Syscomm Ltd - Strategic Network Solutions

UK based Cloud Compute Infrastructure as a Service

Cloud Compute is Syscomm’s Infrastructure as a Service offering hosted on a Virtual a secure platform for the delivery of a virtual datacentre and application hosting services. Delivers production-ready cloud platform resources, software licenses, networking, security, support and DR services to enable customers to deliver a world class UK-based service.

Features

• Application Hosting Environment
• Comprehensive selection of virtual servers
• Secure platform design with firewall and VPN connectivity
• Hyper-Converged Cloud Architecture for high performance and resilience by design
• Manage your (IaaS) Infrastructure environment, networks, firewalls, and servers
• Integrated data backup services
• 24/7/365 pro-active infrastructure monitoring / service/application monitoring

Benefits

• Fully-managed service and support
• UK owned company. Data never leaves the UK
• Opex model – no hidden costs, simple pricing
• Future-proof platform to allow growth
• Infrastructure resilience built in (cost efficient and greater agility)
• Frees IT team to concentrate on core business issues

£30 to £10,000 a virtual machine a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.heeley@syscomm.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

138333515159566

Contact

Sales Team
0247 77 12 000
david.heeley@syscomm.co.uk

Service scope

• Service constraints: Syscomm will not provide any application or middleware level support as part of the service. ; ; Syscomm is not responsible and cannot be held liable for degraded performance or response time in case of physical limitations of the of the purchased platform or software.; ; The Customer is required to ensure network connectivity via the internet using CESG approved secure VPN service/appliance. We can provide this as part of a wider package but it is not required.
• System requirements:
  • Current licence/s or appropriate legal agreement/s applicable
  • Customer responsibility of integrity/content of data

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: UK Based ITIL Service Desk with single point of contact point to log calls and request resource - via Phone, Email or Web portal. ; ; Live monitoring of infrastructure components on most operating systems and reporting.; ; Access to live custom dashboard showing system health, Monthly reports, dedicated Technical Engineer, and agreed SLA
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Syscomm provides training and complete documentation for both on-boarding and off-boarding process.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Depending on the size of the data and the nature of the migration we can use standard cloud DR techniques to synchronise data with another platform/provider. ; ; Data can be migrated via the portal or Syscomm can provide a method of migration using customer-provided external drives and shipping.
• End-of-contract process: At the end of the contract, the customer may decide to renew/change/cease the service. ; ; The customer has the right to terminate the agreement at any point and must give notice to terminate before the contract end date. Each agreement carries an economic break point, any termination of the agreement within the economic break point will attract a cost.; ; Syscomm will delete all consumer data at the end of the contract period.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Infrastructure is allocated a set amount of resource which is guaranteed and not shared with any other organisation.; ; The configuration of the cloud platform ensures no user is affected by abnormal load on elements of the platform. ; ; Quality of service is configured to ensure sufficient bandwidth on the network.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: All files, Virtual Machines, databases (depending upon the service purchased)
• Backup controls: We have a number of back up options that the users can subscribe to. ; ; Contact us for pricing details and further information.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
• Other protection between networks: VLAN segregation
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: VLAN segregation

