Intersect Consulting Ltd

SQL Server Management & Hosting and U4BW (Agresso) Hosting, Technical Management and Support

Specialising in SQL Server Management, SQL Server Cloud Hosting, SQL Server Consultancy including Upgrades & Migrations, Performance Tuning, Health Checks and SQL Server Database Support. We also specialise in providing U4BW (Agresso) fully managed Cloud Hosting, Application Support and Project Management.

Features

  • SQL Server Management Services
  • SQL Server Hosting on Azure, Amazon WS and Private Cloud
  • SQL Server Consultancy
  • SQL Server Support
  • Unit4 Business World (Agresso) Technical Services

Benefits

  • Database Optimisation
  • Improved Performance
  • Increased Uptime
  • High Availability
  • Database Health Management
  • Flexible & Scalable
  • Greater Stabilty
  • 24/7 Support and Monitoring
  • Access to MS Certified professionals
  • Cost Savings

Pricing

£1700 per server per month

Service documents

G-Cloud 9

667793207668833

Intersect Consulting Ltd

Susan Johnson

01942 366730

sue.johnson@Intersectconsulting.co.uk

Service scope

Service scope
Service constraints A scheduled maintenance window (agreed with the Customer) of not more than four hours per month would be in place for server maintenance, Windows & Security Updates. The maintenance window will ordinarily be out of hours at the weekend.
System requirements Applications are SQL Server based

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Incidents/Request are prioritised according to severity. Each time a call is logged the user will receive an automated response within 5 minutes to confirm a ticket has been created. Every new ticket will be reviewed and prioritise within 5 minutes of being received and the Customer will receive an initial response from Intersect Consulting within 15 minutes. These response times are applicable during core business hours Mon to Fri 8am to 6pm. All SLA's are agreed with our Customers.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels All our Customers receive the same level of support and quality of service. Core Support comes as standard with our service and is delivered during core business hours Monday to Friday 8am to 6pm. As standard all our Customers have an Account Manager and Service Engineers are accessible to us 24/7/365.

If any of our Customers require support outside of our core hours, it will be chargeable and pricing is based on the Customer requirements.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide full Project Technical Management. This includes a full Transition Service of moving their system/s to our cloud environment. Included in this service is training for users and there own in-house support teams (if applicable) on system access and using support. This is delivered via documentation. However, if the Customer requires onsite training this can be arranged.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Should a Customer wish to end their contract with us. Their data, software and any other files will be backed up, encrypted and securely returned to the Customer.

The data is then transfer to the Customer over a private encrypted VPN connection.
End-of-contract process The Customer must provide 30 days notice, in writing to their Account Manager of their wish to end their contract.

We then agree with the Customer a cut-off date and time.

At the agreed date and time we will take a final backup of their system.

We then provide access details to a private encrypted VPN connection, where the Customer can access their data.

Alternatively, we can copy the software and data to a new supplier.

Using the service

Using the service
Web browser interface No
API No
Command line interface No

Scaling

Scaling
Scaling available No
Independence of resources Dedicated Hardware is used for each of our Customers, no underlying hardware resources are shared.
Usage notifications Yes
Usage reporting Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Number of active instances
  • Other
Other metrics
  • Database summary information including size, status and access levels
  • Database Growth Rate
  • Disk space Growth Rate
  • New Users Created
  • Sever Uptime
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • As standard Databases Backups every 15 minutes
  • As Standard Server Backups Daily
  • Replication of Virtual Machines if required
  • Database Mirroring if required
Backup controls With our Fully Managed service backups are performed and managed by Intersect Consulting.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Dedicated hardware Firewalls are used for each of our Customers.

Data is encrypted within the database, when Customers specify this to be a requirement.

Availability and resilience

Availability and resilience
Guaranteed availability For any hardware failure there is a two hours SLA for replacement of the defective hardware. This SLA is 24/7/365.

Standard SLA's
Urgent 0 - 4 hours
High 0 - 8 hours
Medium 24 hours
Low 36 hours
All our SLA's are agreed with each Customer.

