PRIMENET LIMITED

Primenet Backup as a Service

Primenet provides a backup & replication services that runs fulling in the cloud with all data residing in the UK. Using leading vendors Veeam & Zerto we are able to provide recover point objectives within minutes. Working with the user, Primenet helps set policies and retention's that match their needs.

Features

• Full backup lifecycle control
• Managed offsite Veeam & Zerto infrastructure
• Satisfy the 3-2-1 Rule 3 copies 2 medias 1 offsite
• Server level folder level and file level backups & Restores
• AES 256-bit encryption enabled before in-flight
• Compression & Deduplication preformed before sending to cloud
• WAN acceleration enabled and included in services
• RTO & RPO’s within minutes

Benefits

• Support included from a Zerto & Veeam Platinum Service Providers
• No In/Out Fees for service with highly flexible billing model
• Ability to physically seed backup data
• 99.99% availability with service
• Scalability on a per GB increment
• Backup and Replication from external Cloud Providers
• Data lifecycle control provided to user
• Application aware Replication and Backup

£1.48 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony@primenetuk.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

277812578090834

Contact

Eran Cohen
07977544489
tony@primenetuk.com

Service scope

• Service constraints: Customer needs to allow access to their production environment in order for backups and & replication software to be installed and preform. Depending on the backup service, customer may need to provide virtualised hardware resource to run a version of the Backup software that will communicate with master version at Primenet. Customer must have necessary network connection to preform backups during their defined backup window.
• System requirements:
  • Customer must provide access to the hypervisor for Replication services.
  • Necessary ports need to be open for software to backups
  • Firewall rules set to provide access to production environment

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Typically with in ten minutes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: You log on to our web portal via a browser. Using the correct credentials for the service gain access to the chat solution and start dialogue with one of our engineers.
• Web chat accessibility testing: We have not as yet.
• Onsite support: Yes, at extra cost
• Support levels: Primenet's 24/7 service desk puts an experienced team of highly-qualified engineers at your disposal. We have an enviable reputation for providing the kind of support your employees really want. Our service is a true round-the-clock, enterprise grade managed support service to ensure that the requisite expertise is on hand day or night to act swiftly should the unexpected happen. Response times are based on severity - Critical (10 minutes), Standard (45 minutes), Low (90 minutes). This is subject to having a support contract in place. These response times apply to outside of normal business hours (including weekends) subject to a 24/7 support agreement being in place. You will also have an assigned technical account manager who will work with you on current and ongoing requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our onboarding documentation is provided to the approved User and stored in a customer folder that can be provided again upon request via support team. Customers are able to request a formatted version of the document that they can save in their own locations.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Users have a few different options to extract their data. They can delete or request data deletion and Primenet will issue a certificate of destruction. Users can pull out the data across the wire to another location (on-premise or cloud). Users can also send a USB Hard Drive and Primenet will seed it for a cost and ship it to the desired location. Primenet also has a physical device called TOMA that has the ability to transfer up to 80 TB of data. This can be used at a cost to the customer.
• End-of-contract process: At the end of the contract the customer can leave with no fees or penalty. If they wish for a certificate of destruction to be issued, this can be provided free of cost. ; If they require Primenet to help with migration of servers and/or data to another location then fees will be charged based on amount of professional service required. Customer can send a physical device to be seeded which will be billed based on the Engineer time to seed the device along with the fee to ship the item back to customer location. ; ; Customer can request to use our Primenet Migration Appliance which holds up to 80 TB of data. The fee is based on one time fee of 1000 GBP along with the cost of shipping to customer site and returning to Primenet. ; If at the end of the contract the customer wishes to move to another Primenet solution. Migration will be handled by Primenet at no extra cost.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Primenet operates at a minimum of 20% buffer on all resources. Additionally, majority of Primenet's customers are running production workload. This is far more stable and Primenet can use metrics to track resources needs and growth rates. This gives us deeper insight and analysis on our capacity planning. Primenet does not over allocate resources to paying customers. Meaning all resources whether in use or not are solely those of the customer. This is a critical element to prevent demand from other users effecting the customer
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • Disk
  • Network
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: ThinkOn

