Skip to main content

Help us improve the Digital Marketplace - send your feedback

TALKTALK BUSINESS DIRECT LIMITED

1Cloud - Cloud Infrastructure as a Service (IaaS) Platform

1Cloud is an Infrastructure as a Service (IaaS) solution that provides customers with a highly secure, resilient, virtualised hosting environment in which to host their data. This may include their website, email and any other applications as required.

Features

  • Infrastructure – using purpose built HPE Blades
  • Sits within the telecommunications network, providing low contention
  • Monitoring – accessed via internet, in real time
  • Resilient – dual DC locations, with carrier grade network connections
  • Ability for customers to create/amend/delete any virtual machine
  • Ability to assign virtual machines to any VLAN
  • Ability to create internal VLANs
  • Console access to individual machines
  • Add alarms to individual machines; alerts sent to nominated email
  • Import customer templates and build machines from them

Benefits

  • Better access - from any location with an internet connection
  • Ease of use - from multiple devices (laptops/workstations/mobile phones)
  • Better uptime, providing a better experience for the user
  • Scalability and flexibility
  • The ability to react quickly to business demands
  • On-demand access for better cost control
  • Only pay for resources that are used
  • User-friendly web portal eliminating change complexity
  • Geographical and software resilience, ensuring high-availability
  • Individual customer firewalls maximising customer security

Pricing

£13.20 a virtual machine a month

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

3 5 6 9 1 7 5 6 1 8 2 4 8 7 4

Contact

TALKTALK BUSINESS DIRECT LIMITED Andrew Stokes
Telephone: 07976911843
Email: andrew.stokes@talktalk.business

Service scope

Service constraints
We may upon five (5) Business Days’ notice or, in an emergency (as determined by us), give as much notice as is reasonably practical, perform Scheduled or Emergency Maintenance (including temporary suspension of Service where necessary) to maintain/modify the 1Cloud platform or associated Services and/or to prevent or resolve Incidents. Service suspensions for the purposes of Scheduled or emergency network modification, or preventative maintenance, will not be counted as outage time for purposes of any Service Level.

For ongoing assurance, we will provide support to the customer for everything up to, and including the orchestration layer of the platform.
System requirements
  • Virtual machine operating systems
  • SQL databases (chargeable), customers may use their own
  • For data centre replication, TTB can provide a managed service

User support

Email or online ticketing support
Email or online ticketing
Support response times
All questions and queries will be acknowledged immediately upon receipt and we will endeavour to respond as quickly as possible during the working day with further information as it become available.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
No
Support levels
TTB will offer a single level of support accessible using email or telephone, 24*7*365. Following the receipt of a new incident, TTB will allocate a unique “Case Reference Number” that shall be inputted to the fault management system.

Priority Classification
Priority 1 - Loss of Service - DOA End User has been migrated onto the TTB
Network and the service has never worked within first 8 days. Total loss of Sync/Connection to TTB Network Expedites are available on request – 7 Hour response
Priority 2 Partial Loss of Service - Intermittent or unstable connection – 34 hours
Priority 3 Quality of Service – Destination Failure Speed or browsing issues – 48 hours
Priority 4 Queries or RFO requests Fault/ Service enquiries and RFO requests – 48 hours

TTB, at the time of making the incident/fault report, will agree the priority level of the incident. Once opened, a support case will remain open until the incident has been resolved.

All support levels detailed above are included as standard within the Service Contract. All customers will be allocated a named Account Manager who will have a team of dedicated Technical specialists that will support on any customer requirements.
Support available to third parties
No

Onboarding and offboarding

Getting started
TTB will provide a blend of online and face to face training around the relevant user interfaces, including providing the relevant documentation to customers post enablement.

Alongside this the platform comes with a quick start guide in PDF format that will support the user to manage the service effectively.

