Managed Infrastructure (IaaS)
Our IaaS solutions span the entire IT lifecycle, from initial analysis and cost scoping, through design and architecture, to development, test, deployment and support. Our teams work cohesively to develop robust, secure, scalable Infrastructure as a Service solutions that are completely tailored to meet the agile demands of your business.
Features
- Scalability
- Elasticity
- High Availability
- Disaster Recovery
- Security
Benefits
- Adjust rapidly to business need.
- Automatically scale to workload fluctuation.
- Redundancy and high availability through redundant infrastructure & replication.
- Built-in disaster recovery and business continuity.
- Firewalls, encryption and access controls.
Pricing
£300 to £2,200 a unit a day
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 2 8 7 0 8 1 8 3 7 2 6 5 5 6
Contact
Squarcle Consulting Ltd
Angus Fay
Telephone: 07787 403907
Email: sales@squarcle.co.uk
Service scope
- Service constraints
- Squarcle Consulting Ltd collaborates with its clients to identify and manage any constraints that may affect the design and provision of services, ensuring that all requirements are effectively addressed.
- System requirements
-
- Amazon Warehouse Services
- Azure
- Google Cloud
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- As standard: Mon - Fri - 0900-1700 (out of hours by exception and at cost) Sat-Sun - By exception and at cost Elevated support arrangements can be negotiated as required by the client.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Squarcle Consulting Ltd implement a triage system that determines the sequence for escalating incidents. During the initial evaluation, we take actions based on the incident’s impact to the client. This enables us to rank incidents on a scale from Priority 1 to Priority 4.
Example Support Levels:
Priority 1 - Critical:
Priority 1 incidents are likely to critically impact your ability to conduct business. We’ll respond to a Priority 1 incident within 1 hour.
Priority 2 - High Impact Disruption:
Priority 2 incidents are high-impact problems that interrupt your organisation, but there’s still capacity to continue to be productive. We’ll respond to a Priority 2 incident within 4 hours.
Priority 3 - Minor Impact Disruption:
Priority 3 incidents are medium-to-low impact problems that comprise of limited loss of non-critical business functionality. We’ll respond to a Priority 3 incident within 8 hours.
Priority 4 – Information Request:
Priority 4 issues include requests that do not fall within the Priority 1 – Priority 3 classifications. We’ll respond to a Priority 4 incident within 24 hours. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Onsite training.
Online training.
Documentation.
Tutorials, can be in the form of videos or demonstrations.
in-app user guide.
Dedicated support. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Squarcle Consulting Ltd assists the customer by planning and executing exit projects, which will include data extraction means. This is costed separately from other services as a standalone exercise.
- End-of-contract process
- Squarcle Consulting Ltd assists customers by planning and executing projects from Cloud Services. Typically an Exit Plan is established and mutually agreed upon with the customer. It is then adjusted as required throughout the contract period. This is billed separately as an independent activity.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Can Do: - Deploy and manage cloud functions or serverless applications. - Create, upload, and configure functions using provided tools. - Monitor performance, logs, and usage metrics of serverless functions. - Integrate functions with other cloud services, databases, APIs, and event sources. - Build scalable and responsive applications without managing underlying infrastructure.
Can't Do as standard: - Directly control or access underlying servers, networking configurations, or OS environments.
- Full control over execution environment, constrained by platform limits and configurations. - Have unrestricted access to underlying hardware or infrastructure resources.
- Customise or modify serverless platform internals beyond the provided interfaces and options. - Manage low-level aspects such as server configurations and operating system updates. - Web interface accessibility standard
- WCAG 2.1 A
- Web interface accessibility testing
-
Keyboard Accessibility Testing.
Zoom and Text Resize Testing.
Form Accessibility Testing.
Audio and Video Accessibility. - API
- Yes
- What users can and can't do using the API
- API functions and gateways will be structured by the developer. They'll define the routes and methods, also providing the security and access control to their users. Users will not have the controls to create API's.
- API automation tools
- Ansible
- API documentation
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- Automatically scale resources up or down based on demand. Load balancing enables this without human intervention.
- Usage notifications
- Yes
- Usage reporting
-
- Other
- Other usage reporting
- The agreed preference of the customer.
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
- Number of active instances
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Snapshots
- Incremental
- Replication
- Cloud to Cloud
- Backup controls
- User-defined. Backup solution set for user need.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- IPsec or TLS VPN gateway
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Our Guaranteed 24/7 Cloud Support ensures uninterrupted assistance for your infrastructure needs. With negotiable SLAs, our engineering team commits to rapid response times and resolution of any issues. From troubleshooting to optimisation, our dedicated support ensures your operations run smoothly around the clock, empowering your business to thrive without interruption.
