iomart Managed Services Limited

Network Threat Detection & Response

Incident Response, Case Management, log event alert monitoring, GPG-13, threat intelligence, IPS/IDS, traffic analysis, SOC, CERT, Reporting, Collaboration, packet capture, Audit Compliance, EDR, MDR, XDR, NDR, Malware analysis, Privileged User, MDM, Vulnerability Assessment, Cloud Security, Sentinel, Defender, MDE, MCAS, Azure, AWS, CloudTrail, CloudWatch, GuardDuty, Security Hub, GCP, Google WorkSpace, Oracle

Features

• Supports deployment in datacentre / on-premise, Cloud and OT environments
• Simple and non-intrusive deployment
• Invisible to threat actors and thereby tamperproof
• Forms a key component of an Incident Response Readiness programme
• Curated onboarding and network discovery to baseline network behaviour
• 24/7 monitoring and rapid incident response from our SOC
• Proprietary Anomaly Detection to detect unclassified threats at scale
• Threat intelligence driven analytics roadmap
• Designed to provide user and customer level customisation
• Traffic Analysis, Deep Packet Inspections, IDS, Vulnerability Scanning, Blacklist monitoring

Benefits

• Step change in security maturity and detection fidelity
• Demonstrate readiness and maturity to respond to a major incident
• Instant value from network and asset discovery
• Enables growth and development through secured integration of legacy assets
• Reduce the need for in-house people/skills
• Secure hosting: At UK government assurance levels (OFFICIAL SENSITIVE)
• Reduced cost of security monitoring, increased security coverage
• Triage and analysis services identify threats before they become incidents
• Standards compliance for ISO27001:2013, Cyber Essentials Plus, PCI
• Enhanced Mobile and BYOD user risk monitoring

£598 a device a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

299247691717099

Contact

Seema Griffiths
0800 040 7228
gcloud@iomart.com

Service scope

• Service constraints: Planned maintenance periods are agreed per customer but default to periods after 8pm Mon-Fri or at weekends.
• System requirements:
  • Rack space, power and connectivity for physical appliance
  • The appliance requires physical connectivity for SPAN ports or TAPs
  • IPSec VPN capable device on Customers site
  • Internet connectivity
  • Provide contact details for alerts and reports

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical and High incidents are given priority and are triaged against specific Service Level Agreements (SLAs) to minimise any potential client impact. Our alert and incident categorisation and corresponding action times are applicable 24 hours a day, 7 days a week
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Critical and high incidents are prioritised and triaged in line with specific Service Level Agreements (SLAs) to minimise potential client impact, ensuring rapid response around the clock. ; ; The categorisation of alerts and corresponding response times, applicable 24/7, are as follows: ; ; For critical incidents like a ransomware outbreak, the Mean Time To Detect (MTTD) is 15 minutes, with a Mean Time To Respond (MTTR) of 30 minutes.; ; High incidents, such as account takeovers or malicious payloads, are detected in 30 minutes and responded to within 1 hour. Medium incidents, such as suspicious but unconfirmed activities, have a 2-hour detection and a 4-hour response time. ; ; Low priority incidents, like policy violations, are detected in 8 hours, with no set response time.; ; MTTD refers to the time from when an incident is raised by the system to when it is triaged. ; ; MTTR measures the time from triage of an incident confirmed as a True Positive to when an analyst begins active response or escalates it to the client’s emergency response team. ; ; These metrics ensure that each incident is addressed promptly and efficiently, reducing the overall risk and impact on client operations.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding is included as per the Service Description and selected Service; Level.; ; We can typically commence on-boarding within 15 working days from; acceptance of order.; Technical resource will be available to provide technical advice during on-boarding.; We typically use month 1 to baseline the service from go live date.; e2e provides a service desk to manage this service.; ; Any additional activity after the agreed initial implementation and; on-boarding may be chargeable.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Optionally at the end of the contract, we can migrate the data out of the service (such as historical logs) on a time and material basis in CSV format.
• End-of-contract process: Off-boarding is included.; All user access will be revoked and any e2e cloud service components; containing customer data will be wiped and factory reset. ; All customer data will be removed.

Using the service

• Web browser interface: Yes
• Using the web interface: Cumulo Portal access provides ability to track and monitor the case status in real time, access comprehensive reports and dashboards, offering detailed statistics regarding your security posture, alerts, incidents, and ticket type & volume. ; ; These reports are available for download monthly, providing you with a regular overview of your security operations and performance.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Carried out with one of our central government customers
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Capacity Management and design of cloud systems. Use of dedicated resources for each customer. Service operated to defined SLA.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other
• Other usage reporting: An e2e service manager will contact the Client if a trend shows sustained over usage of the contractually agreed service limits. The Service Manager will work with the Client to first bring the usage to agreed limits or agree new service limits between all parties.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Detailed monthly reports including SLA metrics, Incidents, tickets
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: E2e-Assure

