EKCO CLOUD (UK) LIMITED

Ekco Security - Incident Response Retainer

To support organisations that are seeking to protect their cloud services and prepare themselves against cyber-attacks, Ekco provides an Incident Retainer Service supported by highly skilled and certified responders to support customers in preparing and responding effectively to a cyber-incident. The service can be combined with Ekco MDR and MXDR.

Features

• 24/7/365 Incident Response Hotline
• Rapid response CIRT SLA
• Retained Bank of Hours for CIR response
• Incident Response (IR) Policy & Plan Review
• Annual Cyber Response Table Top Exercise (TTX)
• Highly certified ‘Incident Responders’

Benefits

• 24/7/365 Incident Response Hotline with guaranteed SLA
• Provides extended 24/7 on-demand expertise for your organisation
• Provides your organisation with access to highly certified CIRT Team
• Retained pre-paid CIRT Response Hours for use is an emergency
• Ensures organisations are prepared for a Cyber Incident
• Ensures organisations have rehearsed for a Cyber Incident
• Ensures organisations can effectively respond to a Cyber Incident
• Flexible Retainer based offerings with customisable options

£5,000 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

177024682010329

Contact

Ekco G-Cloud
08452578020
ekco.gcloud@ek.co

Service scope

• Service constraints: There are no general service constraints that buyers should be aware of.
• System requirements: There are no system requirements that buyers must have

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Ekco will manage communications between Ekco and the buyer through the Ekco SOC Service Desk which is operated and fully staffed on 24x7x365 for normal service operations, changes, maintenance issues, threat alerts and incident handling.; ; The buyer will also have access to the Service Desk, where Incident, Change, and Service requests are created. ; ; Ekco has clear SLAs for the Service Desk:; Priority / Target Response / Update Frequency : ; P1 / 30 mins / 2 hours :; P2 / 4 hours / Daily :; P3 / 8 hours / Weekly :; P4 / 24 hours / Weekly
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The Ekco service level agreement covering our services operates on a fully staffed 24x7x365 basis. ; ; Priority / Target Response / Target Resolution : ; P1 / 1 hour / 4 hours :; P2 / 4 hours / 8 hours :; P3 / 8 hours / 24 hours :; P4 / 24 hours / 48 hours : ; ; The above support levels are for technical issues and not related to and security monitoring services.; ; We are happy to work with the buyer to adjust service elements and define an SLA amenable to both parties, our service levels are aligned with industry standards.; ; Amendments to the support levels would have a cost impact however the costs uplift is proportional to the additional resourcing requirements.; ; When logging an incident with the Service Desk, a priority level will be agreed between customer and the Service Desk, based on the impact of the incident-detailed table. ; ; All our services get a technical account manager (TAM) to work with the customers, the TAM has direct access to cloud support engineers which helps ensure the response is in line with the customers requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Ekco utilise a standard onboarding methodology to ensure that our customers have the necessary skills to utilise our service. Ekco will customise and provide runbooks relating to key operational and security tasks needed for the business-as-usual health of the environment and its users. Topics covered in these runbooks will include license management, device onboarding and security alert review. Prior to commencement we complete end user training which is followed by an operational readiness review & approval from the customer.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: At the end of the contract dependant upon the Service and Technologies procured Ekco will provide extract of archived logs/data. This data can be transferred in a secure manner to the customer. Ekco will work with the customer to understand and define any data and log extraction requirements during the service set up
• End-of-contract process: At the end of the contract, Ekco will assist the customer and provide any Customer data or Customer developed content during the provision of the service that may be required for the future provision. Ekco can provide full transition lifecycle support under chargeable activity as a project to migrate services to alternative providers

