Akhter Cloud Hosting
Akhter Cloud is for users who require a scalable flexible solution to their computing, data, network and platform service needs. It can provide a full range of options including enhanced support packages and security add-ons tailored to requirements.
Features
- Reliable real-time data back-ups
- Disaster recovery from secured off-site data back ups
- Hosting with optional levels of management and support
- Fully flexible data warehousing
- Full suite of database services available to meet client needs
- Database design, development and support
- Network and Platform services tailored to user requirements
- Infrastructure design and security aspects to defined user specification
- Logging and analytical tools can be enabled for users
Benefits
- Tailored services to meet user needs
- Optional service levels to meet varied user requirements
- Operated by security cleared staff
- Use any suitable third party devices to use services
- Access services remotely
- Add additional services when required
- Flexible support to meet user requirements
- Quickly edit and publish messaging or content
Pricing
£100 to £2,000 a licence
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
2 3 8 7 6 0 8 9 9 5 2 5 9 5 5
Contact
Akhter Computers PLC
Latifa Hamdan
Telephone: 01279 821200
Email: ccsales@akhter.co.uk
Service scope
- Service constraints
- N/A
- System requirements
- None - as tailored to user needs
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- Within the hour - and depending on services level if outside working hours Mon to Fri.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We have worked with those relying on Assistive Technology to use web-chat and this is standard for our services.
- Onsite support
- Yes, at extra cost
- Support levels
-
Akhter operates an Integrated Management System (IMS) that encompasses ISO9000 for Quality Management, ISO14000 for Environmental Management, ISO20000 for Service management & ISO17000 for Information Security Management.
Akhter puts in place a virtual Service Level Agreement, with all its associated quality, environmental & security requirements for every buyer, the available services will be clearly communicated by the relevant account manager to the buyer(s). Akhter’s Sales or Technical Directors are empowered to make decisions on policy and are the senior path of escalation.
Akhter is able to provide real time support related to the Buyer’s historical purchasing, order tracking, current service and systems status.
We provide Technical account managers and Cloud Support Engineers depending on the service selected.
For the period of the relationship Akhter would be able to propose relevant updates to the service, systems, HW/SW and be able to offer savings based upon market fluctuations, special offers or consolidation.
The costs for each service depend on the service selected, the level of service needed, the duration of the service, the scale of the service and other factors that mean our tailored services require engagement before costs can be calculated. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- All services are bespoke and tailored to our user requirements, all forms of training, documentation and support can be provided.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- This is agreed prior to contract and usually depends upon what the user requirements are, it can be provided in many formats and via various routes depending for example on security needs, we can however provide advice if necessary on current good practice.
- End-of-contract process
- We aim to ensure buyers only pay for what they need so we provide a fully flexible service to enable us to meet even the most complex and high security needs of our clients. Any additional costs that could be liable would be notified prior to contract for agreement with buyers. We provide a transparent service that enables us to have long term relationships with all our customers.
Using the service
- Web browser interface
- Yes
- Using the web interface
-
Web interfaces are tailored to the users requirements.
Changes can be made to most levels depending on the users requirements
The limitations are only as set by the user and legal requirements (e.g. data protection). - Web interface accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web interface accessibility testing
- This is service and user specific so if required by the users or buyer it will be carried out for the service selected.
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Akhter Cloud services are guaranteed through an agreed SLA and depending on the level selected can operate on systems that ensure optimal availability and can scale and prioritise usage of processors, bandwidth, network and core services.
- Usage notifications
- Yes
- Usage reporting
-
- SMS
- Other
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- Memory
- Network
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Akhter services enhanced with e.g.Microsoft-AWS-Dell with integration and support
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Files
- Virtual Machines
- Databases
- Any electronic system that is externally connected
- Any electronic system that requires local back up
- Backup controls
- The back-up process is designed to meet user requirements and is fully configurable.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
-
- Users can recover backups themselves, for example through a web interface
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Availability is provided as needed by buyers up to 99.999% but in some cases may be limited where a specific third party service is required by buyers or users.
Refunds are at a mutually agreed level and in line with the service level selected in the contract. The risk/reward/penalty balance has an associated cost that is clearly set out to the buyer during initial discussions. - Approach to resilience
- We have various forms from Cyber to Power resilience. As publishing this information can highlight any residual unknown vulnerabilities we only provide this information to verified potential buyers.
- Outage reporting
-
This depends on the reason for an outage, an initial (usually automated) email will be sent, followed up by immediate phone contact to the nominated user contact. If for example there is a Local, Regional or National Power Outage that has caused the Service outage due to network connectivity issues then addition methods may be employed at our discretion.
