FORGE TECHNOLOGIES LTD

Forge Cloud Resiliency

Forge’s managed service solutions, built on Rubrik’s Security Cloud, enable organisations to control their entire backup environment ensuring resiliency against data loss, natural disasters and cyber attacks

Features

• Schedule backups that meet your requirements using Rubrik SLA domains
• Granular recovery of objects across subscriptions
• Store your backup data in our default location or Azure
• Perform restoration of data with full fidelity and user mapping
• Quickly locate records you need to restore through keyword search
• Review backup and restore details via the Rubrik Security Cloud
• Assign roles for administrative specific responsibilities on backup recoveries
• Gain full visibility of backup and restore service is used

Benefits

• Protects against data loss, natural disasters, cyber attacks

£1.70 to £10.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason.osmond@forge-technologies.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

272828721355203

Contact

Jason Osmond
07931391290
jason.osmond@forge-technologies.com

Service scope

• Service constraints: English Language Support Desk
• System requirements:
  • Internet Connection
  • Rack Units expected standard 19” width rack with standard depth
  • IP Addresses on customer’s internal network are required for devices
  • Assigned VLANs for Management Network Data Protection Networ

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 hours during business hours (Mon - Fri / 8am - 6pm); ; Weekends and out of hours is available upon request
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Fully managed solution - Forge take care of every aspect of the organisations backup and recovery processes, from backup support to carrying out restores.; ; - 3rd Line Support - Forge will provide 3rd line support for software and hardware issues, as well as training for the end user to carry out 1st and 2nd line tasks
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: During the service design phase, a transition manager will be assigned, and you will have the opportunity to meet with them prior to the delivery phase commencing. The assigned transition will work hand in hand with the delivery members to ensure structured communications, performance and reporting; ; In addition to the service delivery manager, Forge consultants from the scoping phase will either transition into delivery roles, or participate in ongoing service reviews. This approach helps ensure continuity of knowledge and that swift adjustments are made during the engagement to achieve the original outcomes. ; ; Forge will work to mobilise all service team members as efficiently as possible for each customer engagement. The specific team members will be identified and allocated early in the scoping phase. Any incremental client specific clearances, security briefings, site inductions or training will be completed as early as possible, to ensure that they can ‘hit the ground running’ and deliver value from day-1 of the engagement. Forge will coordinate all mobilisation and on/off-boarding activity to minimise any additional overhead to customer stakeholders.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: At the conclusion of a Cloud Resiliency engagement, we will conduct thorough transition and handover activities to your in-house team. This typically includes; • Knowledge transfer sessions ; • Lessons learned workshop with key stakeholders ; • Handover of shared document libraries, including the necessary tools, data/reporting outputs, processes, and training documentation ; • End-of-contract review and sign-off against the agreed Scope of Works
• End-of-contract process: • Knowledge transfer sessions ; • Lessons learned workshop with key stakeholders ; • Handover of shared document libraries, including the necessary tools, data/reporting outputs, processes, and training documentation ; • End-of-contract review and sign-off against the agreed Scope of Works

Using the service

• Web browser interface: Yes
• Using the web interface: When onboarded Users will be given access to a Web Interface allowing creation and scheduling of jobs and ad-hoc execution of jobs as well as reporting
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Web Interface support standard browser accessibility features and has been tested with MS Edge, Google Chrome and Safari
• Web interface accessibility testing: Tested with MS Edge, Google Chrome and Safari
• API: Yes
• What users can and can't do using the API: Rubrik is an API 1st technology, with all features and functionalities accessed in this manner.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: All APIs available on Rubrik systems are also available as command lines in rbkcli, which you can install to run commands against your CDM remotely. rbkcli also extends Rubrik’s API functionality by allowing for customized scripts

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: As part of the Service definition we identify the local peak load required and provide with in the service localized private resources to mangle that load
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: Daily usage reports are includes in service

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • Disk
  • Network
  • Number of active instances
  • Other
• Other metrics: Retention Points
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Assured Data Protection

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Private resources delivered into customers private data centre are subject to the customers DC protection process alongside Data at rest encryption
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Private Data Center Servers Physical and Virtual
  • Public Cloud IaaS
  • Microsoft 365 Services Share point Online Teams, Ondrive and Exchange
  • Platform ass a Service SQL No_SQL
• Backup controls: Users have full control over Job definition and schedule as well as data retention
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Contract Dependent Forge Cloud Resiliency engagements can be structured to provide a fixed set of outcomes, to provide an agreed set of services, or on a time and materials basis. We are open to innovative commercial models, including payments based upon milestones/outcomes, gain-share/pain-share mechanisms, SLAs and service credits.
• Approach to resilience: Masterless technology; Redundant-everything
• Outage reporting: Account Managers; Online Portal; Email

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The access to the interface is restricted by the customers.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Forge maintain an Information Management System designed to meet the requirements of ISO 27001:2017 in pursuit of its primary objectives; The policy of Forge to: ; Make the details of our policy known to all other interested parties including external and determine the need for communication and by what methods relevant to the business management system. ; Comply with all legal requirements, codes of practice and all other requirements applicable to our activities; we are committed to satisfy applicable requirements related to information security and the continual improvement of the ISMS. ; Provide all the resources of equipment, trained and competent staff and any other requirements to enable these objectives to be met; ; Ensure that all employees are made aware of their individual obligations in respect of this information security policy; ; Maintain a management system that will achieve these objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”. ; This information security policy provides a framework for setting, monitoring, reviewing and achieving our objectives, programmes and targets. The business management system is regularly reviewed by “Senior Leadership Team” to ensure it remains appropriate and suitable to our business and is subject to internal/external annual audits.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All controlled elements of the service are managed through our own internal processes overseen by the Technical Operations Director The Forge Change Management process is based on the ITIL framework and is integrated into our ITSM platform.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Vulnerability management is dealt with on a case by case basis and fixes and patches are implemented inline their severity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Using provided monitoring and reporting portal their proactive account managers inform customers of issues as the happen
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management is dealt with by the Technical Operations Director and any other relevant members of staff