Availability and resilience

• Guaranteed availability: Each service is provided with a Service Level Agreement that includes up time guarantees, target times to respond and fix, and performance metrics detailing the parameters within which the virtual machines will operate.
• Approach to resilience: All Syscomm Cloud Services are spread over multiple data centres and connected through a fully meshed network architecture.
• Outage reporting: A dashboard is available to all customers providing information on the utilisation of the service and any incidents or outages. ; ; Syscomm’s system monitors the environment 24 hours a day and automatically sends e-mail reports of any outages to named individuals. ; ; Syscomm’s customer portal allows for the unique alerting of services, and for these alerts to be controlled by the customers operations team. These alerts are distributed through a range of methods including SMS text, email and dashboard.; ; These are backed up by our 24/7 support desk which can offer up to date information both on a recorded message loop and personal interaction.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is restricted by the user accounts, VLAN on the network and access to the network interface. ; ; Routing restrictions are in place with registered MAC addresses and access to the routers is restricted to admin’s only. ; ; VPN’s are in place to ensure the data to secure during transit.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Syscomm complies with the ISO27001 standards and Cyber Essentials protocols. The company maintains a regular internal and external audit profile, backed up with internal modular training for all staff.; ; The management group have operational oversight through a board level security group which meets on a regular basis where all breaches in procedure are evaluated with any learnings and changes to process are reviewed and authorised.
• Information security policies and processes: Syscomm complies with the ISO27001 standards and Cyber Essentials protocols. The company maintains a regular internal and external audit profile, backed up with internal modular training for all staff.; ; The management group have operational oversight through a board level security group which meets on a regular basis where all breaches in procedure are evaluated with any learnings and changes to process are reviewed and authorised.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Syscomm operates within the ITIL framework. Change is controlled through the change management process and tracked throughout the life of the component. All change is assessed through the Change Management process with business as usual change being pre-approved.; ; Access to make change is controlled to the individual engineer undertaking the change. All engineering staff charged with change are empowered to refer any change for peer review.; ; All change implementations are recorded and this record is kept throughout the life of the device or service and post service termination for at least 1 year.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Syscomm use a number of tools to ensure that the environment provided is suitably patched at a level to provide a secure service. ; ; Potential threats are identified through comparing our environment against industry recommendations. Patches and security updates are applied based on the severity and the importance and given an appropriate resource.; ; Syscomm maintain close relationships with the equipment and software vendors deployed on the network. Where practical equipment is directly connected to the vendor vulnerability control platforms. Where this is not practical vendor updates are reviewed on a regular basis with emerging threats automatically reviewed and potential patch implementation.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Risk assessments are carried out to identify potential compromises. Risks are measured against a baseline of controls and any weakness or threats are addressed accordingly.
• Incident management type: Supplier-defined controls
• Incident management approach: Syscomm will assess the seriousness of the situation and will take any necessary immediate action to limit any potential impact. ; ; The Information Security Officer (or nominated employee) is responsible for completing a Security Incident Management form and for logging this in the Security Incidents Log. Incidents are identified by a simple classification (High / Medium / Low) based on the nature of the incident and its source. This classification is used for prioritisation and for subsequent trend analysis.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Each Virtual instance has access to a pool of processors and dedicated memory. The virtual environments have encrypted private tunnels to the network ensuring data is secure and segregated from other customers data and network traffic.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The datacentres that Syscomm use for our hosted services have an established and documented global EOH&S management system compliant with the principles of ISO 14001:2004 and ISO 45001:2016/OHSAS 18001:2007. ; ; Within this framework, they are committed to achieving full compliance, reducing impact on the environment and preventing pollution, promoting a positive EOH&S culture, encouraging continual improvement, and striving to ensure the adoption and implementation of best-in-class EOH&S practices by: ; ; 1) Meeting or Exceeding All Applicable Legislation, Regulations and Rules; ; 2) Adopting Significant EOH&S Aspects, Objectives and Targets and making continual and effective improvement of their performance through the identification of significant EOH&S aspects, and the setting and review of EOH&S objectives and targets. ; ; 3) Preventing Environmentally Damaging Incidents: They strive to eliminate the potential for the occurrence of polluting events. ; ; 4) They adopt EOH&S stewardship as a core value of the company by holding management and employees accountable. ; ; 5) EOH&S awareness is developed through communication, training, motivation, cooperation, and participation of every datacentre employee. ; ; 6) Create a knowledgeable awareness of EOH&S issues and alternatives with their clients and other stakeholders where possible and place more emphasis on a strong EOH&S culture to strengthen this commitment. ; ; 7) Continual Improvement and Commitment

Social Value

• Equal opportunity:

  Equal opportunity

  Syscomm Ltd is committed to the principal of equal recruitment, training and treatment of all employees irrespective of age, race, ethnic origin, nationality, sex or sexual orientation, religious convictions or disability. ; ; It is the company’s policy to give full and fair consideration to applicants for employment from disabled persons and to provide appropriate training, development and promotion prospects and equivalent to those available to other employees. ; The company will continue to commit to its obligations under relevant legislation and where appropriate, anticipate future legal requirements. This will be informed by:; ; • The Equality Act (2010) and associated secondary legislation.; • Criminal Justice and Immigration Act (2008).; • The Racial and Religious Hatred Act (2006).; • The Civil Partnership Act (2004).; • The Gender Recognition Act (2004).; • Criminal Justice Act (2003).; • The Human Rights Act (1998).; • The Protection from Harassment Act (1997).; • Special Education Needs and Disability Act (2001); ; Syscomm Ltd is committed to encouraging equality and diversity among our workforce and eliminating unlawful discrimination. The aim is for our workforce to be truly representative of all sections of society, and for each employee to feel respected and able to give of their best. ; In providing goods and/or services and/or facilities, the company is also committed against unlawful discrimination of customers or the public.

Pricing

• Price: £30 to £10,000 a virtual machine a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.heeley@syscomm.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.