EKCO CLOUD (UK) LIMITED

Ekco Bluecube - Private Cloud

The Ekco Private Cloud service delivers a comprehensive Infrastructure as a Service (IaaS) solution that focuses on the management of hypervisor hosts and the provision of virtualised resources to ensure a reliable and scalable computing environment for customers.

Features

• Bespoke Infrastructure as a Service (IaaS)
• Configuration recommendations and optimisations
• Licensing compliance and renewal notifications
• Ongoing documentation and hardware maintenance
• Patches / updates for VMware / ESXi hosts
• Proactive monitoring and maintenance
• Remedial support for VMware / ESXi host issues
• VM placement for performance and resource optimisation
• VMware / ESXi Hypervisor Support
• Workload balancing and capacity management

Benefits

• Be, or work with, your IT team to develop solution
• Built to meet your requirements based on size, industry etc
• Cloud specialists to support your private cloud journey
• Daily maintenance and support from the Private Cloud team
• Expert ongoing guidance on what is right for your business
• Minimal upfront capital costs as based on consumption model
• No single point of failure due to IaaS resilience
• On demand scalable compute / network / storage
• Regular client meetings to ensure consistent customer care
• Wide range of knowledge and specialisms within the Ekco team

£0.21 a gigabyte

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

189613138372537

Contact

Ekco G-Cloud
08452578020
ekco.gcloud@ek.co

Service scope

• Service constraints: Ekco's aim for buyers of the cloud service is to make the adoption of the private Cloud as easy and seamless as possible for our clients.; ; Constraints are on geographic locations of data centres, all in the UK, but with our Public cloud offering we can provide global platform coverage. We do have maintenance windows, and change windows, but these are communicated well in advance through the change process.
• System requirements: There are no system requirements that buyers must have

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tickets are logged as indicents, changes or service requests. Each type of logged ticket will have its own response SLA based on ticket type and priority based on agreed metrics. ; ; The buyer will also have access to the Service Desk, where Incident, Change, and Service requests are created. ; ; Ekco has clear SLAs for the Service Desk:; Priority / Target Response / Update Frequency : ; P1 / 30 mins / 2 hours :; P2 / 4 hours / Daily :; P3 / 8 hours / Weekly :; P4 / 24 hours / Weekly
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We leverage the testing that the vendor has done in order to reach prescribed industry standard for assistive technology users.
• Onsite support: Yes, at extra cost
• Support levels: Support is delivered on a per device or per user basis enabling customers to scale up or down as needed. Our tiering structure includes Essential, Standard and Premium and comes with the following activities for all tiers:; ; Service Desk; Incident Management; Major Incident Management; Request Management; Change Management; Monitoring and Alerting; Evening Management
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of service transition and client onboarding relevant training for users will be provided as necessary. Business change and adoption programmes can also be used to educate end users on the adoption of the new service (things such as phone numbers to call, email to raise tickets, portals to log tickets). This can be carried out through brown bag sessions/lunch and learns as well as more formal training. Where buyers have internal comms channels our teams can work with those internal teams to create collateral and artefacts to introduce the services.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data in services in the private cloud remain the property of the buyer. Upon the end of the contract the data and applications can be transferred to another supplier or brought internally. All data remains subject to role based access as defined and agreed during the design and implementation phase.
• End-of-contract process: At the end of the contract Ekco will work with the nominated replacement supplier on a transition plan that meets the timescales of all concerned. This work is charged separately to the service.

