Security Incident and Event Management (SIEMaaS) as a service
Proact’s Managed SIEM as a Service (SIEMaaS) provides customers with a Security Information and Event Management protecting monitoring service which includes 24x7x365 monitoring, alerting and incident management support. The service provides remote collection and analysis of logs, using a leading public cloud hosted Security Information and Event Management solution
Features
- Centralised Log repository and retention for multiple log sources
- Log correlation e.g vulnerabilties vs. intrusions and Threat Hunting
- Threat and risk modelling, contextual awareness
- Full 24x7x365 Virtual SOC Capability via skilled Cyber Security Analysts
- Web accessible interface with customisable dashboards and reporting
- Highly scalable, agile and secure platform
- Security data and time stamp across all logs ensuring data
- Alerts for unexpected events
- Online access to real-time information surrounding log data and events
Benefits
- Streamline compliance reporting
- Consolidated and centralised event view across platforms
- Improve incident handling. Facilitate focus on riskiest threats
- Fully management deployment reduces resource overhead on local IT personel
- Lower TCO Than On-Premise deployments, Quick ROI
- Service reviews, detailed monthly reporting and security guidance
Pricing
£6.26 to £322.68 a unit a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 2 5 5 0 2 8 5 3 9 1 7 5 4 6
Contact
Proact IT UK Limited
Proact IT UK Sales
Telephone: 01246266300
Email: bids@proact.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- None
- System requirements
-
- Microsoft Exchange Server
- Microsoft Office365
- Google Gsuite
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Email and online ticketing support availability 24 hours, 7 days a week
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- 24x7x365 or business hours only. Single point of contact for all services. From 1-2 hours response up to 1 business day dependent on support service.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Remote web based training is provided on how to use the self service interface. Advice given on installation requirements, configuration details.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- No user data is held by this service.
- End-of-contract process
- The service terminates. No more event logs are received or stored in the platform. Any log data stored is purged from the system.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- Yes
- User support accessibility
- None or don’t know
- Description of service interface
- The service is accessible via a web based console to provide reporting and dashboard functionality.
- Accessibility standards
- None or don’t know
- Description of accessibility
- Users can access reporting metrics, search data sets and configure dashboards.
- Accessibility testing
- None
- API
- No
- Customisation available
- No
Scaling
- Independence of resources
- The service is operated from the Amazon Web Services platform and is scaled automatically on demand for any increase in usage.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Metrics relating to the number of phishing incidents blocked automatically, the types of incident, number of reported phishing emails by users and the incidents resolved by the Proact security team can be provided. In addition the results of simulation training exercises where this feature is consumed.
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
-
User data in the form or email addresses and usernames can be exported from the platform by Proact on behalf of the customer.
Any user data is purged from the platform after contract expiry. Email body content is not stored on the platform at all unless the email is confirmed as a legitimate phishing attempt. - Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- The Proact service is designed to be 99.5% available as a minimum. Through the deployment of a scaled out platform built across multiple servers and hosted within AWS data centres which features redundant network and power.
- Approach to resilience
- The platform uses a highly available architecture containing no single points of failure through compute, storage and networking components. The service is hosted within AWS data centre facilities.
- Outage reporting
- Outages are reported to the customer via email notifications and the service dashboard. Regular reviews are scheduled between the customer and the Service Delivery Manager, where additional information can be provided surrounding any outages that may have occurred. Where relevant, email would be used and or the emergency contact would be directly informed.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Access to the platform is only available through the Proact SOC secure network. The network is protected with Network Access Controls and only accessible through our secure SOC facility. Role Based Access Control is in effect to provide least privilege access to the interfaces. All Proact services are segregated onto dedicated networks with firewalls in between. Service interfaces are accessed via dedicated jump servers.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI Assurance UK Limited
- ISO/IEC 27001 accreditation date
- 27/04/2022
- What the ISO/IEC 27001 doesn’t cover
- Any products or services that fall outside of the managed cloud portfolio
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- IG-SOC
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- The high level “Information Security Policy” describes the considerations to achieve the company information security objectives and is separated in to the key Tier 2 detailed security policies: • Technical Security Policy • Physical Security Policy • Business Continuity Policy • Data Handling • 3rd Party Supplier Management Policy • Network and Infrastructure Management Policy All of these policies are condensed to form the Acceptable Use Policy, which is trained to all new starters during their induction and included in annual security awareness training. These policies are reviewed at least annually prior to security retraining and after changes to compliance requirements. Staff are invited to comment on this policy and suggest ways in which it might be improved by contacting the Chief Security Officer.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Change management is an ITIL process managed through a ticketing system, which tracks changes to configuration items. Extensive changes are approved by the Change Approval Board.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Vulnerability scans are performed frequently. Monitoring for vendor notifications trigger patches / updates where required
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Proact’s SOC monitor customer’s logs watching for Indicators of Compromise (IoC), to alert customers in accordance with predetermined processes. The Investigation Team perform in-depth analysis, looking for further evidence, or most often to eliminate false positives. Customers are included in Investigations, as an IoC could be a benign activity known by the customer; authorised change or penetration test in progress. If a compromise is suspected or confirmed then the response team will work with the customer to follow established response procedures to cover Containment, Eradication, Recovery and advice on strengthening security controls to prevent similar occurrences.