All documentation and communications from TTB will be via email to customers in their preferred format and communications method, and include all relevant contact details for aligned support and customer service requirements.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • 1Cloud quick start guide
  • Video demonstration
  • Technical documentation
  • Online knowledge base
End-of-contract data extraction
The user can simply download a copy of their data from the relevant virtual machine. However, if they needed the specific .VMDK or .OVA server templates, we will levy an hourly charge for the required professional service to provide them.
End-of-contract process
At the end of the contract term, pricing will automatically revert to the standard hourly billing rate as per the agreed rate card. The option to renew the contract with the inclusion of the relevant discounts would typically be discussed 3 months prior to the contract end date. Standard charges include compute, storage, windows licensing, SQL licensing, public IP addressing, VM Backup and shared internet access. Additional costs would apply for managed services.

Using the service

Web browser interface
Yes
Using the web interface
Users will be provided with access to the 1Cloud web interface using their login Username and password. The below actions can be undertaken with no limitations on the frequency of these actions to set up the service. Changes can be mad by the user via the portal interface to amend the following:

• Create/amend/destroy/spin-up/spin-down any Virtual Machine
• Assign virtual machines to different VLANs
• Create "Internal VLANs"
• Console access to individual VMs
• Add an alarm to a VM to email a nominated address upon it being unreachable
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Users will be provided with access to the 1Cloud web interface, which uses videos, images and documentation to ensure accessibility, by using their login Username and password, and users will be able to do the following:
• Create/amend/destroy/spin-up/spin-down any Virtual Machine
• Assign virtual machines to different VLANs
• Create "Internal VLANs"
• Console access to individual VMs
• Add an alarm to a VM to email a nominated address upon it being unreachable
Web interface accessibility testing
No interface testing has been completed currently, this will be a future roadmap consideration.
API
Yes
What users can and can't do using the API
Requirements would typically be discussed with our cloud architecture team who will provide guidance on the correct APIs to use to deliver the desired outcome, meaning we should eliminate/mitigate any limitations identified.

Users will be able to set up the service and make changes through the following API functionality (not an exhaustive list):

Create a VM with the API
Get a VM and deploy it
Get a group of VMs with the API
create a tenant via API
add a public IP to a VM via API
Upload and replace template disks via API
add a NAT rule to a VM via API
Retrieve users of all enterprises via API
Reconfigure virtual machine volumes via API
Reconfigure a virtual machine to add a hard disk via the API
Reconfigure a virtual machine to add a NIC via API
Reconfigure a virtual machine to remove a hard disk via the API
Manage virtual machine metadata via API
Add a hard disk to a VM via API
Add a VM template in a data centre via API
Create virtual datacentres via API
Enable VM monitoring and metrics via API
Update enterprise properties via API
API automation tools
Chef
API documentation
Yes
API documentation formats
HTML
Command line interface
No

Scaling

Scaling available
Yes
Scaling type
Manual
Independence of resources
Through the implementation of LogicMonitor, alongside natively built systems, TTB closely monitors the consumption of physical resource that underpins the 1Cloud platform to ensure that no more than 60% is consumed. This means users will not be affected by the demands other users are placing on the service. Customers are also able to monitor their own resource consumption and add more resources if required. There is also the ability to reserve compute resource should the customer wish.
Usage notifications
Yes
Usage reporting
  • API
  • Email
  • Other
Other usage reporting
All notifications and alerting will automatically be provided from the platform orchestration layer via email. Notification profiles will be set by the user.

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Number of active instances
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
PlatformX Communications Limited (PXC)

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Full virtual machine backups can be taken
  • Virtual machine snapshots can be taken at any point
Backup controls
The customer will be able to choose from fixed backup schedules and their VM will be added to it. TTB provides a full VM backup, so individual applications should provide a mechanism to commit any live data to disk prior to the backup job running. Servers electing for backup will undergo a snapshot and the snapshot compressed and backed-up at the relevant datacentre. A maximum of 7 restore points are held. The status of a backup job can be reviewed at the VM level and successful backups restored.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
All devices in the core, edge, and newer Customer Premises Equipment are centrally controlled by a Software-Defined Networking (SDN) platform. Access to these devices is restricted through a local security profile.

