IONBURST LIMITED

Ionburst Cloud Fully Managed Cloud - Own Deployment

Tailored to your requirements, Ionburst Cloud own-deployment is a low-effort, high-security platform for storing data in the cloud. Built on top of dedicated cloud providers, it automatically bridges the security gap between data and the cloud, by instantly, continuously protecting sensitive information and ensuring effortless availability failover and cost savings.

Features

• Fully managed secure cloud storage platform
• Automatic encryption
• Preconfigured storage
• High Availability
• Unmatched data security, privacy, and resilience
• Data cannot be exposed publicly or accessed by unauthorised parties.
• In-built encryption and key management
• GDPR, HIPAA and CCPA readily compliant storage
• No more single point of failure, data loss, bitrot
• Data recoverable after ransomware on 1 or more cloud stores

Benefits

• Data stored is fully private, always
• Recover data even after ransomware on 1 or more cloudstores
• Recover your data on-demand anytime you need it.
• Reduces skills burden on organisations securely storing data in cloud.
• Automatic, consistent, security posture reduces configuration and monitoring overheads
• Streamlined privacy compliance with data storage sovereignty and residency requirements
• Sensitive data protected within 15 minutes via API and SDKs
• Misconfiguration of cloud stores eliminated
• Once set up it's a Self-service platform
• Data breaches from hacks on Cloud stores eliminated.

£5,000 an instance a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ANNE_LANC@IONBURST.IO. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

122223744962257

Contact

ANNE LANC
0131 210 0047
ANNE_LANC@IONBURST.IO

Service scope

• Service constraints: Integration with Ionburst Cloud is via API, one of our open-source SDKs or client integrations. ; ; The Ionburst Cloud web interface provides resource/credentials creation, usage monitoring and account management. ; ; Please get in touch if you have specific storage requirements for multi or hybrid cloud.
• System requirements:
  • Internet and network connectivity
  • Ability to integrate with API/SDK
  • Familiarity with Cloud Object Storage

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: General and customer support available by email and technical support available via GitHub and GitLab.; ; Production Services are down, impacting all applications and associated business systems: 4 business hours.; ; Production Services performance is degraded, but operational; issue affects essential functions; or Issue is blocking critical systems tests or deliverables: 1 business day. ; ; General product questions relating to development, feature issues, or Documentation: 2 business days.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The Supplier's policy for providing support in relation to the Services is available at https://ionburst.io/support-services-policy.; ; Additional support is available and may be specified in The Order Form. ; ; General and customer support is available by email and technical support is available via GitHub/GitLab.; ; For migration of data from on Buyer's premises or another Cloud provider, additional support from a dedicated Ionburst support engineer is available. ; ; All support is in the first instance available remotely. ; ; If required, on-site support may be available, particularly for large or complex data migrations, at additional cost. ; All rates are per SFIA Rate Card.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Users can specify the level of support they require to start using Ionburst Cloud – Fully Managed Service Own Deployment in the Order Form.; ; In the first instance, Remote assistance is available, with On-Site support available at extra cost. ; ; Training is also provided in the form of video tutorials and detailed documentation.; ; For migration of data to Ionburst Cloud from either on Buyer’s premises or another Cloud service; additional bespoke support will be available at additional cost. ; ; The user will also have an option to use Ionburst’s “Bulk Loader” to migrate data from the existing storage to Ionburst Cloud – Fully Managed Cloud own deployment. The data will be loaded directly into the Ionburst Cloud- Fully Managed Cloud Own Deployment already protected by Ionburst and the customer will receive an end-to-end reconciliation.; ; This may offer the customer a more cost-efficient migration. ; ; All rates are per SFIA Rate Card.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: As an Ionburst Cloud customer, you always retain ownership of your data. All user owned data can be extracted at the end of the contract.; ; The user first retrieves their data stored in Ionburst Cloud via the API in accordance with their contract terms, then has the option to delete the data stored.; ; At this point, all data has been extracted from Ionburst Cloud, and is no longer available.; ; The customer may choose to carry out this process themselves, or if preferred, Ionburst Cloud support is available. ; ; All rates are per SFIA Rate Card.
• End-of-contract process: As an Ionburst Cloud customer, you always retain ownership of your data.; ; At end of contract, the user either retrieves or deletes their data stored in Ionburst Cloud in accordance with contract terms. ; ; This may be done by the user in house, or with support from Ionburst Cloud at additional cost. ; ; All rates are per SFIA Rate Card.

