Viewdeck Consulting Limited

Security Operations Centre (SOC) as a Service

Security Operations Centre as a Service. Can integrate Cloud and on-premise services. Azure AD and hybrid AD scenarios. Integration of alert monitoring and anomaly detection across cloud (AWS, Azure, UK Cloud) and physical hosts / infrastructure. Microsoft Sentinel SIEM, with integration to Azure ATP, Defender ATP, M365 ATP.

Features

• Azure, AWS, UK Cloud, On-premise.
• Endpoint detetction and response,
• Host and network monitoring available.
• Application and database monitoring.
• Boundary / perimeter detection and response.
• Threat detection and investigation, automated incident creation
• Security Orchestration And Response (SOAR).
• Monthly threat reporting and response/risk analysis
• Includes recommendations to improve overall security posture.
• Service availability options upto 24x7.

Benefits

• Rapidly improve security detection and response.
• Deployment options can be accelerated if need dictates.
• Mitigates risk of financial /reputational damage due to cyber threats.
• Cost limits apply for ease of budgeting / affordability.
• Risk mitigation for many cyber threats.
• Scope of service can be tailored to meet affordability requirements.
• Monthly reporting provides key MI and threat intelligence.
• Service can be deployed across all of your environments.
• Legacy environments closely monitored as part of mitigation efforts.
• Full service availability out of hours provides peace of mind.

£565.00 to £1,500 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.oconnor@viewdeck.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

322997705346332

Contact

Chris O'Connor
0203 384 3350
chris.oconnor@viewdeck.com

Planning

• Planning service: Yes
• How the planning service works: Our Services can take different approaches depending on circumstances. For fixed/short term projects, we aim to support a short upfront planning exercise defining objectives, milestones and resource profiles. This enables the Client and ourselves to develop strong, fixed proposals that meet budgetary and business needs.; In Digital Projects we support the Agile agenda, and look to deliver inside a GDS aligned Discovery, Alpha, Beta structure, enabling an iterative, outcome-based, agile delivery model working with Client teams driving towards agreed common goals.; For more traditional settings, a combination of Agile, Iterative, Timebox or traditional approaches can be used.; Where time and scope allows, a POC-Pilot-Deploy approach can help manage, plan and deliver success in complex or risky scenarios. Working with the client, effective controls on the planning and delivery provide confidence and assurance around goal,s objectives, resources and quality.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Viewdeck looks to support Skills transfer for its Cloud Support Services through a number of formal and unstructured training activities. The use of these differing approaches will depend on circumstances, and will often be agreed as part of the Statement of Work/Scope during the Onboarding or Inception phase. The following highlights approaches we have used and offer to Clients:; ; * Structured: Formal training, using “classroom”/lecture style format.; ; * Show-and-tells: Structured presentation to technical and business communities to help communicate experience, knowledge and progress.; ; * One-2-Ones: Tailored skills transfer with structured content to provide just the right engagement to key, senior or focused Stakeholder groups.; ; * Buddy/Pair working: Shadowing and co-locating to provide skills transfer, experience and knowledge share.; ; * Multimedia: Interactive training, using technology like Screen Recording/Web Conferencing to reach, record and disseminate messages through reactive, tailored training/seminar exercises.; These approaches provide a cross section of methods that will fit most Projects, Service or delivery environments. All aim to produce or provide lasting skills transfer and knowledge to Clients.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Our Cloud Migration Support is appropriate for many delivery scenarios. Our key approach steps include:; ; * Scan: Identify current skills, resources, processes and tools used in As-Is delivery.; ; * Confirm: The scope and goal of the migration, extent of the Service, Minimal Viable Product/ Service, Key Stakeholders and Service/business requirements.; ; * Analyse: Identify the Service Transition, Quality Controls, Assurance/Security requirements, plan clear stages to mitigate risk and deliver goals. Identify back-out risk mitigation.; ; * Develop/Deliver: Step-wise through the delivery stages, providing audit, quality and assurance as identified to ensure compliance, risk management and Stakeholder confidence: Data Quality, Service Testing etc.; ; * Assess: Test, review and rework plans following end stage to learn and feedback into migration plans.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Viewdeck’s Quality Assurance approach is used across the Service Delivery lifecycle.; ; * Onboarding/Inception: At the initial phase of any Cloud change project, we will identify the key Quality Controls, Quality Metric(s) and Quality Owners. Typically, this will be owned by your Engagement Lead and communicated/agreed in the Statement of Work. Quality events (e.g. weekly checkpoints) will be agreed as part of the onboarding stage.; ; * Delivery: During the delivery stage, our Service Quality will typically be managed by: a) Commercial KPI Scorecard, providing regular performance ad KPI measures set against typical vendor/ supplier controls. b) Project, Weekly Checkpoint reporting against targets, milestones and resources including Risks and escalations. c) Delivery, agreement and demonstration of deliverables or outputs against Services targets, SLA’s etc. as agreed in the Statement of Work/Service Agreement.; ; * Closedown: As part of the formal conclusion of a SOW or Service delivery, our Engagement Lead will work with the Client Service Owner to demonstrate and agree delivery of the outcomes to the Standards/SLA’s, and as part of the feedback, identify client quality appraisal against Service moderators.; Security testing

