IT Lab Limited

IT Lab's Managed Cloud Platform OFFICIAL

IT Lab's Managed Cloud Platform offers provisioning and ongoing support of UK OFFICIAL platforms, servers and networks using UKCloud’s, secure UK based service.  Provision, monitor and manage a range of resources to give the scale and flexibility needed. Connect environments to the Internet utilising Service Levels up to 99.999%


  • Fixed cost billing based on committed resource
  • Build and configure VMs via secure self-service portal & API
  • Single service level, custom VM sizes and licencing options
  • 24/7 platform monitoring and issue resolution
  • Platform spans two UK data centres separated by over 10km.
  • Connect over the internet or private MPLS
  • Based on cloud scale systems from VMware, Solidfire and Dell


  • Flexibility and ability to deliver custom bespoke solutions
  • Get the resources you need, when you need them
  • Configure the solution that is right for your application
  • Feel supported to get the best from your application
  • Architect solutions with confidence that applications and services remain available
  • Make compelling citizen facing services, whilst ensuring data remains safe
  • Data encrypted at rest and access controlled ensuring data protection
  • Choose the right network to connect your solution to
  • Use known technologies to de-risk your cloud transition


£100 per virtual machine

Service documents

G-Cloud 10


IT Lab Limited

Michael Bateman

020 7030 3333

Service scope

Service scope
Service constraints None
System requirements Access portal requires Adobe Flash

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are based on severity - Critical (10 minutes), Standard (45 minutes), Low (90 minutes). These response times apply to outside of normal business hours (including weekends) subject to a 24/7 support agreement being in place.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels IT Lab's 24.7 service desk puts an experienced team of highly-qualified engineers at your disposal. We have an enviable reputation for providing the kind of support your employees really want. Our service is a true round-the-clock, enterprise grade managed support service to ensure that the requisite expertise is on hand day or night to act swiftly should the unexpected happen. Response times are based on severity - Critical (10 minutes), Standard (45 minutes), Low (90 minutes). These response times apply to outside of normal business hours (including weekends) subject to a 24/7 support agreement being in place. You will also have an assigned technical account manager who will work with you on current and ongoing requirements. We provide 3 service offerings: Dedicated help desk (starting at £20 per user, per month), Shared service desk starting at £20 per user, per month) and Out of Hours service (starting at £2 per user, per month). NB The above support is based on a client taking a support contract. With no support contract, these support levels don't apply.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started All new customers are assigned a Project Manager who will work together with the client to understand the expectations and requirement for service commencements. IT Lab's HyperCare service will provide a high level of support to ensure user adoption is improved. This also includes the assistance from technical account managers and system architects to ensure the right solution is provisioned and maximised for the workloads, along with a range of user guides.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction The customer has complete autonomy of how data is stored and managed within their virtual environment. Data can be extracted either from within the VM (for example, copying data over virtual networks), or the entire VM (for example, exporting as a VMDK or OVF).
End-of-contract process We will return all your data and materials which cannot be deleted or exported by you, and securely destroy all copies of your data on your written instruction.  We will also return all of your confidential information, unless there is a legal requirement that we keep it.

Using the service

Using the service
Web browser interface Yes
Using the web interface We provide a control panel allowing users to provision, manage and decommission various aspects of this service. It also allows users to interface with the service management system including raising tickets and requests. Launch, manage and delete virtual network, compute and storage resources. Display network topology. Manage images including creation and recover of backups. Control access and security including key pairs, API access and floating IPs. Manage load balancers.
Web interface accessibility standard None or don’t know
How the web interface is accessible The web interface is accessible using the most common web browsers and is delivered over various public and private networks including the internet. The web interface is protected by standards-based encryption, two-factor authentication and IP address restrictions.
Web interface accessibility testing None
What users can and can't do using the API You can use API calls to create, manage and monitor Service Requests and view information about the components of your environment. We provide native access to underlying APIs such as vCloud.
API automation tools Other
Other API automation tools VCloud API
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
Using the command line interface Customers can full manage their virtual infrastructure resources including compute, storage and networking, including management of virtual images, programmatically or manually via the CLI


Scaling available Yes
Scaling type Automatic
Independence of resources Provision the right amount of capacity to meet the demand. We don't over contend memory or disk I/O, and monitor CPU capacity carefully and more when necessary.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Other
Other metrics Custom application or infrastructure monitoring to suit individual client requirements
Reporting types
  • Real-time dashboards
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up The service can back up virtual machines and associated data
Backup controls Configured on request by the IT Lab Cloudlab team
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks We use a combination of VPN and private circuits from multiple service providers. The level of security can be defined by each tenant.
Data protection within supplier network Other
Other protection within supplier network All networking on our platform is discrete between tenants and the management network. All client traffic within the environment is transported using VXLan overlay technology ensuring tenant segregation.

Availability and resilience

Availability and resilience
Guaranteed availability 99.999% standard SLA
Approach to resilience Our service is deployed across a number of sites. Each site is designed to eliminate single points of failure (such as power, network and hardware). Customers are encouraged to ensure their solution spans multiple sites to ensure service continuity should a site failure occur.
Outage reporting All outages will be reported via email.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels For online systems (e.g. Customer Portal & API interfaces), all users are required to have a unique username, password and memorable word combination. Customers may also use 2FA authentication tokens.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication
Devices users manage the service through Dedicated device on a segregated network (providers own provision)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS UK
ISO/IEC 27001 accreditation date 11/01/2017
What the ISO/IEC 27001 doesn’t cover This was a companywide accreditation and applies to all departments
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We adhere to our internal policy and procedures which form part of our information security management system. This is in line with our ISO 27001.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach IT Lab has a documented configuration and change management policy and process. A robust, established process for the formal submission of change requests is mandated prior to review and approval.
Vulnerability management type Supplier-defined controls
Vulnerability management approach IT Lab and UKCloud have documented vulnerability management policies and processes, implemented, maintained and assessed in accordance with ITIL v.3 and ISO27001 guidance standards. Where technically possible, real-time updates and status reports are identified and sourced from credible vendor sources, covering a significant proportion of UKCloud’s asset population and supported by the mirrored IT Lab process, covering the majority of the IT Lab estate. For other systems/software sitting outside of the above processes, assigned personnel have responsibility for regularly reviewing technical intelligence and specialist groups to promptly identify and evaluate any emerging patches or updates which require evaluation and/or action.
Protective monitoring type Supplier-defined controls
Protective monitoring approach IT Lab have a well established and robust monitoring approach and are continually developing the proactive protective aspects of our monitoring.
Incident management type Supplier-defined controls
Incident management approach IT Lab’s Incident Management aims to restore service and ensure minimal downtime or service disruption to the business. Key criteria includes:
Proactively track service levels (via live data and reports/dashboards), Establish trends (e.g. repeat failures; areas of concern), Monitor the effectiveness of incident management and make recommendations for improvement (e.g. tool requirements for logging; measuring and reporting), Co-ordinate and manage high priority incidents, Develop and maintain incident management processes and procedures, Produce management information, Framework to analyse and correct critical incidents to prevent future re-occurrences

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used VMware
How shared infrastructure is kept separate At the compute/storage layer, consumers are separated via robust hypervisor controls based on VMware vSphere technology. This solution has been previously been validated by the NCSC PGA and the implementation is regularly tested via by regular PGA scoped independent IT Security Health Checks.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £100 per virtual machine
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