- Approach to resilience
- Resilience is enabled by regional disbursement. BCP and redundancy is enabled by this separation, therefore maximising system, service and user uptime.
- Outage reporting
- Service monitoring and logs are captured 24/7. This enables early insight to operational issues or service degradation. Those that are not caught within the digital monitoring and are potentially unique in nature will be communicated via the service tool and subsequent emailing notification system.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- User access is controlled by enabling role-based access where only authorised individuals can access the relevant services.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device over multiple services or networks
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Squarcle Consulting Ltd prioritises the protection of data assets to ensure confidentiality, integrity, and availability. We commit to: Conducting regular risk assessments to identify and mitigate potential threats. Implementing robust technical controls, including encryption and access controls, to safeguard data. Enforcing strict authentication measures and data access restrictions. Providing ongoing training and awareness programs to employees to promote a culture of security. Maintaining compliance with relevant laws, regulations, and industry standards. Continuously monitoring and evaluating our security measures to adapt to emerging threats. This policy applies to all employees, contractors, and third parties accessing appropriate data systems.
- Information security policies and processes
- Squarcle Consulting Ltd has established a comprehensive set of information security policies that cover purpose, scope, roles, responsibilities, and management commitment. These include, but aren't limited to: Acceptable Use; Antivirus Protection; Business Continuity Management; Data Protection; Password Management; Personnel Management; Additionally, Squarcle Consultancy Ltd develops a tailored Information Security Management Plan for each customer, outlining how we safeguard and manage customer data within our systems. This plan is provided to the customer at the start of the contract.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Configuration management Database (CMDB) is used to centralise all configuration items including hardware, software & networking devices that also captures their relationship. An assured and structured change management process that assess', approves and tracks all changes to the IT environment.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- We here at Squarcle Consulting Ltd assess the potential threats through the NCSC - Cyber Security 9 stages i.e. asset identification, threat identification, vulnerability assessment etc. Our risk analysis will determine the impact, likelihood and severity that will steer the patching urgency, however, all routine patching is done daily. Threat information is captured for review from vendors, suppliers, OSINT, Gov Agencies, IOC and NCSC bulletins.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- We conduct protective monitoring through continuous analysis of our IT systems, networks, and logs. We detect compromises by monitoring for unusual activities, unauthorised access attempts, and anomalous behaviour patterns. In response to compromises, we employ automated alerts, incident response protocols, and forensic analysis to swiftly contain and mitigate threats. Our proactive approach includes isolating affected systems, patching vulnerabilities, and implementing corrective measures to prevent recurrence. Regular reviews and post-incident analysis ensure continuous improvement of our protective monitoring capabilities to defend against evolving cyber threats.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Our incident management approach involves proactive monitoring and rapid response to common events. Users report incidents through a designated portal or contact point, detailing the nature and impact of the issue. Upon receipt, incidents are categorised, prioritised, and assigned to relevant response teams. We employ predefined processes and playbooks to streamline incident handling, including containment, investigation, and resolution steps. Incident reports are generated promptly, outlining the incident timeline, actions taken, and lessons learned. Continuous improvement is ensured through post-incident reviews and feedback loops, enhancing our incident response capabilities to mitigate future risks effectively.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Hyper-V
- How shared infrastructure is kept separate
- We use separate virtual machines, network segmentation, virtual VLANS as well as containerisation. This ensures services and underlining networking capabilities/credentials are not misappropriated.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- 3rd party via regional zone 1 (UK South).