Using the service

• Web browser interface: Yes
• Using the web interface: The self-service portal offers robust functionalities, allowing users to manage IT services seamlessly. Users can easily make service requests, which may trigger API calls, initiate approval processes, and start orchestration workflows directly through the web interface. This automation enhances efficiency and speeds up response times for common IT requests and issues.; ; The portal also enables users to customise their dashboard, manage notification settings, and access a comprehensive knowledge base for self-help. Users can set up and modify their profiles, adjust preferences, and subscribe to updates for specific services, fostering a personalized and proactive service experience.; ; However, despite its versatility, the self-service portal does have limitations. Complex configurations, such as deep system integrations or backend IT process adjustments, cannot be performed by users and require administrator intervention. Additionally, while users can initiate requests that trigger workflows, the ability to modify the underlying logic of these workflows or to access advanced system analytics is restricted to maintain system security and integrity.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Our interface is designed with accessibility in mind, adhering to WCAG 2.1 standards. Our interface offers high contrast themes, resizable text, and layouts compatible with screen readers, ensuring it is accessible to users with diverse abilities. Key features include comprehensive keyboard navigation across all core functionalities and full compatibility with major screen readers, facilitating ease of use for visually impaired users. All images and actionable icons include descriptive alt text to aid screen reader users.; ; However, some limitations exist, such as certain advanced reporting features not being fully accessible via keyboard alone.
• API: Yes
• What users can and can't do using the API: For Cloud management our system is capable of allowing users to make requests through the web interface which can be orchestrated in the backend to create, update, destory etc Cloud objects. Pre defined services and routines can easily be configured and deployed though the Web interface and backend APIs.
• API automation tools: Other
• Other API automation tools: Our system has Open APIs
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: We scale our managed services to ensure that our SLAs and OLAs are hit. This scaling is applied to people and technology to ensure that the services are in line with contractual agreements.
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Usage Notifications is provided by means of email to relevant and nominated customer end users who are agreed as part of the onboarding process.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics: Metrics are based on the security technology deployed
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Ekco backup and recovery service
  • Files, Databases, Virtual Machines
• Backup controls: Backup schedules are agreed during design and implementation phases to deliver to system and workload RTO and RPO as defined by the buyer
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The SLAs appropriate to these services:; ; Service SLAs:; The service credit payable for any unexcused failure to meet a monthly aggregate Measured SLA target for a SLA during a particular month (a “Performance Credit”), as calculated by the Weighting Percentage for the relevant Measured SLA times the monthly fees for the month in which the Fault occurred (subject to the other provisions which will be pre-agreed). ; ; Performance Credits shall be credited to the customer on the next invoice from Ekco. The customer shall not be entitled to any Performance Credits until the total number of individual unexcused failures to meet the Measured SLA target (each a “Fault”), or combination of Faults, meet the thresholds below:; • The actual quarterly aggregate measure of performance for the particular Measured SLA is greater than the Measured SLA target for a given period;; • The number of Faults is greater than three (3%) of the total alerts created within a given quarter for the particular SLA, or three (3) total Faults related to the same Service Level, whichever is greater; ; Technology SLAs Credits; Supporting technologies terms are between the customer, Ekco and the technology supplier based on standard terms.
• Approach to resilience: We have business continuity plans in place for our services teams. For the platform, Ekco regularly review and updates their business continuity plans for the private Cloud Services. As part of the infrastructure design Ekco can enhance resilience of the basic platform utilising the features available from the hypervisor software.
• Outage reporting: Ekco's service management function leverages our ITSM toolsets and standard ITIL processes around incident and major incident management to communicate with stakeholders any outages to services.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Depending on the service provided and the hosting location (SaaS or datacentre hosted for example), access can be restricted through a combination of methods including 2-factor authentication, Single Sign On, source IP address whitelisting, limiting connections to internal networks and through bastion hosts and VPNs only, and protection through Web Application Firewalls
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 02/10/2023
• What the ISO/IEC 27001 doesn’t cover: Nothing is excluded from the Statement of Applicability (SOA)
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Ekco maintains an Integrated Management System (IMS) across the Group, including various externally certified ISO standards such as ISO27001 – this IMS includes security policies and procedures to meet the requirements of the ISO27001 standard’s clauses and controls, and implement good security hygiene holistically across all Ekco operations.; ; This ensures all parts of the Group are up to the same security level and compliant with the same security measures, and allows us to integrate additional requirements into our security operations, such as data protection and quality management for internal security. ; ; From a technical security perspective, Ekco follows the Center for Internet Security (CIS) v8 control set.; ; Oversite and management of the IMS sits with the Group Head of GRC, reporting into the Group CISO who reports directly to the Board, and the Compliance and Security Engineering teams sit below these two. Employment contracts and staff handbooks include requirements for staff to adhere to all Ekco security policies and procedures, and these are regularly communicated to all relevant staff when there are updates, as well as at induction and in regular awareness training.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Ekco maintains and operates a documented Change Management process in alignment with the Group’s ISO27001 ISMS. The process is overseen by Change & Release Managers, and integrated into all internal and client facing services and operations.; ; Change requests are raised in the ITSM tool based on a standardised set of requirements and elements, go through a process including peer reviews and approvals, and are reviewed in regular CAB meetings. ; ; Automations are in place to ensure that the correct approvers receive requests after peer review as well as notifications being sent the required security stakeholders based on the change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Ekco maintains a documented Vulnerability Management program across the Group, and utilizes a VMDR solution with agents on devices and servers for real time reporting as well as internal network-based scanners for monthly scans of internal networks, centrally managed by our 24/7 SOC. Monthly scans of the external perimeters are also undertaken. ; ; Patches are deployed in accordance with our documented ISMS patching Policies which align to industry guidance, including 14 days for critical security updates.; ; Ekco utilizes a variety of public threat intelligence feeds and enterprise solutions, and risk assessments identify threats to services, specifically in design and during changes.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Ekco utilizes our 24/7 Security Operations Centre to provide security monitoring across all infrastructures and systems within the Group. This monitoring is achieved utilizing a selection of integrated tools to provide visibility and automations, improving response times and detection abilities.; ; The documented processes governing this monitoring form part of our ISO27001 ISMS, as do the Incident Management processes supporting incident notifications and response.; ; Documented comms and escalation plans are maintained and tested as part of these processes, supporting timely invocation of IR teams to respond to incidents, with defined priority levels and criteria driving response times.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: As part of Ekco’s ISO27001 ISMS, documented Incident Response policies and procedures are maintained and tested. Our 24/7 SOC continually updates playbooks for common incident types, and regular testing and review of incident response plans ensures improvements are identified and implemented.; ; The processes in place require post incident root cause analysis and lessons learned reviews which support incident reporting, both internally and to affected customers. In addition to automatic monitoring and incident identification, online methods are in place for all staff to report any suspected security concerns and incidents, supporting broad based incident identification.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Different organisations sharing the Private cloud platform are kept apart using the hypervisor fabric and the governance in place that is inherent to the Ekco platform.

