INFRASYS LIMITED

Infrasys Cloud Software Service

Infrasys provide enterprise-class cloud-hosted applications and services. Infrasys ensure (where appropriate) the structured migration of applications from on-premises to the cloud (or cloud-to-cloud), the commissioning of new cloud-based services and applications, and the ongoing support of cloud-hosted applications.

Features

• Kemp Load Balancers
• Barracuda Cloud
• Wifi surveys
• Mist WiFi
• Aruba WiFi
• Veeam
• Huntress
• Alletra GreenLake Storage
• Arcserve

Benefits

• Kemp - Multi-cloud and on-premises
• Barracuda - Cloud-to-cloud, multi-cloud and on-premises
• Check Point - Enterprise security across any-cloud and any application
• Mist - eliminate blackspots with AI cloud visibility into client-connection
• ClearPass - Multivendor cloud-based 802.1x authentication
• Veeam - Backup, replication & DR
• Huntress - Cloud Managed Security Services
• Alletra Cloud Volumes - multicloud elastic block storage
• Arcserve - Hybrid multi-cloud backup, replication and recovery

£64.61 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Surinder.Padda@infrasys.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

228726932113282

Contact

Surinder Padda
01217949363
Surinder.Padda@infrasys.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: There are no service-affecting constraints, and services are supported on all current relevant hardware platforms.
• System requirements:
  • Kemp is licensed on an aggregate throughput basis
  • Barracuda Cloud Backup is licensed per Microsoft Office 365 account
  • Checkpoint Cloud Guard integrates with all public and private clouds
  • Mist cloud wifi supports all Mist access points
  • ClearPass is vendor-agnostic, licensed per concurrent user
  • Veeam Universal Licensing (VUL) is multi-cloud, licensed per node
  • Cohesity targets can be public or private cloud
  • Nimble Cloud Volumes are multi-cloud, and capacity licensed
  • Arctic Wolf is licensed for unlimited ingest
  • Arcserve is multi-cloud, licensed per TB

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA's are tailored to requirements and include 30 minute response and a Priority-based target fix time of between 4 hours and 100 hours; support is up to 24 x 7 x 365. Response times are unaffected during weekend support.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have tested using different colour contrasts and message notifications.
• Onsite support: Onsite support
• Support levels: An Infrasys Technical Account Manager is assigned to all customers and oversees the services provided. Infrasys Service Desk services leverage and enhance vendors' support services, with SLAs specific to the requirements of individual customers and environments. Infrasys Service Desk services cover weekdays business hours and up to 24 x 7 x 365 as required. Services are priced according to hours of coverage, size of environment and location of on-site services.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: An Infrasys Technical Account Manager will oversee all aspects of on-boarding, including ensuring that training and documentation meet customer needs.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be exported from applications to a variety of file formats including XLS and PDF
• End-of-contract process: Customers will be contacted by Infrasys six months prior to contract end-date and will be presented with renewal options. If the customer does not renew the contract, all customer data and IP will be transferred to the customer within 30 days of contract expiry (included in cost). Professional services support required to migrate customer services to a new supplier will be subject to additional cost depending on scope.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Only the screen layout - that is resized to suit the the device resolution
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The interface is a web portal that allows the buyer's administrator to manage user access rights
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have tested using different colour contrasts and message notifications.
• API: No
• Customisation available: No

Scaling

• Independence of resources: The service uses highly resilient AWS and Azure public clouds, and will be configured for the required number of users

Analytics

• Service usage metrics: Yes
• Metrics types: Infrasys Service Desk reports detail calls raised, subject, and time-to-resolution, number of users, active licenses usage, amount of storage used, service uptime
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Multi-vendor

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Multiple export options include XLS, PDF and BACPAC
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLA is 99.5% uptime; service credits are offered in the event that those levels of availability are not met.
• Approach to resilience: Available on request.
• Outage reporting: Public dashboard and email alerts report on availability; additionally, Technical Account Managers liaise directly with customers.

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Management interfaces are restricted to named users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Infrasys holds Cyber Essentials Plus certification
• Information security policies and processes: The Infrasys InfoSec Incident Handling Checklist details procedures that should be followed by Infrasys InfoSec staff in the event of a possible security incident. Actions are in 3 stages: 1 - Detection and Analysis; 2 - Containment, Eradication, and Recovery; and 3 - Post-Incident Activity including reporting and lessons-learned.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Infrasys change management adheres to ITIL principles and methodologies. All potential changes are assessed in the context of security impacts and any other dependencies.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Infrasys takes a multi-layered approach to vulnerability management, deploying tools from vendors including ManageEngine, Microsoft, Trend and Barracuda as part of a process of continual risk assessment; these tools monitor, assess and report to inform timely application of patches as required.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Each service will be monitored with automatic alerts sent to Infrasys Service Desk. Infrasys also work closely with each technical vendor and any known compromises will be managed under the ITIL framework. Logs will be kept for an agreed retention period and checked on a regular basis. Each alert/known compromise will have a ticket raised and given a severity level. Each severity has a Key Performance Indicator, including a response time and fix time.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Infrasys use ITILv3 framework for incident/problem management. Infrasys operate a Service Desk where customers can raise incident tickets either online or telephone. Each severity call is assigned a KPI set out in the agreed SLA document. Common pre-defined events will have a documented process. Monthly reports are generated and reviewed in service management meetings.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Infrasys is committed to a culture of respect for all personnel regardless of race, disability, gender, sexual orientation, age, religious or other belief.

Pricing

• Price: £64.61 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full Functionality of service for up to 90 days; License can be upgraded to full version without interruption.
• Link to free trial: Www.infrasys.co.uk/trial

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Surinder.Padda@infrasys.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.