This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with Daisy Communications Ltd are still valid.
Daisy Communications Ltd

Daisy Cloud powered by Microsoft Azure

Daisy are able to provide the entire suite of Azure IaaS and Paas offerings coupled with our monitoring and management services. This leverages the power and flexibility of Microsoft Azure whilst ensuring the service operates efficiently and securely.

Features

  • Full access to Microsoft Azure Compute, Storage and Networking services
  • Scaleble infrastructure to meet demand peaks
  • Interoperable with Daisy Cloud services
  • Pay-as-you-go, consumption pricing options
  • Direct connectivity into PSN via Daisy MPLS

Benefits

  • Microsoft Infrastructure with a UK 24/7 Service desk
  • Consumption based billing allowing full cost flexibility
  • Single bill for Infrastructure, Software, Network and Management
  • Rapid deployment of new features and services
  • We free your staff to concentrate on your priorities
  • Dedicated Service Managers to ensure smooth operation
  • Nominated Technical Architects available to help develop the environment
  • Consultancy based migration and strategy planning
  • Cost optimisation and right sizing workshops

Pricing

£0.02 to £10 a virtual machine an hour

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.riley@daisygroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

7 7 5 0 9 1 5 6 1 2 5 1 9 4 7

Contact

Daisy Communications Ltd Andy Riley
Telephone: 01282608967
Email: andy.riley@daisygroup.com

Service scope

Service constraints
See https://azure.microsoft.com/en-gb/overview/what-is-azure/ for up to date information on constraints.
System requirements
Various, see https://azure.microsoft.com/en-gb/overview/what-is-azure/

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times are tied into the severity of the incident and the agreed SLA definitions.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support levels are bespoke for every customer ensuring that the support provided meets the requirements and the budget.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Daisy's Cloud architects and engineers can work alongside your IT & project teams to ensure a smooth transition to the new environment. Whether it is designing a high availability application workload or defining the migration methodology to lift existing workloads, Daisy can provide the skills and resourcing to ensure a smooth transition.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
Daisy can work to provide documentation in any required format
End-of-contract data extraction
Customers have many options to extract data either at an application or infrastructure level. For those applications that don't support data migration or replication technologies, infrastructure solutions including VM export, data mirroring, offsite backup or simply a file copy are all possible options.

Should the new environment be remaining within Azure utilising another MSP, it is also possible to migrate the entire subscription to a new provider with minimal downtime.
End-of-contract process
When the contract with Daisy ends, Daisy will work to hand over control of the Azure environment to the new service provider. Daisy will remove all configuration entries from our management platform and cease all management activities.
Should a migration to another Infrastructure platform be required, Daisy can provide technical expertise and resources as required, although this will be classed as a new project.

Using the service

Web browser interface
Yes
Using the web interface
All Azure services are available directly within the Microsoft Portal.

All interaction with Daisy can be performed via the appropriate Daisy portal.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Information on accessibility to the Microsoft Portal is controlled by Microsoft, more information is available at https://www.microsoft.com/en-us/accessibility/
Web interface accessibility testing
Daisy has not performed any testing of the Microsoft Portal
API
Yes
What users can and can't do using the API
Almost all features of Microsoft Azure are accessible via an API. The management of Azure itself is available either via a REST API or via powershell and each infrastructure element within Azure has it's own API
API automation tools
  • Ansible
  • Chef
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
  • HTML
  • PDF
  • Other
Command line interface
Yes
Command line interface compatibility
Windows
Using the command line interface
Almost all features of Microsoft Azure are accessible via a Powershell command line. The management of Azure itself is available either via a REST API or via powershell and many infrastructure elements within Azure have their own Powershell interface.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Microsoft strives to ensure that infrastructure resources are isolated from their neighbours. More information is available at https://docs.microsoft.com/en-us/azure/security/azure-isolation
Usage notifications
Yes
Usage reporting
  • API
  • Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Full Application backup
  • Consistent Database backup
  • File backup
  • Virtual Machine image backup
  • Virtual Appliance backup
Backup controls
During the onboarding phase, Daisy will work alongside your staff to define the exact backup schedule and retention policy for each dataset. This ensures that the right backups are configured for each type of data reducing cost and complexity.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Microsoft provides more details about their SLA and service credits here https://azure.microsoft.com/en-gb/support/legal/sla/

For applications which require a higher SLA than that provided by the Microsoft infrastructure, Daisy can design and implement a High Availability service to meet the exact requirements.
Approach to resilience
Azure infrastructure is built with resilience to provide a certain service level. This is described in more detail at https://azure.microsoft.com/en-gb/features/resiliency/
Outage reporting
Microsoft will report any outages using their public dashboard and there is a facility to enrol to receive email alerts. In addition, Daisy's management services will provide email notifications.

Identity and authentication

User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Full role based access is available within Azure. This ensures that only those users who are authenticated and authorised can access any Azure or application management features.
Access to Daisy support is via authorised named contacts rather than generic accounts.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
13/09/2013 original certification
What the ISO/IEC 27001 doesn’t cover
Scope is all Daisy sites and services requiring security certification
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Through the establishment of a comprehensive security framework, Daisy shall demonstrate a commitment to protect all assets that support the delivery of business objectives and address all legal, regulatory and contractual obligations. The following ISO27001 Group clause & objectives are referenced within this document: Clause 5, & Control objectives: A6, A9, A11, A13.2, and A14 Data Protection Policy Site Security Policy CCTV Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Daisy’s ITIL v3 aligned service management tool meets ISO 27001 guidelines, governing core ITIL processes including, but not limited to, incident, problem, change, release, configuration, service level management and service catalogue functions
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability scanning is included in the Daisy security framework, to help monitor the effectiveness of existing security controls and identify any weaknesses.
The IT security Manager in consultation with Head of Compliance shall coordinate vulnerability scanning activities including:
 identifying the scope of testing
 monitor manufacturer and vendor sites for information updates regarding vulnerabilities Should the vulnerabilities be assessed as not posing an immediate threat to operations, security patches or code fixes shall be subject to change control requirements ( testing etc.) prior to deployment.
Daisy support record activities in a service management ticket for tracking and audit purposes.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring of our platforms is done from our segregated and ISO27001 compliant management platforms, we protect the platform itself and its perimeter edge with Daisy owned and operated solutions, not in any way tied to logical customer implementations within these platforms. Each customer as part of a Managed Service has our standard security and monitoring products deployed with pre-agreed alert classifications and thresholds set as part of our typical managed service. Potential compromises are identified in our centralised monitoring solution, with accompanying detailed information of the platform and customer which auto generates an incident in our ticketing systems.
Incident management type
Supplier-defined controls
Incident management approach
Predefined processes are in place for common events Users can report incidents via the web portal or email in the event of an incident Daisy will Issue customer updates as per the agreed frequency on the progress of a resolution or workaround. This may include initiating and leading conference calls, bridges or meetings. Create MI reports where required, validating content is customer appropriate. Issue to service delivery management. Publish the MI report to the customer as defined by the customer SLA.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Third-party
Third-party virtualisation provider
Microsoft
How shared infrastructure is kept separate
Microsoft describes their approach to isolation in more detail in this article
https://docs.microsoft.com/en-us/azure/security/azure-isolation

Energy efficiency

Energy-efficient datacentres
Yes

Pricing

Price
£0.02 to £10 a virtual machine an hour
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Time and cost limited trials for Azure services are available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andy.riley@daisygroup.com. Tell them what format you need. It will help if you say what assistive technology you use.