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • This service has no operating system restrictions
  • Any File Structure
  • Any Virtual Environment
  • Any Database environment
• Backup controls: TBA
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We provide 99.99% up time of services in any given month. If Services are not available in accordance with the set "objective", Primenet will issue a credit to an amount equal to 1/30th of the recurring base monthly fee paid for the affected services for the then current month for each half hour (or portion thereof rounded to the next half hour) of the cumulative duration of such unavailability during such month. In addition, Primenet shall provide a root cause analysis to identify the steps to rectify in the future. In no event will the aggregate amount credited under this SLA in any calendar month exceed the recurring base monthly fee paid for such affected services for such month.
• Approach to resilience: This information is available upon request, but our Datacentre's are setup to meet Tier 3 standards. We also operate our Compute and storage at a minimum of N+2 configuration.
• Outage reporting: We have a public dashboard available through a standard URL. Users can also work with the dashboard's APIs to configure it into their own system. ; We also send out email alerts to all necessary contacts. Only outages that effect your cloud site and cloud service will have an email alert sent to you. Primenet works to keep notification clutter to a minimum. Focusing instead on bringing awareness to issues when they matter most to your organisation.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Primenet allows access to only a small subset of authenticated users. These users require VPN access into our management interface along with a password that expires at a maximum of 60 days. We also have a limit on the number of users that can be logged into our management interface at the same time. Meaning that your session will be terminated if there is prolonged in-activity. Accessing interface is restricted to specific times of day.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ACS Registrars Limited
• ISO/IEC 27001 accreditation date: 9th November 2019
• What the ISO/IEC 27001 doesn’t cover: ISO 27001 is only supported in the UK data center
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 14/03/2019
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: Everything is covered by it
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Protected B Status ( Canadian Government )

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Primenet has multiple security policies and procedures that have been setup and followed by the entire team to meet our ISO27001 and SOC 2 Type 2 certificates. These include Risk Assessment Policy, Security Assessment and Authorization Policy, Security Incident Response Policy, Security Planning Policy, Systems and Information Integrity Policy, Security Assessment and Authorization procedure, Security Clearance Procedure, Security Incident Response procedure, and many more. Primenet is happy to provide these documents upon request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Primenet performs a scheduled change management window once a month. These changes will have limited impact on customer's environments and are extensively tested before being pushed to production. Our services are setup in a way that we can easily replace aged out hardware during these change windows without any effect on customers. These windows are also when we implement patches that have had a general availability release date that is one to two months old, this is to make sure patches are deemed stable
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We preform scans of our service delivery infrastructure monthly. These scans are done with a third-party tool that has automated comparison capabilities built in to provide reports on potential threats. If a vulnerability is deemed legitimate, then an action to address the issue occurs within 30 days of discovery.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Primenet follows a policy of detection, analysis, containment, eradication, recover, and post-incident closure. Our entire team is trained to be on the lookout for security issues. On top of that we have our Security Indecent Response team (SIRT) looking for any issues or possible weaknesses. Once something is detected the SIRT with management, analysis its impact or potential impact and begin resolving the issue. It is analysed usually within 4 hours of discovery and responding to incidents occurs directly after analysis is complete.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Primenet has a Support & Escalation guide that is followed both internally and externally when an incident is created. This guide is provided to customers when they onboard with Primenet. Our incidents are broken into 3 categories, P1 being the highest and P3 being the lowest. P1 and P2 incidents require the customer to call in with a follow up email into our ticket system. All other incidents can be emailed. P1 incidents once resolved will be supplied with post-mortem document. Incident reports are provided to users upon request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Primenet builds out virtualised hardware plans using VMware technology. This includes presenting individual storage repositories for each organizations. These are built as their own storage LUN and unique credentials are created for each repository. This hardware plan is the presented to the Veeam / Zerto Service Provider Software as a unique organization. This same information is provided on the customer side if required. Passwords are not saved, and only new passwords can be regenerated which are provided to approved users.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Our Datacentre follows the EU code for energy-efficiencies. It holds a power utilization effectiveness (PUE) rating of 1.5. They run a hot isle that is primarily enclosed allowing them to reduce the amount of air-condition required in the datacentre to meet hardware requirements. Lights in all facilities are placed on timers to automatically turn off after 10 minutes of in-activity to help reduce power draw.

Social Value

• Fighting climate change:

  Fighting climate change

  Our Datacentre follows the EU code for energy-efficiencies. It holds a power utilization effectiveness (PUE) rating of 1.5. They run a hot isle that is primarily enclosed allowing them to reduce the amount of air-condition required in the datacentre to meet hardware requirements. Lights in all facilities are placed on timers to automatically turn off after 10 minutes of in-activity to help reduce power draw.
• Tackling economic inequality:

  Tackling economic inequality

  Primenet works with multiple vendors and is able to provide our customers with access to the right technology at the right time, providing organisations with a flexible supply change and enabling them to take advantage of new technology when appropriate without the need for heavy capital investments

Pricing

• Price: £1.48 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Up to 10 seats and 100 GB of storage; Comprehensive backup for Microsoft 365 data from OneDrive, Exchange, SharePoint, and Teams; Secure data protection approved for government workloads

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tony@primenetuk.com. Tell them what format you need. It will help if you say what assistive technology you use.