Award winning Backup (BaaS) & DR (DRaaS) including Office365 - Nexprotect
NexProtect is a Hybrid-Cloud Backup and DR as a service (BaaS) (DRaaS) with fixed term pricing. Our unique commercial model with a fixed cost over 12 - 36 months, means no more surprise bills for Data Egress & includes Office365 backup
- Hybrid Cloud Based Backup & DR
- Agentless backup for VMware & Hyper-V
- Fast file, folder, full system, application, bare metal recovery
- Office 365 protection for Exchange Online, Sharepoint and OneDrive
- Instant Recovery of data and applications with Virtual Standby functionality
- Highly optimised, bandwidth efficient replication to the cloud
- End to End data encryption
- UK Based Data Centres & 24x7 Telephone Support
- Fixed price service – Fixed cost over 36-60 months
- No data Egress or failover costs
- Onsite Appliance or no hardware.
- Fast set up and easy to manage.
- Fast recovery of Files, Databases and full BMR.
- Protect your Cloud Based Applications as well as local.
- In the event of a disaster, failover to our cloud.
- Bandwidth included in the price.
- Total data separation - No shared Cloud Hardware.
- Total data sovereignty
- Predictable costs - No Data Egress or Failover charges
- Cloud portability - No lock-in.
£50 per terabyte per month
- Education pricing available
- Free trial available
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Severity 1 Within 30 minutes (business hours) within 1 hour (out of hours).
Severity 2 Within 4 business hours.
Severity 3 Within 8 business hours.
Severity 4 Within 12 business hours.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Onsite support|
Standard - provides the customer with Email Support during our core business hours, Incident Management and access to our online Customer Portal to log incidents, view the Knowledge Base and follow incidents.
Service Desk - Standard with the addition of Monitoring and Telephone support.
Service Desk Plus - As above plus incidents and problems are recorded, classified, prioritised, tracked and resolved by the Nexstor Service Desk within the agreed Service Level Agreement. Nexstor will provide Quarterly Reporting based on this.
Fully Managed - Our Fully Managed solution offers our Service Desk Plus service as well as the following core functions:
Out of Hours Telephone Support (24 x 7 x 365)
Patch Management (Operating System and Enterprise software)
External Vendor Management
All costs are negotiable and dependent upon multiple factors including data volumes, contract length etc.
Every client has a technical account manager and service desk contact.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Depending on the Customers requirements, we will provide documentation and either onsite or online training.|
|End-of-contract data extraction||We send the users data back to them on an appliance, that is fully encrypted.|
|End-of-contract process||At the end of the contractual period, should the client no longer wish to continue with the service, the end user will receive all of their data back within 7 days on an encrypted appliance. The client then gets 30 days to wipe the appliance and return in the packaging supplied. Shipping costs will be covered by us.|
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||Our service is a private, Hybrid cloud service and utilises dedicated appliances and Network Bandwidth. Each client get their own 100mb - 1Gbit line straight into our dedicated Cloud Appliance.|
|Infrastructure or application metrics||Yes|
|Supplier type||Not a reseller|
|Staff security clearance||Staff screening not performed|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Hardware containing data is completely destroyed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||Users work with our team to define their backup schedules - Users can have unlimited numbers of different schedules.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Users contact the support team to schedule backups|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||Its is our aim to provide 24x7 365 days access to our clients backup data and DR services. In the event that this SLA isn't met, we have a process in place to compensate clients on a case by case basis.|
|Approach to resilience||Redundancy in everything: Multiple cooling units, backup generators, power sources, chillers, etc. If one piece of equipment fails, another can start up and replace its output instantaneously. More details available on request.|
|Outage reporting||Our clients will be emailed|
Identity and authentication
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Security groups|
|Access restriction testing frequency||Never|
|Management access authentication||
|Devices users manage the service through||Dedicated device on a segregated network (providers own provision)|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||Crest|
|Information security policies and processes||Information security is managed by each client/user. All backup and DR data is encrypted and these encryption keys are held by the end user.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Our Configuration components are tracked in are ITSM tool and notifications will be sent to Support to notify us of any significant milestones that require activity.
Our Change Process is categorised into three types of change – Normal; Standard; and Emergency.
The Change is documented and described in full in the Request for Change form and submitted for CAB approval. Once the Change has been approved by CAB it is logged in the ITSM tool.
Following any Change regardless of success or failure there is a review conducted and lessons learned are recorded.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Nexstor take the following measures to manage risk:
All vulnerability management should follow the Change Management Standard Operating Procedure.
All Software that may be impacted as a result of the application of a patch should be documented.
Vulnerabilities, loss of functionality and/or performance degradation that might be addressed by any patch deemed to pose too high a risk to implement should be mitigated against by another method wherever possible.
Nexstor will aim to align to vendor release cycles for all Software patches to minimise system vulnerabilities.
A record of applied patches will be kept for all systems wherever possible.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Nexstor has a series of monitoring tools that check on the performance and availability of the infrastructure, where warning and exceptions are identified alerts are sent to the Service Desk for review, and where appropriate for incidents, problems or changes to be created in the IT Service Management Toolset.
Alerts are responded to in line with each customers SLA.
|Incident management type||Supplier-defined controls|
|Incident management approach||
At Nexstor we follow our Incident Management Standard Operating Procedure for all incidents raised.
Customer contact to the Nexstor Service Desk to raise an incident is either via the Customer Portal, by telephone between 08:00 & 17:30 GMT/BST (Monday to Friday), or email. Calls received out of office hours will be forwarded to Nexstor’s out-of-hours on call Technical Engineer.
Incident reports can be provided on a scheduled or ad hoc basis depending on the customers requirements.
|Approach to secure software development best practice||Supplier-defined process|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£50 per terabyte per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Potential clients can trial our service for 60 days for a max of 5TBs of data. This will be a fully functioning version out the service.|