Cyberfort Ltd

Managed Public Cloud

Cyberfort’s Managed Public Cloud service, offers setup and ongoing management of AWS and Azure infrastructure, compute, storage and other fully-featured cloud services. Cyberfort’s service is designed to assist customers taking advantage of hyper-scale public cloud benefits. It incorporates cloud architecture consultancy, initial setup, ongoing administration, cost-optimisation, configuration and performance tuning.

Features

• Fully managed Public Cloud solutions from AWS or Azure
• Compute, storage, database, 200+ fully featured Public Cloud technologies
• Full range of Amazon and Azure services available
• Environment and Infrastructure automation and orchestration
• End-to-end service covering security, design, management, monitoring, cost-optimisation and billing
• AWS and Azure Certified engineering and support teams
• Comprehensive connectivity solutions including PSN, DirectConnect and ExpressRoute
• 24x7x365 monitoring and fault resolution
• On-demand UK-based Service Desk and Engineering resources

Benefits

• Improve time-to-market with Public Cloud infrastructure and services
• Focus on business demands, whilst we manage you Public Cloud
• Increase the agility and flexibility of your IT operations
• Enable rapid deployment to support growth and change in demand
• Adopt modern services quickly, Machine Learning, IoT, AI
• Low cost development environments, only pay for capacity used
• Reduce costs of specialist staff and training
• Enhance business confidence in secure, consistent delivery of IT services
• 24x7x365 monitoring by our ever-vigilant, UK-based Operations Team
• Work with a trusted partner to reduce infrastructure management overhead

£88.88 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

146441614542311

Contact

Cyberfort Bid Team
01635 015600
bidmanagement@cyberfortgroup.com

Service scope

• Service constraints: The service does not include Public Cloud infrastructure and service charges (which may vary through the course of the contract). These can be purchased by the client directly with the Public Cloud provider or billed through Cyberfort. ; As part of the service scoping stage the most appropriate method of licencing and service changes will be defined.
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Cyberfort’s Service Desk operates 24x7x365 and is the primary point of contact, undertaking initial triaging of any service requests, incidents, or events directly with the client. ; ; A ticket number is issued with an initial response within 15-minutes of logging a query. ; ; Resolution time goals will be calculated in accordance with a priority matrix.; ; Please refer to our Service Definition, for more details on our service response times and commitments.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Cyberfort’s service management model is designed to meet ISO 9001 and ISO 27001 guidelines and has been established in alignment with ITILv3 service management processes. ; ; We recognise that to support your business operational requirements we need to have in place the right team structure, governance and engagement processes. ; ; Our Standard Operating Procedures includes:; • Cyberfort’s Service Desk operates 24 hours a day 365 days a year and is primary point of contact for any incidents, requests or escalations.; • The Cyberfort Service Desk team will proactively manage all support calls to resolution, escalating incidents and problems in line with comprehensive operational level agreements, service level agreements and any third-party underpinning contracts.; • We place significant importance on the support and service management function that is provided for each contract according to operational requirements. ; • This is integrated into contracts and built into the price.; • Ongoing support and management will be led by a dedicated Account Manager supported by Service Delivery Manager, Technical Champion, and our team of specialists and subject matter experts.; ; Please refer to our Service Definition, for more details on our service management and commitments.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Cyberfort applies the core principle of providing you with an assured and auditable approach to the design and delivery of our services. We take a “one team” approach, working with clients, engaging with stakeholders, and focusing on business objectives, to build relationships that are conducive to agile delivery of project outcomes. ; Service initiation and on-boarding are covered during project delivery to ensure customers maximise the value of their investment, and include the following elements: ; • ‘Welcome Pack’ containing details of the service, key contacts, processes and services to be aware of. ; • Project/Delivery Manager will lead a Project-Kick Off meeting with the client. ; • A ‘Delivery and Implementation Plan’, defining project specific deliverables, dependencies, resource requirements and timeframes. ; • Scheduled reporting, validation and agreement of all project deliverables at key milestones. ; • Full risk assessment conducted across all aspects of the project. ; • Operational Acceptance to ensure services are introduced consistently and efficiently. Including introductory usage of the service where applicable to ensure customers maximise the value of their investment.; ; Additional, focused training is available at an extra cost. ; Please refer to our Service Definition, for more details on our Customer Lifecycle approach.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Where customers are able to extract their data through their own methods, they are free to do so. ; Customers have the option to download vAPP's as OVA. Can be restricted by role type.; Customers are not able export their servers to a OVF format and download to their local machines.; Cyberfort can assist in bulk data extraction although this may incur additional costs if specialised hardware or software is required. ; Cyberfort will purge and destroy customer data from it's own equipment upon contract termination in accordance with it's ISO27001 policies. ; Additional data destruction measures may be pre-agreed with the client in advance and may incur additional costs.
• End-of-contract process: Clients can choose to ‘off-board’ services from Cyberfort as follows: ; • Provide three months' notice in writing (to expire on or after the Initial Term), to their account manager (directly or via the Service Desk), who will assist in arranging any required off-boarding services and the deletion of client data. ; • Once the required works are agreed and the client has exported any of their data where applicable, Cyberfort will shut down and destroy any remaining services. ; • Fees may apply for off-boarding technical work and process management.