TTB maintains its equipment at a current software version. New software versions undergo rigorous testing. Physical access to equipment is protected by housing it in a controlled environment.

Fortinet firewalls safeguard the server perimeter. Regular vulnerability scans using Nessus probes help identify and address potential security weaknesses. TTB maintains accurate RIPE and PeeringDB records as per best practices.

Availability and resilience

Guaranteed availability
The service availability target of 1Cloud relates to 1Cloud hosting an active Virtual Machine, which is operational and reachable by an administrator over the management network, as measured and determined by TTB. The service level is 99.95% monthly service availability.
1st trigger for SLA claim is at <99.95% monthly service availability @ of 10% service charge.
2nd trigger is at <98.0% monthly service availability @ 30% monthly service charge.
3rd trigger is at <95% monthly service availability @ 50% monthly service charge.
Where the service availability target isn’t met, a claim can be made via our support team.
Approach to resilience
TTB runs two cloud nodes in geo-diverse, tier 3 datacentre locations, for resilience.

Depending on the customer’s solution demands, our infrastructure can be utilised to deliver as much resilience as required based on the needs of the end user.

Full details are available on request.
Outage reporting
TTB has an Integrated Operation Centre (IOC) that will send the Incident Communication as per the Major Incident Communications Content & Distribution Lists document via email alerts.

TTB will prioritise the incident according to the criteria and record the appropriate value for each of the following categories:
· Service
· Incident Type
· Work Type
· Reported Source
· Product Categorisation Tier

Our Internal and/or External Communications teams will send an email to all recipients in the Major Incident Communications Content & Distribution Lists document, describing:
· Impact
· Symptoms
· Manual workaround (if available)
· Instructions or additional information for customers and/or agents (if available)
· Provide a progress update

Email alerts will be provided in the event of a major service outage (MSO).

Identity and authentication

User authentication
Username or password
Access restrictions in management interfaces and support channels
Not applicable as customer data within the Cloud Exchange VLANs is not visible to us. This is a network service.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password
Devices users manage the service through
Dedicated device on a segregated network (providers own provision)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
23/01/2021
What the ISO/IEC 27001 doesn’t cover
Gfast and FTTP
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
SecureTrust
PCI DSS accreditation date
21/08/21
What the PCI DSS doesn’t cover
The service doesn’t require card payment facilities/capabilities so is not applicable to PCI DSS.
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
ISO 22301

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
ISO 22301, Cyber Essentials, NIST Cybersecurity Framework
Information security policies and processes
TTB has a Master Security Policy in place and operates an Information Security Management System via its Security Operations Centre (SOC) for the reporting of all potential security breaches. The system is based on industry good practice (NIST CSF, PCI DSS) and is externally certified to ISO 27001. This covers a range of policies and procedures to ensure the confidentiality, integrity and availability of information, e.g., Master Security Policy, the Privacy Policy and the GDPR Policy.

The reporting of any security incidents is done directly to the Security team security@talktalkplc.com via the phishing report message button in the email toolbar. All incidents logged will go into the Security Team to process and escalate into the Head of Security, if required. All colleagues attend mandatory annual security training to ensure they meet audit standards around data handling requirements and encourage them to share the responsibility for protecting data at all times.

Mandatory training is provided via the E-Learning portal for new employees upon induction and for all current employees to do annual refresher training. This ensures accreditation standards are adhered to. If someone hasn’t completed a course, it will be escalated to management to ensure completion.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Change management is assessed, logged, and tracked through our Service Management tool, from the point at which we raise the initial change request until that change is closed off.

Quality comes as standard throughout the change process, with everyone involved in this process having the requisite training. Managers of teams carrying out changes will be accountable for the quality of the work undertaken by their teams. There is zero tolerance for unauthorised changes.

