Vysiion Ltd

Vysiion Hybrid Cloud

Vysiion Hybrid Cloud provides an agnostic service for the provision of cloud hosting, compute, network connectivity, and storage from vendors including Microsoft Azure and AWS, and any other vendors that come to the market during the G-Cloud 14 term. The service includes implementation and support for OFFICIAL and SECRET requirements.

Features

• Cloud agnostic
• Ability to switch vendors quickly
• Hold data workloads in a hybrid cloud environment
• Ability to leverage bespoke connectivity solutions
• Ability to store Crypto material
• Hold and transact data at OFFICIAL, SECRET and higher
• Supply and build of hybrid and private cloud compute platforms
• Data Centre Manager as a Service
• Smart Hands and Intelligent Hands
• Data Centre Security (Physical and Cyber)

Benefits

• Ability to utilise multiple clouds
• Create a true hybrid cloud model
• Blend the hybrid cloud with private cloud instances
• Maximise savings
• Leverage new cloud providers coming to market
• Leverage bespoke connectivity requirements
• Leverage Crown Hosting facilities

£0.04 a unit an hour

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudsales@vysiion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

328089729463221

Contact

Vysiion Sales
01249 446500
cloudsales@vysiion.co.uk

Service scope

• Service constraints: All cloud providers have different maintenance schedules.
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Bespoke SLAs depending on customer requirement.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Vysiion provide a range of service levels depending on the desire of the buyer. A Service Delivery Manager is assigned and cloud support engineers and architects are on hand to support the end customer.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Vysiion technical architect will liaise with the buyer to determine the best cloud vendor to use. The relevant documentation will be provided and training can be offered at an additional charge.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Users will be able to extract their data off the cloud platform using their preferred means.
• End-of-contract process: The buyer is able to keep their data on the cloud platforms but switch intermediary from Vysiion to another partner as desired.

Using the service

• Web browser interface: Yes
• Using the web interface: Users will be able to access their cloud instance using the web interface of the particular vendor/s they have selected.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: N/A
• Web interface accessibility testing: None
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Working with cloud vendors, they scale with demand.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Azure, AWS, Google, and any other cloud vendor

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• Backup controls: Users can control what back-ups are performed, which may be different depending on the data stored and the cloud vendors used for particular workloads.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The levels of availability will be dependant on the cloud vendor selected and the particular service chosen. Cloud vendors provide service credit regimes which will be available for the buyer to leverage. Availability is up to 99.999%
• Approach to resilience: This service is cloud agnostic and therefore allows for a hybrid cloud solution which increases resiliency.
• Outage reporting: Outages experienced by any of the cloud vendors or by a private cloud entity will be communicated via email alerts, dashboards and APIs.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Vysiion will agree a policy with the customer around access which will be role-based.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amtivo Group Limited, trading as British Assessment Bureau
• ISO/IEC 27001 accreditation date: 10/07/2016
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Vysiion is ISO27001 and Cyber Essentials Plus accredited and has a full suite of associated accredited information security policies that are managed and maintained by our compliance team. We design and implement solutions which meet stringent security requirements and meet current industry standards as well as aligning with customers’ information policies and procedures to ensure we protect our customers’ systems and data from security breaches and cyber attacks. We continually monitor and review our security practices, working closely with officially appointed security advisors and accreditation bodies, and as such are very familiar with current legislation and standards, best-practice guidelines and the approaches required to protect UK government assets. Our employees are security cleared to enable them to deliver services to the highest information security requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We follow current ITIL aligned Change and Configuration processes for all changes; All changes to infrastructure and systems are managed through these processes ensuring that standardised methods and procedures are followed for all. The process ensures that all changes are formally assessed, authorised and controlled to minimise any adverse service impact. ; Our Change Advisory Board assess and validates all Changes from a business, technical, security and delivery perspective, drawing on subject matter experts when required. ; A Forward Schedule of Change is maintained.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We work closely with officially appointed security advisors/accreditation bodies/comply with current legislation/standards e.g. NCSC guidelines. We are registered with NCSC Cyber-security Information Sharing Partnership (CiSP), to exchange cyber threat information in real time/increase situational awareness and receive information about potential threats via suppliers e.g. Microsoft. We deploy automated tools for vulnerability monitoring. Alerts are immediately investigated by an engineer and any identified threats immediately removed from the network, to eliminate the risk of potential infection. Critical patches are tested on a sand-boxed device on-receipt and deployed across the infrastructure once proven to achieve maximum cover with minimum business impact.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Where protective monitoring services are required, Vysiion works with vendor specific technologies and services or a trusted third party security specialist to deliver these processes.
• Incident management type: Supplier-defined controls
• Incident management approach: Vysiion has a well-defined ITIL aligned incident management process with a fully manned 24/7 service desk/NOC and a comprehensive service toolset that allows incidents to be raised by phone, email and portal. Incident reports are regularly provided by email and users can log on to the portal at any time to get the status of an incident. Customer satisfaction surveys are carried out on closure of an incident.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Vysiion's Hybrid Cloud allows customers to select the most appropriate public or community cloud as long as it adhere's to the EU Code of Conduct for Energy Efficient datacentres.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Vysiion is committed to fighting climate change and actively influence our staff, suppliers and Buyers to support environmental protection and improvement.; Our “Green Team” proactively engages with staff through a monthly newsletter and incentivises their contribution to environmental protection and improvement. A recent subject was “Clean Air Day” that provided information on pollution, how it effects the planet and our health, and suggestions on how to reduce our footprint while commuting and at home.; The management and movement of people to and between sites requires staff to be environmentally aware and informed. A number of initiatives are in place that reduce logistics, encourage people to consider if they need to travel and how they travel. We have recently installed six electric vehicle charging points at our head office in Chippenham for staff to use on their private vehicles, as well as the company’s fleet of electric vehicles. We also encourage staff by supporting home working/use of collaboration tools.; We recognise that our employees make a positive contribution to the community through lending their time and expertise to local projects. Vysiion employees are encouraged to take two days paid leave per year to carry out volunteering activities for registered organisations. This has seen staff take part in litter picking activities throughout the local community and carry out conservation work in local parks and farms. ; We influence suppliers via selection criteria and diligence checks, giving preference to those with comprehensive environmental procedures and objectives, with an intent to influence the wider supply chain. We are building relationships with suppliers to influence the way that they report emissions data, to understand consumption and how improvements could be made, through our own supplier selection or assisting them understanding their net zero commitments.

