Daisy Communications Ltd

Daisy Cloud powered by Microsoft Azure

Daisy are able to provide the entire suite of Azure IaaS and Paas offerings coupled with our monitoring and management services. This leverages the power and flexibility of Microsoft Azure whilst ensuring the service operates efficiently and securely.

Features

  • Full access to Microsoft Azure Compute, Storage and Networking services
  • Scaleble infrastructure to meet demand peaks
  • Interoperable with Daisy Cloud services
  • Pay-as-you-go, consumption pricing options
  • Direct connectivity into PSN via Daisy MPLS

Benefits

  • Microsoft Infrastructure with a UK 24/7 Service desk
  • Consumption based billing allowing full cost flexibility
  • Single bill for Infrastructure, Software, Network and Management
  • Rapid deployment of new features and services
  • We free your staff to concentrate on your priorities
  • Dedicated Service Managers to ensure smooth operation
  • Nominated Technical Architects available to help develop the environment
  • Consultancy based migration and strategy planning
  • Cost optimisation and right sizing workshops

Pricing

£0.016 to £10 per virtual machine per hour

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 10

775091561251947

Daisy Communications Ltd

Andy Riley

01282608967

andy.riley@daisygroup.com

Service scope

Service scope
Service constraints See https://azure.microsoft.com/en-gb/overview/what-is-azure/ for up to date information on constraints.
System requirements Various, see https://azure.microsoft.com/en-gb/overview/what-is-azure/

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are tied into the severity of the incident and the agreed SLA definitions.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Support levels are bespoke for every customer ensuring that the support provided meets the requirements and the budget.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Daisy's Cloud architects and engineers can work alongside your IT & project teams to ensure a smooth transition to the new environment. Whether it is designing a high availability application workload or defining the migration methodology to lift existing workloads, Daisy can provide the skills and resourcing to ensure a smooth transition.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Daisy can work to provide documentation in any required format
End-of-contract data extraction Customers have many options to extract data either at an application or infrastructure level. For those applications that don't support data migration or replication technologies, infrastructure solutions including VM export, data mirroring, offsite backup or simply a file copy are all possible options.

Should the new environment be remaining within Azure utilising another MSP, it is also possible to migrate the entire subscription to a new provider with minimal downtime.
End-of-contract process When the contract with Daisy ends, Daisy will work to hand over control of the Azure environment to the new service provider. Daisy will remove all configuration entries from our management platform and cease all management activities.
Should a migration to another Infrastructure platform be required, Daisy can provide technical expertise and resources as required, although this will be classed as a new project.

Using the service

Using the service
Web browser interface Yes
Using the web interface All Azure services are available directly within the Microsoft Portal.

All interaction with Daisy can be performed via the appropriate Daisy portal.
Web interface accessibility standard None or don’t know
How the web interface is accessible Information on accessibility to the Microsoft Portal is controlled by Microsoft, more information is available at https://www.microsoft.com/en-us/accessibility/
Web interface accessibility testing Daisy has not performed any testing of the Microsoft Portal
API Yes
What users can and can't do using the API Almost all features of Microsoft Azure are accessible via an API. The management of Azure itself is available either via a REST API or via powershell and each infrastructure element within Azure has it's own API
API automation tools
  • Ansible
  • Chef
  • Terraform
  • Puppet
API documentation Yes
API documentation formats
  • HTML
  • PDF
  • Other
Command line interface Yes
Command line interface compatibility Windows
Using the command line interface Almost all features of Microsoft Azure are accessible via a Powershell command line. The management of Azure itself is available either via a REST API or via powershell and many infrastructure elements within Azure have their own Powershell interface.

Scaling

Scaling
Scaling available Yes
Scaling type
  • Automatic
  • Manual
Independence of resources Microsoft strives to ensure that infrastructure resources are isolated from their neighbours. More information is available at https://docs.microsoft.com/en-us/azure/security/azure-isolation
Usage notifications Yes
Usage reporting
  • API
  • Email

Analytics

Analytics
Infrastructure or application metrics Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Full Application backup
  • Consistent Database backup
  • File backup
  • Virtual Machine image backup
  • Virtual Appliance backup
Backup controls During the onboarding phase, Daisy will work alongside your staff to define the exact backup schedule and retention policy for each dataset. This ensures that the right backups are configured for each type of data reducing cost and complexity.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Users contact the support team to schedule backups
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Microsoft provides more details about their SLA and service credits here https://azure.microsoft.com/en-gb/support/legal/sla/

For applications which require a higher SLA than that provided by the Microsoft infrastructure, Daisy can design and implement a High Availability service to meet the exact requirements.
Approach to resilience Azure infrastructure is built with resilience to provide a certain service level. This is described in more detail at https://azure.microsoft.com/en-gb/features/resiliency/
Outage reporting Microsoft will report any outages using their public dashboard and there is a facility to enrol to receive email alerts. In addition, Daisy's management services will provide email notifications.

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Full role based access is available within Azure. This ensures that only those users who are authenticated and authorised can access any Azure or application management features.
Access to Daisy support is via authorised named contacts rather than generic accounts.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 13/09/2013 original certification
What the ISO/IEC 27001 doesn’t cover Scope is all Daisy sites and services requiring security certification
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Through the establishment of a comprehensive security framework, Daisy shall demonstrate a commitment to protect all assets that support the delivery of business objectives and address all legal, regulatory and contractual obligations. The following ISO27001 Group clause & objectives are referenced within this document: Clause 5, & Control objectives: A6, A9, A11, A13.2, and A14 Data Protection Policy Site Security Policy CCTV Policy

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Daisy’s ITIL v3 aligned service management tool meets ISO 27001 guidelines, governing core ITIL processes including, but not limited to, incident, problem, change, release, configuration, service level management and service catalogue functions
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability scanning is included in the Daisy security framework, to help monitor the effectiveness of existing security controls and identify any weaknesses.
The IT security Manager in consultation with Head of Compliance shall coordinate vulnerability scanning activities including:
 identifying the scope of testing
 monitor manufacturer and vendor sites for information updates regarding vulnerabilities Should the vulnerabilities be assessed as not posing an immediate threat to operations, security patches or code fixes shall be subject to change control requirements ( testing etc.) prior to deployment.
Daisy support record activities in a service management ticket for tracking and audit purposes.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Monitoring of our platforms is done from our segregated and ISO27001 compliant management platforms, we protect the platform itself and its perimeter edge with Daisy owned and operated solutions, not in any way tied to logical customer implementations within these platforms. Each customer as part of a Managed Service has our standard security and monitoring products deployed with pre-agreed alert classifications and thresholds set as part of our typical managed service. Potential compromises are identified in our centralised monitoring solution, with accompanying detailed information of the platform and customer which auto generates an incident in our ticketing systems.
Incident management type Supplier-defined controls
Incident management approach Predefined processes are in place for common events Users can report incidents via the web portal or email in the event of an incident Daisy will Issue customer updates as per the agreed frequency on the progress of a resolution or workaround. This may include initiating and leading conference calls, bridges or meetings. Create MI reports where required, validating content is customer appropriate. Issue to service delivery management. Publish the MI report to the customer as defined by the customer SLA.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider Microsoft
How shared infrastructure is kept separate Microsoft describes their approach to isolation in more detail in this article
https://docs.microsoft.com/en-us/azure/security/azure-isolation

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes

Pricing

Pricing
Price £0.016 to £10 per virtual machine per hour
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Time and cost limited trials for Azure services are available

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