Roc Technologies Limited

Microsoft Azure

Roc has extensive experience in the design, implementation and managing of Cloud systems and services using Microsoft Azure . We can assist clients at all points of the loud migration process, from high level design through to low level design, implementation, migration, and daily running of Azure Cloud services.

Features

• Azure Cloud Adoption Planning and Cloud cost Optimization
• Azure Cloud Migration including proactive cloud advice
• Azure Cloud Management & Service governance for your Cloud environment
• Cloud Network Infrastructure Management
• Cloud Server OS Management
• Cloud Application Management & Adaptive transformation to your Cloud environment
• Availability & Capacity Monitoring and Reporting
• Cloud Protective Monitoring
• Cloud compliance information and reporting
• Agile support and projects for your Cloud environment

Benefits

• Deliver an overall strategy for cloud adoption
• Continual Service Improvement for your Cloud environment
• Services migrated to the cloud in a phased manner
• Provide operational management for cloud network infrastructure
• Provide operational management support for cloud hosted systems
• Provide operational management support for hosted applications
• Detection of potential or current service impacting incidents.
• Protective monitoring via a UK SOC, including custom log sources
• Improved Visibility for your Cloud environment
• Business value and outcomes based delivering Cloud success

£375.00 to £1,300.00 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@roctechnologies.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

282315214713305

Contact

Tim Elton
01635 581188
publicsector@roctechnologies.com

Service scope

• Service constraints: To provide best value and consistent pricing, the services described within this document assume that existing customer software/provider/manufacturer support or warranty agreements will remain in-place and be accessible by Roc to facilitate a swift response to any issues raised around third-party offerings.
• System requirements:
  • Existing customer support or warranty agreements will remain in-place
  • Services are hosted on Windows or Linux operating systems

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All email and online support requests will receive an immediate automated response, The SLA associated with the specific contract will determine the actual response and resolution timescales, including and variation for weekend and bank holidays. This will typically range from30 minutes to 2 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Azure cloud support includes Technical Account Manager support ; engineers and a 24/7 Network Operation centre. ; Targeted response is based on the call priority and varies between 15 mins and up to 10 hours ; Roc’s Managed Services are offered based upon two standard hours of cover-; • Normal Business Hours: Monday to Friday, 08:00-18:00, excluding public holidays; • 24x7: 24 hours per day, 7 days per week, 365 days per year; ; Roc Compliments Azure support by carrying out the assessment design and migration along with ongoing support for the cloud infrastructure.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: For each new service provision, a one-time on-boarding charge will apply. This fee is charged to cover transition activity such as process definition, systems configuration, system auditing, remote access configuration etc. This charged will be in line with Roc’s published SFIA Rate card and will vary based upon the nature and complexity of the environment to be on-boarded.; During the on-boarding process, Roc will review the configuration of each in-scope item. Where in-scope items have not been configured in-line with best practice, remedial actions may be required before the item can be on-boarded or covered by Roc’s SLA’s. Such remedial activity can be performed by the client or Roc. Where performed by Roc it can be funded via Roc’s published SFIA Rate card or the Additional Service Points purchased as part of the service. Bespoke training can be delivered as required. Our Aim is to provide an effortless experience for users and customers for your cloud and hybrid estate.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats: Word Documents
• End-of-contract data extraction: The customer has complete autonomy of how data is stored and managed within the AZURE environment. Data can either be extracted form the VM or the VM itself can be downloaded; ; Roc would return all data and materials which cannot be deleted or exported by the client and would destroy all copies of data on written instruction.
• End-of-contract process: We will return all client data and materials which cannot be deleted or exported by them. We will return any prepaid sums for services not delivered. We will not penalise the client for early termination unless state in the Service Definition.; We will return all confidential information unless there is a legal requirement for ongoing retention.

