COOLSPIRiT

COOLSPIRiT a Databarracks Company: Wasabi S3-compatible Hot Cloud Storage

Hot Cloud Storage is simple, fast, and affordable cloud object storage. There are no archival or warm storage tiers to deal with–it’s just one tier of highly secure, low-latency storage that’s as fast or faster than the hyperscalers’ most expensive frequent-access tiers.

Features

• S3 compatible Storage and Compliant API
• Ability to managing and monitoring multiple accounts
• GUI Management Console for easy bucket management
• Security features including object lock, MFA and IAM (RBAC)
• Predictable pricing with Reserved Capacity or PAYG
• Wasabi Ball Transfer Appliance
• Hot Cloud Storage, Cloud NAS, Cloud Sync Manager, Direct Connect

Benefits

• 80% less than AWS S3
• No egress charges
• No API request charges
• Private network options
• 11x9s data durability
• Immutable storage

£95 a terabyte a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@coolspirit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

303745377310544

Contact

Alex Raben
01246 454 222
frameworks@coolspirit.co.uk

Service scope

• Service constraints: Not applicable
• System requirements: Wasabi is cloud object storage IaaS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Wasabi offers a support matrix depending on the severity of the incoming ticket. Severity 1 incidents will be responded to within 15 minutes. Severity 2 within 30 minutes, severity 3 within 4 hours and severity 4 within 10 business days. All severities have a sliding scale of resolution times.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Wasabi offers Basic (free) & Premium (paid) support plans as shown below:; • Basic Support: Business day support via email only; • Premium Support hours = 7 x 24 x 365 via email & phone. Premium support is 7% of the purchase price for Reserved Capacity Storage customers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Wasabi is a cloud storage IaaS, online help guides and tutorials are accessible by end customers. As part of our partner relationship Wasabi will help enable partner teams to be able to onboard new customers as part of their cloud service offering – this is by the online help and tutorials as well as partner-specific educational content provided via the Wasabi Partner Portal. Additionally, Wasabi also works closely with it’s partner network and utilises in-region Wasabi Sales Engineers to provide more in depth partner training and enablement.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of a contract, stored data will be available for 30 days, with the ability to extend if necessary. This will enable the customer to either retrieve their data or renew their contract without service interruption. Users will usually extract their data via the same application they used to push data to Wasabi.
• End-of-contract process: Pursuant to section 1.5 "Your Content" of the Customer Agreement, " 'Your Content' means content that you or any Authorized User transfers to us for storage or hosting by the Wasabi Service in connection with your Customer Account. Your Content does not include your Customer Account information. You will ensure that Your Content does not violate any terms of this Agreement, the Documentation, or any applicable law. You are solely responsible for the development, content, operation, maintenance, and use of Your Content. You represent and warrant to us that: (a) you or your licensors own all right, title, and interest in and to Your Content and Feedback; (b) you have all rights in Your Content and Feedback necessary to grant the rights contemplated by this Agreement."; ; At the end of a contract, stored data will be available for 30 days, with the ability to extend if necessary. This will enable the customer to either retrieve their data or renew their contract without service interruption.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can create/edit/delete buckets, users, groups and policies using the Wasabi web console. Further information is available here: https://docs.wasabi.com/docs/wasabi-cloud-storage-console-1
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Wasabi Technologies is partially conformant with WCAG 2.0 level AA.; ; Partially conformant means that some parts of the content do not fully conform to the accessibility standard.
• API: Yes
• What users can and can't do using the API: Wasabi provides 3 distinct APIs:; • Wasabi S3 API - Wasabi’s object storage service is built to be 100% bit-compatible with the Amazon Web Services’ Simple Storage Service (AWS S3) and Identity and Access Management (AWS IAM) APIs. https://docs.wasabi.com/docs/wasabi-api ; • Wasabi Account Control API - At a high level, WACA allows for the following functions:; o Create a new sub-account that is linked to the Wasabi Control Account; o Generate AWS key sets for sub-accounts; o Manage sub-account trial parameters, such as extending the sub-account trial period and change subaccount trial quotas; o Convert a sub-account trial period into a full (paying) account; o Query utilization of sub-accounts both at the summary account level and bucket level; o Query invoices of sub-accounts; o Delete sub-accounts; o Manage account “profile” information, such as email address; https://docs.wasabi.com/docs/account-control-api ; • WACM Connect API - At a high level, the WACM Connect allows for the following functions:; o Query utilization of sub-accounts at the account level and bucket level; o Query invoices of sub-accounts; o Query current utilization of control accounts; o Filter the responses with a wide range of parameters; https://docs.wasabi.com/docs/wacm-connect-api
• API automation tools:
  • Ansible
  • Terraform
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Please refer to the following Wasabi Knowledge Base article(s): ; ; https://knowledgebase.wasabi.com/hc/en-us/articles/360031983432-How-does-Wasabi-protect-against-malicious-encryption-; ; Customer data is encrypted on upload and can only be access by authorized customer users with valid access keys. Customers are responsible for creating and managing their users and access keys, as Wasabi is not able to access the customer account to configure these settings. Please refer to:; ; https://docs.wasabi.com/docs/access-keys-1; https://docs.wasabi.com/docs/users-1
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Storage consumption (active and deleted)
  • API Calls
  • Utilisation
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Wasabi