Using the service

• Web browser interface: Yes
• Using the web interface: Depending on the service procured, Ekco has different types of web interfaces:; ; 1. Ekco Sphere: Ekco Metrics & Reporting Dashboard ; 2. Access to supporting technologies - - ; ; Each web interface has a different objective & user case:; 1. Ekco Sphere: Centralised dashboard for metrics and reporting on the service, this is recommended for service management and service operators. No limits on users.; 2. Access to supporting technologies: Access is linked to roles and responsibilities, no limitations, additional costs may be required depending on the number of users accessing the given platform.; ; Users can make changes through the web interfaces, however a clear RACI and access rights will need to be established during service provisioning. The objective of this is to ensure the integrity of the services.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: All end users are provided with accounts to the web interface based on agreed authentication and access requirements.
• Web interface accessibility testing: All of Ekco internal web interface follow the standard development methodologies, including testing. Ekco profile end users with different roles and requirements to complete acceptance testing.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Ekco services are built to be robust and scalable. They are designed to handle varying levels of user demand without any impact on performance. ; ; Ekco utilise a supply and demand forecasting approach to ensure that resource allocation is adjusted based on customer demand. We have a rigorous internal process to ensure that our customers’ requirements are met.
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Usage Notifications is provided by means of email to relevant and nominated customer end users who are agreed as part of the onboarding process.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Metrics are based on the security technology deployed
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Service backups are based on security technologies in use
• Backup controls: Our services are based on security technologies, all technologies have clearly defined backup and recovery processed that are tested in line with our SLAs and in line with the mutually agreed schedules
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The SLAs appropriate to these services:; ; Service SLAs:; The service credit payable for any unexcused failure to meet a monthly aggregate Measured SLA target for a SLA during a particular month (a “Performance Credit”), as calculated by the Weighting Percentage for the relevant Measured SLA times the monthly fees for the month in which the Fault occurred (subject to the other provisions which will be pre-agreed). ; ; Performance Credits shall be credited to the customer on the next invoice from Ekco. The customer shall not be entitled to any Performance Credits until the total number of individual unexcused failures to meet the Measured SLA target (each a “Fault”), or combination of Faults, meet the thresholds below:; • The actual quarterly aggregate measure of performance for the particular Measured SLA is greater than the Measured SLA target for a given period;; • The number of Faults is greater than three (3%) of the total alerts created within a given quarter for the particular SLA, or three (3) total Faults related to the same Service Level, whichever is greater; ; Technology SLAs Credits; Supporting technologies terms are between the customer, Ekco and the technology supplier based on standard terms.
• Approach to resilience: Ekco utilises a multi layered approach to resilience, firstly our services utilise Software as a Service (SaaS) Security Technologies provided by market leading vendors.; ; This involves several strategic and technical considerations designed to ensure continuity, security, and optimal performance. The use of SaaS provides firstly robust infrastructure redundancy. We complete due diligence on our providers to ensure they distribute their services across multiple data centres and use cloud technologies that automatically adapt to load changes and failures, thereby minimising downtime.; ; Data protection is another critical element. Ekco ensure that our technology provides incorporate regular backups, secure data transmission, and encryption both at rest and in transit. ; ; Ekco SOC services are located across geographies and we have document BCP processes to ensure the services maintain resilience.
• Outage reporting: Outage Reporting is provided by means of email to relevant and nominated customer end users who are agreed as part of the onboarding process.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Depending on the service provided and the hosting location (SaaS or datacentre hosted for example), access can be restricted through a combination of methods including 2-factor authentication, Single Sign On, source IP address whitelisting, limiting connections to internal networks and through bastion hosts and VPNs only, and protection through Web Application Firewalls
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe
• ISO/IEC 27001 accreditation date: 29/02/2024