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Ekco, we recognize the urgent need to address climate change and prioritise effective stewardship of the environment in all aspects of our operations. Our commitment extends beyond mere compliance to embodying proactive measures that deliver additional environmental benefits and drive progress towards a sustainable future.; ; Delivering Additional Environmental Benefits:; Ekco is dedicated to incorporating environmental considerations such as reducing greenhouse gas emissions and minimising environmental impact. Through the adoption of sustainable practices, resource efficiency measures, and the utilisation of renewable energy sources, we strive to contribute to the transition towards a low-carbon economy and promote environmental sustainability. Ekco is working towards ISO 14001 certification in order to monitor & measure our environmental controls and as a method of demonstrating our commitment to minimising environmental impacts. ; ; Influencing Stakeholders:; Ekco leverages its influence to promote environmental protection and improvement throughout the supply chain and among stakeholders. By engaging with our staff, suppliers, customers, and communities, we advocate for responsible environmental practices, raise awareness about the importance of conservation, and encourage the adoption of sustainable behaviours. Our Integrated Management System (IMS) contains a Third-party Governance Framework, which in addition to risk assessing supplier cybersecurity controls, is also used to evaluate supplier both environmental and ethical practices.

  Covid-19 recovery

  Promoting Health and Wellbeing: During the COVID-19 pandemic we ensured that we provided access to mental health resources on our EAP platform Spectrum, such as counselling services or employee assistance programs. ; ; Improving Workplace Conditions: Our workplaces evolved in response to the pandemic, Ekco is dedicated to fostering environments that prioritise employee health and safety. This involves supporting remote working arrangements with the use of new technologies and collaboration tools. We also actively promote sustainable travel solutions to minimise potential exposure risks and enhance employee well-being.

