UST Global Pvt Ltd

UST Cloud Manager

UST Cloud Manager is a multicloud service management platform that enables customers to visualize, provision, manage, optimize, and automate their cloud environments. The Service Offering collects and consolidates all Azure, AWS, GCP, and MDClone data, enabling optimisation and efficient governance of cloud environments.

Features

• Self-service portal for resource provisioning
• Built-In Approval Workflow for Managers
• IT Service Catalog Creation
• Build in Guardrails
• Cost Visibility for Cloud Providers
• Chargeback
• Role-Based Access Control
• Compliance & IT Governance
• Monitoring of Resource Landscape
• Automation to increase operational Efficiency.

Benefits

• Single pane of glass to manage entire resource landscape.
• 3 step simple workflow for provisioning which works across providers
• Effectively manage multiple public and private clouds
• User friendly interface
• Manage cloud resources from single console
• Create alerts and notifications for set resource parameters
• Get insights into security threats and system vulnerabilities
• Get insights into budget forecasts.
• Chargeback to projects and departments
• Understand cost at different levels

£3,250 a unit a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

120496457624717

Contact

Patrick Marren
07544102103
ukpublicsectorsales@ust.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/A
• System requirements: 4 VMs of minimum 4 vCPU, 8 GB RAM each

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Customers are able to raise requests to service through email, phone or a web portal 24x7x365 days a year with defined service SLAs to respond to those requests based on incident/issue severity.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We have L1, L2 and L3 support levels and are finalized per the client requirements. Cost and resources are subject to discussions and are determined as per the client needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training and user documentation is available. Onsite training can be provided based on the engagement model.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: UST will export any customer specific data in an agreed format
• End-of-contract process: We will assist with export of data as required at end of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Secure service interface is available for selected features of the platform.
• Accessibility standards: None or don’t know
• Description of accessibility: Service is available via a standard webbrowser protected by various authentication measures.
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Yes. API is available for specific features like cloud resource provisioning, Cloud governance, Cost module etc.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customize the automation workflows and architecture blueprints. When used as private cloud solution extensive modifications can be made to the platform.

Scaling

• Independence of resources: Every tenant will have their own dedicated and independent environment.

Analytics

• Service usage metrics: Yes
• Metrics types: Cpu, disk, memory, network, budget utilization at resource level, security/compliance (e.g. untagged resources) and others.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: Encryption and other standards followed by AWS and Azure
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: We will assist with export of data as required at end of the contract.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: VNET, Subnet level protection

Availability and resilience

• Guaranteed availability: The level of availability depends on the availability mechanisms chosen by the customer for the infrastructure services (public and private)
• Approach to resilience: Available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Authentication against customer Active Directory.
• Access restrictions in management interfaces and support channels: Role based access for users based on the Organisational structure defined, which can be integrated with external identity systems such as Microsoft Active Directory and Okta.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Role Based Access integrated with Identity systems such as customer Active Directory, Okta, or others.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intertek
• ISO/IEC 27001 accreditation date: 25/09/2023
• What the ISO/IEC 27001 doesn’t cover: The certification includes application development, application management, infrastructure management services, engineering services, business process, outsourcing services, support functions such as human resources, finance, workplace management, sales & marketing, information services, information security management system, covering on-premises and cloud environments within UST.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 22301
  • SOC1 SOC2 type II

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: UST follow a defined escalation and reporting approach. Full details can be supplied upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management approach is based on the ITIL v3/v4 framework.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Tackling economic inequality

  UST engages in numerous initiatives for tackling economic inequality, these include: ; • Working with local Combined Authorities and training providers to build training courses (focussed on digital skills) for economically disadvantaged citizens. ; • People who engage in these courses can then be hired by UST into full-time roles and begin their career in technology. ; • UST support closing skills gaps in key technology areas e.g. UST have developed a mobile application to support the development of skills in Artificial Intelligence for 3 key user profiles – those looking to start a career in AI, those looking to move into an AI role, and citizens who are interested in AI.; • UST are keen to support local SME’s and can agree with a buyer as to how many local SME’s will be utilised in an engagement. ; • UST invest significant sums into innovation aimed at delivering more productivity at lower cost e.g. we have developed our own Generative AI Testing platform.

  Equal opportunity

  UST engages in numerous initiatives for promoting equal opportunities, these include: ; • Working TechSheCan to enable great access to women within the world of tech careers. UST also invested in building the training platform for TechSheCan.; • UST work with numerous partners to support veterans who want to start a carer in Tech once they have left the military.; • UST are an equal opportunities employer and do not discriminate on the basis of age, sex, gender, disability, or religion. We can share our policies and process for this to support discussions. ; • UST have published a detailed Modern Slavery statement and have processes in place to support this. More details can be found at: https://www.ust.com/content/dam/ust/documents/modern-slavery-statement-2022.pdf; • UST works with local skills development partners to support the development of tech skills amongst numerous societal groups.

  Wellbeing

  • UST have developed a Digital Inclusion Community App to support the development of essential digital skills amongst digital excluded people. This enables citizens to be able to use digital services, from both Public and Private organisations, driving a more integrated digital community.

Pricing

• Price: £3,250 a unit a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A 60 day trial version is available upon request for the standard subscription

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.