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Never
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Please refer to https://wasabi.com/legal/sla/
• Approach to resilience: Wasabi provides 11 9's of data durability. Please see the attached "data durability" whitepaper. Other information can be made available on request.
• Outage reporting: A realtime dashboard is available at: https://status.wasabi.com/ it is also possible to subscribe to email updates

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
• Access restrictions in management interfaces and support channels: Wasabi facilitates the process of setting up security processes through MFA, SSO, Access keys and Password requirements in addition to users, groups, and policies, which Customer controls and manages through the webbased application. Please refer to the following for further information:https://docs.wasabi.com/v1/docs/en/configuring-the-single-sign-on-sso-feature?highlight=ssohttps://docs.wasabi.com/docs/access-keys-1https://docs.wasabi.com/docs/defining-user-password-settings?highlight=Passwordhttps://docs.wasabi.com/docs/creating-a-user-account-and-access-keyhttps://docs.wasabi.com/docs/creating-a-virtual-multi-factor-authentication-mfa-device?highlight=MFA Additionally, for further information on Users, Groups, and Policies:https://docs.wasabi.com/docs/groups-roles-and-usershttps://docs.wasabi.com/docs/policies-1?highlight=Policies
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 14001
  • ISO 22301
  • ISO 27001
  • ISO 45001
  • ISO 50001
  • ISO 9001
  • PCI DSS
  • SOC 1 Type II
  • SOC 2 Type II

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Please refer to provided "All Wasabi Policy Summaries.ZIP" for all information regarding Wasabi's Security Policy.
• Information security policies and processes: Wasabi has a Chief Information Security Officer, Security Officer, and IT Security Officer. Please contact compliance@wasabi.com if there is a need to contact one or more of these individuals; ; Please refer to the following attached policy summaries: ; ; Access Control and Access Review.pdf; Compliance & Regulatory Audit Procedure.pdf; Risk Assessment.pdf; Security Assessment.pdf; Data Retention and Destrcution.pdf

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Wasabi Operations department track the status, location, and configuraiton of service comonents throughout their lifetime. ; ; Please refer to the following attached policy summaries: ; ; Maintenance.pdf; Security.pdf; Software Development Lifecycle - SDLC.pdf; Service Notification.pdf
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Wasabi conducts weekly vulnerability scanning of all servers utlizing Tenable.IO. For an update schedule and status page please use the following link:https://wasabi-support.zendesk.com/hc/en-us/articles/115001406711-How-do-I-find-out-when-Wasabi-performs-service-updates- Wasabi is a URL/Website based application patching occurs as needed and can be comepleted seemlessly without interuption of service. Please refer to attached summary policy, "Maintenance", Service Notifications", and "Cybersecurity Incident Response" PDFs."
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Wasabi utilizes Carbon Black as its EDR/AV, which is continuously monitored and action is taken when there is an update. Furthermore, Wasabi has implemented a process where upon stakeholders are notified via, text, email or Slack in the event of unauthorized access. At which point action is taken to block said IP from unauthorized access.
• Incident management type: Supplier-defined controls
• Incident management approach: Please refer to Summary Policy PDF, "Cybersecurity Incident Response.pdf," for further detail on this matter.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Wasabi is colocated in Equinix facilities in Europe. Equinix is committed to leading the way regarding the EU Code of Conduct for Energy Efficient datacentres. More info can be found here: https://www.equinix.co.uk/data-centers/design/standards-compliance

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  As an organisation, COOLSPIRiT is wholly committed to improving our social & sustainability record and drive real change through to delivery of our contracts. We take great pride working with our supply chain and customers to understand how our services can be provided with reduced emissions seeking a net zero impact on our environment. We employ a number of activities / initiatives to help accelerate us towards our global population becoming carbon neutral, including, Partnering with World Land Trust to plant trees in Borneo, SME Climate Commitment, Working from solar-powered offices, Availability of electric car charge points, Electric-powered company vehicles, Upgrading to LED lighting throughout our offices, Eradicating the use of single-use plastic, Achieving ISO 14001 Certification, Supporting the 721 Challenge. We understand that our business has a direct impact on the environment, so we're actively working towards best practices in the technology sector. In regard to our Social Responsibility, we also thrive on making differences wherever possible, be it big or small, to help support the overall impact that organisations can have on our local communities. Initiatives we have in place include, Apprenticeships for local people, Employment skills structure, Supporting the community, Donations of technology equipment, Local collaboration, Sustainability and environmental focus, Supporting Charity. We're excited to have now partnered with the World Land Trust (Registered Charity No. 1001291) as a corporate supporter. The World Land Trust carries out essential reforestation projects, supporting conservation and creation of wildlife-rich habitats benefitting local communities, reconnecting forest areas, and storing carbon. In addition to the measures noted above we will automatically plant a tree for every contract placed with us. More information can be found on our website https://www.coolspirit.co.uk/

Pricing

• Price: £95 a terabyte a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Wasabi offers a 1TB 30 day no obligation free trial. The Trial gives access to the full functionality of the service
• Link to free trial: https://billing-service.wasabisys.com/CommunitiesSelfReg?pid=WOS

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@coolspirit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.