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: No

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Our Services include support for our range of Cloud based Software Solutions.; ; Our range of SaaS solutions include 1st, 2nd and 3rd line helpdesk and resolution of Incidents, with a range of Supporting Service Management Capabilities to deliver support to our clients.

Service scope

• Service constraints: Full Service provision as identified in the Service Description.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our response is based upon a traditional P1-P5 problem management prioritisation and response model with escalation as appropriate to meet the agreed SLA.; P1 issues have an immediate response, action within 15 minutes during standard support hours (9.00-5.30 M-F). 1 hour outside of standard support hours. Target resolution is 4 hours.; P2 issues have an immediate assessment during standard support hours and response within 2 hours. Target resolution is 1 working day.; P3, P4 and P5 issues are responded to within 1 day during standard support hours. Target resolution is 2, 5, and 10 working days respectively.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: None
• Support levels: Viewdeck follows a traditional P1-P5 problem management prioritisation and response model, providing integration and escalation as you would expect to deliver to the agreed service levels. ; P1 Total loss of service. ; P2 Some loss of service. ; P3 Small loss of service or work around. ; P4 Tasks are made more difficult, but are not impossible to complete. ; P5 Interferes with non-operational use. ; All P1 and P2 events are allocated an Incident Manager to see and manage incidents through to successful resolution, providing SPOC, regular reporting, and coordination between various resolver groups. Standard support is Mon-Fri 9-5:00pm. Additional extended hours of support are available, either for 9am-5pm Monday-Sunday , or 24 hours x 7 days Week. All services can take advantage of the 24 hour per day web and telephone service, although only P1’s and P2’s will be responded out of supported hours. Additional pricing for these services is based on the product, with further details in our pricing guide. All Viewdeck Services include an Account Manager to manage service issues, and provide a SPOC for clients.

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Open Source and Open Licenses Tools, available freely.

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 18/05/2018
• What the ISO/IEC 27001 doesn’t cover: There are no exclusions.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Fighting climate change:

  Fighting climate change

  All staff and suppliers are aware of our environmental policy and team members are actively encouraged to take a responsible approach to protecting the planet.
• Covid-19 recovery:

  Covid-19 recovery

  Since the outbreak of Covid-19 we have encouraged all of our staff to work from home. This removes the need for commuting, promotes social distancing and as a bi-product has significantly increased productivity. Recognising the issues that can arise from remote working we encourage regular communication through a range of collaborative software services and hold regular remote team and company meetings to promote and develop team spirit and cooperation.
• Tackling economic inequality:

  Tackling economic inequality

  We are actively encouraging all team members to continue to learn and develop new skills to support the digital economy. We are also supporting Apprenticeship Degree schemes, notably in Cyber Security. Although we are a small business we are constantly seeking ways to introduce new members to the team.; We actively seek to partner with other SME’s who share similar values to extend our capability. We continue to support innovation and disruptive technologies to provide low cost, high value services that drive productivity. We have a total commitment to the management of cyber security risks through our internal processes, ISO27001 and Cyber Essentials Plus accreditation.
• Equal opportunity:

  Equal opportunity

  Every member of the team is valued and encouraged to develop their skills to support further career development. Irrespective of gender, age or race every team member has the same opportunity to progress in our business. We have an anti-slavery policy and ensure that our supply chain is not compromised in any way.
• Wellbeing:

  Wellbeing

  We are aware of the wellbeing issues that have resulted from the Covid pandemic and we encourage our workforce to raise any issues they have inside/outside of work and always provide support. We have always had a culture that welcomes contributions from all team members and encourage communication. We operate a very flat structure where everyone is encouraged to participate fully in all of our business activities. Self-worth, training and a common commitment to help each other is at the forefront of our organisation.

Pricing

• Price: £565.00 to £1,500 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.oconnor@viewdeck.com. Tell them what format you need. It will help if you say what assistive technology you use.