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • All e2e managed devices are backed up
  • The service operated out of two geographically separated UK datacentres
• Backup controls: E2e managed components and logs ingested in to Cumulo, the e2e SIEM, will be backed up across two geographically separated UK datacentres.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: If the service level falls below the stated availability (excluding planned or; emergency maintenance and excluding any fault that is not the responsibility of e2e or e2e components), consumers will be eligible for a service credit.; Service credits are provided as professional service credits that can be used; for any support, design or security activities and are calculated at a value of; 5% of service spend on the particular service.
• Approach to resilience: All e2e services operated from UK datacentres in two regions (England and Wales) with multiple power and Internet Service Providers to ensure resilience. Individual service resilience may be dependent upon the Service Level that is ordered for each service.
• Outage reporting: An incident management and response process will be agreed with each customer with email and phone alerting processes as required.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: If required, support channels will agree processes for authenticating users including names users/account and the use of agreed passcodes.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI - Certificate Number 620531
• ISO/IEC 27001 accreditation date: Up to date and current since we first achieved ISO27001:2013 on 17/07/2015
• What the ISO/IEC 27001 doesn’t cover: The whole organisation and all services are covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Police Assured Secure Facilities (PASF) for DCs and e2e Management
  • Classified Material Assessment Toolkit (CMAT) inspections at DCs

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: This is detailed in our ISO 27001:2013 documentation and a full RMADS for all services.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes are documented and managed via the internal ticket system. A separate test environment is used to ensure changes tested prior to being applied to the ‘live environment’. All changes reviewed and approved by appropriate senior staff prior to implementation to ensure they do not compromise security controls.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All services are assess as a part of the e2e Accreditation Framework with a full IS1/2 risk assessment provided as part of the RMADS.; e2e provide comprehensive and detailed protective monitoring services independently for customer environments and all service offerings.; Critical security patches are typically deployed within 8 hours.; As well as ingesting intelligence which is used by our toolsets and rules engines, threat intelligence is can also be consumed from CERT-UK, CiSP, other Service Providers and from the NCSC
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: E2e provide comprehensive and detailed protective monitoring services independently for customer environments and all service offerings. The capability provides a comprehensive set of tool-sets to proactively defend customers and services; This includes:; Proactive Cyber Defence and Enterprise Risk Management; Integrated Enterprise wide coverage with Flexible Log Management, Network Discovery, Asset Management, Traffic Flow Analysis; NIDS, Packet Capture, Packet Analysis, Internal and External Vulnerability scanning,; Threat Intelligence and Proactive Incident Response.; All incidents will follow a predefined incident response playbook with fully automated and manual response actions. Typical response time is 15 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: E2e have a range of operational service levels that can be provided to customers. These range from carrying out initial triage and incident prioritisation through to analyst assisted incident response. Manual and automated inceident response. e2e can run Incident Response through to conclusion should that be required by its customers. Reporting of incidents can be though email or phone and depneding upon the service, email reports can be provided or access to the on line ticketing and incident portal is provided.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  iomart recognises the environmental impacts of our business operations and continually seeks to minimise this impact with a commitment to achieving Net Zero by 2050, or earlier. To control and reduce our environmental footprint, iomart implemented a sustainability and energy efficiency programme aligned with a number of the UN Sustainable Development Goals, specifically #13 – Climate Action, which aims to take urgent action to combat climate change. This programme complies with the requirements of ISO 14001:2015 and ISO 50001:2018, which form the basis of iomart’s Energy Management and Environmental Management Systems, respectively. As part of this programme, iomart: • Partners with Schneider Electric to establish carbon reduction targets and implement a roadmap to reduce our overall emissions in alignment with UK Government targets • Purchases Renewable Energy Guarantees of Origin (REGO) certified renewable energy across our entire UK data centre estate, resulting in a 99% decrease in total carbon emissions under the market-based reporting approach since our benchmark year of FY21 • Continues to meet the UK Government Streamlined Energy and Carbon Reporting (SECR) requirements, including energy use and carbon emissions information in its annual report • Carries out assessments under the Energy Savings Opportunity Scheme (ESOS), administrated by the Environment Agency to identify tailored measures to save energy and achieve carbon savings • Operates an ongoing programme of energy efficiencies across its data centre estate, including the installation of LED lighting and the upgrade of UPS battery power systems • Has relocated its headquarters to a more sustainable premises with green commuting encouraged • Maintains responsible business operations including recycling/segregation of waste, considering environmental factors during the procurement process and encouraging employee involvement in energy efficiency improvement initiatives • Is rolling out new initiatives to reduce environmental impact, including the installation of solar panels at its flagship data centre