  Tackling economic inequality

  Creating Opportunities for Entrepreneurship: Our Ekco academy project is ongoing - where we aim to create Ekco as a learning organisation that supports personal and career development. ‘Ekco Think Time' was introduced so all staff can avail of one hour per week to work on their own personal learning and development through our learning management system . We have also launched an internal project entitled Ekco Graduation, where the learning achievements of staff are celebrated with mini-graduation celebrations . We are also running an Inspiring Leadership programme where our people managers across the group are learning valuable inclusive, team building, and communicative skills designed to support our goal of having more inspiring leaders working across Ekco. ; ; Promoting Employment Opportunities: Ekco widely promotes inhouse opportunities for promotion by advertising roles internally and looking at skills of employees to see where employment opportunities arise. ; ; Ekco understands the critical importance of enhancing supply chain resilience and capacity to ensure the effective delivery of contracts and contribute to overall economic stability. Our approach encompasses a range of activities aimed at fostering innovation, collaboration, and responsibility throughout the supply chain.; ; Supporting Innovation and Disruptive Technologies:; Ekco actively promotes innovation and the adoption of disruptive technologies throughout the supply chain. Through strategic partnerships, investment in research and development, and knowledge-sharing initiatives, we seek to deliver lower-cost and higher-quality goods and services while driving continuous improvement and resilience in our operations.; ; Developing Scalable and Future-Proofed Methods:; Ekco is dedicated to supporting the development of scalable and future-proofed methods to modernize delivery and increase productivity. By investing in technology, process optimisation, and workforce development, we aim to enhance efficiency, reduce risk, and ensure the long-term sustainability of our supply chain operations.

  Equal opportunity

  Ekco and its subsidiaries are committed to ensuring equal employment opportunity for all employees, including qualified employment applicants. The company strives to maintain an environment free of discrimination, harassment, intimidation or bullying based on race, colour, religion, gender, national origin, ancestry, age, disability, veteran status, marital status, sexual orientation, citizenship, civil status, family status, or race (colour, nationality or ethnic or national origin, membership of the Traveller Community or any other protected category or characteristics). ; ; This equal employment opportunity policy applies to all employment practices, including but not limited to recruiting, hiring, advertising, promotion, transfer, reductions in force, social and recreational programs, training, employee development, compensation and fringe benefits, discipline and termination. ; ; Diversity & Inclusion is a key area of importance which helps us build and maintain our unique culture. We want to do all we can to ensure our culture is one which promotes awareness and understanding of diversity & inclusion. ; ; We have zero-tolerance for any type of discrimination and/or harassment at Ekco. We have made significant strides through the following activities: ; • D&I Awareness Sessions - Internal Training Sessions provided to the group to raise awareness and understanding. We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; • International Women's Day panel discussion. A hugely successful panel session about the experiences and challenges of women working in the tech industry, the success of which resulted in our family friendly leave entitlements being increased.; • Certified Proud - we are members of Certified Proud, an accreditation membership body that strives towards LGBTQ+ equality throughout businesses in Ireland. ; • The Ekco Experience – our internal podcast improves our communication and promotes diverse and inclusive conversations across the group, champions our D&I culture.

  Wellbeing

  Ekco supports the health and wellbeing of staff daily by offering support through Management and the People Team to ensure staff have a positive daily experience. ; ; Mental Health Awareness Week is one of our flagship employee engagement events. Each year we have guest speakers and coaches support wellbeing and advise our staff on healthy mental as well as general health wellbeing. ; ; We are lucky to have internal mental health and diversity trained speakers within our People Team who are truly passionate about making a difference in this area. ; ; All staff are given:; C O R E; • Automatic enrolment pension contributions after 3 months service. Company contributions are matched to employee contributions at 5:5%; • 25 days per calendar year plus normal bank and public holidays; • A day off each year for your birthday, taken in the calendar month of your birthday; C H O I C E S; • Company funded single cover Private Medical Insurance (subject to post probation eligibility); • Discounted single cover with Bupa Dental Insurance via salary sacrifice; • Support your favourite charities through tax efficient donations via payroll; • Reimbursement to cover some of the costs of eye tests, glasses and contact lenses; W E L L N E S S; • Employee Assistance Programme (EAP) offering a dedicated confidential service for mental ; • health, emotional wellbeing or general advice; • Enhanced Family leave in addition to statutory eligibility;; • Maternity / Paternity; • 5 days additional leave to use in emergencies to care for dependent / pet; • Ekco Eats – a monthly lunch in the London office from a local eatery of employees' choice!; • Ekco Events – a wide range of events from EkcOlympics to summer parties; • Women's Wellness – wellness packs and toolkits to help throughout life stages

Pricing

• Price: £0.21 a gigabyte
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ekco.gcloud@ek.co. Tell them what format you need. It will help if you say what assistive technology you use.