Daisy Corporate Services Trading Limited

Daisy CloudBridge Flex

Daisy Flex is an Infrastructure as a Service (IaaS) platform delivered from multiple data centres located across the UK.
The platform provides customers with a virtual environment for all the elements required to deliver an IT service, providing flexibility, scalability and security to the solutions and customer environment.

Features

  • Optimise cost of operation
  • Cost Management - manage billing and costs via a portal
  • Data Sovereignty - Keep your data in UK data centres
  • Carrier neutral data centre connectivity
  • Breakouts use the 10Gb MPLS at multiple Tier1 peering points
  • Infrastructure is implemented using enterprise class components from leading vendors
  • Can provide Managed Hosting, Managed Service or Managed Applications
  • Minimum availability target of infrastructure 99.9%.
  • Optional 24x7 monitoring of operating system management

Benefits

  • Provides flexibility, scalability and security to the customer environment
  • Your OS, databases and applications monitored and managed for you
  • Enables greater agility, better service and lower costs
  • Work smarter, faster and more cost effectively
  • Enables flexible provision of IT services across your organisation
  • Opex model reduces stress on capital budgets
  • Quality of service is assured by SLAs
  • Provides better levels of service to your users
  • Supports a flexible or mobile working policy
  • Reduces complexity and risk of transitioning to a new service

Pricing

£0.04 to £460.69 a unit a month

Service documents

Framework

G-Cloud 12

Service ID

5 9 6 5 2 2 1 8 2 0 5 4 0 3 0

Contact

Daisy Corporate Services Trading Limited Andy Riley
Telephone: 07540 203 303
Email: publictenders@daisygroup.com

Service scope

Service constraints
Appropriate connectivity from customer site into our Data Centres must be in place
System requirements
  • 1 Mb (or higher) internet connection
  • Microsoft Windows, Red Hat Linux or Android
  • Microsoft Internet Explorer 7 or Android

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Support levels Priority Response Update Frequency Resolution Time Description Priority 1 All incidents categorised as security incidents are treat as P1 Within 15 minutes Every 30 minutes unless otherwise agreed with customer In accordance with the availability within a service line, as defined in service credits With a target resolution of 2 hours Cloud specific: critical business impact, such as all users are unable to function within a service line Priority 2 Within 15 minutes Every 2 hours Within 4 hours Cloud Specific: high business impacts, such as all users at single site unable to function within a service line
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Essentials, Enterprise, Enterprise Plus
Support available to third parties
No

Onboarding and offboarding

Getting started
On boarding activities are discussed at the start of a project. We have an extensive set of professional servcies available to help a smooth transition to cloud environments.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Customers will be able to extract any customer data from the servers and are not limited to the type of data that can be extracted. The type of data that can be extracted includes any customer generated content, metadata, structure and configuration data. There are several available tools that allow customer data to be extracted from VMware environments, these include free to use tools. Daisy does not charge for data extraction, however some data extraction tools may need to be purchased if the current tools do not meet the standards required by the customer. Daisy is happy to provide assistance when a customer needs assistance with data extraction/migration to another supplier. This will be charged at our standard daily consultancy rate. Individual files generated in the virtual environment can be extracted in the same format as they were created. A VMware OVF, VMDK or ISO image file is also available to extract from the environment. Daisy will purge and destroy all customer data from any computers, storage devices and storage media at the end of the contractual period in line with ISO 27001 standards.
End-of-contract process
Off-boarding from the Daisy infrastructure will follow the appropriately documented process. This will involve the extraction and removal of the customer data and customer-specific information from the Daisy platforms. Data extraction at contract termination Customers will be able to extract any customer data from the servers and are not limited to the type of data that can be extracted. The type of data that can be extracted includes any customer generated content, metadata, structure and configuration data. There are several available tools that allow customer data to be extracted from VMware environments, these include free to use tools. Daisy does not charge for data extraction, however some data extraction tools may need to be purchased if the current tools do not meet the standards required by the customer. Data formats Individual files generated in the virtual environment can be extracted in the same format as they were created. A VMware OVF, VMDK or ISO image file is also available to extract from the environment. Purging and destroying customer data Daisy will purge and destroy all customer data from any computers, storage devices and storage media at the end of the contractual period in line with ISO 27001 standards.

