Through Technology Limited

Namespace Security and Protection

Our Service provides organisations with the tools, knowledge and capability to effectively manage namespace security and protect against the threats of domain hijacking, phishing and service disruption. It is ideally suited to any organisation with complex or high value digital services.

Features

• Automated DNS Namespace Discovery and Analysis
• Automated Supply Chain Discovery and prioritised Risk Analysis
• Automated DNS vulnerability discovery and analysis
• DNS Vulnerability Management and prioritised remediation
• Continuous monitoring and improvement to your namespace security and data
• Tracks namespace security risks over time with simple dashboards
• Aligned to NCSC and CDDO Domain Security Guidance
• Cloud-only SaaS tooling, with no installation or integration required
• Detailed dashboards, reporting with logical and geographic mapping

Benefits

• Establish and insource effective Namespace Security practices
• Understand your digital footprint, irrespective of organisation size/complexity
• Help prevent domain hijacking, phishing and data theft
• Analyse the scope and security of your digital supply chain
• Introduce domain lifecycle management processes and knowledge
• Automate the manual process of domain lifecycle management
• Protect your organisational reputation

£50 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@throughtechnology.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

180250810280818

Contact

Peter Hanney
+44 (0)7913334794
enquiries@throughtechnology.uk

Planning

• Planning service: Yes
• How the planning service works: We use NodeZro's Namespace Command Centre SaaS Security Product to help your manage DNS Lifecycle Management and Namespace Security.; ; As a SaaS Service it requires no integration with your systems and minimal implementation. However, we will help you plan how to address the vulnerabilities it uncovers as well as how to establish effective processes in your organisation to manage these risks.; ; We will work with you to plan remediation of key issues and to handover the knowledge and process necessary to manage namespace security within your organisation or that of your third-party IT suppliers. We can also run these processes as a managed service should that be required.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • NodeZro Namespace Command Centre
  • DNS Registrations
  • DNS Lifecycle Management
  • Namespace Protection and Security

Training

• Training service provided: Yes
• How the training service works: We will train your organisation or your chosen third-party supplier in namespace protection and security, using the NodeZro Namespace Command Centre platform. Training can be undertaken onsite or remotely and includes education into namespace security issues, establishing effective DNS Lifecycle and Security Management processes and remediation of issues.
• Training is tied to specific services: Yes
• Services the training service works with:
  • NodeZro Namespace Command Centre
  • Public Internet DNS Registrations
  • Public Sector Email Security

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Most organisations currently manage their DNS Registrations with manual processes and spreadsheets, making misconfiguration and security vulnerabilities commonplace. Exploitation of these vulnerabilities is growing and NCSC guidance states that organisations must use their own processes or commercially available tools (such as that within this service) to monitor DNS for vulnerabilities and changes. Through Technology help organisations automate this process, migrating from spreadsheets and manual processes to the Namespace Command Centre cloud service. We will configure tooling to monitor your namespace, remediate the issues it finds and establish the knowledge and processes in your organisation to manage namespace protection and security effectively.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • NodeZro Namespace Command Centre
  • DNS Registrations and Security

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Through Technology is ISO9001 Quality Management certified and utilise our certified Quality Management System in all deliveries.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • DNS Security
  • Namespace Security
  • Minimum Cyber Security Standard Compliance
  • Public Domain Security Guidance

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Through Technology provide support for users of NodeZro Command Centre Namespace Security Tooling. Offering expert guidance in the use of the system, the remediation of namespace security vulnerabilities and the introduction of effective policy and process to manage DNS securely for your organisation.

Service scope

• Service constraints: None. Our support service is tailored to customer needs and can range from remote support, onsite consultancy , insourcing and handover or entirely outsourced Namespace security management.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The service can be tailored to customer needs. But is typically operated 0900-1730 on UK Weekdays excluding Bank Holidays.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: We utilise Microsoft Teams for chat and collaboration, enabling the addition of audio/video calls and screen sharing should this be required.
• Web chat accessibility testing: Microsoft teams has extensive and well tested accessibility features and is common place in customer organisations.
• Support levels: TBC

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: NodeZro

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute
• ISO/IEC 27001 accreditation date: 13/10/2021
• What the ISO/IEC 27001 doesn’t cover: Nothing. It covers the full scope of our business and services offered under G-Cloud 14.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: The product vendor NodeZro also hold Cyber Essentials Certification

