Wipro - VirtuaDesk (VDI) Services

VirtuaDesk is a platform that provides Desktops as a Service which helps in reducing your overall TCO significantly and improves the end user experience by providing 2x times better performance over laptops equipped with SSDs.

The Service offers; EUC, Virtual Desktop(DaaS), User_Management, Profile_Management. Pricing excludes Microsoft licenses.


  • High Availability
  • Performance
  • Monitoring
  • Self Service
  • Security
  • Service Management


  • High Availability provided through Redundant hardware & software
  • Performance achieved through Storage Boost architecture
  • Exhaustive end user experience monitoring leveraging predictive analytics for alerts
  • Simplified operations through workflow automation & self service portal
  • Two factor based authentication, TLS/SSL security for data in transit
  • Platform stays current at N1 version leading to Evergreen IT


£40 per user per month

Service documents

G-Cloud 11



Ravindra Vitankar



Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints Our Offering provides Windows Server based desktops with either Windows 7/8/10 look and feel. In case customers need a true Windows client desktops customers will have to bring their own licenses for Windows 7/8/10 under BYOL licensing model as per the need.
System requirements
  • End points with Browser
  • Thin Clients

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Request Type Severity Classification Response Time
Incident Management
Priority Level 1 <30 Minutes
Priority Level 2 <60 Minutes
Priority Level 3 <120 Minutes
Service Request
Priority Level 1 <4 hours
Priority Level 2 <10 hours
Priority Level 3 <30 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Yes, at an extra cost
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing We provide support using Lync/ Skype for Business messenger/chat
Onsite support Yes, at extra cost
Support levels Support availability: 08:00 to 18:00 Hrs on business days as standard. 24X7 available as optional
Standard support response times: 30 minutes
Incident escalation process available: Yes
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide user documentation and also webinar sessions for user training in order to help them start with our service. Wipro can provide onsite training through our registered training providers at extra cost.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction VirtuaDesk never stores user data on its platform. All user data is stored on customers file shares located in their premises which we integrate into through secure network protocols. Hence there is no need for users to extract their data when the contract ends
End-of-contract process At the end of contract, all the VdI images for that customer are formatted and the VMs released. The following are included as part of our service/contract
1. Hardware (Servers, Switches, Gateway/Load Balancer)
2. Software (Microsoft Windows Server & System Center Licenses, Software Defined Storage Licenses, VDI Broker Licenses)
3. Services (Implementation, Technical Support)

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our service supports any device which can host a Citrix receiver. The primary difference between mobile and desktop service will be in the UI layout.
Service interface No
What users can and can't do using the API Users/Admins can customize the workflows based on their need through a web interface.
API documentation Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Users can customize the branding elements like logos, header/footer using Admin portal.


Independence of resources We maintain about 25% buffer capacity at any point of time so that any spikes in use demand can be met instantly. We also review the user requirements periodically and can easily scale by adding additional servers in case of additional demand


Service usage metrics Yes
Metrics types We provide the following service metrics & reports on a monthly basis -
Uptime report for HSD/VDI infra, which includes all user profile uptime status.
Latency report (If any due to any reason)
Total number of clients accessing HSD/VDI stream
Online Uptime reports
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach There is no need for users to export their data as we integrate into the customer’s file shares to access all user data. All communication between customers file shares and our service are fully encrypted and secure adhering to industry standard security protocols.
Data export formats
  • CSV
  • ODF
  • Other
Data import formats
  • CSV
  • ODF
  • Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network All data in transit is protected using SSL/TSL protocols and is compliant with FIPS standards.

Availability and resilience

Availability and resilience
Guaranteed availability We provide 99.5% with High Availability and 99.9% uptime with DR
Our SLA’s are as follows

Severity Classification Response Time Resolution Time
Incident Management
Priority Level 1 <30 Minutes 8 hours
Priority Level 2 <60 Minutes 3 Business days
Priority Level 3 <120 Minutes 5 Business days
Service Request
Priority Level 1 <4 hours 1 Business day
Priority Level 2 <10 hours 2 Business days
Priority Level 3 <30 hours 5 Business days
Approach to resilience Available on request
Outage reporting Outages are triggered through monitoring dashboard and emails

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels VirtuaDesk restricts access to the core components to the specific service accounts created with different access levels to meet the system administration operations and monitoring activities. All the activities on these service accounts is logged and monitored for audit purposes. For most of the service accounts interactive logons are disabled to prevent any misuse.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 UKAS Management Systems
ISO/IEC 27001 accreditation date 01/12/2017
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification -
PCI DSS accreditation date -
What the PCI DSS doesn’t cover -
Other security certifications Yes
Any other security certifications
  • FIPS 140-2 Compliant
  • Common Criteria Certified
  • ISO/IEC 27001:2013
  • NIST SP 800 Series
  • PCI DSS V3.0

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes Wipro follows Open Web Application Security Project (OWASP) methodology to verify if the service/ platform/ application is exposed to the Top 10 OWASP vulnerabilities. Web Applications are tested for the presence of the OWASP Top 10 vulnerabilities:
Injection, Cross-Site Scripting (XSS), Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF), Security Misconfiguration, Insecure Cryptographic Storage, Failure to restrict URL access, Insufficient Transport Layer Protection and Un-validated Redirects and Forwards.
Wipro uses a combination of business impact and ease of exploitability in defining the severity of the vulnerabilities. Appropriate mitigation techniques are implemented to fix the vulnerabilities before the applications are promoted to the production environment. Final round of verification is done after the application goes live to ensure the security vulnerabilities do not resurface in production environment.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach VirtuaDesk leverages and consolidates the audit reports provided by the underlying products for access portal, broker services, databases, hypervisors and core infrastructure which track the changes to the configuration through self-service portal or directly on the component.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach VirtuaDesk uses well-defined Vulnerability Management & Patch Management policy/procedure to proactively monitor the vulnerabilities related to the platforms used at Wipro & patching the known vulnerabilities thereby preventing the customer platforms from getting exploited by internal/external threats.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach VirtuaDesk has implemented integrated monitoring tool for end to end monitoring of VDI infrastructure and end user experience and leverages predictive analytics for alerts, notifications, dashboards and reporting. Tool demonstrates the deep insights into VDI technology and functioning of VDI deployments
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incident management covers all reactive and proactive activities to achieve Incident Resolution for Incidents which are allocated to Wipro. Wipro’s responsibilities will include -
Promptly informing the customer’s Service Owner of any interruption to or reduction in quality of the Service which will or may become a Major Incident;
Updating the Ticketing Tool in keeping with the relevant Service Level Target times and responding with accurate and up to date status information to the Service Desk and the User (in agreed format).
Performing appropriate testing of the Fix associated with Incident Resolution

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)


Price £40 per user per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