PMD MAGNETICS (Pangbourne Musical Distributors T/A PMD Magnetics)

Backup, Data Retention and Disaster Recovery as a Service

Certified UK reseller for Unitrends Cloud Services. Unitrends offers Cloud Backup Solutions incorporating: - Long-term offsite retention - DRaaS (Disaster Recovery as a Service) - 1-hour spin-up for critical VMs - Automated Recovery Assurance Testing - AES-256 encryption - Self-service tools - Hyperscale-Cloud integration. Cloud Protection for Office365, G-Suite, Salesforce

Features

  • Long-term Cloud retention
  • Customizable data retention policies from 90 days to infinite
  • Scalable transparent pricing tool
  • DRaaS including 1-hour VM spin-up
  • Automated Disaster Recovery Assurance testing
  • Unitrends Cloud or 3rd party Hyperscale integration
  • Self service granular recovery - no retrieval fees
  • Protect only capacity or VMs required
  • Rapid physical seeding
  • Cloud-to-Cloud protection for Office 365

Benefits

  • Automate backup and Disaster Recovery operations
  • Meet specific data retention policies
  • Meet offsite Disaster Recovery compliance requirements
  • Retain budgetary control of backup environment
  • Enhance protection in mixed physical and virtual environment
  • Reduce recovery times
  • Monitor backups through single pane-of-glass
  • Leverage existing Cloud providers including AWS, Azure, Google
  • Easily manage multiple / remote sites
  • Recover instantly from local disaster

Pricing

£0.78 to £1.33 a gigabyte a year

Service documents

Framework

G-Cloud 12

Service ID

8 4 1 6 8 2 3 7 2 8 4 8 5 5 0

Contact

PMD MAGNETICS (Pangbourne Musical Distributors T/A PMD Magnetics) Matthew Gwynn
Telephone: 01789 268579
Email: matthew@pmdmagnetics.co.uk

Service scope

Service constraints
None
System requirements
  • Compatible with Windows, Mac, Citrix, Linux environments
  • Compatible with 200+ apps and hypervisors

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response goals are intended to provide a target for initial response to an issue or problem. Unitrends responses are base on severity level/prior defined when the case is opened. We have 4 severity levels and each have a different target response times:

- Severity level 1 = One (1) Business Hours
- Severity level 2 = Three (3) Business Hours
- Severity level 3 = Six (6) Business Hours
- Severity level 4 = Ten (10) Business Hours
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Unitrends uses Salesforce Live Agent for Web chat. This Web chat application conforms to WCAG 2.0 AA

Details including features and constraints can be found in the Salesforce Lighting Service Console Web Content Accessibility Guidelines 2.0 Level A and AA
Voluntary Product Accessibility Template

https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/508%20accessibility/wcag-2-dot-0-vpat-service-console-winter2018.pdf
Web chat accessibility testing
No testing has been done with assistive technology users.
Onsite support
Onsite support
Support levels
There is a single level of support available which is Platinum. Platinum provides a One (1) business hours response for Severity level 1 issues, Severity level 2 has a Three (3) business hour response, Severity 3 has Six (6) business hour response and Severity level 4 has a Ten (10) business hour response. Cloud support engineers are assigned for cloud related issues.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Unitrends cloud service is a white glove service. The Unitrends team on-boards the customer and then sets up a replication relationship between the customers on site backup and the Unitrends cloud. Details of the Unitrends cloud service schedule with summaries can be found at the following link. https://www.unitrends.com/legal-notices/service-schedule-unitrends-cloud-services or https://www.unitrends.com/wp-content/uploads/Unitrends-Cloud-Services-Service-Schedule.pdf
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
The Unitrends cloud agreement stipulates the following: Unitrends Cloud saves a copy of the Customer Content that the Customer designates through the Services’ web-based interface.  The Unitrends Cloud periodically scans these files for changes and newly designated files and creates a copy of modified or newly designated files. Customer will not be able to restore files that the Unitrends Cloud has not completed Replicating or files that have been changed but not yet Replicated or not eligible for Replication. If Customer’s license to use Services, the Unitrends Cloud Services or any other associated product or service expires, is terminated, is not renewed, or is otherwise discontinued for any reason, Unitrends may, without notice, delete or deny Customer access to any of Customer’s Replicated Content or Retained Content and Customer Content may not be available to Customer.  Customer agrees that Unitrends may retain (but shall have no obligation to retain) Customer’s Replicated Content or Retained Content for a period of time following any termination, expiration or lapse of Customer’s subscription in connection with Unitrends’ making such Customer Content available to Customer should Customer later decide to purchase, renew or extend its subscription to the Unitrends Cloud Services.
End-of-contract process
The Unitrends cloud provides long term retention/archiving services as well as DRaaS. At the end of an agreed contract, customers can choose to continue using Unitrends services based on a new negotiated cost or choose to have their data removed based on point 5.4 in Unitrends cloud services eula. A link to the cloud service eula is listed below for reference.

