MDS Technologies Limited

Datto SaaS Protection for Office 365 and G Suite

MDS Technologies provides Office 365 & G Suite Backup from Datto. Datto SaaS Protection protects email, files and sites hosted in SaaS applications from any kind of unwanted deletion, ransomware, and app overwrite errors.

Features

  • Automated 3x a day backup of your most important apps
  • Automatic archiving of deprovisioned users
  • Recovery from ransomware in the cloud
  • SOC 2 Type II Compliance and HIPPA compliance support
  • Protection of business-critical cloud data

Benefits

  • One supplier for consultancy, design, implementation and support
  • Bespoke fixed rate packages
  • IT Consultancy to maximise benefits of your IT
  • Strategic technology partnerships – We’re not tied to one supplier.

Pricing

£2.40 to £2.40 a user a month

  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 4 7 5 5 6 9 9 6 6 9 2 8 2 3

Contact

MDS Technologies Limited Ben Grantham
Telephone: 01225 816280
Email: sales@mds.gb.net

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Office 365 subscriptions covering Teams, SharePoint, etc.
Cloud deployment model
Private cloud
Service constraints
Planned maintenance for core SaaS product
System requirements
  • Office 365 account and subscription
  • G Suite account

User support

Email or online ticketing support
Email or online ticketing
Support response times
Tickets are responded to on a priority basis. We aim to respond to ALL initial questions within 15 minutes during normal business hours (7:30-17:30 Mon-Fri).
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
MDS' standard support includes Project Managers, Service Delivery Managers, Technical Account Managers, Support Engineers Monday-Friday between the hours of 7:30-17:30. We aim to respond to ALL incidents and requests within 15 minutes, with a priority on resolving P1 incidents.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Customers on-boarding the service with MDS Technologies will need a project which manages their entry or exit, the scope of which will depend on the entry/exit parameters. The price for this will be by application and use the SFIA day rates appropriate to the work being completed. As part of the on-boarding process customers will be provided with the following:
- information on the ordering and invoicing process:
- how to terminate your contract
- after sales support
Service documentation
No
End-of-contract data extraction
The administrator of the Datto SaaS protection account can securely export users data using user name, date range and files to various formats of:
Email MBOX format, then to PST (3rd party tool)
Calendar: to iCal (ICS) format
Contacts: to .VCF format
OneDrive: to a zip file
SharePoint sites: to a zip file
End-of-contract process
The price is a monthly cost with a minimum term.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Self service portal to allow backup, and restore of files.
Accessibility standards
None or don’t know
Description of accessibility
Via a web browser
Accessibility testing
N/A
API
No
Customisation available
No

Scaling

Independence of resources
The service is reviewed by Datto to look at resource levels.

Analytics

Service usage metrics
Yes
Metrics types
Datto user portal
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
Datto

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The administrator of the Datto SaaS protection account can securely export users data using user name, date range and files to various formats of:
Email MBOX format, then to PST (3rd party tool)
Calendar: to iCal (ICS) format
Contacts: to .VCF format
OneDrive: to a zip file
SharePoint sites: to a zip file
Data export formats
  • CSV
  • Other
Other data export formats
  • MBOX
  • ICS
  • VCF
  • ZIP
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
All service level agreements are as per the ones supplied by Datto, and published by them.
Approach to resilience
Available on request to Datto.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Supplier defined controls.
Access restriction testing frequency
Never
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
LRQA
ISO/IEC 27001 accreditation date
03/11/2017
What the ISO/IEC 27001 doesn’t cover
MDS' risk assessment process has highlighted that the following area of ISO27001 is out of scope: 14.2.7 Information Systems: Outsourced Development
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
28/10/2016
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
Nothing
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials Plus
  • PSN Connection Certificate

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials
Cyber Essentials Plus
Information security policies and processes
We follow the policies and procedures laid down in ISO 27001:2013 standard. In particular, our Information Security Management System contains all of the policies that support our security management approach. Our Information Security Policy provides the highest level policy statements which is supported by a comprehensive Acceptable Use Policy which all staff must sign before being granted any system/Network access. Additional policies cover key areas including Security Incident Management, Management Review, Document Control, Data Protection, Access Control, Business Continuity, Encryption, Patch Management and Auditing. As part of our Service Implementation Process we carry out a pre-handover security audit to ensure that we have met the required MDS Security standards as well as any specific customer security requirements which have been agreed. All of the above is supported by an extensive internal and external (UKAS accredited) Audit programme which ensures that we maintain the high level of security standards laid down in our processes.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The components of your services are tracked through their lifetime
changes are assessed for potential security impact
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Operational security processes are confidential
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Operational security processes are confidential
Incident management type
Supplier-defined controls
Incident management approach
Operational security processes are confidential

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2.40 to £2.40 a user a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Provided directly with Datto.

Service documents