Daisy Cloud powered by Microsoft Azure
Daisy are able to provide the entire suite of Azure IaaS and Paas offerings coupled with our monitoring and management services. This leverages the power and flexibility of Microsoft Azure whilst ensuring the service operates efficiently and securely.
Features
- Full access to Microsoft Azure Compute, Storage and Networking services
- Scaleble infrastructure to meet demand peaks
- Interoperable with Daisy Cloud services
- Pay-as-you-go, consumption pricing options
- Direct connectivity into PSN via Daisy MPLS
Benefits
- Microsoft Infrastructure with a UK 24/7 Service desk
- Consumption based billing allowing full cost flexibility
- Single bill for Infrastructure, Software, Network and Management
- Rapid deployment of new features and services
- We free your staff to concentrate on your priorities
- Dedicated Service Managers to ensure smooth operation
- Nominated Technical Architects available to help develop the environment
- Consultancy based migration and strategy planning
- Cost optimisation and right sizing workshops
Pricing
£0.02 to £10 a virtual machine an hour
- Education pricing available
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at andy.riley@daisygroup.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 10
Service ID
7 7 5 0 9 1 5 6 1 2 5 1 9 4 7
Contact
Daisy Communications Ltd
Andy Riley
Telephone: 01282608967
Email: andy.riley@daisygroup.com
Service scope
- Service constraints
- See https://azure.microsoft.com/en-gb/overview/what-is-azure/ for up to date information on constraints.
- System requirements
- Various, see https://azure.microsoft.com/en-gb/overview/what-is-azure/
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Response times are tied into the severity of the incident and the agreed SLA definitions.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Support levels are bespoke for every customer ensuring that the support provided meets the requirements and the budget.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Daisy's Cloud architects and engineers can work alongside your IT & project teams to ensure a smooth transition to the new environment. Whether it is designing a high availability application workload or defining the migration methodology to lift existing workloads, Daisy can provide the skills and resourcing to ensure a smooth transition.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Daisy can work to provide documentation in any required format
- End-of-contract data extraction
-
Customers have many options to extract data either at an application or infrastructure level. For those applications that don't support data migration or replication technologies, infrastructure solutions including VM export, data mirroring, offsite backup or simply a file copy are all possible options.
Should the new environment be remaining within Azure utilising another MSP, it is also possible to migrate the entire subscription to a new provider with minimal downtime. - End-of-contract process
-
When the contract with Daisy ends, Daisy will work to hand over control of the Azure environment to the new service provider. Daisy will remove all configuration entries from our management platform and cease all management activities.
Should a migration to another Infrastructure platform be required, Daisy can provide technical expertise and resources as required, although this will be classed as a new project.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
All Azure services are available directly within the Microsoft Portal.
All interaction with Daisy can be performed via the appropriate Daisy portal. - Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- Information on accessibility to the Microsoft Portal is controlled by Microsoft, more information is available at https://www.microsoft.com/en-us/accessibility/
- Web interface accessibility testing
- Daisy has not performed any testing of the Microsoft Portal
- API
- Yes
- What users can and can't do using the API
- Almost all features of Microsoft Azure are accessible via an API. The management of Azure itself is available either via a REST API or via powershell and each infrastructure element within Azure has it's own API
- API automation tools
-
- Ansible
- Chef
- Terraform
- Puppet
- API documentation
- Yes
- API documentation formats
-
- HTML
- Other
- Command line interface
- Yes
- Command line interface compatibility
- Windows
- Using the command line interface
- Almost all features of Microsoft Azure are accessible via a Powershell command line. The management of Azure itself is available either via a REST API or via powershell and many infrastructure elements within Azure have their own Powershell interface.
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Microsoft strives to ensure that infrastructure resources are isolated from their neighbours. More information is available at https://docs.microsoft.com/en-us/azure/security/azure-isolation
- Usage notifications
- Yes
- Usage reporting
-
- API
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Full Application backup
- Consistent Database backup
- File backup
- Virtual Machine image backup
- Virtual Appliance backup
- Backup controls
- During the onboarding phase, Daisy will work alongside your staff to define the exact backup schedule and retention policy for each dataset. This ensures that the right backups are configured for each type of data reducing cost and complexity.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Microsoft provides more details about their SLA and service credits here https://azure.microsoft.com/en-gb/support/legal/sla/
For applications which require a higher SLA than that provided by the Microsoft infrastructure, Daisy can design and implement a High Availability service to meet the exact requirements. - Approach to resilience
- Azure infrastructure is built with resilience to provide a certain service level. This is described in more detail at https://azure.microsoft.com/en-gb/features/resiliency/
- Outage reporting
- Microsoft will report any outages using their public dashboard and there is a facility to enrol to receive email alerts. In addition, Daisy's management services will provide email notifications.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
-
Full role based access is available within Azure. This ensures that only those users who are authenticated and authorised can access any Azure or application management features.
Access to Daisy support is via authorised named contacts rather than generic accounts. - Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 13/09/2013 original certification
- What the ISO/IEC 27001 doesn’t cover
- Scope is all Daisy sites and services requiring security certification
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Through the establishment of a comprehensive security framework, Daisy shall demonstrate a commitment to protect all assets that support the delivery of business objectives and address all legal, regulatory and contractual obligations. The following ISO27001 Group clause & objectives are referenced within this document: Clause 5, & Control objectives: A6, A9, A11, A13.2, and A14 Data Protection Policy Site Security Policy CCTV Policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Daisy’s ITIL v3 aligned service management tool meets ISO 27001 guidelines, governing core ITIL processes including, but not limited to, incident, problem, change, release, configuration, service level management and service catalogue functions
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Vulnerability scanning is included in the Daisy security framework, to help monitor the effectiveness of existing security controls and identify any weaknesses.
The IT security Manager in consultation with Head of Compliance shall coordinate vulnerability scanning activities including:
identifying the scope of testing
monitor manufacturer and vendor sites for information updates regarding vulnerabilities Should the vulnerabilities be assessed as not posing an immediate threat to operations, security patches or code fixes shall be subject to change control requirements ( testing etc.) prior to deployment.
Daisy support record activities in a service management ticket for tracking and audit purposes. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Monitoring of our platforms is done from our segregated and ISO27001 compliant management platforms, we protect the platform itself and its perimeter edge with Daisy owned and operated solutions, not in any way tied to logical customer implementations within these platforms. Each customer as part of a Managed Service has our standard security and monitoring products deployed with pre-agreed alert classifications and thresholds set as part of our typical managed service. Potential compromises are identified in our centralised monitoring solution, with accompanying detailed information of the platform and customer which auto generates an incident in our ticketing systems.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Predefined processes are in place for common events Users can report incidents via the web portal or email in the event of an incident Daisy will Issue customer updates as per the agreed frequency on the progress of a resolution or workaround. This may include initiating and leading conference calls, bridges or meetings. Create MI reports where required, validating content is customer appropriate. Issue to service delivery management. Publish the MI report to the customer as defined by the customer SLA.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Third-party
- Third-party virtualisation provider
- Microsoft
- How shared infrastructure is kept separate
-
Microsoft describes their approach to isolation in more detail in this article
https://docs.microsoft.com/en-us/azure/security/azure-isolation
Energy efficiency
- Energy-efficient datacentres
- Yes
Pricing
- Price
- £0.02 to £10 a virtual machine an hour
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Time and cost limited trials for Azure services are available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at andy.riley@daisygroup.com.
Tell them what format you need. It will help if you say what assistive technology you use.