WIPRO HOLDINGS (UK) LIMITED

Wipro - VirtuaDesk (VDI) Services

VirtuaDesk is a platform that provides Desktops as a Service which helps in reducing your overall TCO significantly and improves the end user experience by providing 2x times better performance over laptops equipped with SSDs.

The Service offers; EUC, Virtual Desktop(DaaS), User_Management, Profile_Management. Pricing excludes Microsoft licenses.

Features

  • High Availability
  • Performance
  • Monitoring
  • Self Service
  • Security
  • Service Management

Benefits

  • High Availability provided through Redundant hardware & software
  • Performance achieved through Storage Boost architecture
  • Exhaustive end user experience monitoring leveraging predictive analytics for alerts
  • Simplified operations through workflow automation & self service portal
  • Two factor based authentication, TLS/SSL security for data in transit
  • Platform stays current at N1 version leading to Evergreen IT

Pricing

£40 per user per month

Service documents

Framework

G-Cloud 11

Service ID

8 0 5 6 1 8 8 6 1 1 1 5 0 0 7

Contact

WIPRO HOLDINGS (UK) LIMITED

Ravindra Vitankar

+447814641152

ravindra.vitankar@wipro.com

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
Our Offering provides Windows Server based desktops with either Windows 7/8/10 look and feel. In case customers need a true Windows client desktops customers will have to bring their own licenses for Windows 7/8/10 under BYOL licensing model as per the need.
System requirements
  • End points with Browser
  • Thin Clients

User support

Email or online ticketing support
Email or online ticketing
Support response times
Request Type Severity Classification Response Time
Incident Management
Priority Level 1 <30 Minutes
Priority Level 2 <60 Minutes
Priority Level 3 <120 Minutes
Service Request
Priority Level 1 <4 hours
Priority Level 2 <10 hours
Priority Level 3 <30 hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Yes, at an extra cost
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We provide support using Lync/ Skype for Business messenger/chat
Onsite support
Yes, at extra cost
Support levels
Support availability: 08:00 to 18:00 Hrs on business days as standard. 24X7 available as optional
Standard support response times: 30 minutes
Incident escalation process available: Yes
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide user documentation and also webinar sessions for user training in order to help them start with our service. Wipro can provide onsite training through our registered training providers at extra cost.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
VirtuaDesk never stores user data on its platform. All user data is stored on customers file shares located in their premises which we integrate into through secure network protocols. Hence there is no need for users to extract their data when the contract ends
End-of-contract process
At the end of contract, all the VdI images for that customer are formatted and the VMs released. The following are included as part of our service/contract
1. Hardware (Servers, Switches, Gateway/Load Balancer)
2. Software (Microsoft Windows Server & System Center Licenses, Software Defined Storage Licenses, VDI Broker Licenses)
3. Services (Implementation, Technical Support)

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Our service supports any device which can host a Citrix receiver. The primary difference between mobile and desktop service will be in the UI layout.
Service interface
No
API
Yes
What users can and can't do using the API
Users/Admins can customize the workflows based on their need through a web interface.
API documentation
Yes
API documentation formats
  • HTML
  • ODF
  • PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Users can customize the branding elements like logos, header/footer using Admin portal.

Scaling

Independence of resources
We maintain about 25% buffer capacity at any point of time so that any spikes in use demand can be met instantly. We also review the user requirements periodically and can easily scale by adding additional servers in case of additional demand

Analytics

Service usage metrics
Yes
Metrics types
We provide the following service metrics & reports on a monthly basis -
Uptime report for HSD/VDI infra, which includes all user profile uptime status.
Latency report (If any due to any reason)
Total number of clients accessing HSD/VDI stream
Online Uptime reports
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
There is no need for users to export their data as we integrate into the customer’s file shares to access all user data. All communication between customers file shares and our service are fully encrypted and secure adhering to industry standard security protocols.
Data export formats
  • CSV
  • ODF
  • Other
Data import formats
  • CSV
  • ODF
  • Other

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
All data in transit is protected using SSL/TSL protocols and is compliant with FIPS standards.

Availability and resilience

Guaranteed availability
We provide 99.5% with High Availability and 99.9% uptime with DR
Our SLA’s are as follows

Severity Classification Response Time Resolution Time
Incident Management
Priority Level 1 <30 Minutes 8 hours
Priority Level 2 <60 Minutes 3 Business days
Priority Level 3 <120 Minutes 5 Business days
Service Request
Priority Level 1 <4 hours 1 Business day
Priority Level 2 <10 hours 2 Business days
Priority Level 3 <30 hours 5 Business days
Approach to resilience
Available on request
Outage reporting
Outages are triggered through monitoring dashboard and emails

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
VirtuaDesk restricts access to the core components to the specific service accounts created with different access levels to meet the system administration operations and monitoring activities. All the activities on these service accounts is logged and monitored for audit purposes. For most of the service accounts interactive logons are disabled to prevent any misuse.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users receive audit information on a regular basis
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
UKAS Management Systems
ISO/IEC 27001 accreditation date
01/12/2017
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
-
PCI DSS accreditation date
-
What the PCI DSS doesn’t cover
-
Other security certifications
Yes
Any other security certifications
  • FIPS 140-2 Compliant
  • Common Criteria Certified
  • ISO/IEC 27001:2013
  • NIST SP 800 Series
  • PCI DSS V3.0

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Wipro follows Open Web Application Security Project (OWASP) methodology to verify if the service/ platform/ application is exposed to the Top 10 OWASP vulnerabilities. Web Applications are tested for the presence of the OWASP Top 10 vulnerabilities:
Injection, Cross-Site Scripting (XSS), Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF), Security Misconfiguration, Insecure Cryptographic Storage, Failure to restrict URL access, Insufficient Transport Layer Protection and Un-validated Redirects and Forwards.
Wipro uses a combination of business impact and ease of exploitability in defining the severity of the vulnerabilities. Appropriate mitigation techniques are implemented to fix the vulnerabilities before the applications are promoted to the production environment. Final round of verification is done after the application goes live to ensure the security vulnerabilities do not resurface in production environment.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
VirtuaDesk leverages and consolidates the audit reports provided by the underlying products for access portal, broker services, databases, hypervisors and core infrastructure which track the changes to the configuration through self-service portal or directly on the component.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
VirtuaDesk uses well-defined Vulnerability Management & Patch Management policy/procedure to proactively monitor the vulnerabilities related to the platforms used at Wipro & patching the known vulnerabilities thereby preventing the customer platforms from getting exploited by internal/external threats.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
VirtuaDesk has implemented integrated monitoring tool for end to end monitoring of VDI infrastructure and end user experience and leverages predictive analytics for alerts, notifications, dashboards and reporting. Tool demonstrates the deep insights into VDI technology and functioning of VDI deployments
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incident management covers all reactive and proactive activities to achieve Incident Resolution for Incidents which are allocated to Wipro. Wipro’s responsibilities will include -
Promptly informing the customer’s Service Owner of any interruption to or reduction in quality of the Service which will or may become a Major Incident;
Updating the Ticketing Tool in keeping with the relevant Service Level Target times and responding with accurate and up to date status information to the Service Desk and the User (in agreed format).
Performing appropriate testing of the Fix associated with Incident Resolution

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)

Pricing

Price
£40 per user per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