• What the ISO/IEC 27001 doesn’t cover: Nothing is excluded from the Statement of Applicability (SOA)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Ekco maintains an Integrated Management System (IMS) across the Group, including various externally certified ISO standards such as ISO27001 – this IMS includes security policies and procedures to meet the requirements of the ISO27001 standard’s clauses and controls, and implement good security hygiene holistically across all Ekco operations.; ; This ensures all parts of the Group are up to the same security level and compliant with the same security measures, and allows us to integrate additional requirements into our security operations, such as data protection and quality management for internal security. ; ; From a technical security perspective, Ekco follows the Center for Internet Security (CIS) v8 control set.; ; Oversite and management of the IMS sits with the Group Head of GRC, reporting into the Group CISO who reports directly to the Board, and the Compliance and Security Engineering teams sit below these two. Employment contracts and staff handbooks include requirements for staff to adhere to all Ekco security policies and procedures, and these are regularly communicated to all relevant staff when there are updates, as well as at induction and in regular awareness training.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Ekco maintains and operates a documented Change Management process in alignment with the Group’s ISO27001 ISMS. The process is overseen by Change & Release Managers, and integrated into all internal and client facing services and operations.; ; Change requests are raised in the ITSM tool based on a standardised set of requirements and elements, go through a process including peer reviews and approvals, and are reviewed in regular CAB meetings. ; ; Automations are in place to ensure that the correct approvers receive requests after peer review as well as notifications being sent the required security stakeholders based on the change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Ekco maintains a documented Vulnerability Management program across the Group, and utilizes a VMDR solution with agents on devices and servers for real time reporting as well as internal network-based scanners for monthly scans of internal networks, centrally managed by our 24/7 SOC. Monthly scans of the external perimeters are also undertaken. ; ; Patches are deployed in accordance with our documented ISMS patching Policies which align to industry guidance, including 14 days for critical security updates.; ; Ekco utilizes a variety of public threat intelligence feeds and enterprise solutions, and risk assessments identify threats to services, specifically in design and during changes.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Ekco utilizes our 24/7 Security Operations Centre to provide security monitoring across all infrastructures and systems within the Group. This monitoring is achieved utilizing a selection of integrated tools to provide visibility and automations, improving response times and detection abilities.; ; The documented processes governing this monitoring form part of our ISO27001 ISMS, as do the Incident Management processes supporting incident notifications and response.; ; Documented comms and escalation plans are maintained and tested as part of these processes, supporting timely invocation of IR teams to respond to incidents, with defined priority levels and criteria driving response times.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: As part of Ekco’s ISO27001 ISMS, documented Incident Response policies and procedures are maintained and tested. Our 24/7 SOC continually updates playbooks for common incident types, and regular testing and review of incident response plans ensures improvements are identified and implemented.; ; The processes in place require post incident root cause analysis and lessons learned reviews which support incident reporting, both internally and to affected customers. In addition to automatic monitoring and incident identification, online methods are in place for all staff to report any suspected security concerns and incidents, supporting broad based incident identification.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Ekco, we recognize the urgent need to address climate change and prioritise effective stewardship of the environment in all aspects of our operations. Our commitment extends beyond mere compliance to embodying proactive measures that deliver additional environmental benefits and drive progress towards a sustainable future.; ; Delivering Additional Environmental Benefits:; Ekco is dedicated to incorporating environmental considerations such as reducing greenhouse gas emissions and minimising environmental impact. Through the adoption of sustainable practices, resource efficiency measures, and the utilisation of renewable energy sources, we strive to contribute to the transition towards a low-carbon economy and promote environmental sustainability. Ekco is working towards ISO 14001 certification in order to monitor & measure our environmental controls and as a method of demonstrating our commitment to minimising environmental impacts. ; ; Influencing Stakeholders:; Ekco leverages its influence to promote environmental protection and improvement throughout the supply chain and among stakeholders. By engaging with our staff, suppliers, customers, and communities, we advocate for responsible environmental practices, raise awareness about the importance of conservation, and encourage the adoption of sustainable behaviours. Our Integrated Management System (IMS) contains a Third-party Governance Framework, which in addition to risk assessing supplier cybersecurity controls, is also used to evaluate supplier both environmental and ethical practices.

