Skip to main content

Help us improve the Digital Marketplace - send your feedback

Green Cloud Hosting Limited

Backup As A Service (BaaS)

Our BaaS Backup As A Service offers seamless data protection and recovery for for your organisation. With BaaS Backup As A Service encrypted cloud storage, your files are securely backed up and accessible from anywhere. BaaS Backup As A Service automatic backups ensure peace of mind.

Features

  • AES 256-bit encryption secures files encrypted in transit/at rest
  • End-to-end security.
  • ISO-certified data centres.
  • Manage backups
  • Triple replication as standard across 3 datacentres
  • Full Server backup
  • File, folder, server backup

Benefits

  • Protects from threats of hackers, natural disasters, and user error.
  • Cost Savings: Reduce hardware and maintenance expenses
  • Multiple levels of redundancy, backups are available and easily located.
  • Cost effective Cloud backup

Pricing

£0.18 a gigabyte a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kamran@greencloudhosting.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 7 4 3 6 0 2 9 8 9 9 1 6 6 9

Contact

Green Cloud Hosting Limited Kamran Maqbool
Telephone: 08000193878
Email: kamran@greencloudhosting.co.uk

Service scope

Service constraints
None
System requirements
Local device such as a laptop or desktop

User support

Email or online ticketing support
Email or online ticketing
Support response times
24/7/365
P1 - 30 mins, P2 - 1 hour, P3 - 4 hours, and P4 - 8 hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide a UK based support 24/7/365.

Our help desk is made up of 1st line, 2nd and 3rd Line technical expertise. A Technical Account Manager will be assigned as standard.
Support available to third parties
No

Onboarding and offboarding

Getting started
A project manager call is set up and they discuss the requirements for the service. We then create a scope of works document that outlines the service that is required, the aspects of how the service will be built covering applications, security, users, files, folder etc. One the document is signed, our team get to work on building the environment. It is then handed over for testing and once user testing has been completed, we then arrange a go live date. Once the service goes live, the project manager and dedicated member of the support team are there to help for the first 4 weeks before it is handed over to our support team.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Exported upon request. You would contact the Support team or your Technical Account Manager.
End-of-contract process
At the end of the contract services will continue on a rolling 30 day agreement until either party serves notice. The customer/gaining provider is responsible for the migration away from our service.

Using the service

Web browser interface
Yes
Using the web interface
Users can access the Virtual Desktops via a web interface. This is something that we set up as part of the service set up.
Web interface accessibility standard
WCAG 2.1 A
Web interface accessibility testing
This has been tested over the years
API
No
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Automatic
Independence of resources
Each environment is built specifically for the customer. All resources are built and only available for the customer
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Number of active instances
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Files
  • Folders
  • Virtual machines
  • Applications
Backup controls
This is a managed service. The request would be sent to support who will action any changes
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Green Cloud offers a comprehensive set of measurements to ensure our service availability commitment is guaranteed at 99.95% in network availability in any given calendar month. Our 99.95% service availability commitment is built upon a platform of generic services that are designed to deliver a high availability throughout our network.
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
Access to management interfaces is restricted to authorised users. This is protected via user name and password protection.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
Dedicated device on a segregated network (providers own provision)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber essentials
Information security policies and processes
Data Confidentiality: Ensure that customer data is kept confidential and access is restricted to authorized personnel only. Implement encryption for data at rest and in transit.

Data Integrity: Maintain the integrity of customer data by implementing robust data validation mechanisms and regular integrity checks.

Access Control: Implement strong access controls to restrict access to customer data and resources based on the principle of least privilege. Utilize multi-factor authentication for added security.

Encryption: Encrypt sensitive data both in transit and at rest using industry-standard encryption algorithms and protocols.

User Authentication: Implement secure authentication mechanisms for customers and employees accessing the cloud platform, such as password policies, biometric authentication, and single sign-on solutions.

7. Monitoring and Logging: Employ robust monitoring and logging systems to track user activities, detect anomalies, and respond to security incidents in a timely manner.

8. Incident Response Establish an incident response plan to address security breaches, including procedures for containment, eradication, recovery, and post-incident analysis.

Security Operations Center (SOC): Monitors the cloud platform for security threats.

Compliance Team Ensures that the cloud hosting company adheres to relevant regulatory requirements and industry standards

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have a Change Management Process. A change is proposed with the associated change manager. Once authorised, the change is scheduled to be made with a robust rollback plan created.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our Vulnerability Management process implements the following:

Our team is subscribed to all vendor newsletters and also the UK national cyber security centre. We are also notified by vendors of vulnerabilities,

The patches/work is authorised by the change manager and in line with our change management process. Patches are tested prior to live roll out then installed on to operational systems.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All devices have a monitoring agent installed. This identifies potential issues and report back to our service desk.

Any issues identified, the remedial work is actioned in line with our 2 hour SLA. Alert systems are in place as per the monitoring agent we install onto each machines
Incident management type
Supplier-defined controls
Incident management approach
We have a pre-defined Incident management process in place. Incident is reported to the indecent manager. Any relevant log files and evidence is gathered.

The incident is corrected by implementing a patch, temporary fix or workaround.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
They are kept apart through a combination of virtualisation, network segmentation, and access controls. Each organisation is allocated its own virtualised resources, such as virtual machines or virtual networks, ensuring isolation at the software level. Additionally, robust access controls and permissions are implemented to restrict access to specific resources based on organisational roles and requirements. Encryption and secure authentication mechanisms further enhance data separation and privacy. Regular monitoring and auditing help maintain compliance and security standards across all shared infrastructure.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
The data centers adhere to the EU Code of Conduct for Energy Efficient Data Centres by implementing a comprehensive set of practices aimed at minimising energy consumption and maximizing efficiency. This includes:

Energy-Efficient Design. The data centers are designed with energy efficiency in mind, incorporating features such as efficient cooling systems, optimized airflow management, and energy-efficient lighting.

Hardware Efficiency. they utilise energy-efficient hardware, including servers, storage devices, and networking equipment, to reduce overall energy consumption.

Monitoring and Optimisation The data centers are equipped with advanced monitoring and management systems to track energy usage.

Renewable Energy. They actively pursue the use of renewable energy sources, such as solar and wind power, to power the data centers and reduce the carbon footprint.

Social Value

Social Value

Social Value

Equal opportunity

Equal opportunity

We implement fair hiring practices, such as actively recruiting diverse candidates, using unbiased screening methods, and conducting structured interviews. Training is provided to recognise and address unconscious biases. Transparent pay policies ensure equal compensation regardless of gender or demographics. Diversity initiatives, like employee resource groups and mentorship programs, foster an inclusive culture. Promotion opportunities are based on merit and performance, free from discrimination.

Pricing

Price
£0.18 a gigabyte a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
30 day fully working free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kamran@greencloudhosting.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.