Security impact will be assessed through a risk assessment and structured model to ensure all risks are captured and clearly identified.
Vulnerability management type
Undisclosed
Vulnerability management approach
New releases of vendor software are reviewed/tested on a simulation platform for at least fourteen days, with schedule of critical feature tests to assess threats.
When certified for use, the new version is rolled-out with limited issue and gradual application. All devices will be patched within 90 calendar days (maximum), unless the following situations arise during testing:
• Failure of the software to complete testing
• Failure, poor performance or unexpected behaviour of the limited roll-out.

If these situations arose, we would perform a technical review.

We get security vulnerability feeds from various sources, including vendors associated with our infrastructure.
Protective monitoring type
Undisclosed
Protective monitoring approach
TTB operates a security incident management program for the alerting of potential compromises and deploys endpoint protection technology. All potential compromises will be logged on the action plan tracker and updated with notes/associated actions to mitigate risk.

Users can report Priority level 1/level 2 incidents by telephone, and a response will be given within 1 hour. Incidents can be reported by email/web portal.

Incident reports are provided upon request. For network incidents, these reports are distributed to impacted customers via email. Reason for Outage reports for priority 1 faults are provided by email within 10 working days from root cause.
Incident management type
Undisclosed
Incident management approach
We have a pre-defined process for common events and fault related reporting through our 24/7 Technical Support Centre (TSC).

Users can report Priority level 1 and level 2 incidents by telephone (08454566541/08453103444) and by email/web portal.

Incidents, when resolved, will be notified to the customer as part of the logged ticket fault. Reports will be provided upon request for network incidents, and these reports distributed to impacted customers via email.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
VMware
How shared infrastructure is kept separate
Customer separation is delivered via the vCentre.

1Cloud consists of an Orchestration layer sitting on top of VMWare vCentre. The Orchestration layer is there to simplify the operation of the vCentre services and to capture data to allow for things like billing and reporting. It also leads towards consideration of the underlying vCentre security as the main method for data partitioning / separation.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
We have an ISO50001 and ESOS compliant data centre; and have reduced our emissions in our data centres by 94% over a 5-year period and reduced our energy consumption by 28% over the same timeframe - FY18 to FY23. We have air to cool rooms installed to reduce reliance on refrigerant-based cooling systems and have nearly completed our switch over of generators from diesel to HVO.

We follow and implement (where possible) all initiatives recommended in the EUCoC, including (but not limited to) the following:
• Air flow management
• Hot/cold aisle configuration
• Regularly reviewing cooling settings (increased temperature/disabling humidity control etc.)
• Selecting high efficiency plant and equipment
• Comprehensive energy monitoring
• Decommissioning of redundant platforms and consolidation of systems
• Accreditation to ISO 50001

Audits are held annually to ensure compliance and adherence to the EUCoC.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

The TalkTalk Business’s Executive Committee meets regularly to review identified and emerging risks, which inform our strategic planning process. This is reviewed by the Board, which has identified and is monitoring emerging risks around the long-term implications of climate change and will be featured in upcoming climate-related financial disclosures.
In November 2020 TalkTalk Business committed to a Science Based Target (by signing the Business Ambition for 1.5 Degrees) for its carbon emission reductions, to achieve net zero by 2050. Since then, our near-term targets have been validated.
Key actions include:
• Switching to a renewable electricity tariff, which we have completed, and switching to green gas by 2026
• Changing from diesel to biofuel for back-up generators, to be completed in 2024.
• Company car policy requiring all fleet vehicles to be petrol, hybrid or electric. Transition has commenced, with initial EV orders placed for the fleet
• Third party environmental policy with requirements to measure and report carbon footprint and specific product carbon footprint – as of 2023, over 80% of our suppliers have committed to, or set, science-based targets.
TalkTalk Business has reduced scope 1 and 2 emissions by 94% over 5 years (FY18-23) and reduced energy in its operations by 23% in the same time period.
TalkTalk group has science based targets to reduce scope 3 emissions by 42% between FY20 and FY30.