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  hrough Technology is a Carbon Negative Business and formally assessed and certified as such with the PAS2060 Carbon Neutral Plus standard. This means that our services are operated to remove more carbon dioxide from the atmosphere than our business has created or will create in future, already significantly exceeding HM Government's Net Zero targets. Our business was designed with a very carbon-efficient business model. Building on this foundation, we have a process of continual improvement. We annually calculate our carbon footprint using the reputable carbonfootprint.com service, identify further reductions in our environmental impact, then offset -double- the residual carbon footprint of our business through the same scheme reputable UK tree-planting scheme used to offset HM Government ministerial travel. Measuring our footprint every year, optimising it and offsetting double, scales with our business and automatically applies to every service we provide (through G-Cloud or elsewhere). Furthermore, because trees last for many years, our positive impact on carbon capture and storage will continue to grow greater and greater across the lifetime of our business. As a business, we are also focussed upon helping our customers achieve your outcomes. We consider environmental impact in the work we undertake as part of our services many of which involve carbon reduction through modernisation of systems and migration to the cloud. Fighting Climate Change is something we are passionate about. We are proud of the contribution we make as UK Small Business. It also shows our commitment to not only meet, but exceed government targets for fighting climate change and goals of Procurement Policy Notes PPN 06/20 (Social Value) and PPN 06/21 (Taking account of Carbon Reduction in major contracts). Further detail, including "Beyond Net Zero - The Through Technology Environmental Impact Plan" available at www.throughtechnology.uk/carbonreduction

  Covid-19 recovery

  Both Through Technology and NodeZro are UK SME Businesses, paying all our taxes in the UK and operating in full compliance with UK Tax regulations. In Through Technology, we have a very strong focus on achieving value for the tax-payers money and on supporting the UK economy. We are signatories to the UK Government Small Business Commissioner’s Prompt Payment Code. Meaning we commit to paying our supply chain within 30 days and have never yet failed to do so, even when we ourselves have faced delays in our payments. Our company principles include sharing knowledge and building capability with our customers’ internal teams. This can be seen in our “Insource Transition Support” service published on G-Cloud. Helping our customers insource and develop their internal teams will drive upskilling and job creation within our public sector customers. We have a defined standard business process to actively seek out opportunities for savings and cost avoidance for our customers in everything we do. This process has resulted in savings and cost avoidance of over £10M in the last 3 years, saving our customers more than we have cost them while we have also delivered all of our contracted scope. We have also created new jobs in our business during and after the Covid 19 pandemic.

  Tackling economic inequality

  Through Technology are committed to fighting economic inequality. As a modern business without strong geographic ties, our hiring policy is to prioritise recruitment from areas of high social deprivation as identified in the Department for Levelling Up, Housing and Communities' English Indices of Deprivation). At present, 40% of our staff are from these areas and as our business grows, so will this percentage, ensuring that most of the tax-payer money spent on our services ends up in the local UK communities that need it the most. We are an equal opportunities employer that recognises and actively seeks out the benefits of diverse and inclusive teams to our business, to our customers and to wider society.

  Equal opportunity

  We are an equal opportunities employer that recognises and actively seeks out the benefits of diverse and inclusive teams to our business, to our customers and to wider society. This is built into our policies, procedures and contracts, and lived day to day. We have worked to remove any bias from our organisational processes, including subconscious bias where it may exist. An example is that the first stage of our recruitment process is anonymised, minimising the impact of any potential bias in CV and Application evaluation. We are signatories to the Armed Forces Covenant and seek proactively to recruit ex-forces personnel, overcoming some of their challenges in returning to civilian life. Our recruitment process for opportunities is intentionally designed to be accessible and open to all. Our teams working through G-Cloud are diverse and include people from different parts of the UK, age groups, ethnic origin, gender, disability and faith.

  Wellbeing

  Through Technology’s defining characteristic is the quality of our people, so we take well-being very seriously and have a number of measures in place to support the well-being of our staff and people they work with. Despite our relative small size, we have a board member responsible for staff wellbeing and a number of policies and processes which we live every week to maintain it. Examples include: Providing private health cover for all employees, offering time out for voluntary work in our local communities (including current staff acting as school governors, sports coaches, volunteering careers guidance in schools, acting as community representatives and teaching practical philosophy/life skills), funding a qualified Mental Health First Aider within the business, fostering a culture that welcomes private or public discussion of mental health and well-being (including open discussion of our CEO’s personal experiences). We also care about the well-being of those we work with in our supply chain, our customers, and their third-party suppliers. If we identify any well-being or stress-related issues with colleagues outside our organisation, then we handle these sensitively through the appropriate process or channel.

Pricing

• Price: £50 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at enquiries@throughtechnology.uk. Tell them what format you need. It will help if you say what assistive technology you use.