Using the service

• Web browser interface: Yes
• Using the web interface: Users are able to create Ionburst Cloud resources, manage API credentials, view usage information and manage account billing details. The Ionburst Cloud portal does not support the upload/download/management of data stored.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Users can use the Ionburst Cloud API to upload (PUT), download (GET), and delete (DELETE) data from the Ionburst Cloud service, after creating the relevant resources through the web portal.
• API automation tools: Other
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: There are currently two command line interfaces for Ionburst Cloud. "ioncli" is a simple wrapper allowing users to upload/download/delete data from Ionburst Cloud. ; ; "IonFS" is a more advanced tool allowing for user-owned metadata repositories to be setup and used to track data protected by Ionburst Cloud. "IonFS" also provides additional features like client-side encryption, large object support and file/folder functionality.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: In this form, Ionburst Cloud is a single-tenant deployment, so there is no contention in the system from other users.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Number of objects stored (by party)
  • Number of secrets stored (by party)
  • Total storage used (by party)
  • Monthly API transactions (PUT/GET/DELETE, by party)
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Resilience is built into each individual data object upon upload
• Backup controls: The users do not have to manage any backup options. Resilience is built into each individual data object protected by Ionburst Cloud by default.; ; This means that each individual data object is recoverable on demand, even in the event of the failure of one or more data stores. ; ; This means that as soon as data is saved, resilience is built in without having to wait for the next scheduled data backup. Ionburst Cloud does not currently provide version control or deduplication services, so customers may choose to use additional backup solutions in addition to provide this functionality.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: The Ionburst Cloud architecture utilises network segmentation and firewalls/security groups between service and infrastructure components, with a default-deny approach.

Availability and resilience

• Guaranteed availability: SLAs and service credits are subject to contract.
• Approach to resilience: The Ionburst Cloud platform has been certified by the AWS Foundational Technical Review process as meeting the AWS Well Architected pillars - which includes Operational Excellence and Reliability.; ; Further details available on request.
• Outage reporting: Ionburst Cloud operates a public dashboard for service status and outage reporting: https://status.ionburst.cloud; ; For single-tenant deployments, a dedicated status dashboard is supplied.; ; The Ionburst Cloud status service provides notifications to our community Slack, and relevant updates are communicated by the Ionburst Cloud team over email/social media as appropriate.

Identity and authentication

• User authentication:
  • Username or password
  • Other
• Other user authentication: The Ionburst Cloud web portal uses a username/password combination to authenticate users. The Ionburst Cloud API uses generated credentials to request a bearer token that can then be used to authenticate requests.
• Access restrictions in management interfaces and support channels: The Ionburst Cloud web portal uses a username/password combination to authenticate users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Ionburst Cloud are currently Cyber Essentials accredited, and in the process of implementing ISO/IEC 27001. Security controls and policies are defined according to ISO 27001, CCM v4 and NIST SP 800-53.
• Information security policies and processes: Security policies are based on and conform to ISO27001, CCM v4 and NIST SP 800-53. Currently Cyber Essentials certified and in the process of implementing ISO/IEC 27001. Information security function reports directly to the CEO.; ; Further information available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and change management is performed and documented in; accordance with CCM v4.; ; All system and platform components are implemented using an infrastructure-as-code approach, and are only deployed in production upon review of relevant automated security and vulnerability checks.; ; Further details are available on request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability management is performed and documented in; accordance with CCM v4.; ; All system and platform components are monitored using an automated infrastructure-as-code approach, with regular scans used to assess application, platform and infrastructure vulnerabilities. ; ; Vulnerabilities are typically patched as detected, and deployed according to our documented change management process.; ; We leverage industry standard information feeds and tools, both from an automated tool and manual review perspective, to ensure we are up-to-date on potential threats.; ; Further details are available on request.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protective monitoring is performed and documented in accordance with CCM v4, and in tandem with our vulnerability management approach. ; ; All system and platform components are monitored using an automated infrastructure-as-code approach, with regular scans used to assess application, platform and infrastructure vulnerabilities. ; ; Incidents are managed as detected, with remediation applied according to our documented change management process.; ; Further details are available on request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management is performed and documented in accordance with CCM v4 and NIST SP 800-61, with pre-defined internal processes to manage and report incidents.; ; Internal stakeholders are able to raise incidents through our internal version control system. External users can provide reports through our public version control system, in the form of issues, or to one of the communication channels defined in our public "security.txt" file.; ; Incident reports are published to our public status website as applicable.; ; Further details are available on request.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: AWS EC2/Fargate
• How shared infrastructure is kept separate: In this form, Ionburst Cloud is a single-tenant deployment, so there is no shared infrastructure.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Ionburst Cloud is built on top of dedicated cloud providers. Currently this is AWS, but is to be extended. All Cloud providers with whom we do business will comply with the EU Code of conduct for energy efficient data centres.

Social Value

• Fighting climate change:

  Fighting climate change

  Ionburst typically reduces volume of data stored by 50%, whilst increasing the security and resilience of data protected. Good for the customer and good for the planet.
• Covid-19 recovery:

  Covid-19 recovery

  As a supplier on the Crown Commercial Services Coronavirus (COVID-19) catalogue, Ionburst offered our advanced data security, privacy, and recovery solution for Cloud data to any critical UK service. ; ; This offered protection of critical data beyond even hacks to secure networks and public data stores as the pandemic accelerated departments' move to Cloud.
• Tackling economic inequality:

  Tackling economic inequality

  .
• Equal opportunity:

  Equal opportunity

  .
• Wellbeing:

  Wellbeing

  .

Pricing

• Price: £5,000 an instance a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Whilst no free trial exists on a dedicated instance, users may trial the multi-tenant Ionburst Cloud platform for free.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ANNE_LANC@IONBURST.IO. Tell them what format you need. It will help if you say what assistive technology you use.