  Covid-19 recovery

  iomart recognises the continued impact of Covid-19 on communities, businesses and staff. Having implemented a Business Continuity Plan aligned with ISO 22301 best-practice guidelines, iomart was able to seamlessly transition to a remote working policy for the majority of employees at the start of the global pandemic. Safe working practices were introduced for those working at our data centre sites to support Critical National Infrastructure during this time. Reflecting on this era, iomart recognised that many employees value the ability to work from home. In response, iomart introduced a hybrid working policy in order to balance the needs of the business with the flexibility for employees to work both from the office and remotely. As a managed services provider, iomart continues to provide the necessary infrastructure and support to many customers which allow them to offer their staff remote and hybrid working, enjoying the same benefits as many iomart employees. Having provided many customers with financial initiatives to delay invoice payments during the pandemic to help with their cashflow, iomart played a pivotal role in ensuring that a significant number of small and medium business continue trading today and continues to work closely with them to provide business-critical services. iomart continues to partner with the organisation Business Volunteers to support various charities within the local communities in which it operates. Through numerous volunteering engagements, iomart employees have supported a food-growing charity to encourage families to get outdoors, exercise and grow healthy food. They have contributed towards the rejuvenation of the site with a new seating space and raised beds, repairing compost bins and digging up areas that had overgrown. Our teams have also volunteered at a food bank warehouse, taking in food and household items and distributing parcels to local organisations that provide essential support to families, post Covid-19.

  Tackling economic inequality

  iomart takes its responsibility in this areas very seriously and is committed to acting ethically and with integrity in all of our business relationships. This commitment and subsequent efforts to operate responsibly are fulfilled through the operation of corporate governance processes and ISO-certified business procedures. iomart has implemented robust controls and checks, including continual monitoring, to ensure that there is no modern slavery or human trafficking in its supply chain or in any part of the business. We conduct internal risk and material assessments within our supply chain, requiring suppliers to undergo a due diligence process prior to product or service provision. Employees are paid fairly, with salaries paid directly into their own bank accounts. Cyber security risks are identified and managed via iomart’s Information Security Management System which is based on the requirements of ISO 27001, an internationally-recognised standard governing the protection of personal records and sensitive information. Conformity with this rigorous security standard is monitored continuously and assessed by iomart’s UKAS-accredited certification body, providing external assurance of the controls validated. iomart operates an Equality, Diversity and Inclusion programme which is aligned with the United Nations Sustainable Development Goal #8 - Decent Work and Economic Growth – which promotes sustained, inclusive and sustainable economic growth, full and productive employment and decent work for all. Actions and initiatives to support this goal include: • Mentoring partnerships with MCR Pathways, supporting equality of education outcomes, career opportunities and life chances • Regular engagements with SmartSTEMs, a charity which aims to provide equity of access and opportunity for all young people to STEM education and career opportunities • Partnership with and recruitment via Generation, a non-profit organisation transforming education to employment systems to prepare, place and support people into life-changing careers that would otherwise be inaccessible

  Equal opportunity

  iomart is committed tackling workforce inequality. Closely aligned with the United Nations Sustainable Development Goal #5 - Gender Equality, which aims to achieve gender equality and empower all women and girls, iomart’s approach aims to shine a spotlight on diversity, inclusion, belonging and talent whilst ensuring our policies, recruitment and frameworks are free from bias. To achieve this, iomart: • Operates a diversity and inclusion strategy devised to reduce any real pay gap in the longer term, with an annual Gender Pay Gap report published annually • Has implemented measures to monitor key demographic data, which allows us to set targets to improve representation in key areas • Continues to refresh and expand our employee networks, working towards a gender balance of 30% female representation by 2030 whilst tracking diversity statistics to ensure informed decision making across the business. • Partners with Empowering You, an organisation aiming to build an empowered community of diverse, authentic and confident leaders who can inspire a meaningful and sustainable cultural shift that benefits their organisation, wider industry and society at large • Has implemented an Equal Opportunities Policy in accordance with the Equality Act (2010) • Provides training for managers to better understand neurodivergent and disabled employees’ needs • Publishes a statement on Modern Slavery in accordance with section 54(1) of the Modern Slavery Act 2015, reflecting iomart’s commitment and efforts to operate responsibly • Redacts demographic information from CVs to reduce unconscious bias during the recruitment process • Operates a flexible working policy to promote a healthy work-life balance whilst allowing staff to fulfil other duties outside the workplace such as childcare and supports them working to their individual strengths

  Wellbeing

  iomart promotes the wellbeing of our people though a number of employee benefits and initiatives that impact physical and mental health. These include: • An Employee Assistance Programme with 24/7 support • A cycle to work scheme, with Head Office facilities designed to encourage green commuting • Enhanced benefits with length of service, such as medical and dental cover • Neurodiversity training • Flexible and hybrid working policies to promote a healthy work-life balance This commitment to wellbeing is extended throughout our local communities whereby iomart actively participates in charity engagement and volunteerism. Through our partnership with Business Volunteers, iomart works with local charities to support strong, integrated communities. We began hosting Volunteer Days at our Glasgow and Manchester sites in 2021. We have cooked and served Christmas dinners vulnerable people in Manchester and volunteered at the Glasgow Community Garden Trust to support a food-growing charity in encouraging families to get outdoors, exercise and grow healthy food. Employees helped to rejuvenate the site with a new seating space and raised beds, repairing compost bins and digging up areas that had overgrown. Additionally, iomart worked with FareShare UK to help deliver food that would prepare 40,000 meals for people in need. To further promote the physical health and wellbeing of staff and the wider community, iomart seeks to develop more sustainable business operations intended to reduce its environmental footprint.

Pricing

• Price: £598 a device a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.