Pure Technology Group

Azure Managed Service

The pure technology group is a certified Microsoft CSP Tier 1 partner, one of only a handful in the UK. We do much more than simply sell Microsoft subscription licences. We provide expert design, deployment and support services for the cloud, utilising Fortinet firewall security.

Features

  • Multiple UK-based DataCentres
  • Fast - all SSD flash storage
  • Scaleable - modular design
  • Availability - 99.999%
  • Secure - tieried and adaptive
  • Resilient - geographic, operator and device level
  • Replication between DataCentres
  • Variable Services - adjust services according to ongoing need.

Benefits

  • Unified Billing - one supplier, one bill, many platforms
  • Industry-leading Azure architects
  • Dedicated Account and Service Account Managers
  • UK Based Support Team - 24/7/365
  • Consumption/Subscription billing model

Pricing

£0.99 to £9999 per unit per month

Service documents

Framework

G-Cloud 11

Service ID

7 0 6 5 4 7 8 3 9 9 6 4 1 4 3

Contact

Pure Technology Group

Simeon Banks

0113 3871070

simeon@tptg.co.uk

Service scope

Service constraints
Azure Server OS must be Windows Server 2008 R2 or later.
System requirements
  • Windows OS
  • Mac OS
  • Linux OS
  • Android
  • IOS

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA Response Time in mutually agreed priority:

P1 - Response in 15 mins
P2 - Response in 1 hour
P3 - Response in 4 hours
P4 - Response in 8 hours
P5 - Response in N/A
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
All support services are managed with a team of Technical and Service managers to ensure a smooth continuous service.

Support is pro-active including live monitoring. Incident management is carried out through a detailed ITIL methodology aligned to customer SLA including prioritisation by severity and escalation.

Support is provided for cloud, hybrid and on-premise solutions.

Site Hardware Break-Fix can be provided in a range of options.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The pure technology group provide a full on-boarding process, which includes service delivery, technical evaluation and associated training and end user documentation.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At contract completion, data can be provided by secure transfer, over-the-wire or to portable media, encrypted or not.
End-of-contract process
At contract completion, the project management team plan off-boarding as a project to ensure smooth transition of service and data.

Using the service

Web browser interface
Yes
Using the web interface
The Azure web interface is used to self-provision services on-demand.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
All testing provided by the provider. Details can be found at:

https://www.microsoft.com/en-us/trustcenter/compliance/accessibility
API
No
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
All Azure services can be provisioned and configured the with Powershell CLI.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
The resources are based in 'tenants' within the Azure platform. This ensures that all resources are isolated on a customer by customer basis. Whilst it is inherently shared hardware, it is segregated between customer systems.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft, Citrix, AWS

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files
  • Virtual Machines
  • Databases
  • Applications
  • Configurations
Backup controls
Customers can choose from a variety of backup and replication models. Typically this is seeded file-level (full), incremental delta changes on a daily basis.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Approach to resilience
Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Outage reporting
A public dashboard is available for Microsoft Azure (see below), however our Service Delivery Managers do email customers personally to inform them of applicable outages.

https://azure.microsoft.com/en-gb/status/

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
At the point of contract creation a list of 'trusted' users is provided by the customer. However this can only be altered with our Service and Technical teams to reflect new users in accordance with the Service Change Management process.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS
ISO/IEC 27001 accreditation date
27/03/2018
What the ISO/IEC 27001 doesn’t cover
No exclusions
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We adhere strictly to ISO27001 and its associated policies surrounding reporting standards and formats.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Baseline vulnerabilities are patched according to the Microsoft Azure processes which Conforms to a recognised standard, CSA CCM v3.0 or SSAE-16 / ISAE 3402.

However Application vulnerabilites are not scanned by Microsoft, this can be provided as a seperate service
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
The Azure monitoring process is aligned with ISO27001:2013 control A.12.4 which details:
• Event Logging
• Protection of log information
• Admin & operator logs
• Clock synchronisation
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The PTG incident management process is aligned with ISO27001 which details:
• The full incident management procedure
• Responsibilities & procedures
• Assessment of and decision on security events
• Response process
• Evidence collection
• Learning from incidents

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
Software defined networking including complex routes and VLANs ensure that virtual infrastructure is seperated in-between instances.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Managed by external DC facility providers

Pricing

Price
£0.99 to £9999 per unit per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