UST Global Pvt Ltd

UST CloudDesk

UST CloudDesk is a secure and end-to-end managed Virtual desktop that can be hosted in both public (Azure and AWS) and private cloud.

Features

• Single plane to access Virtual Desktop
• Built-in Zero trust-based access
• Built-in Multi-factor Authentication
• Device Entry Control features restrict users to specific devices
• Block users to do Data copy Printing screen Screen recording
• Block users Share their PC over desktop sharing tools
• Block or control Internet while working on VDI
• Access to physical PCs
• Session Recording

Benefits

• Access available to Virtual apps and Desktops as a service
• Single Client to access both cloudDesk & remote access
• Access office PC securely using the same client
• Allow client-server and web app access
• Built in Multi-factor authentication
• Built in Device ID control
• Zero Trust Security - IP Camouflaging & Network Blinding
• Device control plane allows Endpoint control
• Contextual security engine
• Enable user control Data Copy Restrictions on Endpoints

£28.00 a user

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

191220536756223

Contact

Patrick Marren
07544102103
ukpublicsectorsales@ust.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/A
• System requirements:
  • CloudDesk licences are included based on the feature set selected
  • All application software licensing to be included by the customer

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Customers are able to raise requests to service through email, phone or a web portal 24x7x365 days a year with defined service SLAs to respond to those requests based on incident/issue severity.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Webchat accesible via standard webbrower
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: We have L1, L2 and L3 support levels and are finalized per the client requirements. Cost and resources are subject to discussions and are determined as per the client needs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The UST CloudDesk service includes a comprehensive on-boarding phase to setup and customise the platform to the specific requirements of each individual customer's requirements which includes virtual instructor-led training provided prior to go-live with ongoing access to documentation for help and FAQs. On site training can be arranged depending on the type of engagement.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: UST will export any customer specific data in an agreed format
• End-of-contract process: We will assist with export of data as required at end of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference in functionality, usability experience will be influenced by the size of the screen of the mobile device.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Service will be deployed in the customer's tenant

Analytics

• Service usage metrics: Yes
• Metrics types: Cpu, disk, memory, network, number of active instances
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Accops

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: We will assist with export of data as required at end of the contract.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The level of availability depends on the availability mechanisms chosen by the customer for the infrastructure services (public and private)
• Approach to resilience: Resiliency is achieved by using default public cloud availability options. In case of private cloud the data centre setup is based on the customer environment.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: We grant user access to the the platform using fine-grained permissions built on role-based access controls (RBAC). Customers can create multiple roles and assign roles to users based on their responsibilities. RBAC lets you control the way your users access, view and manage data.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Information can be provided upon request
• ISO/IEC 27001 accreditation date: Information can be provided upon request
• What the ISO/IEC 27001 doesn’t cover: Information can be provided upon request
• ISO 28000:2007 certification: Yes
• Who accredited the ISO 28000:2007: Information can be provided upon request
• ISO 28000:2007 accreditation date: Information can be provided upon request
• What the ISO 28000:2007 doesn’t cover: Information can be provided upon request
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: UST follow a defined escalation and reporting approach. Full details can be supplied upon request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Undisclosed. Information can be provided to individual customers under an NDA.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management approach is based on the ITIL v3/v4 framework.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Tackling economic inequality:

  Tackling economic inequality

  UST typically aim to fill at least 10-15% of roles with people from a disadvantaged background, providing employment and training opportunities to disadvantaged people from economically underprivileged areas who may face barriers to digital jobs, such as not having a university degree. UST work with partners who provide employment opportunities, along with training, and personal development for their staff. We will hire disadvantaged staff who would typically be unable to find opportunities in the technology industry, provide them with all necessary training and experience, and then bring them onto projects where they will bring value and success both to the project and their own careers. Where possible, UST will hire from areas that have over 20% of the community on out-of-work benefits. Our head of Social Value will assist in assessing suitable areas and provide feedback to recruitment teams. UST will be visible in these deprived areas through local community workshops and advertise the roles to these communities. Additionally, UST will work with Job Centre Plus to help find suitable candidates who would benefit from training and work opportunities.
• Equal opportunity:

  Equal opportunity

  UST implement processes to eliminate bias in our hiring and promotion practices, working to support people who fall under the nine ‘protected characteristics’ detailed in the Equality Act 2010. Our recruitment process is designed to eliminate bias. We use software that removes all personally identifying information from CVs, such as gender, race, and age, before they are reviewed to ensure these characteristics don’t factor into hiring. We have a multi-phase interview process, with a team of five people selected randomly for each interview to provide a wide range of perspectives on each candidate. Salaries adhere to a defined pay structure and are based entirely on role and skills. Our recruitment team is trained in strategies to ensure the recruitment process does not demotivate or bias against any group. This includes the Unconscious Bias course provided by LinkedIn, which details the impact of bias, how it arises, and how to combat it. We provide training to staff at all levels, and renew this training on an ongoing basis, to create an inclusive environment where staff are empowered to identify and tackle bias.

Pricing

• Price: £28.00 a user
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Please contact UST to discuss the size and scoping of a free trial

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukpublicsectorsales@ust.com. Tell them what format you need. It will help if you say what assistive technology you use.