Altiatech Ltd

Altia Backup and Recovery

Altia Backup and Recovery offers a selection of top tier Data Management platforms which enable organisations to store their data anywhere and recal this anytime, whether on premise, hybrid or in the cloud. We also offer Immutable Backup, Scalability and Process Automations to modernise your Data Management.

Features

• Ease of use web interface
• Varied recovery options
• Immutable backup and Ransomware protection with Guarantees against data loss
• High levels of automation
• Multi-tenant options
• Smooth backups
• Global Search and Analytics
• Secure access and permissions
• Backup of Windows 10/11 and Office 365
• Best of breed backup vendors

Benefits

• Intuitive interface that centralises backup and recovery tasks
• Multiple data stores, including private, public and hybrid cloud
• High integrity ransomware resistant backups with vendor warranty
• Low levels of human intervention that reduce labour costs
• Allow multiple users to operate the platform concurrently
• Simplified data management with successful restores and continuity
• Search across all backups (e.g. Subject Access Requests, e-Discovery)
• Privileged access that is easy to administer and reduce risk
• Full backup and restore of productivity suite
• Access to enterprise grade comprehensive and resilient backup solutions

£40.00 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at innovate@altiatech.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

168004299159990

Contact

Fuad Uddin
03303325842
innovate@altiatech.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Microsoft 365, specifically Teams, as a native application part of the Teams Tennant. Also Cisco PBX, Mitel PBX and all third party email platforms. Card Payment online Systems, CRM Databases and Azure based applications.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Some limitations depending on data stores
• System requirements:
  • Network bandwidth
  • Storage capacity
  • Data transit speeds

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Normally within 1-2 hours for critical events, up to 24 hours at weekends.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Severity A - Critical Business Impact – your business has experienced a significant loss or degradation of services, requiring immediate attention.; ; Severity B - Moderate Business Impact – you have a loss or degradation of services, but your organisation can still function.; ; Severity C - Minimum Business Impact – you have an issue, but it has a small impact on your business.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: New customers can be technically on-boarded within a matter of days using Altiatech’s automated secure configuration templates. A standard requirement gathering exercise will be managed by Altiatech to review the customer’s technical prerequisites, including - network connectivity, email domain name configuration, key points of contact, system integration requirements and hand over and training.; Prior to the execution of the Order, the Supplier and the Buyer will agree the scope of the plan for the G-Cloud Services and a timescale for delivering to ensure continuity of service.; Altiatech can provide additional consultancy to facilitate on-boarding and off-boarding should a Buyer have specific requirements they may wish Altiatech to consider. A typical onboarding process will consist of the following activities:; ; • Agree scope of service, including duration, applications to be made available and any additional networking requirements; • Provision of service; • User testing; • Full deployment; • Provision of user documentation
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The service is designed so that customers have the ability to extract their data from the service at any time. Upon termination or expiration of the customer’s subscription, the customer may contact Altiatech and request that their accounts be disabled and all data deleted. Requests to Altiatech can be made in line with our Data Protection Policy.
• End-of-contract process: Contract Termination of G Cloud services is in accordance with the Altiatech G-Cloud Terms and Conditions. Our services are for a minimum of one year. Thereafter, options for an annual rolling contract or monthly rolling contracts will commence, with different pricing per month between annual rolling contract versus monthly rolling contract.; Termination of an annual rolling contract is a minimum thirty (30) days’ notice period before the end of the annual contract period and thirty (30) days’ notice for a monthly contract. Altiatech will hold annual commitment reviews to maintain service quality and appraise ongoing delivery and customer experience. Termination of annual contracts before the minimum term are liable for the full contract year, unless there is evidence of force majeure, or some other mutual agreement has been reached.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Differences are due to the way users can make use of BYOD, where sandbox environments can be established to securely segregate data. While the interface may be different, the functionality around security is maintained.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Integrates with an organisation's directory. RBAC allows delegates access.
• Accessibility standards: None or don’t know
• Description of accessibility: None or don’t know
• Accessibility testing: None or don’t know
• API: Yes
• What users can and can't do using the API: APIs connectors can be used to integrate different systems as part of a wider backup solution. Some limitations may be present, depending on the selected vendor partners and the technologies we are deploying.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisation will be dependant on the scope of solution (e.g. back up locations, storage capacity, backup frequency), where the solution will be tailored to meet the organisation's business needs that fulfil security outcomes within budget.