Using the service

• Web browser interface: Yes
• Using the web interface: Web interfaces are provided as per the Public Cloud provider's standard service.; Users can manage all aspects of the service using the Public Cloud management portal.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Microsoft is a major software and cloud-services provider to consumers, businesses, and governments around the world. To assist customers in making purchasing decisions, Microsoft publishes Accessibility Conformance Reports describing the extent to which our products and services support the WCAG criteria. This information can help Microsoft customers determine whether a particular product or service meets their specific needs.
• Web interface accessibility testing: Accessibility of Public Cloud management portals is maintained by the Public Cloud providers.
• API: Yes
• What users can and can't do using the API: APIs interfaces are provided as per the Public Cloud provider's standard service.; Users can manage all aspects of the service using the Public Cloud API.
• API automation tools:
  • Ansible
  • Chef
  • SaltStack
  • Terraform
  • Puppet
• API documentation: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: Command line interfaces are provided as per the Public Cloud standard service.; All aspects of the service can be managed using the AWS CLI or Azure CLI.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: The Public Cloud hypervisors enforce memory and process separation between virtual machines.; Public Cloud customer environments are designed so that compute, storage and network resources can be dedicated for the sole use of a single customer.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics: Specific performance metrics available through the Public Cloud provider
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Vendor specific capabilities including encryption keys, managed with AWS key management and Azure Key Vault
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Infrastructure backup
  • Infrastructure config backup
  • Amazon EBS volumes
  • RDS databases
  • DynamoDB tables
  • EFS file systems and Storage Gateway volumes
• Backup controls: Users can manage their own backups or Cyberfort can manage them as part of the managed service.
• Datacentre setup: Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: SSH Encryption; Tailored solutions can be implemented after scoping requirements
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection within supplier network: SSH Encryption; Tailored solutions can be implemented after scoping requirements