  Covid-19 recovery

  Promoting Health and Wellbeing: During the COVID-19 pandemic we ensured that we provided access to mental health resources on our EAP platform Spectrum, such as counselling services or employee assistance programs. ; ; Improving Workplace Conditions: Our workplaces evolved in response to the pandemic, Ekco is dedicated to fostering environments that prioritise employee health and safety. This involves supporting remote working arrangements with the use of new technologies and collaboration tools. We also actively promote sustainable travel solutions to minimise potential exposure risks and enhance employee well-being.

  Tackling economic inequality

  Creating Opportunities for Entrepreneurship: Our Ekco academy project is ongoing - where we aim to create Ekco as a learning organisation that supports personal and career development. ‘Ekco Think Time' was introduced so all staff can avail of one hour per week to work on their own personal learning and development through our learning management system . We have also launched an internal project entitled Ekco Graduation, where the learning achievements of staff are celebrated with mini-graduation celebrations . We are also running an Inspiring Leadership programme where our people managers across the group are learning valuable inclusive, team building, and communicative skills designed to support our goal of having more inspiring leaders working across Ekco. ; ; Promoting Employment Opportunities: Ekco widely promotes inhouse opportunities for promotion by advertising roles internally and looking at skills of employees to see where employment opportunities arise. ; ; Ekco understands the critical importance of enhancing supply chain resilience and capacity to ensure the effective delivery of contracts and contribute to overall economic stability. Our approach encompasses a range of activities aimed at fostering innovation, collaboration, and responsibility throughout the supply chain.; ; Supporting Innovation and Disruptive Technologies:; Ekco actively promotes innovation and the adoption of disruptive technologies throughout the supply chain. Through strategic partnerships, investment in research and development, and knowledge-sharing initiatives, we seek to deliver lower-cost and higher-quality goods and services while driving continuous improvement and resilience in our operations.; ; Developing Scalable and Future-Proofed Methods:; Ekco is dedicated to supporting the development of scalable and future-proofed methods to modernize delivery and increase productivity. By investing in technology, process optimisation, and workforce development, we aim to enhance efficiency, reduce risk, and ensure the long-term sustainability of our supply chain operations.

  Equal opportunity

  Ekco and its subsidiaries are committed to ensuring equal employment opportunity for all employees, including qualified employment applicants. The company strives to maintain an environment free of discrimination, harassment, intimidation or bullying based on race, colour, religion, gender, national origin, ancestry, age, disability, veteran status, marital status, sexual orientation, citizenship, civil status, family status, or race (colour, nationality or ethnic or national origin, membership of the Traveller Community or any other protected category or characteristics). ; ; This equal employment opportunity policy applies to all employment practices, including but not limited to recruiting, hiring, advertising, promotion, transfer, reductions in force, social and recreational programs, training, employee development, compensation and fringe benefits, discipline and termination. ; ; Diversity & Inclusion is a key area of importance which helps us build and maintain our unique culture. We want to do all we can to ensure our culture is one which promotes awareness and understanding of diversity & inclusion. ; ; We have zero-tolerance for any type of discrimination and/or harassment at Ekco. We have made significant strides through the following activities: ; • D&I Awareness Sessions - Internal Training Sessions provided to the group to raise awareness and understanding. We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; • International Women's Day panel discussion. A hugely successful panel session about the experiences and challenges of women working in the tech industry, the success of which resulted in our family friendly leave entitlements being increased.; • Certified Proud - we are members of Certified Proud, an accreditation membership body that strives towards LGBTQ+ equality throughout businesses in Ireland. ; • The Ekco Experience – our internal podcast improves our communication and promotes diverse and inclusive conversations across the group, champions our D&I culture.

  Wellbeing

  Ekco supports the health and wellbeing of staff daily by offering support through Management and the People Team to ensure staff have a positive daily experience. ; ; Mental Health Awareness Week is one of our flagship employee engagement events. Each year we have guest speakers and coaches support wellbeing and advise our staff on healthy mental as well as general health wellbeing. ; ; We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; ; All staff are given:; C O R E; • Automatic enrolment pension contributions after 3 months service. Company contributions are matched to employee contributions at 5:5%; • 25 days per calendar year plus normal bank and public holidays; • A day off each year for your birthday, taken in the calendar month of your birthday; C H O I C E S; • Company funded single cover Private Medical Insurance (subject to post probation eligibility); • Discounted single cover with Bupa Dental Insurance via salary sacrifice; • Support your favourite charities through tax efficient donations via payroll; • Reimbursement to cover some of the costs of eye tests, glasses and contact lenses; W E L L N E S S; • Employee Assistance Programme (EAP) offering a dedicated confidential service for mental ; • health, emotional wellbeing or general advice; • Enhanced Family leave in addition to statutory eligibility;; • Maternity / Paternity; • 5 days additional leave to use in emergencies to care for dependent / pet; • Ekco Eats – a monthly lunch in the London office from a local eatery of employees' choice!; • Ekco Events – a wide range of events from EkcOlympics to summer parties; • Women's Wellness – wellness packs and toolkits to help throughout life stages

Pricing

• Price: £5,000 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.