We agree with the Customer appropriate refunds based on undelivered SLA guarantees. This could take the form, for example of a free days service, a monetary refund or a free days Technical Consultancy.
Approach to resilience Our Datacentre has a number of security certifications highlighting their commitment to keeping your solution safe under every condition, including:
ISO 27001 Information Security Management
ISO 9001 Quality Management
PCI DSS compliant
UK Government IL4 capability

Further information is available on request from our Datacentre.
Outage reporting Users are notified either by email or telephone. This informs them of the system outage and how long we anticipate it will take to resolve.

Identity and authentication

Identity and authentication
User authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Only named and authorised users have access to Management Interfaces and Support Channels. Named authoriser and users are documented and reviewed on a monthly basis with the Customer. In terms of Management Interfaces this is restricted to their application, i.e. they could not make changes at the server level. In terms of Support Channels, certain requests (these are agreed with the Customer) have to be authorised by a senior named Customer contact.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations
  • Our Datacentre UKFast has the following Accreditations:
  • ISO 27001
  • ISO 9001
  • ISO 14001
  • PAS 2060
  • PCI Compliance
  • Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach We have an Information Security Policy (ISP) in place, this policy is made up of several sub policies. Responsibility for the production, maintenance and communication of our IPS lies with the Service Delivery Director (SDD). Our Policy are approved by our Senior Team. Changes may only be made with the further approval of the Senior Team. Each of the documents constituting the ISP are reviewed annually. It is the responsibility of the SDD to ensure that these reviews take place and the documents remain consistent. Any changes made to the documents will be communicated to all relevant personnel.
Information security policies and processes Intersect Consultancy's approach to Security Governance consists of an overarching Information Security Policy. This overarching policy document provides an overview of Information Security and lists a set of policy documents (sub-policies) which together constitute our Information Security Policy.

Sub-Policies include Human Resources, Information handling, System Management, Acceptable User Policy, In-house Customer Asset Management, Encryption Policy.

All Policies and relevant processes are communicated to staff and training provided where needed. Ensuring adherence to our Information Security Policy lies with the Service Delivery Director.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All changes are categorised as either, Standard, Normal or Emergency. Regardless of type all change requests are logged in our call logging system. Standard applies to all routine changes and are tracked as standard IT activities. Normal are tracked the same as standard IT activities, however a Change Request form is completed, which includes risk assessment and impact. This is authorised by senior person at Intersect Consulting and a senior named person from the Customer. Emergency follows the same process, however includes a Critical Incident Report. All Configuration changes follow the Normal process and are fully documented.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our Datacentre performs regular Security Audits that protect us from online threats, acting as a preventative measure to reduce risk of cyber attacks. Comprehensively examining the integrity of our network solutions to minimise any risk of downtime. These scans employ a powerful in-depth scanning tool to examine ports, processes, firewall policies and software updates to provide us with a complete security overview of our solutions. Features of Audit include Post Scan of 65,535 ports, Internal Scan for viruses & spyware, Vulnerability testing – tests for 55,000+ security weaknesses, Patch Updates - check and install where necessary software updates and patches.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our Datacentre proactively monitors our services and watches over the key elements of our servers - including FTP, PING, SMTP, HTTP, POP3 - and alerts us to any potential issues before they've had the chance to impact our solution's performance. If a failure is detected then the 24/7 support team is automatically notified and immediately on hand to resolve the issue. Our Datacentre dashboard lets us track every aspect of our solution from bandwidth consumption to disk utilisation.
Incident management type Supplier-defined controls
Incident management approach We have 2 levels of incident management. First, is the incident management between Intersect Consulting and our Datacentre provider UKFast. We can log incidents through our online dashboard and expect to receive an initial response within 15 minutes and a phone response in 3 rings. Incident reporting is available through our dashboard. Second is the incident management between Intersect Consulting and our Customers. We provide an online call logging system with an initial response within 15 minutes, resolution time is defined by agreed SLA's with the Customer. Incident reporting is provided on a monthly bases to named individuals.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart No

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £1700 per server per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