Redcentric Solutions Limited

Secure Remote Access Service (SRAS)

Redcentric’s Secure Remote Access (SRAS) service offers a robust, scalable, flexible and secure way for remote users to access any Redcentric network resources whilst travelling and remote working. Software on users device communicates with the remote access platform across any Internet connection and a secure access tunnel is established.

Features

• Uses two-factor authentication by default
• Low per-seat, per month charge
• Highly scalable
• Choice of hardware or software tokens
• Highly resilient authentication platform
• Fast, easy provisioning
• Easy to use administration portal
• Works with a wide variety of operating systems
• Direct access to customer networks

Benefits

• Geographically resilient service
• Easy to install service
• Can be linked with customer's LDAP
• Can be integrated with multiple customer solutions
• Same token operation across multiple operating systems
• Real time, customer administered portal
• Supports business continuity, allowing users to continue working remotely
• Scalable and flexible
• Implements security by using two-factor authentication

£5.00 to £9.00 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@redcentricplc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

156730385765927

Contact

Steph Heseltine
+441423850000
tenders@redcentricplc.com

Service scope

• Service constraints: A minimum of 10 tokens must be ordered at any one time. ; ; Users must have access to the Internet from their required device ; ; User devices must have the ability to install and use Cisco AnyConnect client software
• System requirements:
  • Redcentric supports software tokens on the following Operating System platforms:
  • Apple iOS
  • Blackberry
  • Android
  • Windows phone
  • Mac OS
  • Windows desktop
  • Cisco AnyConnect client is supported on the following Operating Systems:
  • Windows desktop, Mac OS, Linux

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Redcentric staff support the platform, the administration portal and provide system wide support to the Customer’s help desk staff. Redcentric does not offer support to individual end users. We aim to acknowledge all Advice and Guidance requested within fifteen minutes. Response times will depend on the request type and level of detail required. We typically aim to provide an initial response within one hour of the request being made however this can vary dependent on the nature of the request.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Redcentric’s customer service operation is available 24/7/365 and can be contacted by telephone, email or via the customer portal. Support is included at no additional cost with Redcentric's services. Redcentric has one direct point of contact for customer support, which deals with all aspects of the service. The Redcentric customer services team takes full responsibility for supporting and logging problems and technical support queries. Their specific role is to ensure that all telephone, email and portal queries are answered and resolved as promptly as possible. Redcentric has a team of Technical Account Managers and Cloud Support Engineers available. These teams are not included as a standard service and are charged based on the published SFIA rate card.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a comprehensive set of guides on setting up the service and provide engineering time to assist users if required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: User log data and user data can be extracted from the portal at any point in time. This is achievable on the portal by choosing the appropriate report to produce the relevant data. Data can be extracted in various formats, including HTML, CSV and PDF. Redcentric staff will also provide a list to the customer of all users at the point of service decommissioning.
• End-of-contract process: Customers will be given the opportunity to obtain any user data and user log data. Redcentric staff will also provide a list to the customer of all users at the point of service decommissioning. Access to the service will be removed and any token service will cease to operate. Any hardware tokens provided as part of the service will need to be returned to Redcentric at the end of contract period.

Using the service

• Web browser interface: Yes
• Using the web interface: Administrative users can add, remove and change the underlying users allocated to the 2FA service. They can allocate, de-allocate and re-issue 2FA tokens to the userbase as required. They can also add, remove and update information within underlying user profiles eg. Email address, name. LDAP integration for user importation and update is also available. ; ; For security, administrative users are required to have a separate 2FA token to access the administrative portal. There is no limit on the number of administrative users, but each must have their own separate 2FA token for portal administration.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: A Lightweight Directory Access Protocol (LDAP) synchronization agent is available for Customers to deploy in their environment. Once installed, the LDAP synchronization agent monitors LDAP groups for membership changes and updates user information on the authentication platform to reflect these changes. The agent reads only basic information from the directory and communication from the agent to the authentication platform uses strong encryption. Specific details of the LDAP agent, including the directories that can be supported is available on request. Collaboration with Redcentric engineers is required to establish LDAP integration. LDAP agent set-up and support incurs additional charges.
• API automation tools: Other
• Other API automation tools: LDAP
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: The authentication service is not computationally intensive with minimal actual bandwidth requirements and therefore does not suffer from increased demand by users. Additionally, the nature of the service is typically one time use per session and therefore does not suffer from extreme usage or demand. ; ; VPN endpoints and associated incoming bandwidth from the Internet are proactively monitored with automatic alerts generated if usage thresholds are breached. All bandwidth and equipment is regularly monitored for capacity to ensure ongoing service is maintained.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Various reports indicate user use of the service&associated metrics
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Thales (Safenet), Cisco VPN solution

