Specialising in SQL Server Management, SQL Server Hosting on Azure, Amazon Web Services and Private Cloud, SQL Server Consultancy including Upgrades & Migrations, Disaster Recovery Design and Setup, Performance Tuning, Health Checks and SQL Server Database Support. Delivering services across the NHS, Other Public and Private Sector organisations.
- SQL Server Management Services
- SQL Server Hosting on Azure, Amazon WS and Private Cloud
- SQL Server Consultancy
- SQL Server Support
- Unit4 Business World (Agresso) Technical Services
- Database Optimisation
- Improved Performance
- Increased Uptime
- High Availability
- Database Health Management
- Flexible & Scalable
- Greater Stabilty
- 24/7 Support and Monitoring
- Access to MS Certified professionals
- Cost Savings
£1700 per server per month
Intersect Consulting Ltd
|Service constraints||A scheduled maintenance window (agreed with the Customer) of not more than four hours per month would be in place for server maintenance, Windows & Security Updates. The maintenance window will ordinarily be out of hours at the weekend.|
|System requirements||Applications are SQL Server based|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||Incidents/Request are prioritised according to severity. Each time a call is logged the user will receive an automated response within 5 minutes to confirm a ticket has been created. Every new ticket will be reviewed and prioritise within 5 minutes of being received and the Customer will receive an initial response from Intersect Consulting within 15 minutes. These response times are applicable during core business hours Mon to Fri 8am to 6pm. All SLA's are agreed with our Customers.|
|User can manage status and priority of support tickets||No|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
All our Customers receive the same level of support and quality of service. Core Support comes as standard with our service and is delivered during core business hours Monday to Friday 8am to 6pm. As standard all our Customers have an Account Manager and Service Engineers are accessible to us 24/7/365.
If any of our Customers require support outside of our core hours, it will be chargeable and pricing is based on the Customer requirements.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||We provide full Project Technical Management. This includes a full Transition Service of moving their system/s to our cloud environment. Included in this service is training for users and there own in-house support teams (if applicable) on system access and using support. This is delivered via documentation. However, if the Customer requires onsite training this can be arranged.|
|End-of-contract data extraction||
Should a Customer wish to end their contract with us. Their data, software and any other files will be backed up, encrypted and securely returned to the Customer.
The data is then transfer to the Customer over a private encrypted VPN connection.
The Customer must provide 30 days notice, in writing to their Account Manager of their wish to end their contract.
We then agree with the Customer a cut-off date and time.
At the agreed date and time we will take a final backup of their system.
We then provide access details to a private encrypted VPN connection, where the Customer can access their data.
Alternatively, we can copy the software and data to a new supplier.
Using the service
|Web browser interface||No|
|Command line interface||No|
|Independence of resources||Dedicated Hardware is used for each of our Customers, no underlying hardware resources are shared.|
|Infrastructure or application metrics||Yes|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||With our Fully Managed service backups are performed and managed by Intersect Consulting.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
|Other protection within supplier network||
Dedicated hardware Firewalls are used for each of our Customers.
Data is encrypted within the database, when Customers specify this to be a requirement.
Availability and resilience
For any hardware failure there is a two hours SLA for replacement of the defective hardware. This SLA is 24/7/365.
Urgent 0 - 4 hours
High 0 - 8 hours
Medium 24 hours
Low 36 hours
All our SLA's are agreed with each Customer.
We agree with the Customer appropriate refunds based on undelivered SLA guarantees. This could take the form, for example of a free days service, a monetary refund or a free days Technical Consultancy.
|Approach to resilience||
Our Datacentre has a number of security certifications highlighting their commitment to keeping your solution safe under every condition, including:
ISO 27001 Information Security Management
ISO 9001 Quality Management
PCI DSS compliant
UK Government IL4 capability
Further information is available on request from our Datacentre.
|Outage reporting||Users are notified either by email or telephone. This informs them of the system outage and how long we anticipate it will take to resolve.|
Identity and authentication
|Access restrictions in management interfaces and support channels||Only named and authorised users have access to Management Interfaces and Support Channels. Named authoriser and users are documented and reviewed on a monthly basis with the Customer. In terms of Management Interfaces this is restricted to their application, i.e. they could not make changes at the server level. In terms of Support Channels, certain requests (these are agreed with the Customer) have to be authorised by a senior named Customer contact.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Devices users manage the service through||Dedicated device over multiple services or networks|
Audit information for users
|Access to user activity audit information||Users receive audit information on a regular basis|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users receive audit information on a regular basis|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security accreditations||Yes|
|Any other security accreditations||
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||We have an Information Security Policy (ISP) in place, this policy is made up of several sub policies. Responsibility for the production, maintenance and communication of our IPS lies with the Service Delivery Director (SDD). Our Policy are approved by our Senior Team. Changes may only be made with the further approval of the Senior Team. Each of the documents constituting the ISP are reviewed annually. It is the responsibility of the SDD to ensure that these reviews take place and the documents remain consistent. Any changes made to the documents will be communicated to all relevant personnel.|
|Information security policies and processes||
Intersect Consultancy's approach to Security Governance consists of an overarching Information Security Policy. This overarching policy document provides an overview of Information Security and lists a set of policy documents (sub-policies) which together constitute our Information Security Policy.
Sub-Policies include Human Resources, Information handling, System Management, Acceptable User Policy, In-house Customer Asset Management, Encryption Policy.
All Policies and relevant processes are communicated to staff and training provided where needed. Ensuring adherence to our Information Security Policy lies with the Service Delivery Director.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All changes are categorised as either, Standard, Normal or Emergency. Regardless of type all change requests are logged in our call logging system. Standard applies to all routine changes and are tracked as standard IT activities. Normal are tracked the same as standard IT activities, however a Change Request form is completed, which includes risk assessment and impact. This is authorised by senior person at Intersect Consulting and a senior named person from the Customer. Emergency follows the same process, however includes a Critical Incident Report. All Configuration changes follow the Normal process and are fully documented.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Our Datacentre performs regular Security Audits that protect us from online threats, acting as a preventative measure to reduce risk of cyber attacks. Comprehensively examining the integrity of our network solutions to minimise any risk of downtime. These scans employ a powerful in-depth scanning tool to examine ports, processes, firewall policies and software updates to provide us with a complete security overview of our solutions. Features of Audit include Post Scan of 65,535 ports, Internal Scan for viruses & spyware, Vulnerability testing – tests for 55,000+ security weaknesses, Patch Updates - check and install where necessary software updates and patches.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Our Datacentre proactively monitors our services and watches over the key elements of our servers - including FTP, PING, SMTP, HTTP, POP3 - and alerts us to any potential issues before they've had the chance to impact our solution's performance. If a failure is detected then the 24/7 support team is automatically notified and immediately on hand to resolve the issue. Our Datacentre dashboard lets us track every aspect of our solution from bandwidth consumption to disk utilisation.|
|Incident management type||Supplier-defined controls|
|Incident management approach||We have 2 levels of incident management. First, is the incident management between Intersect Consulting and our Datacentre provider UKFast. We can log incidents through our online dashboard and expect to receive an initial response within 15 minutes and a phone response in 3 rings. Incident reporting is available through our dashboard. Second is the incident management between Intersect Consulting and our Customers. We provide an online call logging system with an initial response within 15 minutes, resolution time is defined by agreed SLA's with the Customer. Incident reporting is provided on a monthly bases to named individuals.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£1700 per server per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|