Should buyers require a specific tailored reporting method this can usually be arranged.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Access restrictions in management interfaces and support channels
- A verification process is agreed with the buyer/user during the contracting process. This may be our standard verification process or one tailored to the buyers needs. Our ERP system enables our staff and system look-ups to verify identities and authority to engage with us on behalf of the buyer/user.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Bmtrada UKAS
- ISO/IEC 27001 accreditation date
- 3 September 2012
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- X-List
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
As directed by our board, Akhter staff read and comply with policies and procedures such as JSP 604. We protect two main types of data, personal and business data. Our personal data protection policy is on our website (www.akhter.co.uk). Our buyer’s business data is protected in accordance with contract terms. Akhter policy protects business data through actively maintaining patching, up to date stable SW versions and complying asap with Pen Test advisory matters.
Our security risk management approach includes data exchange using FTPS and access to sensitive information and services only to identified, authenticated and authorised users or systems. We encrypt Buyer business and personal data at rest, in all mobile devices, laptops that are taken off-site and removable media. We have the capability to remotely wipe and/or revoke device access. We currently use TLSv1.2 for email, Domain-based Message Authentication Reporting and Conformance (DMARC) enforcement, Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF) records, with spam and malware filtering. We use Open Web Application Security Project (OWASP) vulnerabilities list, in addition are registered and use NCSC's Web Check service.
Akhter have a defined, planned and tested security incident response with clearly defined procedures, actions, roles and responsibilities.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Akhter's policy provides minimum access to sensitive information or services necessary for roles and access is removed when individuals leave. We reduce vulnerability to common cyber-attacks, through tested and validated configuration & patching, or other mitigations (such as logical separation). Changes to implementations and configurations can only be made by strongly authenticated and authorised administrators. We restrict and use buyer IP ranges where required. Outsourced services record where security related responsibilities lie. Akhter can provide or adopt a buyer defined, planned and tested response to security incidents, robust communication/continuity plan, compliance with legal obligations with a proportionate & defence-in-depth approach
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
-
Akhter monitor bulletins & threat intelligence sources e.g. CISP, information notes, government policies, meet all relevant standing instructions & mandated technical standards.
We manage and mitigate applicable threats, protect against, detect and have plans for dealing with malicious behaviour, our critical technology and services are resilient to disruption,
We reduce vulnerability to common cyber-attacks, through tested and validated configuration & immediate patching on receipt or notification of updates, or other mitigations (such as logical separation). Changes to implementations & configurations can only be made by strongly authenticated & authorised administrators. We restrict & use buyer IP ranges where required. - Protective monitoring type
- Undisclosed
- Protective monitoring approach
- Publishing our protective monitoring process in full could create a vulnerability in our business. At a high level we use a third party protective monitoring solution that actively monitors our systems and services for potential compromises. We have various levels of response depending on any potential compromise that includes the option of immediate full shut-down to enable forensic investigation of one or more systems or services.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Akhter have a defined, planned & tested security incident response & management plan with clearly defined procedures, actions, roles & responsibilities for our senior board members as well as the management team, including a communication plan for each buyer notifying for example the buyers press office, or the Information Commissioner’s Office (ICO). We have a cascade call-out & clear escalation process & plans to minimise response, down & restore times. Lessons inform updates & changes, drawing on internal or external expert advice where necessary. Incidents immediately logged to Akhter’s ERP system, the unique reference number is provided to the buyer.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
-
Akhter have adopted the sustainable technology strategy 2020’s mantra of suppliers needing to provide clean & green digital & technology services & practices. We are in touch with the UK government’s commitment to sustainability outcomes & how that links to the UN Sustainable Development Goals and Carbon budgets. We can provide assurances on meeting Green ICT Delivery Unit (GDU) Technology Code of Practice principles & best practices for our buyers, Akhter consider and undertake:
The embodied environmental impact of installed devices;
Mechanical and electrical equipment environmental operating ranges;
Service Charging Models;
Life Cycle Assessments;
Environmental, Energy and Asset Management;
Sustainable energy usage;
Powering of devices via the IT cabling;
Impact of mobile / shifting workloads;
Energy supplies from alternative and sustainable energy sources;
Prevent the energy efficiency of the technical space being compromised by the need for human comfort other than to comply with local statutory requirement and law (Health and Safety etc.);
Proactively monitor air quality equipment for performance, energy efficiency and reliability;
All installed infrastructure and equipment to be maintained as originally designed and operated at optimum levels of efficiency;
Data Centre Manager / appointed Energy Manager has relevant and
appropriate training to fulfil an energy efficiency role.
Social Value
- Fighting climate change
-
Fighting climate change
We recognise the urgent need to address greenhouse gas (GHG) emissions because of the role they play in climate change, a real and rapidly growing threat to society and the planet. The impact of climate change is already widespread across both human populations and natural ecosystems. Addressing climate change, and the GHG emissions that contribute to it, requires urgent action and long-term commitments by every segment of society, including the business community. At Akhter we aim to:
· Achieve net GHG reductions through sustainable scientific and innovation practices through improved efficiencies, while also working with partners and developing solutions for low-carbon and circular economies.
