Pure Technology Group

Azure Managed Service

The pure technology group is a certified Microsoft CSP Tier 1 partner, one of only a handful in the UK. We do much more than simply sell Microsoft subscription licences. We provide expert design, deployment and support services for the cloud, utilising Fortinet firewall security.


  • Multiple UK-based DataCentres
  • Fast - all SSD flash storage
  • Scaleable - modular design
  • Availability - 99.999%
  • Secure - tieried and adaptive
  • Resilient - geographic, operator and device level
  • Replication between DataCentres
  • Variable Services - adjust services according to ongoing need.


  • Unified Billing - one supplier, one bill, many platforms
  • Industry-leading Azure architects
  • Dedicated Account and Service Account Managers
  • UK Based Support Team - 24/7/365
  • Consumption/Subscription billing model


£0.99 to £9999 per unit per month

Service documents


G-Cloud 11

Service ID

7 0 6 5 4 7 8 3 9 9 6 4 1 4 3


Pure Technology Group

Simeon Banks

0113 3871070


Service scope

Service constraints
Azure Server OS must be Windows Server 2008 R2 or later.
System requirements
  • Windows OS
  • Mac OS
  • Linux OS
  • Android
  • IOS

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA Response Time in mutually agreed priority:

P1 - Response in 15 mins
P2 - Response in 1 hour
P3 - Response in 4 hours
P4 - Response in 8 hours
P5 - Response in N/A
User can manage status and priority of support tickets
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
All support services are managed with a team of Technical and Service managers to ensure a smooth continuous service.

Support is pro-active including live monitoring. Incident management is carried out through a detailed ITIL methodology aligned to customer SLA including prioritisation by severity and escalation.

Support is provided for cloud, hybrid and on-premise solutions.

Site Hardware Break-Fix can be provided in a range of options.
Support available to third parties

Onboarding and offboarding

Getting started
The pure technology group provide a full on-boarding process, which includes service delivery, technical evaluation and associated training and end user documentation.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At contract completion, data can be provided by secure transfer, over-the-wire or to portable media, encrypted or not.
End-of-contract process
At contract completion, the project management team plan off-boarding as a project to ensure smooth transition of service and data.

Using the service

Web browser interface
Using the web interface
The Azure web interface is used to self-provision services on-demand.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
All testing provided by the provider. Details can be found at:

Command line interface
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
All Azure services can be provisioned and configured the with Powershell CLI.


Scaling available
Scaling type
  • Automatic
  • Manual
Independence of resources
The resources are based in 'tenants' within the Azure platform. This ensures that all resources are isolated on a customer by customer basis. Whilst it is inherently shared hardware, it is segregated between customer systems.
Usage notifications
Usage reporting


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft, Citrix, AWS

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
What’s backed up
  • Files
  • Virtual Machines
  • Databases
  • Applications
  • Configurations
Backup controls
Customers can choose from a variety of backup and replication models. Typically this is seeded file-level (full), incremental delta changes on a daily basis.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Approach to resilience
Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Outage reporting
A public dashboard is available for Microsoft Azure (see below), however our Service Delivery Managers do email customers personally to inform them of applicable outages.


Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
At the point of contract creation a list of 'trusted' users is provided by the customer. However this can only be altered with our Service and Technical teams to reflect new users in accordance with the Service Change Management process.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
No exclusions
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications
Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
We adhere strictly to ISO27001 and its associated policies surrounding reporting standards and formats.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Baseline vulnerabilities are patched according to the Microsoft Azure processes which Conforms to a recognised standard, CSA CCM v3.0 or SSAE-16 / ISAE 3402.

However Application vulnerabilites are not scanned by Microsoft, this can be provided as a seperate service
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
The Azure monitoring process is aligned with ISO27001:2013 control A.12.4 which details:
• Event Logging
• Protection of log information
• Admin & operator logs
• Clock synchronisation
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
The PTG incident management process is aligned with ISO27001 which details:
• The full incident management procedure
• Responsibilities & procedures
• Assessment of and decision on security events
• Response process
• Evidence collection
• Learning from incidents

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
How shared infrastructure is kept separate
Software defined networking including complex routes and VLANs ensure that virtual infrastructure is seperated in-between instances.

Energy efficiency

Energy-efficient datacentres
Description of energy efficient datacentres
Managed by external DC facility providers


£0.99 to £9999 per unit per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