INTEGRITY360 LIMITED

Trellix MVISION Cloud

The Trellix XDR ecosystem contains a suite of products that provide world-class cybersecurity through endpoint security and so much more.

Features

• Identifies and tracks High Risk Cloud Services
• Delivers comprehensive registry of SaaS, IaaS, and PaaS services
• Summarises cloud usage from across the business
• Sensitive log data tokenised for on premises for security
• Automatically generates scripts for popular firewalls/web proxies
• Collects and analyses firewall logs
• Simple Usage Dashboard: easy-to-understand visual summary of key usage statistics
• Provides a detailed audit trail for forensic investigations and compliance
• Detect and respond to potential data exfiltration attempts
• Encrypts data in transit and at rest in cloud services.

Benefits

• Helps protect public-sector organisations from reputational damage from cyber-attack
• Capability to self-audit an organisation’s usage of cloud services
• Policy enforcement prevents unauthorised data leakage (DLP)
• Underpins information privacy, security, and compliance with detailed reporting
• Highlights the use of ‘Shadow IT’ across the organisation
• Encryption/other features help facilitate the secure adoption of cloud-services
• Quickly identifies sensitive data subject to compliance-requirements or security policies.
• Identifies third-party suppliers and the data flows that exist.
• Guides users from unapproved services to business sanctioned alternatives
• Highlights gaps in cloud-policy enforcement and force consistent policy deployment

£15.65 a user a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidreviewboard@integrity360.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

163263211172109

Contact

Paul Momirovski
+44 20 3397 3414
bidreviewboard@integrity360.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • NIC: 1GB with access to the internet
  • RAM: 8+ GB recommended
  • CPU: 4 Cores min
  • Operating System: Windows (32/64 bits), *nix, or Mac

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response time to questions raised within 1 hour and if these result in a specific ticket these will be managed based on a criticality level defined from 1 through 4
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Account Management; Sales Engineer; Support and Maintenance; Support Requests ; Phone, Email & Web 24/7; Technical Support ; Office hours (critical and non-critical issues) M-F 6am-6pm PST (excluding US holidays); Availability for critical issues 24/7; Service Support ; Upgrade notifications Yes; Remote diagnostics Yes; Online Resources ; Documentation Yes; FAQ Yes; User Portal with searchable KB articles; Based on 4 service criticality levels 1 to 4; ; Support is included in the annual subscription for the MVISION Cloud Services; A Technical account manager is allocated to a group of accounts and a customer success manager provides regular quarterly services reviews"; ; Caretower also offer a range of Professional Services, Managed Security Services and Support Contracts for McAfee Products.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: MVISION Cloud customers are supported through all the way through the lifecycle. Expert advice and guidance in offered from our presales team during planning and customers are provided training both on site and by remote Webex during deployment phase. Support is provided 24x7 to cover operation and technical aspects. User documentation is available on line.; A Customer Success manager from McAfee is allocated to support customers from and has responsibility to ensure all operational criteria are met and value realised as quickly as possible.; ; Customers may also wish to use Caretower Professional Services to install and configure MVISION . We can also provide a fully Managed Security Service for MVISION
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: McAfee provide data extraction as part of this service as part of their standard user agreement.
• End-of-contract process: Data Export and Data deletion at no cost to the customer

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The dashboard will operate on mobile devices in a restricted manner by the rendering of the device itself and will also not allow de-tokenisation of users unless the device is on the same corporate network as the Enterprise connector application
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The API is not available to the users but is used to control services around the MVISION Cloud service. ie a functional API not a management API
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: MVISION Cloud offers customers various levels of customisation in both the technical functionality and user experience of MVISION Cloud. Customisation and control is available in the Shadow and Sanctioned IT packages allowing various features and control functions to be applied as required. ; The User interface can be customised and white labelled for the customer with detailed customisation available on the screen rendered dashboard and reports outputs.

Scaling

• Independence of resources: The MVISION Cloud service is a true multi-tenant cloud environment and as such scales elastically to deal with user load in real time.

Analytics

• Service usage metrics: Yes
• Metrics types: Detailed reporting is available for:; Cloud Services visited; Activity on the service; Size of uploads/downloads; Risk Scoring detail of each cloud service; Anomalous/Rogue activity of users versus services; Fully customisable user reports around variable parameters
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: McAfee

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is not a function that users can perform. McAfee will manage this process as part of the end of contract process.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.5% is the target availability defined in client contractual documentation.; ; Refunds for service discrepancies are also defined in the contract and may vary per client dependant on criticality of deployment within the organisation.
• Approach to resilience: The McAfee solution is delivered as a highly available Software as a Service (SaaS). ; Each McAfee datacentre consists of redundant hardware components and ISPs. High availability between datacentres is provided through Verisign Hosted DNS (Domain Name System); ; Verisign Hosted DNS (Domain Name System) provides 100% SLA for DNS resolution, globally-distributed, highly redundant design, extremely rapid propagation updates, and DNS failover as a core feature.; ; If a McAfee datacentre fails, Verisign detects the failure and updates their DNS automatically to supply services from another McAfee Datacentre. The 24/7 McAfee incident response team would then follow Incident Response Procedure to bring the datacentre back online.; ; Further details are available to customers.
• Outage reporting: API services exist where customers can run health checks. Any major outages to the API would be advised to the customer by email with associated resolution activity.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Based on user permissions hierarchy and authentication
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: External Agency
• ISO/IEC 27001 accreditation date: 1/1/20
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 1/1/20
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: McAfee has a fully documented security control policy and procedure, as outlined by ISO 27001 and 27018 . Full details available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: McAfee’s Change Management (CM) process provides a framework for the thorough documentation, testing, and evaluation of all proposed changes to the production environment. The CM process mitigates risks to McAfee production applications. ; ; Process is as follows:; Weekly meetings are held to review pending patches to production systems.; Critical patches including security patches are prioritized and scheduled for implementation as soon as possible; Non-critical patches will be analysed to determine the logical window to schedule the upgrades; ; In cases where downtime is required, system maintenance is during off hours.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Routine vulnerability scanning tests are performed by external companies like Qualys and others and work is created to identify and mitigate vulnerabilities.; For security reason we do not provide vulnerability scan to tenants. We can provide the scan schedule and the remediation plan and result.; Patches applied as soon as vulnerabilities are disclosed. There are multiple sources of threat intelligence.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: A Combination of edge protection provided by Inbound/Outbound next generation firewalls and use of industry leading IPS intrusion protection ; Real-time alerting via SoC/SIEM security incident and event monitoring using McAfee expert resources
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: McAfee’s incident response procedure ISMS Incident Response Procedure undergoes continuous improvement as a part of our ISMS for ISO 27001. ; The standard process is to open case is via email or phone. All cases are documented. Once the case is opened , the case is assigned to the technical support engineer, who will triage the case based on the information provided by the customer. If they cannot resolve the case within the first 2 hours, the case is escalated to the Senior Escalation Engineer.; Based on the severity and business impact, engineering will resolve issues as appropriate.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Trellix celebrates fresh thinking and soulful work.; Trellix provides an opportunity to change the world – with bigger, better, bolder ideas.; Encourage to: Be disruptive. Be innovative. Be a game changer.; Encourages DEI:; ; Announced a partnership with the Hispanic Alliance for Career Enhancement (HACE) to launch a comprehensive mentorship and educational program and a partnership with Gotara, a global career growth platform for women in STEM+ to close the cybersecurity talent gap.

Pricing

• Price: £15.65 a user a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidreviewboard@integrity360.com. Tell them what format you need. It will help if you say what assistive technology you use.