Pure Technology Group

Azure Managed Service

The pure technology group is a certified Microsoft CSP Tier 1 partner, one of only a handful in the UK. We do much more than simply sell Microsoft subscription licences. We provide expert design, deployment and support services for the cloud, utilising Fortinet firewall security.


  • Multiple UK-based DataCentres
  • Fast - all SSD flash storage
  • Scaleable - modular design
  • Availability - 99.999%
  • Secure - tieried and adaptive
  • Resilient - geographic, operator and device level
  • Replication between DataCentres
  • Variable Services - adjust services according to ongoing need.


  • Unified Billing - one supplier, one bill, many platforms
  • Industry-leading Azure architects
  • Dedicated Account and Service Account Managers
  • UK Based Support Team - 24/7/365
  • Consumption/Subscription billing model


£0.99 to £9999 per unit per month

Service documents

G-Cloud 11


Pure Technology Group

Simeon Banks

0113 3871070


Service scope

Service scope
Service constraints Azure Server OS must be Windows Server 2008 R2 or later.
System requirements
  • Windows OS
  • Mac OS
  • Linux OS
  • Android
  • IOS

User support

User support
Email or online ticketing support Email or online ticketing
Support response times SLA Response Time in mutually agreed priority:

P1 - Response in 15 mins
P2 - Response in 1 hour
P3 - Response in 4 hours
P4 - Response in 8 hours
P5 - Response in N/A
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels All support services are managed with a team of Technical and Service managers to ensure a smooth continuous service.

Support is pro-active including live monitoring. Incident management is carried out through a detailed ITIL methodology aligned to customer SLA including prioritisation by severity and escalation.

Support is provided for cloud, hybrid and on-premise solutions.

Site Hardware Break-Fix can be provided in a range of options.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The pure technology group provide a full on-boarding process, which includes service delivery, technical evaluation and associated training and end user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction At contract completion, data can be provided by secure transfer, over-the-wire or to portable media, encrypted or not.
End-of-contract process At contract completion, the project management team plan off-boarding as a project to ensure smooth transition of service and data.

Using the service

Using the service
Web browser interface Yes
Using the web interface The Azure web interface is used to self-provision services on-demand.
Web interface accessibility standard WCAG 2.1 AA or EN 301 549
Web interface accessibility testing All testing provided by the provider. Details can be found at:

Command line interface Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface All Azure services can be provisioned and configured the with Powershell CLI.


Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources The resources are based in 'tenants' within the Azure platform. This ensures that all resources are isolated on a customer by customer basis. Whilst it is inherently shared hardware, it is segregated between customer systems.
Usage notifications Yes
Usage reporting Email


Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft, Citrix, AWS

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Files
  • Virtual Machines
  • Databases
  • Applications
  • Configurations
Backup controls Customers can choose from a variety of backup and replication models. Typically this is seeded file-level (full), incremental delta changes on a daily basis.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Approach to resilience Delivering services at scale requires a different approach to designing, building, deploying and operating datacenters. Parts of the physical environment — from the server design to the building itself — creates opportunity to design, engineer and deploy for greater resiliency.
Outage reporting A public dashboard is available for Microsoft Azure (see below), however our Service Delivery Managers do email customers personally to inform them of applicable outages.


Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels At the point of contract creation a list of 'trusted' users is provided by the customer. However this can only be altered with our Service and Technical teams to reflect new users in accordance with the Service Change Management process.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS
ISO/IEC 27001 accreditation date 27/03/2018
What the ISO/IEC 27001 doesn’t cover No exclusions
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We adhere strictly to ISO27001 and its associated policies surrounding reporting standards and formats.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management type Supplier-defined controls
Vulnerability management approach Baseline vulnerabilities are patched according to the Microsoft Azure processes which Conforms to a recognised standard, CSA CCM v3.0 or SSAE-16 / ISAE 3402.

However Application vulnerabilites are not scanned by Microsoft, this can be provided as a seperate service
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach The Azure monitoring process is aligned with ISO27001:2013 control A.12.4 which details:
• Event Logging
• Protection of log information
• Admin & operator logs
• Clock synchronisation
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach The PTG incident management process is aligned with ISO27001 which details:
• The full incident management procedure
• Responsibilities & procedures
• Assessment of and decision on security events
• Response process
• Evidence collection
• Learning from incidents

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Supplier
Virtualisation technologies used Hyper-V
How shared infrastructure is kept separate Software defined networking including complex routes and VLANs ensure that virtual infrastructure is seperated in-between instances.

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes
Description of energy efficient datacentres Managed by external DC facility providers


Price £0.99 to £9999 per unit per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