Scaling

• Independence of resources: Our cyber security services are tailored to each organisation's requirements and make use of the organisation's own committed resources to ensure there is minimal capacity related issues. Where certain services make use of public cloud resources (e.g. Microsoft Azure), vendor partners of such resources already demonstrate that they have highly available resources to ensure all customers are sufficiently catered for.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics can vary widely but are centred around security related events. These can include threats detected/quarantined, unlikely/impossible logons, number of privileged access requests, number of cyber attack attempts, etc
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Rubrik, Cohesity, Veeam, Commvault, Barracuda, Skykick, Avepoint

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The service is designed so that customers have the ability to extract their data from the service at any time. Upon termination or expiration of the customer’s subscription, the customer may contact Altiatech and request that their accounts be disabled and all data deleted, or the customer data is retained in a limited function for a maximum of 28 days after expiration or termination of the service so that further data may be extracted. Email can be exported as PST files, and other file data (e.g. spreadsheets, presentations) can be downloaded.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Uptime is 99.99% and we leverage vendor partners for their dedicated cloud resources. Refunds for downtime will be passed on to organisations following a successful claim from a vendor if a vendor is at fault.
• Approach to resilience: The backup solution itself will help organisations demonstrate their overall resilience and form part of an overall business continuity and disaster recovery strategy. Being an integral element of Resiliency, Altiatech will with organisations to undertake multiple failover tests to ensure the backup solution is functional and fit for purpose.
• Outage reporting: Backup vendor partners have visible status pages:; ; https://status.rubrik.com/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Use of Privileged Access Management (PIM) and/or elevated admin credentials.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 29/07/2021
• What the ISO/IEC 27001 doesn’t cover: Systems development (N/A) Software development (N/A) Monitoring and review of supplier services (suppliers have their own controls)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Altiatech are certified to the ISO/IEC 27001 standard and have adopted Information and Security, Data Protection and Acceptable Use policies, amongst others, that contribute to high quality security management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Assets, including virtual, and physical, are tracked through our IT Service Management Tool. This includes a history of changes applied to them throughout their lifetime. Security impact is always considered with configuration and change approaches with tests undertaken in dev environments that mitigate security and performance risks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Altiatech is protected by SentinelOne, which provides endpoint protection and remediation. SentinelOne uses multiple AI engines to protect against threats. This signature-less approach requires no daily/weekly updates, recurring scans and performs better than other AV management solutions. Altiatech uses Windows Defender, which comes natively with Windows 10 Enterprise is also installed on all computers with definitions set to update regularly for our support engineers. Our devices have restricted access based on user access controls and functionality and elevated admin credentials. Patches are deployed to services readily though our patch management tools. We acquire information of threats from existing AV solutions.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Using proactive network monitoring tools and threat detection and containment tools, we are able to identify compromised points within our services. Our responses are immediate with threat management tools and immediately trigger notifications to support engineers for investigation within 15 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: Altiatech has a documented Incident Response Plan that includes steps to respond to security incidents including identification, investigation, response, mitigation, customer notification, and root cause analysis. Our processes are aligned to ISO 27001 and ISO 20000.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Altiatech enforces its Environmental Sustainability Policy, which includes measures such as: work from home to reduce carbon emissions from travel; travel only when necessary; and discourage paper use and printing. Furthermore, Altiatech encourages flexible working technologies for its customers, which enables disparate workforces to collaborate and reduce carbon footprint from reduced travel.
• Covid-19 recovery:

  Covid-19 recovery

  Altiatech encourages flexible working technologies for its staff and customers, which enables disparate workforces to collaborate and reduce carbon footprint from reduced travel. By enabling remote teams from collaborating, Altiatech has maintained trading and operations throughout the height of the pandemic and safeguarded its employees jobs, as well as supported vital customers, including major hospitals, with the means to continue functioning.
• Tackling economic inequality:

  Tackling economic inequality

  Altiatech provides opportunities for part-time hours and flexible hours that enable its workforce to support their dependents, whilst giving them continued employment to meet their economic needs. Altiatech also provides annual salary increases and exceeds the national minimum wage. Altiatech also offers bonuses to its personnel that are reflective of the businesses performance.
• Equal opportunity:

  Equal opportunity

  Altiatech is an equal opportunities employer and is committed to non-discrimination.
• Wellbeing:

  Wellbeing

  Altiatech is committed to the wellbeing of its staff and personnel and offers its workforce access to a wellbeing service for any issues that they may experience.

Pricing

• Price: £40.00 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Each vendor offers a level of free trial, which may include partial functionality. Trials are often up to 30 days long.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at innovate@altiatech.com. Tell them what format you need. It will help if you say what assistive technology you use.