UKCloud Ltd

CloudSOC from UKCloud

CloudSOC is an always-on, cloud-hosted cyber security capability that can see all your IT systems, all the time.

Performing services such as traffic analysis; deep packet inspections; IDS, vulnerability scanning; blacklist monitoring of the assets that matter to you. Ensuring you have an up-to-date view of all possible threats.

Features

  • Continuous Cyber Defence Protective Monitoring with alerts and incident response
  • Multiple delivery models including Private Cloud, Public Cloud and Hybrid
  • SOC/virtual SOC/CERT functions 24/7 SC Cleared UK staff UK Datacentres
  • Integrated threat and risk modelling with Security Analysis and Reporting
  • Provides context and situational awareness to allow confident response decisions
  • Integrated dynamic asset management and network discovery
  • Log event correlation and analysis, monitors mobile users and devices
  • Traffic Analysis, Deep Packet Inspections, IDS, vulnerability scanning, blacklist monitoring
  • Privileged User monitoring, Collaboration and continuous service improvement
  • Consumes Threat Intelligence from open and commercial sources

Benefits

  • Reduced cost of security monitoring, increased security coverage
  • End-to-end business security confidence and essential security audit assurance
  • Centralised integrated security knowledge repository with enhanced anomaly detection
  • Triage and analysis services identify threats before they become incidents
  • Alerting, expert advice and evidence of potential and verified threats
  • Access and cover workloads on community networks
  • Dynamically discover assets, learn what is connected to every system
  • Enhanced Mobile and BYOD user risk monitoring
  • Flex your service level during important times or increased threats
  • Monitors your workloads, at OFFICIAL, OFFICIAL-SENSITIVE and SECRET classifications.

Pricing

£1.96 per device per month

Service documents

Framework

G-Cloud 11

Service ID

9 8 6 6 2 9 3 0 6 1 2 1 2 1 2

Contact

UKCloud Ltd

A Bright

01252 303 300

abright@ukcloud.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints
Minimum commit on certain SKUs
System requirements
Infrastructure dependent on SKU's selected

User support

Email or online ticketing support
Email or online ticketing
Support response times
Multiple service levels are available - providing a support response times from 15 minutes .
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
UKCloud's standard support includes Customer Success Managers, Technical Account Managers, Support Engineers and a 24/7 Network Operations Centre. We aim to respond to ALL incidents and requests within 15 minutes 24/7, with a priority on resolving P1 incidents.

Depending on the service chosen, e2e support ranges from automated alerting to pre-emptive remediation (where agreed).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onboarding of a software only sale will come with standardized on-boarding documentation and online training. Additional training may be required and charged at the appropriate day rate.

More complex implementations (i.e. multi-cloud solutions) will require a bespoke onboarding experience.

Online knowledge centres will be avilable to all customers of the service.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • Video
  • Audio
End-of-contract data extraction
All customer data will be removed. The customer is expected to migrate their own data out of the service prior to the end of the service (if applicable). Optionally we can also migrate the data out of the service (such as historical access logs) on a time and material basis
End-of-contract process
Off-boarding is included with the following scope: all user access will be revoked and any components containing customer data will be removed and securely wiped.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
No
API
No
Customisation available
No

Scaling

Independence of resources
Capacity Management and design of cloud systems. Use of dedicated resources for each customer.

Analytics

Service usage metrics
Yes
Metrics types
Detailed reports including SLA metrics, Incidents, tickets
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
E2e-assure

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
N/A
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
We offer the choice of connecting:
• Via the internet using additional encryption such as TLS 1.2
• IPSec VPN tunnels
• Via private networks such as leased lines or MPLS
• Via public sector networks such as PSN, HSCN, Janet
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
We use dedicated CAS-T circuits between each of our sites to ensure the protection of customer data in-flight. We additionally encrypt this data within our Elevated OFFICIAL platform. All data flows are also subject to our protective monitoring service.

Availability and resilience

Guaranteed availability
Dependent on service purchased. Compensation via service credits.
Approach to resilience
All services operated from UK datacentres in with multiple power and Internet Service Providers to ensure resilience. Individual service resilience may be dependent upon the Service Level that is ordered for each service.
Outage reporting
All outages will be reported via the Service Status page and the notifications service within the UKCloud Portal.  Outages are identified as planned maintenance, emergency maintenance, and platform issues.  In addition, the designated Technical Account Manager will proactively contact customers as appropriate.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Customers have the option to raise a support request via telephone or email. UKCloud will always authenticate the identity of the user by validating known phone numbers and asking them for specific characters within their pre-agreed memorable word. The management interfaces are only available on the UKCloud network.

e2e: If required, support channels will agree processes for authenticating users including names users/account and the use of agreed passcodes.
Access restriction testing frequency
At least once a year
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register (LR)
ISO/IEC 27001 accreditation date
8th May 2012
What the ISO/IEC 27001 doesn’t cover
Nothing
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
28th October 2016
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
None
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO27018
  • Cyber Essentials
  • Cyber Essentials Plus
  • ISO9001
  • ISO20000
  • ISO27017
  • CISPE Code of Conduct Certification

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
  • Other
Other security governance standards
UKCloud complies with CSA STAR, ISO27001, ISO27017, ISO27018 and ISO20000.
Information security policies and processes
UKCloud has a number of inter-connected governance frameworks in place which control both how the Company operates and the manner in which it delivers cloud services to its customers. These have been independently assessed and certified against ISO20000, ISO27001, ISO27017 and ISO27018 by LRQA, a UKAS accredited audit body. The Company is governed by an integrated suite of information security policies. Under the top level Information Security Policy itself are second-level documents with specific focus on Acceptable Use, Antivirus Protection, Asset Management, Business Continuity Management, Data Protection, Password Management, Personnel Management, Supply Chain Management and many others.

e2e-assure details in ISO 27001:2013 documentation and a full RMADS for all services

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All changes are documented and managed via the internal ticket system. A Separate test environment is used to ensure changes tested prior to being applied to the ‘live environment’. All changes reviewed and approved by appropriate senior staff prior to implementation to ensure they do not compromise security controls.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Ll services are assess as a part of the e2e Accreditation Framework with a full IS1/2 risk assessment provided as part of the RMADS.
e2e provide comprehensive and detailed protective monitoring services independently for customer environments and all service offerings.
Critical security patches are typically deployed within 8 hours.
e2e
As well as ingesting intelligence which is used by our toolsets and rules engines, threat intelligence is can also be consumed from CERT-UK, CiSP, other Service Providers and from the NCSC
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
E2e provide comprehensive and detailed protective monitoring services independently for customer environments and all service offerings. The capability provides a comprehensive set of tool-sets to proactively defend customers and services; This includes:
Proactive Cyber Defence and Enterprise Risk Management
Integrated Enterprise wide coverage with Flexible Log Management, Network Discovery, Asset Management, Traffic Flow Analysis
NIDS, Packet Capture, Packet Analysis, Internal and External Vulnerability scanning,
Threat Intelligence and Proactive Incident Response.
All incidents will follow a predefined incident response playbook with fully automated and manual response actions. Typical response time is 15 minutes.
Incident management type
Supplier-defined controls
Incident management approach
E2e have a range of operational service levels that can be provided to customers. These range from carrying out initial triage and incident prioritisation through to full Incident Management. e2e can run Incident Response through to conclusion should that be required by its customers. Reporting of incidents can be though email or phone and depneding upon the service, email reports can be provided or access to the on line ticketing and incident portal is provided.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Pricing

Price
£1.96 per device per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