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: ISO27001 certified.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The Service Level applicable to the Healthcare Secure Remote Access Service is as follows: ; ; Service Level: Availability ; Measurement Period: Month ; ; Service Level - Not less than 99.5% ; ; Exclusions from availability ; ; In calculating Availability, in addition to the exclusions listed in clause 6.7 of the General Terms the following shall be excluded: ; ; An extreme volume of users connecting to the platform as a result of an event that is beyond the control of the parties ; ; Any failure of HSCN connectivity or services ; ; Floor service level ; ; The Floor Service Level applicable to the Healthcare Secure Remote Access Service in respect of Availability shall be 85% in any given Month. ; ; Service credits ; ; The Service Credits applicable to the Healthcare Secure Remote Access Service shall be calculated as follows: ; ; ≥99.5% - none ; ≥99.0% but <99.5% - 5% of MS ; ≥97.0% but <99.0% - 15% of MS ; <97.0% - 20% of MS ; ; “≥” means “greater than or equal to” ; ; “<” means “less than” ; ; “MS” means the total Charges payable in respect of the SRA Service for the same Month
• Approach to resilience: The service is Internet based and endpoint gateways are located in multiple geographically resilient datacentres in the UK. The two-factor token authentication element of the service is geographically resilient across several sites around the world. ; ; Our datacentres have the following redundancies built in: ; ; Primary Northern datacentre ; ; Better than Tier-3 datacentre compliance for both power and cooling. 100% concurrently maintainable with redundancies. ; ; Power ; ; 2xMains feeds (A, B) via separate Transformers Running as N+N independent feeds with duel feeds to Switch room “C” Chiller House ; ; 4x500kva UPS running in one pair “A” one pair “B” as N+N within each switch room ; ; 3xGenerators configured as N+1 ; ; Primary Southern datacentre ; ; Power ; ; 1xMains feed via dedicated transformer running as “N” backed up with Generators (Fault tolerant and concurrently maintainable) ; ; 4x400kva UPS running as N+1 (Fault tolerant and concurrently maintainable) ; ; Separate A & B cabinet feeds from UPS output busbar (Fault tolerant and concurrently maintainable) ; ; Switchgear with wrap-around paths allowing full concurrent maintainability ; ; 3xGenerators configured as N+1 (Fault tolerant and concurrently maintainable)
• Outage reporting: As this is a multiply-resilient service, outages would be reported to our support teams directly. If customer service affecting, our support teams will issue email alerts to affected customers.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is based on business need. Implementation is by least privilege RBAC; unique credentials assigned, and all access (successful or failed) is logged using anti-tamper mechanisms, made available for audit and retained for 12 months. Alerts are generated for multiple attempts for investigation by global sysadmins. ; ; Additional authentication mechanisms are used for support channels to assure customers only authorised personnel respond. ; ; Regular access reviews by service and platform owners are conducted with support from the Joiners, Leavers, Movers process, which ensures access is revoked or amended in a timely manner.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 30/08/2023
• What the ISO/IEC 27001 doesn’t cover: Nothing i.e. all services and locations offered under GCloud 14 ARE covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Gemserv Ltd
• PCI DSS accreditation date: 05/09/2023
• What the PCI DSS doesn’t cover: Physical hosting and managed firewall services are covered. All other services are excluded. ; ; Requirements 3, 4, 10, A1 and A2 are excluded.
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Certificates for physical security of all premises including Data Centres:-
  • Issued by an external assessor against the following standards:-
  • Centre for Protection of National Infrastructure (CPNI):-
  • Using the Classified Material Assessment Tool (CMAT):-
  • Supports the storage and processing of HM Government data to:-
  • Classification ‘OFFICIAL’ including ‘OFFICIAL-SENSITIVE’ special handling.
  • NHS England Data Security and Protection Toolkit; assessment ‘exceeding standards’.
  • Main Data Centres are certified as Police Assured Secure Facilities.
  • HSCN CN-SP Network provider.
  • PSN Connectivity Service; certified to connect organisations to the PSN.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Redcentric’s InfoSec scope includes ISO27001 certification, and other critical aspects including physical security, employees and third parties. Our approach is to understand the risk from threat actors and implement the controls and mitigations to assure the Confidentiality, Integrity and Availability of data. ; ; Security is driven from the top with the CTO as SIRO (Senior Information Risk Owner), being accountable for several key policy documents, and the signatory for Security and Compliance attestation statements. Ops Board members regularly review key and corporate risks. ; ; Security roles are assigned, with the Head of Compliance owning InfoSec and Operational Security Manager responsible for day to day matters. Regular security forum meetings are held, in addition to senior management review meetings. ; ; Policy compliance is monitored by regular internal security audits, and six monthly surveillance audits by BSI. Annual security training is mandatory for all employees with attendance records maintained for audit purposes. ; ; The following policies and procedures are operable: ; ; IS Policy ; ; Data Protection Policy ; ; Security Incident Management Process. ; ; Acceptable Use Policy ; ; Access Control Policy ; ; Data Classification and Handling Policy ; ; Joiners, Movers, Leavers Process ; ; Third Party System Access Procedure ; ; Visitor Access Procedure ; ; Change Management Procedure ; ; Clear Desk & Screen Policy ; ; Secure Disposal Policy

