Planet IT

Sophos MDR Essentials (Managed Detection and Response)

Expert-Led Threat Response

Sophos Managed Threat Response (MTR) provides 24/7 threat hunting,
detection, and response capabilities delivered by an expert team as a
fully-managed service.

Features

• Cloud Hosted Management, enforcement, audit and reporting
• Antivirus, Advanced Persistent Threat & Zero-Day Next-Generation Threat Protection
• Data Leakage Prevention - granular & easy to use rules
• Endpoint Control- monitor or enforce productivity usage (e.g. apps, thumbdrives)
• Web Security- prevent access to undesirable/malicious/phishing URLs
• Flexible Policy- Control by machine or user for best flexibility
• Cross Platform- Protect more device types with a single product
• 24/7/365 phone & email support by Vendor's own staff included
• Stable Footprint- ensures reliable user experience with minimum impact
• Single Pane of Glass control for multiple Sophos products

Benefits

• Ease of use, always up to date, no hosting costs
• Proven protection from existing, emerging and targeted threats
• Data audit + enforcement through data type detection (e.g. PID)
• Manage access to Apps (e.g. Dropbox) or Media (e.g. Thumbdrives)
• Secure users accessing web content on or off network
• Granular control over individual or groups of machines and users
• Windows Client & Server/Linux/macOS/VMWare/HyperV+AWS included
• Vendor supplied frontline support by phone and email as standard
• Ensure best detection without generating user complaints about performance.
• Synchronised Security: better together protection over PCs, Mobiles and more

£0 a person a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at GCloud@planet-it.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

225235812181474

Contact

Lauren Carey
01235433900
GCloud@planet-it.net

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: N/A
• System requirements:
  • Windows 8,8.1,10
  • MacOS
  • Linux

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: N/A
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: Assistive technology built into end devices works with our web chat service.
• Onsite support: Yes, at extra cost
• Support levels: N/A
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We can offer professional services to support clients with the onboarding to the platform as well as onsite, remote training for all users and access to our user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Users can request an extraction by JSON from Sophos.
• End-of-contract process: When the contract ends all service access is stopped.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: No

Scaling

• Independence of resources: The underlying platform is AWS and has the capacity to scale without effecting the system.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Sophos

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: This can be done via Excel output or JSON. Sophos also offer a direct offload.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Sophos provided a service uptime guarantee of 99%.
• Approach to resilience: The underlying platform uses AWS so is Zone and region redundant , this offers resilience for all types of failures.
• Outage reporting: A public dashboard; an API; email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: This is completed via the web portal.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QSL
• ISO/IEC 27001 accreditation date: 31/01/2020
• What the ISO/IEC 27001 doesn’t cover: All of our systems are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • ISO 27001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All polices are procedures are in place to meet the requirements on ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change management process can be provided on request and is ISO 27001 and ITIL V4 compliant.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Patch Management process can be provided on request and is ISO 27001 and ITIL V4 compliant.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring process can be provided on request and is ISO 27001 and ITIL V4 compliant.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident Management process can be provided on request and is ISO 27001 and ITIL V4 compliant.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  At Planet IT, we champion a culture of inclusivity and equal opportunity, ensuring that every individual, regardless of their background, identity, or circumstance, has the chance to thrive and contribute their unique talents to our diverse community.

Pricing

• Price: £0 a person a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A full 30 day trial can be activated on request.
• Link to free trial: https://cloud.sophos.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at GCloud@planet-it.net. Tell them what format you need. It will help if you say what assistive technology you use.