Using the service

Web browser interface
Yes
Using the web interface
Look at billing and account information, raise support tickets, manage elements of the environment
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Via a web browser. Access is via a named account and password
Web interface accessibility testing
None
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
Our customers are logically separated on the platforms, at compute, network and storage levels with minimum and maximum resource guarantees throughout, which ensures each customer cannot exceed their allotted allocation without prior change notifications in to our Operations & Engineering teams.
Usage notifications
No

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft as well as our own

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Data
  • Virtual Machines
  • System information
Backup controls
Backup controls This enterprise-class solution enables Daisy to provide a unified backup and recovery platform spanning all our customers’ solutions today, while also ensuring that new applications, operating systems and databases will be supported on release, without the need to undertake changes to the back-end infrastructure in the future.
Datacentre setup
Multiple datacentres
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
DDoS in the Daisy core network
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Extensive security systems in place in the Daisy core network

Availability and resilience

Guaranteed availability
Service availability service level Service availability achieved within any month shall be calculated monthly as follows: (Total online hours of availability – service downtime) x 100% Total online hours of availability The service availability calculation above will exclude any time which occurred as a result of events outside the control of Daisy. In the event the service availability service level of 99.9% is not achieved when measured over a monthly period, the following service credits shall apply. System availability achieved Applicable service credit 99.9% to 100% 0% of the monthly charge for the affected service line 99% to 99.89% 5% of the monthly charge for the affected service line 98% to 98.9% 10% of the monthly charge for
Approach to resilience
Daisy operates its own 100Gb low-latency Core network and resilient MPLS network, with all data centres on-net Daisy’s Internet feeds into the data centres are delivered over our resilient core 10Gb MPLS network into peering points at Harbour Exchange and Telehouse Points Of Presence (POPs). The Storage Area Network (SAN) used by the IaaS platform, is delivered by high-performance, resilient fibre-based SAN architecture
Outage reporting
Email and SNMP

Identity and authentication

User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Where access to customer infrastructure is required, Daisy uses a secure backup and admin connection to components for monitoring, support and backups. All traffic across this connection is secure and segregated.
Access restriction testing frequency
At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Dedicated device over multiple services or networks

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
13/09/2013 original certification
What the ISO/IEC 27001 doesn’t cover
Scope is all Daisy sites and services requiring security
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Through the establishment of a comprehensive security framework, Daisy shall demonstrate a commitment to protect all assets that support the delivery of business objectives and address all legal, regulatory and contractual obligations. The following ISO27001 Group clause & objectives are referenced within this document: Clause 5, & Control objectives: A6, A9, A11, A13.2, and A14 Data Protection Policy Site Security Policy CCTV Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Daisy’s ITIL v3 aligned service management tool meets ISO 27001 guidelines, governing core ITIL processes including, but not limited to, incident, problem, change, release, configuration, service level management and service catalogue functions
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scanning is included in the Daisy security framework, to help monitor the effectiveness of existing security controls and identify any weaknesses. The IT security Manager in consultation with Head of Compliance shall coordinate vulnerability scanning activities including: • identifying the scope of testing • monitor manufacturer and vendor sites for information updates regarding vulnerabilities Should the vulnerabilities be assessed as not posing an immediate threat to operations, security patches or code fixes shall be subject
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring of our platforms is done from our segregated and ISO27001 compliant management platforms, we protect the platform itself and its perimeter edge with Daisy owned and operated solutions, not in any way tied to logical customer implementations within these platforms. Each customer as part of a Managed Service has our standard security and monitoring products deployed with pre-agreed alert classifications and thresholds set as part of our typical managed service. Potential compromises are identified in our centralised monitoring solution, with accompanying detailed information of the platform and customer which auto generates an incident in our ticketing systems.
Incident management type
Supplier-defined controls
Incident management approach
Predefined processes are in place for common events Users can report incidents via the web portal or email in the event of an incident Daisy will Issue customer updates as per the agreed frequency on the progress of a resolution or workaround. This may include initiating and leading conference calls, bridges or meetings. Create MI reports where required, validating content is customer appropriate. Issue to service delivery management. Publish the MI report to the customer as defined by the customer SLA.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
Organisations that share the same phsical equipment are seperated by VLAN's. Different environments cannot communciate with each other

Energy efficiency

Energy-efficient datacentres
No

Pricing

Price
£0.04 to £460.69 a unit a month
Discount for educational organisations
No
Free trial available
No

Service documents