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
As an SME we recognise how crucial it is that we show strong leadership in committing to move all our activities to become net zero by 2040, 10 years ahead of the government target of 2050. Although Squarcle’s contribution to carbon emissions is minor, our Carbon Reduction Plan seeks to commit to making material changes to our buildings, transportation behaviours, minimising waste, and how we can encourage sustainable behaviours to deliver reductions in carbon emissions. We project that carbon emissions will decrease over the next five years to 33.31 tCO2e by 2026, a 50% reduction. Emissions from Squarcle’s office building is projected to be half of overall emissions from Squarcle operations. We will reduce energy consumption through improved energy efficiency measures and increase the use of renewable energy. We will use a green energy provider and utilise Bristol’s commercial tenant Sustainable Occupancy Pack to action carbon reduction initiatives. Squarcle is ISO14001 Environmental Management Systems accredited and continuously review operations against the standard to identify any compliance gaps. We will implement a bike to work scheme and provide facilities at our offices including bike storage and showers; encourage car sharing and the use of public transport to cut commuting emissions. Squarcle will maintain hybrid approach to working which supports homeworking and brings a reduction in the amount of carbon generated through employee commuting. During this framework period, we will buy three electric vehicles and end the use of diesel vehicles. In addition, we will hire electric vehicles rather than combustion alternatives (car usage is approximately 8% of Squarcle emissions). Further, our ThinkLocal policy ensure we use local businesses to achieve environmental objectives together, this not only benefit the environment (localised supply chains) but encourages local face-to-face meetings further reducing carbon emissions. Our company initiatives are quarterly audited by our Compliance Officer.Tackling economic inequality
Squarcle is committed to address its responsibilities within the UK’s Social Value Model during the delivery of all our engagements. Actions we would take to support our Client with any of the SV themes would depend on the Social Value Model Award Criteria (MACs) deemed relevant to the contract. We have a roadmap in place to deliver our initiatives and commitments against all 5 themes. We will bring in our SV Lead to host a session with our Client to help define effective and realistic measures to drive SV initiatives during contract delivery. We aim to tackle economic equality by creating a number of new positions, these will be central to the growth of Squarcle while ensuring we support the local community. We are committed to creating Full Time Equivalent (FTE) positions in deprived areas e.g., South-West and North-West England, FTE for service leavers and to support project deliveries. We use local advertising tools sourcing website maintenance specialists and printing facilities. We aim to increase work placements for service leavers and maintain a workforce where 30% or greater of people have backgrounds with barriers to employment and/or from deprived areas. As an SME, we don’t have a supply chain in the conventional sense, we remain committed to optimising our internal processes, fostering innovation, and delivering exceptional value to our Clients. To increase supply chain resilience and capacity, Squarcle fosters a diverse and inclusive supply chain that reflects the broader society and contributes to economic growth and innovation. As part of our equal opportunity policy Squarcle is committed to promoting equality, diversity, and inclusion within the company and reducing the disability employment gap. We aim to achieve this by instigating initiatives. We have set specific goals and action plans to address various aspects of diversity and create a more inclusive workplace.Equal opportunity
Squarcle is committed to address its responsibilities within the UK’s Social Value Model during the delivery of all our engagements. Actions we would take to support our Client with any of the SV themes would depend on the Social Value Model Award Criteria (MACs) deemed relevant to the contract. We have a roadmap in place to deliver our initiatives and commitments against all 5 themes. We will bring in our SV Lead to host a session with our Client to help define effective and realistic measures to drive SV initiatives during contract delivery. We aim to tackle economic equality by creating a number of new positions, these will be central to the growth of Squarcle while ensuring we support the local community. We are committed to creating Full Time Equivalent (FTE) positions in deprived areas e.g., South-West and North-West England, FTE for service leavers and to support project deliveries. We use local advertising tools sourcing website maintenance specialists and printing facilities. We aim to increase work placements for service leavers and maintain a workforce where 30% or greater of people have backgrounds with barriers to employment and/or from deprived areas. While we do not have a supply chain in the conventional sense, we remain committed to optimising our internal processes, fostering innovation, and delivering exceptional value to our Clients. To increase supply chain resilience and capacity, Squarcle fosters a diverse and inclusive supply chain that reflects the broader society and contributes to economic growth and innovation. As part of our equal opportunity policy Squarcle is committed to promoting equality, diversity, and inclusion within the company and reducing the disability employment gap. We aim to achieve this by instigating initiatives. We have set specific goals and action plans to address various aspects of diversity and create a more inclusive workplace.Wellbeing
At Squarcle, we are committed to supporting the physical, mental health and wellbeing of our staff. We do this through structural approaches like promoting hybrid working, and making sure each employee has access to a Mental Health Aider to support their personal and professional development. We also have more informal initiatives, such as ‘coffee roulette’ sessions and free fruit in the office every Monday, and regular talks run by senior leaders on topics such as imposter syndrome and depression. Junior colleagues are regularly involved in organising these initiatives, with strong representation on our Diversity and Inclusion Committee, and proactive requests to plan events for Mental Health Awareness Month this May.
We influence staff, clients, and our communities to adopt similar approaches, e.g. by publicly praising (via LinkedIn) our employees achievements (through Annual Awards Night), and by individuals talking openly in weekly Townhall sessions.
We believe in playing a positive role in society by fundraising and volunteering our time to causes that matter to our people e.g. Movember movement. We support a local charity on an annual basis by organising hackathon sessions and youth training days in addition to financial donations.
Pricing
- Price
- £300 to £2,200 a unit a day
- Discount for educational organisations
- Yes
- Free trial available
- No