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Rubrik Multi-tenancy is at the object level. You can think of a Rubrik Cluster as a collection of objects: sources from where data is getting backed up, targets where backups are stored, and security principals (users and service accounts) that glue those relationships. As a managed service provider, you can host a Rubrik Cluster that grows linearly with your backup business. With Rubrik CDM’s object-level multi-tenancy, you can create virtual instances of Rubrik Cluster for each of your tenants.
• How shared infrastructure is kept separate: With Rubrik CDM’s object-level multi-tenancy, we create virtual instances of Rubrik Cluster for each of your tenants

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a digital transformation partner, Forge Technologies prioritizes environmental sustainability in every aspect of our operations. With technology embedded in our name, we recognise the significant role environmentalism plays in our work. Our policy revolves around conducting operations with environmental sensitivity to minimise any adverse impacts.; ; Each member of the Forge Technologies team is dedicated to upholding our legal obligations and adhering to subscribed requirements. We aim to conserve natural resources, prevent pollution, and eliminate environmental hazards associated with our activities.; ; Operating as a fully remote team, Forge Technologies benefits from a virtual workspace. This approach not only offers flexibility and efficiency but also contributes positively to the environment. Without a central office, we avoid the energy consumption and carbon emissions associated with powering and heating traditional office spaces, as well as the acquisition of physical equipment and furniture.; ; Furthermore, our remote setup fosters a paperless, digital-first environment. Documents are stored and shared electronically, reducing the need for printing and minimising paper waste. This commitment to sustainability aligns with our broader mission of leveraging technology to drive positive change while minimizing our ecological footprint

  Equal opportunity

  Forge Technologies is dedicated to fostering an inclusive and diverse work environment, guided by our Equal Opportunities Policy. This policy is underpinned by several key principles:; ; Firstly, we uphold a steadfast Commitment to Equality, ensuring that all individuals, regardless of age, gender, race, religion, belief, or ability, have equitable opportunities within our organisation and its partnerships.; ; Secondly, we prioritise creating a Positive Work Environment, where every member of our team feels valued, respected, and supported. We are committed to fostering a climate free from intimidation and harassment, allowing everyone to thrive and achieve their full potential.; ; Thirdly, we advocate for Inclusive Rights, recognising that every individual should have equal access to the benefits and services offered by Forge Technologies. We are dedicated to breaking down barriers and ensuring that no one is excluded based on any characteristic.; ; Moreover, we emphasise Respect for Differences, understanding that diversity enriches our organization. While we strive to treat everyone equally, we also acknowledge and respect the diverse life experiences, perspectives, and backgrounds that each individual brings to the table.; ; Finally, we actively promote Positive Attitudes and Relationships within our workplace. Our policies, procedures, and activities are intentionally designed to foster a culture of inclusivity, mutual respect, and collaboration. We believe that by embracing diversity and promoting positive interactions, we can cultivate a sense of cohesion, belonging, and shared purpose among all members of our team.

  Wellbeing

  Forge Technologies prioritizes the well-being of its employees through comprehensive policies and initiatives aimed at promoting physical, mental, and emotional health. Our well-being framework encompasses the following key areas:; ; Work-Life Balance: ; We recognise the importance of maintaining a healthy equilibrium between work responsibilities and personal life. Through flexible scheduling options and supportive management practices, we empower our employees to prioritise their well-being outside of work commitments.; Mental Health Support: ; Mental health is a crucial aspect of overall well-being. Forge Technologies provides extensive resources and support for mental health, including access to counseling services, mindfulness programs, and educational workshops. We strive to foster a culture where mental health concerns are destigmatised and individuals feel comfortable seeking assistance when needed.; Physical Health Initiatives: ; Physical health is essential for overall wellness. We proactively promote physical well-being through initiatives such as subsidised gym memberships, wellness challenges, on-site fitness classes, and regular health screenings. These programs aim to encourage healthy habits and prevent illness, contributing to the long-term health of our employees.; Flexible Working Arrangements: ; Recognising that every employee has unique needs and commitments outside of work, we offer flexible working arrangements, including remote work options and flexible hours. This flexibility enables our team members to better manage their personal and professional responsibilities, ultimately enhancing their overall well-being and job satisfaction.; Employee Assistance Programs (EAP):; We understand that personal challenges can impact an individual's ability to perform effectively at work. To support our employees during difficult times, we provide access to confidential Employee Assistance Programs. These services offer professional assistance and guidance to help employees navigate personal problems, mental health concerns, financial challenges, and other issues that may affect their well-being and performance.

Pricing

• Price: £1.70 to £10.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free POC's of service can be arranged with scope and time of POC agreed on a case by case basis; ; POC's do not include data extraction at end of trial

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jason.osmond@forge-technologies.com. Tell them what format you need. It will help if you say what assistive technology you use.