  Tackling economic inequality

  Vysiion is committed to tackling economic inequality, in particular the digital skills gap, as part of the delivery of our services. As a solutions provider in the technology industry, we see this as integral to our development as a business, as well as the development of our sector.; We invest significantly in training, using an online training platform to personalise and manage individual training plans for each employee. We also ensure that training material is accessible to those with disabilities. We will continue to provide structured training and development under the contract, supporting all employees in obtaining relevant professional certifications and encouraging career progression into more senior, better-paid roles within Vysiion.; Vysiion recognises the critical challenge of developing digital skills in the economy and is passionate about attracting more young people into the industry. We have a number of initiatives in place around graduates and trainees and will maintain an apprenticeship scheme to provide employment opportunities to young people within the local area throughout the contract. We will continue to work closely with local schools and colleges, providing work experience/placement opportunities to young people in secondary education and employment outside term time, providing them with real-world skills and training in a high growth sector, with the prospect of a future role within the company. We will also regularly attend events such as careers fairs to speak to young people about how to apply for jobs, the type of roles that could be offered and how their skills are transferable. ; We will continue to run a formal graduate training programme that enables graduates to rotate through the business over a two-year period with accelerated Microsoft/Cisco/technical training, guided by an experienced mentor, to progress their careers and achieve qualifications recognised by the relevant Professional Engineering Institutions.

  Equal opportunity

  Vysiion are committed to tackling workforce inequality. Our policies/practices conform to the principle of equal opportunities in terms of recruitment, selection, training, promotion, career development, discipline, redundancy, and dismissal, ensuring employees are treated fairly in all matters. Staff receive training on subjects such as Diversity, Equity and Inclusion and Unconscious Bias, and their fulfilment of this training is logged.; Vysiion’s robust recruitment process and open, transparent culture encourage diversity and inclusion across all areas of the business. As an equal opportunities’ employer, we provide structured training/development, supporting our employees in obtaining professional certifications and encouraging progression into more senior, better-paid roles within Vysiion. The Learning & Development team ensures the availability of relevant training material and ensures that it is accessible to those with disabilities.; Vysiion offers competitive, benchmarked salaries aligned to the level of responsibility/skills/experience, with a progressive grading and pay structure. All staff on contract will be paid above the National Minimum Wage.; We aim to foster an inclusive workforce and are proud to have strong female representation within our leadership team. A ‘Women’s Network’ was established as a positive action scheme to help attract, promote and retain more female talent across the business, and a Mentoring Programme introduced as part of this, giving our female employees the opportunity to be coached by other accomplished women within the Group. ; We aim to work with educational institutions to help attract more women into STEM focused roles, helping to build a more diverse talent pool to support the UK’s future workforce needs. ; We have recently established a Diversity, Equity and Inclusion Society, that provides a safe space for employees to come together, feel secure and included and share their personal experiences and opinions.

  Wellbeing

  It’s more important than ever to ensure our employees get the best support for physical and mental health. In support of this Vysiion have a number of initiatives that focus on our employees’ wellbeing. ; • We cover employees with a Life Assurance Programme; • Employees have access to a Private Medical Scheme to help cover the cost of private medical treatment. The scheme also offers a number of sessions like Mindful Mondays, Wellness Wednesdays and webinars covering topics such as Women’s Health and Mental Health awareness; • Employees have access to a Healthcare cash plan that contributes to routine health checks; • Our Employee Assistance Programme gives 24/7/365 access to professionally qualified councillors to deal with all kinds of practical/emotional issues; • We encourage physical activity with a Cycle to Work Scheme; • We celebrate our employees by giving them time off on their birthday so it could be spent with friends or loved ones; • We encourage staff to take two paid charity days a year, allowing them to give something back to the community; • Employees are encouraged to purchase additional annual leave and support working from home for a better work/life balance

Pricing

• Price: £0.04 a unit an hour
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Certain cloud vendors will offer free trials of their service.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at cloudsales@vysiion.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.