EntServ UK Ltd part of the DXC Technologies Group
DXC Technology Identity Management as a Service
Identity and access management is very complex and affects every aspect of your business. This service manages creation, change, and removal of accounts and access rights so your users have the right access to services and applications at all times, helping you to prove compliance and reduce risk.
Features
- Based on class-leading technologies
- Operated by skilled IDAM professionals, helping you maintain good policies
- Integrates with hundreds of third party services and applications
- Provides easy visibility of your current access profiles
- Cloud hosted service meeting UK data residency requirements
- Combines provisioning and access governance into one service offering
- Delivers IDAM through an OPEX rather than a CAPEX model
- Monthly subscription with no perpetual license costs
Benefits
- New users are provisioned and ready to work quickly
- Business processes are automated allowing you to operate more efficiently
- Help desk call volume is reduced with self-service features
- Leavers have access rights quickly removed, reducing your risk
- Governance and attestation controls help you demonstrate compliance with regulations
Pricing
£43200 per unit per month
Service documents
Framework
G-Cloud 10
Service ID
662933808868034
Contact
Service scope
Service constraints | Any constraints pertaining to the service will be agreed with the client, as far as contractual Service Level Agreements. |
System requirements | The service will be configured to the clients specification. |
User support
Email or online ticketing support | Email or online ticketing |
Support response times | As per the client agreed Service Level Agreement |
User can manage status and priority of support tickets | Yes |
Online ticketing support accessibility | WCAG 2.0 AA or EN 301 549 |
Phone support | Yes |
Phone support availability | 24 hours, 7 days a week |
Web chat support | Web chat |
Web chat support availability | 9 to 5 (UK time), Monday to Friday |
Web chat support accessibility standard | WCAG 2.0 AA or EN 301 549 9: Web |
Web chat accessibility testing | N/A |
Onsite support | Yes, at extra cost |
Support levels | As per the client agreed Service Level Agreement |
Support available to third parties | Yes |
Onboarding and offboarding
Getting started | As per the clients requirements, defined within pre contract negotiations |
Service documentation | Yes |
Documentation formats |
|
End-of-contract data extraction | As per the details contained within the agreed contract |
End-of-contract process | As per the details contained within the agreed contract |
Using the service
Web browser interface | Yes |
Using the web interface | The Service is configured to meet the clients end user requirements |
Web interface accessibility standard | WCAG 2.0 AA or EN 301 549 |
Web interface accessibility testing | N/A |
API | No |
Command line interface | No |
Scaling
Scaling available | Yes |
Scaling type | Automatic |
Independence of resources | As per the details contained within the agreed contract and SLA |
Usage notifications | Yes |
Usage reporting |
|
Analytics
Infrastructure or application metrics | Yes |
Metrics types | Other |
Other metrics | As per the agreed contract and SLA |
Reporting types |
|
Resellers
Supplier type | Not a reseller |
Staff security
Staff security clearance | Conforms to BS7858:2012 |
Government security clearance | Up to Developed Vetting (DV) |
Asset protection
Knowledge of data storage and processing locations | Yes |
Data storage and processing locations |
|
User control over data storage and processing locations | Yes |
Datacentre security standards | Complies with a recognised standard (for example CSA CCM version 3.0) |
Penetration testing frequency | At least once a year |
Penetration testing approach | ‘IT Health Check’ performed by a CHECK service provider |
Protecting data at rest |
|
Other data at rest protection approach | As per the details contained within the Client agreed contract and SLA |
Data sanitisation process | Yes |
Data sanitisation type |
|
Equipment disposal approach | Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001 |
Backup and recovery
Backup and recovery | Yes |
What’s backed up | As per the agreed SLA |
Backup controls | As per the details contained within the agreed contract and SLA |
Datacentre setup | Multiple datacentres with disaster recovery |
Scheduling backups | Supplier controls the whole backup schedule |
Backup recovery | Users contact the support team |
Data-in-transit protection
Data protection between buyer and supplier networks |
|
Data protection within supplier network |
|
Availability and resilience
Guaranteed availability | As per the details contained within the agreed contract and SLA |
Approach to resilience | As per the details contained within the agreed contract and SLA |
Outage reporting | As per the details contained within the Client agreed contract and SLA |
Identity and authentication
User authentication |
|
Access restrictions in management interfaces and support channels | Management access is granted to privileged users only via a dedicated management interface |
Access restriction testing frequency | At least once a year |
Management access authentication |
|
Devices users manage the service through |
|
Audit information for users
Access to user activity audit information | Users receive audit information on a regular basis |
How long user audit data is stored for | User-defined |
Access to supplier activity audit information | Users contact the support team to get audit information |
How long supplier audit data is stored for | User-defined |
How long system logs are stored for | User-defined |
Standards and certifications
ISO/IEC 27001 certification | Yes |
Who accredited the ISO/IEC 27001 | BSI |
ISO/IEC 27001 accreditation date | 23/09/2015 |
What the ISO/IEC 27001 doesn’t cover | N/A |
ISO 28000:2007 certification | No |
CSA STAR certification | Yes |
CSA STAR accreditation date | 29/11/2016 |
CSA STAR certification level | Level 3: CSA STAR Certification |
What the CSA STAR doesn’t cover | N/A |
PCI certification | No |
Other security certifications | Yes |
Any other security certifications |
|
Security governance
Named board-level person responsible for service security | Yes |
Security governance certified | Yes |
Security governance standards |
|
Other security governance standards | HMG Accreditation |
Information security policies and processes | As per the requirements for ISO27001 and HMG Accreditation |
Operational security
Configuration and change management standard | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Configuration and change management approach | As per the details contained within CSA CCM v3.0,ISO27001 and HMG Accreditation, plus the Client agreed contract and SLA |
Vulnerability management type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Vulnerability management approach | As per the details contained within CSA CCM v3.0,ISO27001 and HMG Accreditation, plus the Client agreed contract and SLA |
Protective monitoring type | Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402 |
Protective monitoring approach | As per the details contained within CSA CCM v3.0,ISO27001 and HMG Accreditation, plus the Client agreed contract and SLA |
Incident management type | Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402 |
Incident management approach | As per the details contained within CSA CCM v3.0,ISO27001 and HMG Accreditation, plus the Client agreed contract and SLA |
Secure development
Approach to secure software development best practice | Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0) |
Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart | Yes |
Who implements virtualisation | Supplier |
Virtualisation technologies used | VMware |
How shared infrastructure is kept separate | As per the details contained within the agreed contract and SLA |
Energy efficiency
Energy-efficient datacentres | Yes |
Pricing
Price | £43200 per unit per month |
Discount for educational organisations | No |
Free trial available | No |
Documents
Pricing document | View uploaded document |
Skills Framework for the Information Age rate card | View uploaded document |
Service definition document | View uploaded document |
Terms and conditions document | View uploaded document |