Unisys Limited

Vulnerability and Security Patch Management

Our Vulnerability & Security Patch Management service routinely assesses vulnerabilities in systems, applications, and networks, prioritising remediation. We devise and execute plans to address identified vulnerabilities, applying patches and implementing security controls. Regular identification, testing, and application of security patches and updates, addressing known vulnerabilities and reconfiguring systems as necessary.

Features

• Vulnerability Remediation: Devise and implement strategies to address system vulnerabilities.
• Security Patch and Update Management: Remediate known system vulnerabilities.

Benefits

• SECURITY PARTNERSHIP: Serves as a trusted advisor and partner.
• SECURITY LEADERSHIP: Leadership and delivery to meet cyber security goals.
• SECURITY STRATEGY: Safety guidance, cyber risks, and cyber innovation.
• COLLABORATION: Cybersecurity practices partnership, preventing weakest links.
• OPTIMISED GOVERNANCE: Operate without concerns of handling cyber incidents.
• FLEXIBLE DELIVERY: Outsource, co-source, or insource crucial cybersecurity functions.

£199 to £2,715 a unit

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudstore@unisys.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

234064584085720

Contact

Simon Arnold
+44(0)7808391153
cloudstore@unisys.com

Planning

• Planning service: Yes
• How the planning service works: Unisys can work with you and your partners to define and implement the Vulnerability and Security Patch Management service. The Service Transition activities may include:; TRANSITION PERIOD: Transition Period - 1 time cost per contract to perform knowledge transfer from internal staff or existing provider.; CYBER OPTIMISATION: 1 time surge staff to eliminate baseline Service Transformation Solution costs (i.e., elimination of hundreds of tickets).; CYBER INHERITANCE: Inheriting risk deficits to achieve a starting point for program operations and improvement.; REGULATORY ENVIRONMENT: If you have high complexity regulatory environment with many mandates.; GOAL RAMPING: If you have key target dates in order to achieve performance goals, allows for surge staffing.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications:
  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Security Professional (CISSP) - (ISC)²
  • CompTIA Security+
  • GIAC Web Application Penetration Tester (GWAPT)
  • GIAC Certified Incident Handler (GCIH)

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by your organisation
• How the support service works: Unisys Cyber Security Solutions bring clients the leadership expertise of understanding the extension of cybersecurity into the digital workplace and the hybrid cloud infrastructures. Here’s how we provide support:; Managed service: Protect against threats and vulnerabilities while freeing resources for other activities by tapping our seasoned professionals' Zero Trust security and industry expertise.; Proven methodology: Use us to scan your environment, analyse the results, generate recommendations for remediation, and track the follow-through for compliance.; Business-focused: Receive remediation recommendations from security experts who take the business context of vulnerabilities into account and prioritise responses in alignment with business needs.; Tailored-fit: Engage with us in a way that fits how you work, aligns with your governance and compliance requirements, and seamlessly integrates with industry-leading vulnerability management tools, IT service management platforms, and configuration management databases.; Our goal is to ensure that your security is managed with the highest level of expertise, allowing you to focus on your core business activities.

Service scope

• Service constraints: The service is offered as a minimum 3-year contract delivered on either the Unisys hosted secure private cloud, a public cloud service or on the customer’s own locally hosted cloud environment.; Any changes to the service in scope may require further evaluation to be undertaken and may incur additional costs. All such changes will be managed through a change control process.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Unisys proposed support window is UK business hours, 5 days a week. Unisys Cyber Security Solutions response times are tailored to client needs and depend on the priority of the ticket. Unisys is committed to customising service levels to align with each client’s specific requirements. This means that response times can be adjusted as part of the service agreement to ensure they meet your operational needs.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Unisys Cyber Security Solutions offers a range of support levels to meet diverse client needs. While we have standard service levels, we are always ready to tailor our services to provide enhanced support:; Standard Support Levels: Our standard service levels are designed to meet the typical requirements of most organisations.; Customised Support: We understand that each client has unique needs. It’s important to note that the proposed service levels are a starting point. Unisys is committed to tailoring its service to meet the client’s unique requirements, which may include enhanced support levels beyond the standard offerings.; Cost Variability: The cost of different support levels varies based on the extent of customisation and the level of support required. We work closely with clients to define a cost structure that aligns with their budget and support needs.; Each Unisys cyber security service includes roles embedded with the solution, which are aligned to the roles of technical account manager or cloud support engineer.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 14/10/2021
• What the ISO/IEC 27001 doesn’t cover: All controls identified in ISO 27001 annex A are implemented across Unisys domains covered by global certificate number IS 58442. This includes the UK entity for this framework, Unisys Limited. The Statement of Applicability covers Unisys Managed Security Services, Cloud and Infrastructure Services, Application Services, Unisys Facilities and Administration, and IT Operations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our plan over the contract duration includes: (1) Using resources in an environmentally responsible manner. We will continue to invest to minimise energy usage across our buildings, the largest contributor to our UK carbon footprint. Our flexible working policy reduces both our real estate footprint and associated corporate travel. We increasingly source energy from renewable sources, and this now accounts for 30% of purchased electricity (2) Working with sustainable partners in the supply chain. We assess key partners in our supply chain using several measures including independent sustainability ratings from EcoVadis. We seek to grow relationships with suppliers with formal ESG policies and those who are building out their ESG programs. (3) Fostering environmental responsibility among our employees (4) Reducing or eliminating the use of hazardous substances (5) Sustaining effective product recycling and reclamation programs, and (6) Continual improvement of our environmental performance. We set a 20-year target in 2006 to reduce our Scope 1 and Scope 2 Greenhouse Gas (GHG) emissions by 75%, and achieved that goal in 2021, 5 years ahead of schedule. Current objectives are to reach net zero GHG emissions for Scope 1 and Scope 2 sources by 2030 and to explore viable options to address residual, harder to abate Scope 1 and Scope 2 emissions. These include potential technological developments or tools such as renewable energy credits to address Scope 2 emissions and carbon credits to support climate mitigation activities beyond our value.