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Redcentric operates an ISO20000-1 compliant Change Management Process. Objective is to minimise risk to services whose CIs are impacted. ; ; Achieved by:- ; ; Using standardised methods ensuring efficient handling of all changes using the Change Management Toolset. ; ; Changes are recorded, classified, assessed, approved, prioritised, planned, tested, implemented and documented. ; ; Changes are recorded against the relevant CMDB Configuration Item. ; ; Inputs:- ; ; Completed change records with Impact Assessment ; ; Risk (Security) Assessment ; ; Outputs:- ; ; Accurately recorded change records including all stages of the change lifecycle ; ; Changes by outcome ; ; Forward Schedule of Change ; ; The Change Advisory Board is the final approval stage in the Change Management process.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We operate a Vulnerability Management and Patch Management policy and process based on NCSC guidance. Good industry practice is adopted to ensure deployed services are protected at the edge by stateful next-generation firewalls with UTP/IDS/IPS enabled. Assets threats assessed by technical owners against the Design. Resultant risks are impacted, with critical ones contained immediately and patches applied within 48 hours where available. Automated patch management is supported by Kaseya, with end points managed by Microsoft Intune. ; ; We subscribe to the NCSC CISP scheme for vulnerability notification and receive advance notifications from vendors, often before hitting the public domain.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Redcentric has implemented NCSC GPG-13 guidelines for Protective Monitoring (PM). We utilise a range of PM services including vulnerability management and auditing services such as SIEM. The 24*7*365 SIEM service ingests various logs combined with proactive threat analysis to assess potential impact to services. Response is provided by auto-generation of Service Management tickets on resolver groups for immediate triage and remediation. Incident response is often before threats are realised, due to externally provisioned threat analysis notifications. The combination of threat analysis, machine learning, trend analysis, IP blacklist services and Security Operations Centre SMEs provide robust and effective protection of services.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Redcentric operates a Security Incident Management policy, which outlines pre-defined processes for how suspected and actual security breaches (including data) must be managed. The policy covers all incidents which affect availability, confidentiality and integrity of data and technology. Common events such as phishing or viruses are included. ; ; Users must report incidents to the ISO mailbox or Assurance team, who will create a Security Incident Record and initiate an investigation. Assurance will manage the incident to closure and decide whether external authorities are notified. ; ; Incident reports are created and reported to the InfoSec Management Group and are available for audit.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Cisco VPN Groups per customer on the VPN gateways