· Engage with global suppliers as well as UK academia and stakeholders to encourage integration of our National climate and energy policies while still providing adequate flexibility to fit buyers circumstances.
· Maximize impact by addressing the largest GHG reduction opportunities first, using the most cost-effective alternatives.
· Where relevant and possible establish transparent and predictable economic incentives that facilitate the transition to a low-carbon alternatives.
· Acknowledge the role renewable and bio-based energy sources and materials can play in creating essential products and solutions while minimizing carbon emissions.
· Encourage the recovery, reuse and recycle of materials for reduced-emissions.
· Support both mitigation and adaptation strategies that include life-cycle considerations.
· Include transparent monitoring, reporting and verification systems (MRV). - Covid-19 recovery
-
Covid-19 recovery
Akhter's ongoing strategic resilience planning:
To meet the challenges posed by the pandemic, our and many other businesses around the world had to react in an agile and decisive way. We conducted an “after-action review” to collect data and insights on lessons learned from the pandemic, then used these to prioritise actions to enhance our business value and build additional strategic resilience for the future.
Our planning prepares us for the next inevitable disruption by having designated a crisis response team, designing a crisis response plan, aligned our strategy, goals and purpose, and building an integrated resilience program.
We had already broken down silos between resilience competencies and teams before the pandemic integrating them to coordinate the tactics, tools and technologies needed for an effective crisis response.
We have over time built organisational resilience by establishing high-level resilience governance, regularly revisiting and where needed rethinking our crisis management structure and response strategy, and importantly fostering a culture of resilience.
This pre-planning enabled us to continue to operate and have uninterrupted service to our clients throughout the pandemic as well as a having had major fire to one of our key sites during this period. We continue to be a highly resilient business that has been constantly evolving since its inception 40 years ago. - Tackling economic inequality
-
Tackling economic inequality
Social purpose is a key part of Akhter ethics. From creating new businesses and new employment opportunities, to improving local nursery care, education and training, Akhter is committed to tackling economic inequality at its roots within our diverse local community in which we play a very active part and providing opportunities for employment and advancement based on merit. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society, but doing so where we can impact most which is within our local community. - Equal opportunity
-
Equal opportunity
Akhter Computers is committed to encouraging equality, diversity and inclusion among our
workforce, and eliminating unlawful discrimination.
The aim is for our workforce to be truly representative of all sections of society and our
customers, and for each employee to feel respected and able to give their best.
The company, in providing goods and/or services and/or facilities, is also committed against
unlawful discrimination of customers or the public.
The policy’s purpose is to:
• provide equality, fairness and respect for all in our employment, whether temporary,
part-time or full-time
• not unlawfully discriminate because of the Equality Act 2010 protected characteristics
of age, disability, gender reassignment, marriage and civil partnership, pregnancy
and maternity, race (including colour, nationality, and ethnic or national origin),
religion or belief, sex and sexual orientation
• oppose and avoid all forms of unlawful discrimination. This includes in pay and
benefits, terms and conditions of employment, dealing with grievances and discipline,
dismissal, redundancy, leave for parents, requests for flexible working, and selection
for employment, promotion, training or other developmental opportunities - Wellbeing
-
Wellbeing
Akhter take great pride in our workforce and actively support the health and wellbeing of our staff. We all spend a long time in front of screens and encourage staff to go outside and be active. Some examples of actions we have put in place to support the health and wellbeing of our workforce are below:
1. As part of the Akhter Wellbeing Initiative, we launched a Step Challenge, with the intention to get staff up from their desks and get moving.
2. We sent information to our staff with messaging developed by the Samaritans turning ‘Blue Monday’ on its head by encouraging employers to host a ‘Brew Monday’, on any chosen Monday.
3. We issue a survey for our staff to complete to help us build a picture of staff health and wellbeing.
4. Alcohol consumption has gone up in the UK so another message we circulated was starting 2022 with a one-month alcohol-free challenge.
5. Exercise is a key part of ensuring a positive overall health and wellbeing environment, we challenge Akhter staff to get out for a walk or other exercise during breaks.
6. Stopping smoking is an area we have worked on for a long time encouraging staff to quit.
7. We run various sessions in health and wellbeing for our staff often delivered over our IT such as a Mental health awareness webinar.
8. We provide for our staff an online ‘Wellbeing Toolkit’, featuring links to new and existing staff support and information on recognition and reward for line managers.
9. We provided Covid-19 updates via our coronavirus hub, including updated answers to Akhter specific questions and signposting to external sources.
10. We encourage everyone whether staff, suppliers and customers to ‘Stay connected’ through a dedicated Engagement and Wellbeing space on our intranet.
Pricing
- Price
- £100 to £2,000 a licence
- Discount for educational organisations
- Yes
- Free trial available
- No