Availability and resilience

• Guaranteed availability: Service availability achieved within any month shall be calculated monthly as follows: (Total online hours of availability – service downtime) x 100% Total online hours of availability.; ; Power Core Service Level - A service level of 100% for power to the data centre; Connectivity Core Service Level - A service level of 99.5% for connectivity to the network port on the data centre ; ; The service availability calculation above will exclude any time which occurred as a result of events outside the control of Cyberfort. In the event the target service availability level is not achieved when measured over a monthly period, the following service credits shall apply: For each full percentage point (1%) by which the availability in any month is reduced below the target availability, a service credit shall be due which is equal to 5% of the monthly charge for the affected service line subject to a maximum of 100% of the affected service line for the month.
• Approach to resilience: Cyberfort has two data centres in geographically separate locations. This enables Cyberfort to offer solutions such as infrastructure mirroring or a warm standby environment, both available should your primary environment become unavailable for any reason. Cyberfort data centres are linked to one another and to the Internet via fully redundant diverse circuits. ; Customer Environments are deployed according to the specific requirements of the customer.; ; Datacentre infrastructure is designed in a N+1 or N+N depending on requirements or infrastructure type. ; ; Network ISP services are deployed in a N+N configuration. 5 independent Internet Service Provider (ISP) links are provided from Tier1 London data centres. ; ; Power & A/C ; 2×11,000 Volt HV Feeds. Primary feed direct from national grid sub-station ; 3 generators run as a synchronised set at N+1 with two capable of supporting the entire site load.; Various UPS systems capable of supplying dual UPS feeds ; N+1 chilled water system, with zoned hotspot directional air provision sensors; ; Communications; Carrier Neutral Facility ; Multiple Internet Service Providers; Diverse Independent Risers from highway to data floors; Choice of ISP’s/Telecommunications providers; Satellite dish and Microwave space available
• Outage reporting: Cyberfort Managed Public Cloud services are continuously monitored, with alerts automatically responded to by the Cyberfort technical support teams.; Customer notifications are managed via our ticketing system / Email.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Solution is tailored to customer requirements
• Access restrictions in management interfaces and support channels: Access to the management interface is controlled and restricted using a combination of permission groups or roles. Only named individuals are able to gain authorised access to the services management functionality.; ; Multi-factor authentication (MFA) and SSO are strongly recommended ; ; Support tickets can only be raised by pre-identified individuals who will be authenticated by Cyberfort processes to confirm identity
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Solution is tailored to customer requirements.
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: Current certification accredited: 15/04/2024-17/04/2024
• What the ISO/IEC 27001 doesn’t cover: Cyberfort was first registered to ISO27001 in August 2019. At our recertification audit in 2023, there were no nonconformities or observations. 2024 Continual assessment visit resulted in no nonconformities or observations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: 2 Sec Consulting
• PCI DSS accreditation date: Current certification accredited on: 09/10/2023
• What the PCI DSS doesn’t cover: Requirement 3 Requirement 4 Appendix A1 Appendix A2
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • NHS Data Security and Protection Toolkit
  • NCSC IT Health - CHECK Service Provider
  • CREST Cyber Incident Response, Vulnerability Assessment & Penetration Testing
  • NCSC Assured Cybersecurity Consultancy - Risk Assessment/Management, Audit & Review

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO/IEC 9001; ISO/IEC 14001; ISO/IEC 45001; Cyber Essentials Plus; PCI DSS

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Cyberfort's change management policy is documented and audited as part of our ISO27001 accreditation and ensures all changes are auditable and subject to the correct level of scrutiny based on the potential risk and impact.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Cyberfort use continual vulnerability monitoring to alert us to threats in realtime and in the face of constant changes to our services. An annual infrastructure assessment is commissioned to perform more detailed analysis. Vulnerabilities rated critical or high are patched or mitigated within 14 days, and those rated medium and low are patched or mitigated within 30 days
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Cyberfort deploy next generation endpoint security agents which constantly assess the behaviour of the servers and endpoints for malicious or threatening activity. Threats are notified to out 24x7x365 Service Desk for remediation.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Cyberfort operate ISO27001 and ITIL process for Incident Management, with defined paths for escalation which are dependant on Impact and Urgency. Users can report Incidents by Email, Telephone or Self Service Portal. Incident Reports are provided via Email.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Amazon Web Service (AWS) and Microsoft Azure
• How shared infrastructure is kept separate: Each organisation is housed under a dedicated Virtual private cloud. The VPC is configured with security groups and network access controls. Access is set to default deny and explicit rules have to be set to be allowed. The underlying Hypervisor infrastructure is trusted to protect against cross VM interference. They are patched to mitigate against malware and ransomware type exploits.

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Cyberfort support and act on fighting climate change through our Environmental Management System (EMS) which meets the requirements of our ISO:14001 certification. We have initiated programs designed to increase the energy efficiency of our operations, reduce waste, and protect the environment in communities where we work. Our environmental goals and achievements are published in our Carbon Reduction Plan (CRP), which is aligned to the requirements of CCS PPN 06/21. ; Our social value strategy addresses MAC 4.1 & 4.2 with the following commitments: ; Effective stewardship of the environment; We are committed to become a net-zero and environmentally conscious company by conserving energy, minimising consumption, reducing, and preferring low pollution materials, maximising environmental efficiency, whilst ensuring waste is managed and controlled. ; We support our environmental targets with the following initiatives: ; • Continue to reduce our carbon emissions, including 100% renewable energy, power saving modes, light replacement programmes, hybrid/remote working and cycle to work incentives. ; • Reduce water consumption, including water filter systems off the mains instead of using water providers, consider Water Butts around site as an alternative for gardening, and detection of increased water consumption to identify any leaks in facilities. ; • Adopt strategies to promote, reuse, recycle, recover energy and disposal of waste sent to landfill, including initiatives to reduce our plastic waste and targets for recycling of waste. ; • Deliver initiatives to support our environments, ensuring that we are protecting and encouraging native plants and wildlife. We’ve already introduced a small flock of sheep to our Ash site to help make our site more environmentally friendly, and at our Newbury site we limit operations to specific times to ensure protection of nightjars which is a protected wildlife species. ; • Consider who we purchase goods and services from ensuring providers are targeting net-zero initiatives and offer sustainable product and services

