NVT Group

NVT Group Backup

NVT Group's Managed Cloud Backup Service.

Designed to protect your data, whether it is on-premise or in the cloud.

Safeguard your data from risks, including accidental deletion, theft, hardware failures and cyber-crime.

Powered by Cove.

UK Data Centre storage.

Solution is ISO27001 and 9001 certified.

Features

• Backup directly to the cloud.
• Fast deployment.
• Comprehensive data protection.
• Virtual disaster recovery capability.
• Simple and predictable per month pricing model.

Benefits

• No on-premise infrastructure required.
• Ready to use quickly with no upfront costs.
• Protect main infrastructure, remote offices, home workers and M365.
• Quickly recover mission critical applications.
• Easy to budget and only pay for what you use.

£30 to £45 a virtual machine a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

255982488375692

Contact

Dougie Weir
01698 749000
public_sector@nvt.co.uk

Service scope

• Service constraints: No constraints.
• System requirements:
  • Windows or Linux operating system required.
  • VMWare or Hyper-V virtualisation platform required.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The service is available 9am-5pm, Monday to Friday. However, 24x7 service is also available and can be priced separately. All service agreements include a Service Level Agreement which is agreed with the client. This document outlines the service deliverables.; ; Our standard SLA response times are as follows:; ; Priority 1 (Critical) - 1 Hr Target Response Time; Priority 2 (High) - 2 Hr Target Response Time; Priority 3 (Medium) - 4 Hr Target Response Time; Priority 4 (Low) - 8 Hr Target Response Time; Service Request - 3 Days Target Response Time; Change Request - Variable
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The service is implemented and managed by NVT. Clients can request changes via our customer services by Web portal, email or phone. If the client wishes to manage the service themselves then the portal will be available and NVT will carry out online training to allow the client to administer the backups themselves.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Request data move from Account Manager.
• End-of-contract process: The contract is extended or the client data is held for 28 days and deleted, unless other request from client.

Using the service

• Web browser interface: Yes
• Using the web interface: Users CAN do the following:; -- Change backup selection.; -- Change backup window.; -- Restore data.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The vendor, N-Able is working to develop a set of design policies and standards for inclusive design and accessibility, and will be part of their Inclusive Design Toolkit, which is in the process of being developed.; ; Status of this work, plus any further information on this can be provided on request.
• Web interface accessibility testing: Information on testing can be provided on request, via the associated vendor.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Service is hosted Equinix London datacentres. Capacity planning is used to ensure sufficient resource is available for all users.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Storage usage
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: N-Able

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • SQL Databases
  • Virtual Machines
  • Physical Machines
  • Microsoft Exchange
  • Microsoft 365 (Sharepoint, Exchange, Teams)
• Backup controls: Via the web portal. Schedules can be arranged to backup different items, with varying schedules and retention policies.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9% system availability. No service credits.
• Approach to resilience: Service is deployed across multiple datacentres with no single point of failure.
• Outage reporting: Email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access control including 2 factor authentication for all service administrators.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BM Trada
• ISO/IEC 27001 accreditation date: 21/04/2022
• What the ISO/IEC 27001 doesn’t cover: Service is covered by ISO 27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: NVT follow policies based on ISO27001. Regular audits are performed to ensure these are being followed.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ITIL based change management process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Periodic penetration testing.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Log analysis
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are managed via NVTs service management platform.; Incidents can be logged via email, phone or portal.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Equinix (the hosting datacentres) participates in the EU Code of Conduct on Data Centre Energy Efficiency.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Please enquire with us directly about our social value activities and commitments.

  Covid-19 recovery

  Please enquire with us directly about our social value activities and commitments.

  Tackling economic inequality

  Please enquire with us directly about our social value activities and commitments.

  Equal opportunity

  Please enquire with us directly about our social value activities and commitments.

  Wellbeing

  Please enquire with us directly about our social value activities and commitments.

Pricing

• Price: £30 to £45 a virtual machine a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 28 day free trial of all components of the service. Setup and demonstration is provided free of charge.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public_sector@nvt.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.