Using the service

• Web browser interface: Yes
• Using the web interface: The standard Azure management portal is used to support the service.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Standard browsers
• Web interface accessibility testing: Not applicable
• API: Yes
• What users can and can't do using the API: Standard Microsoft Azure API's ; ; You can manage API Management programmatically by using the API Management REST API, the Azure API Management Service management library SDK, Windows Deployment Services, or Azure Service Management PowerShell cmdlets
• API automation tools: Other
• API documentation: No
• Command line interface: Yes
• Command line interface compatibility: Windows
• Using the command line interface: The Azure command-line interface (Azure CLI) is a set of commands used to create and manage Azure resources. The Azure CLI is available across Azure services and is designed to get users working quickly with Azure, with an emphasis on automation.

Scaling

• Scaling available: No
• Independence of resources: Azure performance is protected for each Tennant
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Azure

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Microsoft guarantee that Azure Firewall will be available at least 99.95% of the time, when deployed within a single Availability Zone. ; They also guarantee that Azure Firewall will be available at least 99.99% of the time, when deployed within two or more Availability Zones in the same Azure region.
• Approach to resilience: Microsoft Azure resiliency
• Outage reporting: Roc can provide Protective Monitoring in line with GPG13. These services are delivered from a dedicated UK based SOC which operates independently from Roc’s Technical Operation Centre; Alerting can be via tergated email

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All users are required to have a unique username and password . Customers may also use MFA authentication
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation ISO Certification Limited
• ISO/IEC 27001 accreditation date: 26/04/2018
• What the ISO/IEC 27001 doesn’t cover: Individual cloud service providers and datacentres. We require them to hold their own accreditations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO9001, ISO14001, SafeContractor
• Information security policies and processes: • Information Security Policy. ; • Clear Desk Policy. ; • Access Control Policy. ; • Information Classification Policy. ; • Data Protection Policy. ; • Network Access Control Policy. ; • Information Exchange Policy. ; • Password Policy. ; • Cryptographic Policy. ; • Acceptable Use Policy. ; • CCTV Policy. ; • Physical Security Policy.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The Service Desk are responsible for overseeing the information gathering stage and identifying the type of change that will be undertaken, they will include a full test plan, outline of tasks and rollback plan. ; Details of any likely or potential impact will be documented in the change and then the Roc CAB will review and approve/decline changes. Changes are sent to the customer for approval. Changes are broken down into different categories with associated processes for creation, approval and implementation. The process includes appropriate timescales based on the priority and category of change.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Where technically possible real-time updates and status reports are identified and sourced from credible vendor sources.; Patches are deployed depending on the security impact and vendor recommendations
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Roc can provide Protective Monitoring in line with GPG13. These services are delivered from a dedicated UK based SOC which operates independently from Roc’s Technical Operation Centre; ; • Forensic log collection, storage, and management.; • Security event monitoring, analysis, reporting and alerting.; • Configuration audit.; • File integrity monitoring and system baseline change monitoring.; • Compliance monitoring.; • File based targeted threat assessment.
• Incident management type: Undisclosed
• Incident management approach: Incident Management is a core process for the Service Desk to ensure that any disruption to service is accurately recorded and managed through to service restoration. Incidents are prioritised and allocated by impact and urgency, Supervisors oversee the management of all calls alongside a culture of best practice and ownership of tasks throughout the team. Roc Service Delivery Management team provides reporting on incident management, examples of the types of reporting Roc provides for incident management, include priority, category, channel, status, and SLA. Roc report on incident management weekly/monthly/quarterly/bi-monthly/6monthly/annually specific to the customer's requirement.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Microsoft
• How shared infrastructure is kept separate: Microsoft hosted tennant