https://www.unitrends.com/legal-notices/cloud-services-eula

Using the service

Web browser interface
Yes
Using the web interface
Users access their data locally via a web interface to configure and manage backup copies that are sent to the Unitrends cloud. The local backup acts as self-service portal for the end user. Providing the capability to restore data from the cloud back on premise. The web interface does not provide the end user to invoke/start DRaaS services within the cloud. DRaaS services in the Unitrends cloud is a white glove service (managed by Unitrends on behalf of the customer).
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Simple point the web browser, ideally Chrome to the appliance IP address. This will give the end user operational access to the Unitrends product.
Web interface accessibility testing
Details of the testing done are not currently available at the time of this response. We are happy obtain and provide the appropriate details at a later stage.
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
Unitrends DRaaS is a white glove service. Resources are agreed upon during the on-boarding process. Users cannot change the resource allocations themselves. The Unitrends cloud team manages the resources and ensure SLAs are met for each customer.
Usage notifications
Yes
Usage reporting
  • Email
  • Other

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Unitrends

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
In-house destruction process

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files and Folders
  • Databases including MS-SQL and Oracle
  • Virtual machine including VMware, Hyper-V, Xen Server and Nutanix
  • NAS devices using the NDMP protocal
  • NAS devices using CIFS or NFS shares
  • CISCO UCS tempates
  • Physical Servers, Windows, Linux, Unix and AS400, Novell
Backup controls
Users control backups locally using a web interface. Jobs are created and scheduled using this interface, however there also the option to use the rest API or command line as well. Jobs can have different type of schedules, which include full, differential, incremental, incremental forever and transaction log truncation for databases.
Link to our Rest API https://github.com/unitrends/unitrends-api-doc/wiki
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Single datacentre with multiple copies
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Unitrends uses OpenVPN to tunnel and encrypt data transfers between local customer site and Unitrends cloud.

Availability and resilience

Guaranteed availability
Detailed information on SLA agreements can be reviewed on the Unitrends website under the legal section. This link provides quick access to the said information.

https://www.unitrends.com/legal-notices/cloud-services-eula

In summary:

Unitrends will use commercially reasonable efforts to maintain reliable and redundant infrastructure to store Customer Content in the Unitrends Cloud and complete selected Replications via the Services within 72 hours subject to delays caused by Customer or its network or systems or by telecommunications failures, utility outages or the Internet.

If the Services indicate that Customer Content has been successfully Replicated and it is determined that the Customer Content was not Replicated as a direct result of a defect or error with the Services or the Unitrends Cloud, as Customer’s sole and exclusive remedy, and Unitrends sole liability, Unitrends will refund to Customer the total fees paid by the Customer for the Unitrends Cloud Services for the immediately preceding thirty (30) days. Except for the foregoing sentence, Unitrends shall have no liability for any failure of the Customer Content to successfully Replicate to the Unitrends Cloud.

Note customers should review section 3.2 specifically in the cloud EULA for more information.
Approach to resilience
Available on request.
Outage reporting
Outage reporting is provided via the Unitrends portal.

Identity and authentication

User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
The management interfaces for cloud devices are out of band.
Only the Unitrends cloud team have access to cloud devices.
Customer access to cloud data is managed through their local backup.
Unitrends provides role based access to customers on the local backup which is able to restrict access to recovery points replicated to the Unitrends cloud.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Less than 1 month
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
AlcumUS
ISO/IEC 27001 accreditation date
25/8/2017
What the ISO/IEC 27001 doesn’t cover
Cloud is ISO 27001
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Health Insurance Portability and Accountability Act (HIPAA) with BAA available.
Information security policies and processes
Information security policies are based on NIST Cybersecurity Framework with ISO 27002 controls. Unitrends policies and controls also satisfy GDPR and the US standards HIPAA and CJIS.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All changes to software and services provided are tracked throughout the SDLC process.
All CVEs are monitored on release by a dedicated member of the development team, and appropriate remediations are provided based on the severity of the CVE.
All changes are tested by QA prior to release to the production team.
All changes to production are controlled by the operations team who apply them after acceptance by QA and approval by business management
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Unitrends conducts vulnerability scans against its environments monthly and penetration tests annually or after major changes to the environment or applications.
Unitrends monitors publication of all CVEs and a dedicated security member of the development team assesses their impact on the Unitrends software and service and provides remediation based on the severity of the CVE.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Unitrends conducts vulnerability scans monthly and penetration tests annually or after significant changes to the infrastructure or application.
Vulnerabilities detected are referred to Unitrends Incident Response Procedures and are triaged, analyzed and remediated as appropriate.
Incident response is based on the severity of the incident detected
Incident management type
Supplier-defined controls
Incident management approach
Unitrends has an regular Incident Response Procedure to be followed all levels of incidents.
If the incident is detected by a user, they can call the security hotline or submit the incident via email to the security-incident email alias.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
Unitrends uses multiple virtualization technologies to facilitate for the services provided. The primary technologies used for the Unitrends DRaaS services are VMware and Hyper- V. Unitrends is able to isolate tenant services using storage and networking technologies. Further information can be obtained by engaging with the Unitrends cloud team.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Unitrends leverages an Equinix data center and Equinix is a Corporate Participant in the European Code of Conduct for Energy Efficiency in Data Centres programme.

Pricing

Price
£0.78 to £1.33 a gigabyte a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Unitrends provides a free trial of the Unitrends Cloud service in the form of a POC. Trials are limited to 30 days. There are also trial versions available for other software products in the Unitrends portfolio, including specialist applications for Office 365 deployments.
Link to free trial
https://pmd.unitrends.com

Service documents