Vysiion Ltd

Vysiion Private Cloud - Big Data

Vysiion’s Managed Private Cloud – Big Data product provides single-tenant Compute as a Service, where your compute needs are hosted, either in one of our UK data centres or in your Crown Hosting Data Centre (CHDC) up to SECRET (UKEO).


  • Dedicated infrastructure providing isolation from other organisations
  • Ability to utilise Crown Hosting Data Centres
  • Security classification up to SECRET (UKEO)
  • ITIL based support 24/7
  • Scalable virtualised environment
  • On-premise SC cleared resources at Crown Hosting


  • Ability to use your own data centres
  • Elasticity and scalable as you grow
  • Connect via DDOS protected internet or dedicated circuits
  • Unit based pricing
  • Native compatibility with systems e.g Hadoop
  • Enhanced assurance
  • Control over your budget
  • Integration with existing customer network e.g. RLI or SLI
  • Dedicated infrastructure providing isolation from other organisations


£30 per unit per month

Service documents

G-Cloud 10


Vysiion Ltd

Caroline Andrewes

01249 446500


Service scope

Service scope
Service constraints None
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Incidents can be raised 24/7 with an initial response of 30 minutes.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Vysiion provide a range of service levels depending on the desire of the buyer. A Service Delivery Manager is assigned and cloud support engineers and architects are on hand to support the end customer.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Vysiion architects will liaise with the buyer to design a solution that meets the buyer's requirements. This will be a detailed scoping exercise with associated documentation that aligns to the buyer's design policies.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Prior to terminating the contract, the customer must make the final payment (exit charge).
The customer will be required to make arrangements to take ownership of the disks associated with the platform or alternatively Vysiion can arrange for secure destruction and disposal.
End-of-contract process The customer will be required to make arrangements to take ownership of the disks associated with the big data platform or novate ownership over to a new supplier.

Using the service

Using the service
Web browser interface No
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface Users are able to interact with their network and architecture using the command line interface.


Scaling available Yes
Scaling type Manual
Independence of resources Dedicated architecture.
Usage notifications Yes
Usage reporting
  • Email
  • SMS
  • Other


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up Network configuration
Backup controls N/A
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability will be up to 99.9% depending on the solution resiliency.
Approach to resilience The data centre resiliency information is available on request.
Outage reporting Any outages will be reported via email and phone call alerts.

Identity and authentication

Identity and authentication
User authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Vysiion adopts the principle of least privilege to ensure that users are only provided with the level of access appropriate to their role.
Access restriction testing frequency At least once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACM
ISO/IEC 27001 accreditation date 10/07/2016
What the ISO/IEC 27001 doesn’t cover Nothing
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes ISO27001 and Cyber Essentials Plus.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Formal configuration and change processes are in place that are aligned to ITIL v3.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Threats are received and assessed through a buyer's procedures e.g. MODCERT. Patches will be deployed in line with the associated policies. Security and critical patches are automatically applied.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Where protective monitoring is required, Vysiion provide a service that is in line with GPG13.
Incident management type Supplier-defined controls
Incident management approach Vysiion's incident management process is aligned to ITIL v3. Users are able to report incidents via email, phone or portal. Users are kept up to date with incident resolution progress in line with the agreed SLAs. Service Management performance reports are provided on a monthly basis.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £30 per unit per month
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