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Energy efficient - Microsoft Azure is a participant and an endorser of the EU code of conduct for data centre efficiency.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Roc is accredited to ISO14001, has a Carbon Reduction Plan and is committed to achieving Net Zero in Scope 1&2 by 2035 and Scope 3 by 2050. We have a comprehensive understanding of how to influence stakeholders to support environmental protection and improvement. Our approach involves engaging all relevant parties, raising awareness of environmental opportunities and encouraging participation in sustainable practices. ; To reconnect people with the environment and increase awareness of ways to protect and enhance it, we undertake these activities:; • Engagement: engaging with stakeholders to raise awareness of the benefits of environmental opportunities identified. Through workshops, seminars, and outreach programs, we highlight the importance of environmental conservation and encourage active participation in related initiatives.; • Co-design/creation: working collaboratively with stakeholders to devise and deliver solutions that support environmental objectives. Involving stakeholders in the design and implementation process ensures that initiatives are tailored to meet their needs and priorities while maximising environmental benefits.; • Training and education: providing training and education to influence behaviour and promote sustainable practices among staff, suppliers, Partners and other stakeholders. This may include workshops on waste reduction, energy efficiency, and sustainable resource management. Empowering individuals to make informed decisions that minimise their environmental footprint.; • Partnering/collaborating: partnering with community organisations and other stakeholders to engage the community in environmental initiatives related to contracts. Experienced in collaborating with local groups, we leverage expertise/eesources to support environmental objectives and foster community involvement in sustainability efforts.; • Volunteering opportunities: offering volunteering opportunities for contract workforce, enabling them to undertake activities that encourage direct positive impact on the environment. This may include tree planting, litter clean-up campaigns, or habitat restoration projects, providing hands-on opportunities for individuals to contribute to environmental improvement efforts.; Through this, we actively engage stakeholders in supporting environmental protection/improvement and fostering a collective sustainability commitment.

  Covid-19 recovery

  Roc is a people-based business and we have worked closely with our teams to co-create Covid recovery plans. Roc had significant revenue streams from the hospitality and aviation sector resulting in exposure and revenue reduction during the Pandemic. Following the Covid 19 Pandemic Roc created a Post Pandemic Recovery Programme. This programme is led by our employee forum with representatives from across the business. Initiative include:; ; Organisation-wide impact assessment re-baselining our business plan/strategy and to inform recovery plans; Strategy to minimise the impact whilst maximising the opportunities created by the Pandemic; A review of our financial structure and funding solutions; Moving legacy systems to SAS based Cloud solutions; Creating a business plan to mitigate the impact of a future Pandemic's; Investing in staff training and awareness to identify opportunities where Roc could support organisations with their post-Covid recovery plans ; Providing on-line desk booking solutions to encourage our staff to return safely to the office; Creating an apprenticeship programme across the business bringing on new talent; Building partnerships with local suppliers to support the local economy; Working with our investment partner BGF to identify opportunities for growth and investment, especially in STEM ; Partnering with Higher Education to improve student safety and student experience, encouraging students to return to Campus; Implementing space utilisation solutions to provide employees with real time visibility of office utilisation and space availability; Creating sustainability solutions that help clients with providing more environmentally friendly workplaces and working practices to support the post pandemic recovery; Investment in capabilities including our Network and Cyber Practices, aligning to high-growth areas underpinning our economic recovery.; Our planning means Roc is confident that it has a solid business foundation to mitigate the impact of any future Pandemics whilst taking advantage of Post Covid-19, focussing on relevant solutions/services for employees, partners and clients.

  Tackling economic inequality

  One of Roc’s key mantras is ‘to make a difference in the community of which we serve’. We are committed to tackling inequality at the root by creating new business and employment opportunities and by offering enhanced education and training.; Where possible Roc always partner with local suppliers as required in the delivery of our projects which creates employment and apprenticeship opportunities. Alongside this Roc promote prompt payment principles and we mirror this expectation across our supplier chain.; Roc is dedicated to enhancing the lives of disadvantaged children and young people across Roc and our customers local communities, this has been demonstrated through existing youth club sponsorships, and regular charitable donations.; Community investment: Greenham Common Trust ; Roc have recently moved into a new headquarters, leased by the Greenham Common Trust. The Trust’s sole aim is to promote charitable purposes for the benefit of the inhabitants of Newbury, where Roc is located, and its environs. ; Whilst mostly promoting social inclusion and community projects, the Trust also donate and contribute toward the local environment, such as restoration to the local Common, environmental improvements to local areas and construction of local wildlife ponds. ; By leasing our headquarters from such an organisation, this ensures Roc are ensuring that costs for this lease are being used to directly benefit the local environment. ; Roc have defined cultural values, one of which is to, “Make a Difference,” which underpins our support and involvement in community initiatives and charitable work. We do this in the form of sponsorship, donations to national and local charities, which may also be suggested by our staff, and the funding of community projects. Every suggestion is given consideration throughout Good Cause grant scheme, whereby our employees apply for funds to support local charities and initiatives which are important to them.