• How shared infrastructure is kept separate: Separation of user data is achieved by allocating different customers to a dedicated, specific VPN group on the firewall/VPN gateway. Each customers’ data inhabits this logical VPN group with no visibility between VPN groups. VPN group membership is determined by the use of the domain realm within each username and access is granted only upon successful authentication with the two-factor authentication service, using a correct username/two-factor, one-time password combination.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We have implemented many of the guidelines referenced in the Sustainability section of our Annual Report; Redcentric-Report-and-Accounts_FY23.pdf (redcentricplc.com), which is aligned to the best practices in the EU Code of Conduct on Data Centre Energy Efficiency (DCEE). ; ; New company acquisitions of Sungard and 4D increased our total DC count to nine, which has now reduced with the closure of Harrogate and migration to the newer, more energy efficient facility at Elland. A further DC will close later this year. ; ; We are ISO14001 environmental management certified, and have an active Carbon Reduction Plan, supporting the Government net zero target by 2050. As an empowered operator and MSP we have commissioned several energy efficiency projects, including PUE device energy management and reporting, which assists the tracking of CRP objectives. A PV solar panel solution has been deployed in one DC as alternative ‘green’ power generation. We provide the most energy efficient new infrastructure devices where options allow. Cold aisle containment has been introduced into a number of facilities, increasing efficient use of existing cooling. A decommission project has identified, powered down and removed redundant or surplus equipment from all premises. ; ; We will continue to support the EU Code of Conduct DCEE.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Redcentric stands committed in the fight against climate change and dedicated to supporting the UK Government goal of achieving Net Zero emissions by 2050. This commitment is reflected in a meticulously crafted Environmental, Social, and Governance (ESG) strategy, aligned with the United Nations sustainable development goals, and upheld by ISO 14001:2015 certification for three consecutive years, showcasing the company's dedication to environmental stewardship. ; ; As a prominent entity listed on the AIM, Redcentric prioritise transparency and accountability, diligently adhering to regulations. Mandatory publication of carbon emissions in annual reports underscores the unwavering commitment to environmental responsibility and corporate transparency. ; ; Redcentric's dedication to sustainability extends beyond compliance, it’s ingrained in every aspect of operations. Notably, investments totalling £5million in the data centre estate focus on enhancing efficiency, evidenced by Power Usage Effectiveness (PU) reduction from 2 to an impressive 1.6. ; ; The company ensures 100% of power requirements are from sustainable sources, alongside proactive measures like converting backup diesel generators to environmentally friendly alternatives and replacing diesel vans with electric counterparts. ; ; Participation in Manage your UK Emissions Trading Scheme Reporting Service (METS) through GOV.UK and holding a greenhouse gas emissions permit underscore Redcentric's commitment to reducing its carbon footprint. Additionally, the provision of customer monthly reports detailing energy consumption metrics and procurement of all electricity from 100% carbon-neutral sources exemplify the company's dedication to transparency and sustainable practices. ; ; The Redcentric board acknowledges the evolving landscape of ESG considerations, driving greater accountability and transparency across operations. Regular updates to the website keep stakeholders informed about key corporate policies and sustainability initiatives. ; ; Redcentric's commitment to sustainability isn’t just a declaration but a deeply ingrained aspect of corporate ethos. From stringent adherence to regulatory requirements, to proactive investments in renewable energy, comprehensive reporting mechanisms, every action underscores our unwavering dedication to environmental responsibility and corporate transparency.

