The Cloud Hosting Service provides : - Availability monitoring & alerting - Monthly infrastructure maintenance & security patches - Escalation Support & Break/Fix services
- Cloud Infrastructure Provisioning Service
- Solution Availability Monitoring
- Monthly Usage Report & Future Cost Forecasting
- Ensures solution availability & minimizes downtime from unplanned outtages
£5000 to £500000 per unit per year
- Education pricing available
VIQTOR DAVIS UK LTD
+44 (0)1795 415800
|Service constraints||We typically agree constraints as part of each engagement depending on the customer's unique requirements.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||We offer various SLAs depending on the business criticality and priority of the solutions supported. These SLAs often differ outside of core service hours but not always.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||All services have an appointed leader ship team including: - Account Manager - Head of Managed Services - Service Lead - Lead Technical Consultant We provide Level 1,2 and 3 support.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Entity agree on-boarding strategies on a case by case basis. We have historically delivered training and documentation solutions as part of our services.|
|End-of-contract data extraction||Entity have varied solutions to support customer data extraction but they are dependent on the specific technologies and solution in place.|
|End-of-contract process||Entity typically include the destruction of environments and transfer of documentation to the customer.|
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||AWS offers dedicated tenancy if this is a specific concern|
|Infrastructure or application metrics||Yes|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Amazon Web Services|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Hardware containing data is completely destroyed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||All backups are automated following a specific schedule which can be adjusted.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Entity targets a business hours up-time of 99.999% and a non-business hours’ up-time of 99.5%. The system availability is dependent on the Hosting Provider and customer requirements.
Entity will monitor and report availability.
|Approach to resilience||Available on request|
Entity utilises leading tools to provide insight and analysis on availability including dashboards, reports, analysis tools, APIs and alerts.
All of these are available to customers.
Identity and authentication
|Access restrictions in management interfaces and support channels||We use a combination for AWS cross account manager together with Active Directory security groups to restrict access.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Devices users manage the service through||Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)|
Audit information for users
|Access to user activity audit information||Users receive audit information on a regular basis|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users receive audit information on a regular basis|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
Security Governance has been written in compliance with ISO27001 and Entity is moving towards formal certification.
We are in progress of achieving CyberEssentials, with a longer view to ISO27001 accreditation.
|Information security policies and processes||
Entity's security policies are written in strict compliance with ISO27001, following the same structure as the standards annexes. There is an overall Information Security Management System (ISMS) which is documented.
As part of the ISMS there is a defined security organisation structure that allocates specific responsibilities to individuals, including audit and review. Board level responsibility is also clearly identified. the other clear allocations of responsibility are for both the :
- Security Manager and
- Data Protection Officer
It is the role of the security manager and data protection officer to monitor the adoption of policies and to own the company risk assessment. Where controls rely on staff training reviews and audits are conducted to ensure compliance
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
All components of our services fall under configuration management.
All changes are assess for potential security impact as part of our Change Management process.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Where required we implement automated/scheduled monitoring.
Critical vulnerabilities identified via customer testing are immediately escalated.
Potential threat information is provided by external suppliers.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We have tools that assist with protective monitoring, including:
- Vulnerability Scanning
We have tools that continually monitor our systems and services for unusual events.
We have staff who are continually available to react to such events.
|Incident management type||Supplier-defined controls|
|Incident management approach||
All incidents shall be reported using the Entity ITSM tool and identify the impacted Service.
The following information will be provided at the time of reporting:
• Contact details
• Expected behaviour
• Observed behaviour/symptoms
• Business impact
• Attachments (e.g. Screen shots)
Service Desk will review the incident for Seriousness Urgency and Growth allocating it a Severity then will resolve using Runbook procedures.
An incident resolution is a fix or instruction, which will enable the user to reasonably continue to work.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||Yes|
|Who implements virtualisation||Third-party|
|Third-party virtualisation provider||AWS|
|How shared infrastructure is kept separate||
Different instances running on the same physical machine are isolated from each other via the Xen hypervisor. In addition, the AWS firewall
resides within the hypervisor layer, between the physical network interface and the instance's virtual interface. All
packets must pass through this layer, thus an instance’s neighbors have no more access to that instance than any other
host on the Internet and can be treated as if they are on separate physical hosts. The physical RAM is separated using
Instances have no access to raw disk devices, but instead are presented with virtualized disks.
|Price||£5000 to £500000 per unit per year|
|Discount for educational organisations||Yes|
|Free trial available||No|
|Pricing document||View uploaded document|
|Terms and conditions document||View uploaded document|