  Covid-19 recovery

  Unisys is an equal opportunities employer, focused on building a diverse workforce that represents the communities we live in and serve. Our flexible working policy supports the COVID-19 recovery effort, enabling effective social distancing, and supporting remote working. We support and have equitable processes for retraining and career development. Our Employee Development Plan features annual goal and performance reviews, training, and career development to give employees opportunities to achieve personal and professional goals. All Unisys associates have access to the Unisys University, which has over 50,000 training artefacts covering technical and soft skills development. Technology courses include in-demand areas such as cloud-based technologies and cybersecurity. We also care about supporting the physical and emotional wellbeing of our employees and provide a highly flexible benefits package with a wide range of leisure, lifestyle and wellbeing benefits for employees and their families. Awareness of these benefits are promoted by assigned wellness officers, who encourage employees to use the resources available. The wellness team also set regular challenges to promote fitness and the benefit of connecting with the environment.

  Tackling economic inequality

  Our flexible working policy supports the creation of employment opportunities particularly for those who face barriers to employment and/or who are located in deprived areas. Our ability to offer home-based roles opens up job opportunities to suitable candidates in all locations, and not just those in commuting distance of a Unisys office. The cloud and security services in scope of this contract cover in demand and high growth technologies. Throughout the duration of this contract, Unisys associates will gain practical experience and highly desirable and transferable skills in the design and delivery of services these high-demand and high growth sectors. This will enhance their opportunity for career development and advancement within or outside Unisys. Career and skills development is supported by an Employee Development Plan features annual goal and performance reviews, training, and career development to give employees opportunities to achieve their personal and professional goals. All Unisys associates have access to the Unisys University, which has over 50,000 training artefacts covering technical and soft skills development. Technology courses include in-demand areas such as cloud-based technologies and cybersecurity. We also have alliances with (but not limited to) Google; Apple; Oracle; Cisco; Dell; EMC; Intel; Motorola; Micro Focus; Red Hat; Symantec and VMware and have access to alliance training and certification programs to further expand the range of career development opportunities for our staff.

  Equal opportunity

  Unisys is focused on building a diverse workforce that represents the communities we live in and serve. Our objectives are to have a workforce that represents the populations we serve and to have equitable processes in place to support the recruitment, renumeration, advancement and retention of all associates. Throughout the contract Unisys will make measurable progress across all career levels to align our workforce representation with market expectations and beyond for Women and people from underrepresented groups (ethnicity/race, LGBTQIA+, people with disabilities and Veterans). An example is our annual pay equity review. Results are monitored and any issues addressed. Reported data for the 2023/24 UK gender pay gap report shows that the gap is minimal, with women earning 98p for every £1 that men earn when comparing median hourly pay. In terms of development, the skills required to deliver the cloud and security services in scope of this contract are in high-growth sectors. Throughout the duration of this contract, Unisys associates will gain practical experience and highly desirable and transferable skills in the design and delivery of services these high-demand and high growth sectors. This will enhance their opportunity for career development and advancement within or outside Unisys. Career and skills development is inclusive and supported by an Employee Development Plan. All Unisys associates have access to the Unisys University, which has over 50,000 training artefacts covering technical and soft skills development. We are committed to respecting and preserving basic human rights. Our zero-tolerance policy to any form of slavery or forced labour extends to our supply chain. We require our partners to sign and abide by the Unisys Business Partner Code of Conduct, which mandates that they comply with all applicable laws, rules, and regulations in every location where we conduct business together.

  Wellbeing

  We care about supporting the physical and emotional wellbeing of our employees and provide a highly flexible benefits package with a wide range of leisure, lifestyle, protection and wellbeing benefits for employees and their families. Details of the benefits are published on the intranet. A helpdesk is also provided to answer any questions. The package of benefits is designed to support the physical, emotional and financial wellbeing of our associates. As everyone is different, the benefits options are flexible, to enable associates to choose the best options to help achieve the perfect work-life balance. Benefits cover: (1) Leisure: Annual Gym Membership (2) Lifestyle: with childcare vouchers, holiday trading and cycle to work protection (3) Financial: with Life Assurance, Critical Illness Insurance and Group Income Protection and (4) Wellbeing: with Travel Insurance, Dental Insurance, Healthcare Plan and annual Healthcare Screen. Awareness of these benefits are promoted by local wellness officers, who encourage employees to use the resources available. These wellness teams also set regular challenges to promote fitness and the benefit of connecting with the environment. Recent examples include the annual UK Charity Hike. The 2022 event, a 27km hike in the Chiltern Hills, raised over £5,000 for mental health charity Mind UK. The 2023 25km hike in the Peak District raised £2,700 for Cancer Research UK, Mental Health Foundation and the Alzheimer’s Society. To support mental wellbeing, the Mindfulness program has daily live and recorded meditation sessions to help reduce stress and increase productivity through meditation. In addition, the online Unisys University contains a number of free training courses, available to all associates, including Working Well with Others; Optimising your Workplace Wellbeing; Making the Most of Organisational Change, Forging Relationships with External Stakeholders and Difficult People: Why They Act That Way and How to Deal with Them.

Pricing

• Price: £199 to £2,715 a unit
• Discount for educational organisations: No

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudstore@unisys.com. Tell them what format you need. It will help if you say what assistive technology you use.