service
Web browser interface No
Command line interface No


Scaling available No
Independence of resources Our service is a private, Hybrid cloud service and utilises dedicated appliances and Network Bandwidth. Each client get their own 100mb - 1Gbit line straight into our dedicated Cloud Appliance.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • VMWARE & Hyper-V
  • Physical Servers (Windows/Linux/UNIX)
  • Office 365 including: Exchange online, Sharepoint, OneDrive
  • Databases: SQL, Oracle, Sybase, DB2
  • Files
  • NetApp
  • HPE Nimble
  • HPE 3PAR
  • Kaminario
Backup controls Users work with our team to define their backup schedules - Users can have unlimited numbers of different schedules.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Its is our aim to provide 24x7 365 days access to our clients backup data and DR services. In the event that this SLA isn't met, we have a process in place to compensate clients on a case by case basis.
Approach to resilience Redundancy in everything: Multiple cooling units, backup generators, power sources, chillers, etc. If one piece of equipment fails, another can start up and replace its output instantaneously. More details available on request.
Outage reporting Our clients will be emailed

Identity and authentication

Identity and authentication
User authentication Username or password
Access restrictions in management interfaces and support channels Security groups
Access restriction testing frequency Never
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards Crest
Information security policies and processes Information security is managed by each client/user. All backup and DR data is encrypted and these encryption keys are held by the end user.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our Configuration components are tracked in are ITSM tool and notifications will be sent to Support to notify us of any significant milestones that require activity.

Our Change Process is categorised into three types of change – Normal; Standard; and Emergency.

The Change is documented and described in full in the Request for Change form and submitted for CAB approval. Once the Change has been approved by CAB it is logged in the ITSM tool.

Following any Change regardless of success or failure there is a review conducted and lessons learned are recorded.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Nexstor take the following measures to manage risk:

All vulnerability management should follow the Change Management Standard Operating Procedure.

All Software that may be impacted as a result of the application of a patch should be documented.

Vulnerabilities, loss of functionality and/or performance degradation that might be addressed by any patch deemed to pose too high a risk to implement should be mitigated against by another method wherever possible.

Nexstor will aim to align to vendor release cycles for all Software patches to minimise system vulnerabilities.

A record of applied patches will be kept for all systems wherever possible.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Nexstor has a series of monitoring tools that check on the performance and availability of the infrastructure, where warning and exceptions are identified alerts are sent to the Service Desk for review, and where appropriate for incidents, problems or changes to be created in the IT Service Management Toolset.

Alerts are responded to in line with each customers SLA.
Incident management type Supplier-defined controls
Incident management approach At Nexstor we follow our Incident Management Standard Operating Procedure for all incidents raised.

Customer contact to the Nexstor Service Desk to raise an incident is either via the Customer Portal, by telephone between 08:00 & 17:30 GMT/BST (Monday to Friday), or email. Calls received out of office hours will be forwarded to Nexstor’s out-of-hours on call Technical Engineer.

Incident reports can be provided on a scheduled or ad hoc basis depending on the customers requirements.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres No


Price £50 per terabyte per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Potential clients can trial our service for 60 days for a max of 5TBs of data. This will be a fully functioning version out the service.

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