  Tackling economic inequality

  Redcentric actively addresses economic inequality through diverse initiatives aimed at empowering communities and fostering long-term sustainability: ; ; Community Engagement Programs & Digitally Driven Fundraising Campaigns: ; ; Utilises technology and resources to support local charities, raising over £50,000 for the Children’s Heart Surgery Fund through outreach campaigns. ; ; The Breck Foundation: Provides online safety training for pupils, parents, and teachers, promoting safety in the online world. ; ; Employment and Training Opportunities: Prioritise job creation and training programs for local residents, offering apprenticeships to rugby league players, wheelchair rugby players, and young athletes, fostering economic development and empowerment. ; ; Charitable Partnerships & Business Fundraising Programme: ; ; Raises funds for charities through sponsored events, like a Yorkshire 3 Peaks walk, involving over 30 employees and raising more than £12,000. ; ; Business Fundraising Enablement Programme: Supports charities in engaging target businesses for funding through calling data and tailored emails. ; ; Digital Transformation Programme: Facilitates digital transformation within charities, enhancing patient and family support. ; ; Transparency and Accountability: Committed to transparency by providing regular reports on the social impact of projects, ensuring stakeholders understand the positive outcomes generated through collaboration. ; ; Upskilling Workforce and Supporting Lower Paid Workers: Offers apprenticeship programs with planned career pathways into senior positions, promoting skill development and progression. ; ; Promotes training and development for all colleagues through a learning management system, investing in role-specific certifications and development programs. ; ; Implements a hybrid working model to support lower-paid workers with reduced travel costs and offers above the apprentice minimum wage, recognising the value apprenticeships bring to the company. ; ; Through these initiatives, we are dedicated to addressing economic inequality and creating a more equitable society. Redcentric believe that by providing individuals with access to opportunities for growth and advancement, we can contribute to reducing economic disparities and promoting social mobility.

  Equal opportunity

  Redcentric actively fosters an environment where individuals are valued and treated fairly, irrespective of their background, and opposes any form of discrimination prohibited by law. ; ; A key indicator of this commitment is evident in Redcentric's gender pay report, where efforts to address disparities in earnings between men and women are transparently acknowledged. By identifying imbalances in the workforce and actively working to rectify them, Redcentric demonstrates a proactive approach to promoting gender equality within the organisation. ; ; Redcentric's Diversity and Inclusion Forum serves as a platform for ongoing dialogue and action. By establishing working groups focused on specific aspects of diversity, such as gender equality and remote working, employees are empowered to drive positive change and contribute to a more inclusive workplace culture. The planned LGBTQ+ working group further exemplifies Redcentric's commitment to embracing diversity in all its forms. ; ; In terms of recruitment and talent development, Redcentric implements diverse hiring practices and apprenticeship schemes aimed at supporting individuals from various backgrounds. By partnering with outreach organisations and providing apprentices with clear career pathways, Redcentric ensures that opportunities for growth and advancement are accessible to all employees, regardless of their starting point. ; ; Redcentric's inclusive leadership and flexible work policies underscores its dedication to accommodating diverse needs and promoting work-life balance. By offering leadership training that prioritises inclusion and implementing policies such as flexible working hours and enhanced maternity packages, Redcentric creates an environment where employees can thrive professionally while maintaining personal well-being. ; ; In conclusion, Redcentric's comprehensive approach to equal opportunity extends beyond mere policies to encompass tangible actions aimed at fostering diversity, inclusion, and professional development for all employees. By prioritising these values, Redcentric not only enriches its workforce but also sets a standard for ethical and equitable business practices in the industry.

  Wellbeing

  At Redcentric, prioritising the well-being of our colleagues is paramount, and we've implemented various initiatives to support their mental and physical health. Our commitment to enhancing health and well-being extends to our contract workforce as well. Here's how we're making a difference: ; ; Hybrid Working Model: Providing flexibility to achieve a better work-life balance for our colleagues, fostering a supportive environment and preventing isolation through social networking within the company, including organized social and corporate events. Over 40% of Redcentric’s employees either work from home or on a hybrid model. ; ; MetLife Well-being Hub: Accessible to all employees, offering a comprehensive range of well-being support services, such as confidential 24/7 telephone support, structured counselling sessions, cognitive-behavioural therapy, legal advice, financial management guidance, and health risk assessments. ; ; Well-being Channel: A valuable resource offering mental and physical health support, including webinars and mental health resources for adults and children. ; ; Corporate Social Responsibility Events: Organizing events throughout the year to promote well-being across the organization, utilizing a structured well-being calendar highlighting key awareness weeks like men’s health week and stress awareness week. Additionally, training over 20 mental health first aiders across the business to provide continuous support and engagement. ; ; Leadership Commitment: Our Board sets an example by promoting a healthy corporate culture and embedding ethical values in our business operations. Through these initiatives, we aim to foster a culture where the well-being of our colleagues is prioritised, ensuring a resilient and empowered workforce poised for success.

Pricing

• Price: £5.00 to £9.00 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@redcentricplc.com. Tell them what format you need. It will help if you say what assistive technology you use.