- Incident management type
- Supplier-defined controls
- Incident management approach
- Incidents can be reported over the phone to the support team or via the web interface. The Service Delivery Manager can also be contacted, but will be included in communications in any case. Incident reports are made available in the dashboard and as part of the regular review meeting with the Service Delivery Manager.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Proact’s environmental sustainability strategy is founded on a whole-of-lifecycle, circular supply chain approach. Our Carbon Reduction Plan (CRP) commits to achieving ‘Net Zero’ carbon emissions by 2050, through maintaining annual records of our Scope 1, 2 and a subset of 3 emissions.
• We have implemented monitoring across all our services, to identify improvement initiatives for power consumption and CO2 emissions.
• We are transitioning our managed storage platforms to solid-state systems technology to deliver substantial power and reduce emissions.
We are committed to protecting the climate, having recently implemented solar roof panels at our head office, installed EV charge points, converted to LED lighting.
We encourage our employees to be environmentally conscious through our environmental training, cycle to work and electric car schemes, providing video conferencing tools and work from home programs to avoid unnecessary travel, source only 100% renewable electric.
Contract specific Social Value additionality is provided using the National Themes, Outcomes, and Measures (TOMs) Framework and is available on request.Covid-19 recovery
Proact acknowledge that the COVID-19 pandemic has exacerbated existing economic and social challenges and created many new ones. As a responsible organisation we have continued to develop social values that provides additional benefits which can aid the recovery of local communities and economies, especially through employment, re-training and return to work opportunities, utilisation of employee volunteering days in community support opportunities, developing new ways of working and supporting the physical and mental health of those affected by the virus.
During the pandemic Proact launched a Loneliness guide Part 1 to support the impact of isolation, and the need to understanding loneliness and how to support themselves and others.
Following the lift of lock down, home working has become a permanent fixture in peoples lives, as such we decided to launch Loneliness guide Part 2, as we felt an obligation to continue to support and protect all our employees. Part 2 includes, Relationships and Interactions, talking about feelings, our connections online and media, and how to look out for the signs of loneliness.
Contract specific Social Value additionality is provided using the National Themes, Outcomes, and Measures (TOMs) Framework and is available on request.Tackling economic inequality
Proact are committed to tackling economic inequality, including creating new opportunities, jobs, and skills, as well as increasing supply chain resilience Support innovation and disruptive technologies throughout the supply chain to deliver lower cost and/or higher quality goods and services.
We influence staff, suppliers, and customers in support of Proact’s development of scalable and future-proofed new methods to modernise delivery and increase productivity.
Proact continue to identify skills-gap to ensure we can provide all the necessary training to individuals, in 2023 Proact expanded its Apprenticeship scheme, which has enabled 20 more employees’ access to achieving recognised technology skills. Throughout 2023 and into 2024 Proact continued recruiting women-in-tech across the business to tackle the gender inequality.
Contract specific Social Value additionality is provided using the National Themes, Outcomes, and Measures (TOMs) Framework and is available on request.Equal opportunity
Proact continues to drive equal opportunity, including reducing the disability employment gap and tackling workforce inequality, Improving health.
Support in-work progression to help people, including those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant and recognised qualifications.
Our policy is to protect all job applicants, employees, and those within our supply chain are not discriminated against either directly or indirectly on the grounds of race, colour, ethnic or national origin, religious belief, political opinion or affiliation, sex, marital status, sexual orientation, gender reassignment, age, or disability.
Contract specific Social Value additionality is provided using the National Themes, Outcomes, and Measures (TOMs) Framework and is available on request.Wellbeing
Influencing staff is our key objective and through the delivery to provide ongoing support in wellbeing, and the physical and mental health of every member of staff. We provide regular workshops, offering relevant media and access to private professional advice via several social media channels including 24/7 telephone support lines.
Within our Proact community support framework, we have developed a Wellbeing Hub, accessible by all staff, giving them an abundance of information including, Private healthcare, mental health first aiders, employee assistance programme that offers a confidential telephone services 24 hours a day, a Financial Wellbeing Money Centre offering an interactive budgeting course, debt related mental health counselling, and a dedicated recession-proofing health check.
Proact’s wellbeing hub continues to evolve as we listen to our employee needs, having recently introduced the Perkbox incentive that provides multiple savings on everyday purchase helping with the increased living costs, in conjunction with annual reviews and appraisals, Proact has rolled out a real living wage initiative for 2024.
Contract specific Social Value additionality is provided using the National Themes, Outcomes, and Measures (TOMs) Framework and is available on request.
Pricing
- Price
- £6.26 to £322.68 a unit a month
- Discount for educational organisations
- Yes
- Free trial available
- No