DCO CSOC Cloud Protective Monitoring
The “DCO CSOC Cloud Protective Monitoring” service provides industry best practice services to monitor and protect cloud services in both public and private cloud hosting environments and tenants. Architecture and consultancy for these environments can also be provided to ensure a holistic security offering.
Features
- Protective monitoring of corporate cloud services
- CSOC integration of public cloud security technologies e.g. Sentinel
- Provision of appropriate security technologies within cloud native environment
- DCO CSOC Cloud Protective Monitoring
- Compliant with NCSC Security operations centre (SOC) buyers guide
- Monitoring of log and full packet capture and UEBA
Benefits
- Enhanced visibility of public cloud services
- Enablement of Defensive Cyber Operations activity in cloud environment
- Compliance with multiple standards including NIST and ISO
- Fulfils ambitions of NCSC 10 steps to cyber secuurity
- Demonstration of multiple standards compliance for negligence including GDPR
- Ability to detect Insider Threat via UEBA risk scoring
Pricing
£595 to £1,895 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
3 1 8 1 3 3 4 7 2 2 5 7 0 3 5
Contact
3DoT Solutions
Michael
Telephone: 0870 314 3368
Email: info@3dot.co.uk
Service scope
- Service constraints
- N/A
- System requirements
- Compute requirements predicated on monitoring scale
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 4 hour triage period
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- None
- Onsite support
- Yes, at extra cost
- Support levels
- Standard support offering of Monday to Friday 0900 – 1700. Phone response within four hours. Additional support can be provided for an extra cost, this is variable but designed to meet the customer needs up to dedicated 24/7 support.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- The service is extensively documented and fully training is provided to any client during the onboarding process
- Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Office
- End-of-contract data extraction
- Data is retained within public cloud offerings, therefore data extraction is not required on contract exit
- End-of-contract process
- There are no specific requirements for contract exit, as the service runs entirely in public cloud offerings.
Using the service
- Web browser interface
- Yes
- Using the web interface
- Full connectivity to service via web interface
- Web interface accessibility standard
- WCAG 2.1 AAA
- Web interface accessibility testing
- None
- API
- Yes
- What users can and can't do using the API
- Full connectivity to service via API
- API automation tools
-
- Ansible
- Chef
- OpenStack
- Puppet
- API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- Other
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Managed contention ratio and reliance on hyperscale cloud offerings
- Usage notifications
- Yes
- Usage reporting
-
- Other
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
- Anything included in the live service offering
- Backup controls
- Per request to service operations team
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Guaranteed availability. Availability requirements are agreed with the customer on service commencement. Service credits can be issued for non-compliance if required.
- Approach to resilience
- Service resilience information available on request.
- Outage reporting
- Outage reporting agreed with each individual client based on their needs, but can include dashboard/APIs/emails/month reports etc
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Full and authoritative identity and access management is enforced, including disabling of common accounts such as admin/guest.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- NIST / Cyber Essentials
- Information security policies and processes
- 3Dot Solutions has a full set of security policies and processes defined via an ISMS
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Full change and configuration management is offered for this service in accordance with ITIL guidlines
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- 3Dot Solutions operates a robust Threat and Vulnerability Management process and set of procedures. Threat Intelligence is routinely monitored and patching in line with industry best practice timescales.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- 3Dot Solutions offers a full protective monitoring service, as required by clients as part of the service offering, or can feed logs or other data into an existing SOC service, if this is more preferable to the client.
- Incident management type
- Supplier-defined controls
- Incident management approach
- 3Dot Solutions Incident Management processes align to the NCSC best practice
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- All DC provision mandated against EU CoC
Social Value
- Fighting climate change
-
Fighting climate change
3Dot Solutions gCloud offering aims to support the fight against climate change by advising and influencing stakeholders in the adoption of cloud prevalence, leading to a reduction in data centre single usage HVAC. This includes promoting less reliance on hardware based appliances in favour of software or container based solutions where multiple roles can be combined to reduce carbon emissions. - Covid-19 recovery
-
Covid-19 recovery
3Dot Solutions gCloud offering aims to promote new ways of working by recommending, promoting and assisting in the delivery of cloud based solutions which offer new, yet secure, access and delivery of services through appropriate technology. This includes the ability to increase remote working on classified data and systems. - Tackling economic inequality
-
Tackling economic inequality
3Dot Solutions is committed in all aspects of its business to support and foster the next generation of workforce, by creating and providing relevant opportunities in high growth areas such as the services offered through this gCloud offering. This is achieved through supporting opportunities presented through the likes of the Generation nonprofit organisation. - Equal opportunity
-
Equal opportunity
3Dot Solutions is an equal opportunities supplier, and does not prejudice employment decisions relating to disability, disadvantaged or minority groups. - Wellbeing
-
Wellbeing
3Dot Solutions promotes healthy wellbeing through its method of deliverable based work, placing emphasis on a strong life and work balance, especially in a post pandemic work setting. Particular emphasis is placed on mental wellbeing, where regular activities outside of the working environment are arranged alongside encouragement to talk about difficult problems whether that be professional or personal.
Pricing
- Price
- £595 to £1,895 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Trial periods and POV are available on request.