Plan B Disaster Recovery Ltd

Plan B Managed & Tested DR Service

Plan B Managed & Tested Disaster Recovery Service offers a money back guarantee of instant recovery of your IT systems following a failure. Fully managed, we offer data loss (RPO) as low as 6 seconds, and daily testing of your disaster recovery system to application level.

Features

  • Standby systems available for full /partial systems or data recoveries
  • RTO = immediate, RPO= zero
  • Daily non-invasive full DR test to application level
  • Money-back recovery guarantee
  • Full range of recovery options including dedicated ship-to-site workload
  • Virtual servers, physical servers or complex hybrid environments protected
  • Zerto continuous replication capability
  • Consultative sales process and dedicated account manager
  • Senior DR experts directly available 24x7x365
  • Fully managed service, ISO27001 accredited

Benefits

  • Tailored DR services designed around your recovery requirements
  • Continuous replication enhances data protection with zero data loss
  • Stress-free, simple immediate 'back to business' recovery
  • Fully orchestrated failover for virtual and physical servers
  • Protects against small or large failures and cyber attacks
  • Greater compliance; your DR is certified every 24 hours
  • No in-house DR management and testing resource required
  • Easy financial management with fixed monthly costs, no recovery fees
  • Easy communication and management through your account team
  • Peace of mind that your business will always be working

Pricing

£50.00 per server per month

  • Free trial available

Service documents

G-Cloud 9

622146865030954

Plan B Disaster Recovery Ltd

Ian Daly

0118 902 6966

ian.daly@planb.co.uk

Service scope

Service scope
Service constraints There are no service constraints. We support the majority of hardware and software configurations but where required can recommend alternative solutions for legacy equipment on a case by case basis.
System requirements Adequate Internet bandwidth for offsite data replication

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Immediate
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels 24/7/365 Emergency Invocation Support
Monday - Friday 9.00 - 5.30 General Support
There are no charges for support, it comes included in our prices for our fully managed service. Support is always instant via our emergency invocation line, and direct to our senior DR experts. Every customer will also have a dedicated engineer and account manager assigned for non-emergency support.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Plan B’s On-Boarding process is covered by our Implementation Guide, which includes the following steps:
• An on-line implementation meeting between the customer and assigned Plan B team.
• A technical questionnaire form (TQF) is required, outlining your server location, details and contacts for each server under protection, in addition to how they should be configured in the event of an invocation.
• Customer contacts and details of DR Authorities are set up, along with passwords as part of our security protocol.
• Appliance installation for physical servers or Zerto set-up for virtuals.
• Verification of replication success.
• Recovery Systems are created by Plan B to run on the Recovery Platform.
• Internal testing of recovery systems.
• Customer acceptance test.
The On-Boarding process usually takes up to 14 days, after which you will be fully certified and protected.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Support for data extraction of all or part of your data or VMs held on Plan B’s Recovery Platform can be provided on a time and materials basis or fixed price assignment based on the SFIA card depending on size of data and the media required. Typical VM export would be via Veeam zip or OVF.

Standard logical service destruction is included within the service. Specialized logical destruction would be charged either on a time and materials basis or fixed price assignment based on the SFIA card.
End-of-contract process Once the service has been shut down the customer needs to return all Plan B equipment located at their site within 30 days. Non-return of equipment will result in a charge for a new replacement at Plan B’s direct cost.

There are no Off-Boarding charges. If customers require a copy of their Recovery Images on a hard-drive for their own safe keeping, costs will be based on a time and materials basis per the SFIA card and any required courier charges.
Where required, a certificate of data destruction will be issued at no additional charge.

Using the service

Using the service
Web browser interface Yes
Using the web interface As a fully managed service Plan B manages the web interface.
Customers can generate Report & Stats via the portal.
Web interface accessibility standard None or don’t know
How the web interface is accessible Voluntary Product Accessibility Template, or VPAT is available on request
Web interface accessibility testing Voluntary Product Accessibility Template, or VPAT is available on request
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources Plan B allocates resource in line with contractual obligations and it's risk model based on geographic location and related dependencies of customers IT systems such as MSP providers. Regular platform capacity reviews are undertaken by senior management in line with ISO27001 policy
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Number of active instances
  • Other
Other metrics Recovery Point Objective (RPO)
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Zerto

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Hardware containing data is completely destroyed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Virtual machines
  • Physical servers
  • Files
  • Applications
  • Databases
Backup controls An initial consultancy process defines the replication and backup requirement. Plan B manages the ongoing service scope in line with standard change management practice. Any amendments are agreed via the customer's dedicated account team and managed by Plan B.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Plan B has an SLA of boot time for all systems protected by our fully managed service. Our guarantee boasts fully working systems at the Application level will be available within 2x boot time plus 10 minutes. Failed recovery time penalties of up to 12 months fees apply.
Approach to resilience N+1 Resilient architecture across two geographically diverse datacentres. Further information available upon request.
Outage reporting Email alerts and customer portal

Identity and authentication

Identity and authentication
User authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels In line with ISO27001 Information Security standard, internal policies and processes are confidential. Available to customer upon request.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI (British Standards Institute)
ISO/IEC 27001 accreditation date 08/12/2008
What the ISO/IEC 27001 doesn’t cover Nothing is out of scope.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We take security seriously and operate our entire business and our systems according to documented policies and procedures within an overall security framework. Our organisational security is based on ITIL and we are certified ISO27001/2 International Information Security Management Standard and audited annually by the British Standards Institute (BSI) for the entire business and nothing is out of scope. A copy of our ISO27001 Statement of Applicability is available upon request. Certificate: 538258

We take physical security seriously and only operate our systems from secure data centres that have strong physical security, and operate strong access and authorisation controls.
Both data centre providers are certified ISO27001 and PCI accredited. Further details are available upon request.

Our systems are designed and architected to be inherently secure and operate as coordinated elements within a whole, making them very hard to subvert from outside. We use encryption and Public Key Infrastructure (PKI) to ensure security of data in transit.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach In line with ISO27001 Information Security standard, internal policies and processes are confidential. Available to customer upon request.
Vulnerability management type Supplier-defined controls
Vulnerability management approach In line with ISO27001 Information Security standard, internal policies and processes are confidential. Available to customer upon request.
Protective monitoring type Supplier-defined controls
Protective monitoring approach In line with ISO27001 Information Security standard, internal policies and processes are confidential. Available to customer upon request.
Incident management type Supplier-defined controls
Incident management approach In line with ISO27001 Information Security standard, internal policies and processes are confidential. Available to customer upon request.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate Segregated VLAN for each customer

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £50.00 per server per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Plan B offers a free 30-day trial of its Managed and Tested Disaster Recovery services. The trial includes the full service from Plan B for a sub-section of your servers (scope to be agreed in advance) and will require us to hold copies of your IT systems and data.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