  Covid-19 recovery

  Cyberfort support and act on Covid-19 recovery by encompassing initiatives that force for positive change. We have aligned the activities of our business by considering sustainability through the decisions we make as a business, including the way we operate, employ staff, engage with communities, and procure products and services, allowing us to cultivate a more sustainable, resilient, and inclusive society.; Our social value strategy addresses MAC 1.1, 1.3, 1.4 & 1.5 with the following commitments: ; Help local communities to manage and recover from the impact of COVID-19; We support Covid-19 recovery with the following initiatives: ; • Throughout the pandemic and to date we’ve maintained a recruitment drive, often offering positions to individuals affected by the impacts of Covid-19 in the industry.; • We upskill people new to Cyber via supporting Apprenticeship schemes.; • We remove any barriers for disadvantaged groups by adjusting our recruitment and selection processes and excluding bias.

  Tackling economic inequality

  Cyberfort support and act on tackle economic inequality, through supporting new businesses, new employment opportunities and development of new skills. ; Our social value strategy addresses MAC 2.2 & 2.3 with the following commitments: ; Create new businesses, new jobs and new skills; We are committed to ensuring that everyone is given the opportunity to develop in accordance with their ability, ambition and opportunities available, providing recruitment, training, development and progression opportunities to encourage everyone to reach their fullest potential.; We support tackling economic inequality with the following initiatives: ; • Attract, recruit, develop and retain the very best people at all levels.; • Upskill people new to Cyber via supporting Apprenticeship schemes.; • Actively support educational attainment across our workforce, including training to address skills gaps resulting in recognised qualifications.; • Support young people in the development of their passion for technology, introducing them to cybersecurity, and providing initiatives that support schools

  Equal opportunity

  Cyberfort support and act on equal opportunities, fostering an inclusive culture that values people as individuals with diverse opinions, cultures, lifestyles and circumstances. All employees are covered by our Equality, Diversity & Inclusion Policy, which applies to all areas of employment including recruitment, selection, training, deployment, career development, and promotion. ; Our social value strategy addresses MAC 5.1 & 5.2 with the following commitments: ; Reduce the disability employment gap; We support the disability employment gap with the following initiatives: ; • We are signatories of the Armed Forces Covenant.; • We are a Disability Confident Employer and founding members of Neurodiversity in Business. ; • Our recruitment practices ensure we are disarming any barriers people with disabilities may face in the hiring process.; • Developing and supporting people with disabilities in gaining the skills they need to succeed.

  Wellbeing

  Cyberfort support and act on health and wellbeing through our Occupational Health and Safety (OH&S) policy in alignment with our ISO:45001 certification. We actively work on initiatives to promote health and wellbeing in the workplace, ensuring all our people have healthy lifestyles, thrive, and that they feel supported with the tools they need from us to be at their best. ; Our social value strategy addresses MAC 7.1 & 7.2 with the following commitments: ; Ensuring positive physical and mental health in the workforce, ensuring our people have healthy lifestyles.; We support our workforce with the following initiatives: ; • Mental Health First Aiders – We have 9 fully trained Mental Health First Aiders within our workforce. ; • Wellbeing Benefits – we provide confidential, and free-of-charge, support and benefits to all, including confidential counselling and support service available 24/7, 365 days a year and Private Medical Insurance with extra to cover employees for Mental Health support.; • Our Wellbeing Hub (on the Cyberfort SharePoint) provides various resources, self-help tools and guides to help individuals stay well and includes any

Pricing

• Price: £88.88 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidmanagement@cyberfortgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.