  Equal opportunity

  Roc is committed to promoting equal opportunity within our organisation and our supply chain through focus on Equality, Diversity and Inclusion.; Aiming to eliminate unlawful discrimination, harassment, and victimisation through:; • Educating all staff about the Act's provisions, emphasising the prohibition of discriminatory behaviour. ; • Regularly assessing policies, procedures, and decision-making processes, identifying/rectifying any discriminatory elements. ; • Establishing clear channels for reporting ensuring prompt investigation and appropriate action to ensure compliance.; We advance Equal Opportunity by: ; • Gathering data on protected characteristics to understand disparities. ; • Conducting equality impact assessments for new policies, services, and projects. Consider how they affect different groups, adjust accordingly. ; • Ensuring that reasonable adjustments are made to accommodate individuals with disabilities or other protected characteristics. ; Fostering good relations by promoting inclusion, engaging with the community, and celebrating diversity. ; We regularly share information demonstrating compliance with the Equality Duty and set measurable equality objectives. Roc is an equal opportunities employer, providing a service free from unfair and unlawful discrimination. ; Our commitment - We value people as individuals with diverse opinions, cultures, lifestyles, and circumstances. All employees are covered by our Equality, Inclusion & Diversity Policy individual differences are recognised/valued, and every employee is entitled to a dignified and respectful working environment. We offer training, development, and progression opportunities to all employees and review all our employment practices to ensure fairness. Over 50% of our leadership is female.; Our commitment as a Service Provider - We aim to fulfil roles from within the local regions and form partnerships with local organisations in service delivery. We aim to provide services to all clients regardless of their characteristics. We believe that equality in the workplace is good management practice and makes sound business sense. We seek to encourage applicants from diverse and underrepresented supported by flexible working policies.

  Wellbeing

  Roc is committed to provide a safe working environment that prioritises the physical and mental wellbeing of our staff. Roc has trained counsellors who are available to discuss any wellbeing concerns with colleagues. Our ESG forum is responsible for identifying and tackling any wellbeing related working issues.; Our family leave offering is to be improved for FY25, offering enhanced maternity, paternity, adoption and shared parental pay provisions. We will review the impact of this in our employee survey and continue to review our offering to ensure that we continually addressing the needs of working parents. ; We offer genuine flexibility over place of work for every role that isn’t subject to the conditions of a client contract (i.e. some roles are required by the client to be present at a particular location or for particular hours). All our roles are offered as either hybrid (with free choice of office days) or remote with flexible working hours considered where possible. Implementation of tax efficient nursery schemes to support working parents (salary sacrifice) – currently under consideration. Implementation of Roc Academy, utilising our apprenticeship levy. Targeting at least 40% spend at levels 2-4. Ensuring that a portion of our training budget is targeted at digital skills and levels 2-4. ; Our employees are our business, therefore Roc devotes a lot of resource to their wellbeing. These include access to a wide range of support materials on a multitude of topics ranging from mental health, to working from home to good nutrition, reducing stress and general good health; a 24hr mental and physical health hotline; Mental health first aiders; and Support groups – e.g. related to the menopause.; Roc provide an employee benefits scheme to all employees which also provides access to wellbeing advise with qualified counselling sessions if required.

Pricing

• Price: £375.00 to £1,300.00 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@roctechnologies.com. Tell them what format you need. It will help if you say what assistive technology you use.