Covid-19 recovery

The COVID-19 period challenged TalkTalk Business, and during lockdowns, mitigations included:
• Measures to ensure the health and safety of our workforce and customers whilst we continued our provision of critical services.
• Focusing on employee wellbeing by introducing training for People Managers, implementing new guidance around wellbeing support and regularly surveying colleagues on their wellbeing to inform our policies.
• Prioritising service of customers with vulnerable end-users and enhancing our digital service support for all customers
• Working with key partners to expedite home-working solutions for customers to ensure they could continue to operate effectively.

We adapted our corporate responsibility work to tackle acute needs and support the most vulnerable in society. We made donations to local efforts to counter exclusion and vulnerability due to the pandemic, including:
• Salford Food Share Network to provide emergency food support
• Donating laptops to Salford College to support home-learning.
• Working with local charity the Hamilton Davis Trust to support the production of Personal Protection Equipment for local health workers, providing financial support and office space to their operations for several weeks.

Post COVID-19, we turned our attention to how we could help our customers and communities to recover:
• We worked with Salford Community & Voluntary Service and NHS Salford to fund a Youth Wellbeing Fund, which offered funding to projects aimed at boosting wellbeing
• We offered free broadband to jobseekers via the DWP

To continue supporting post-pandemic recovery, we are helping organisations focused on reducing isolation and loneliness. For example, we provide connectivity to The Branch free of charge, which supports their Computer Corner, through which they support service users to develop online skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively.

Tackling economic inequality

As well as paying our colleagues the real living wage, our commitment to good employment, previously as part of the wider TalkTalk Group, has been recognised by the Greater Manchester Combined Authority, as we were accredited as a Member of its Good Employment Charter. To achieve membership status, we took part in a thorough assessment, which was reviewed and approved by a technical review panel and Charter Board. We offer employees training with clear development paths that address skills gaps and result in recognised qualifications to support further career ambitions.

We are proud to be a Salford business committed to building strong connections within our city. We’ve been involved in initiatives to promote social wellbeing and economic growth in the region, including:
• Working with the Department for Work and Pensions (DWP), supporting local employment initiatives and hosting virtual jobs fairs for vulnerable demographics.
• Participating in the Kickstart scheme to offer paid placements to young people, with 3 of the young people securing permanent roles within TalkTalk Business.
• Our Employee Networks partner with local organisations like the Proud Trust, Salford Pride and the University of Salford, and we promote local volunteering opportunities to our colleagues, including trustee positions in local charities.

We will develop working practices and partnerships with activities to support relevant sector-related skills growth in the contract workforce during the Framework.

For example, we currently provide connectivity to The Branch, free of charge, which supports their Computer Corner, through which they help service users apply for jobs and learn computer skills. We also provide a dedicated leased line to The Samaritans Manchester branch at no cost, allowing them to manage inbound calls more effectively, and providing a lifeline to people struggling to cope with socio-economic and personal challenges.

Equal opportunity

TalkTalk Business celebrates diversity and is an inclusive place to work, treating everyone fairly with diverse representation at all levels and areas. There are no barriers to progression and appointments are based on merit.

Our programmes to promote equal opportunity include:
• Women in leadership roles - we have strong female representation right at the top; and have set aspirational targets when recruiting women, with a particular emphasis on middle and senior leadership. As a result, our proportion of women in these roles has grown over the last 12 months. We seek formal development paths for our female talent and participated in a ‘Women in Leadership’ apprenticeship programme that was created in partnership with the apprenticeship provider, Raise the Bar. This saw a 70% increase in promotions for participants.
• We provide support for Ambitious about Autism, the national charity standing with autistic children, young people and their families. As part of the pioneering internship programme, Employ Autism, we have recruited interns to teams across the business, in roles from regulation to procurement and commercial.
• We publish our Gender Pay Gap report annually. Our mean pay gap of 10.4% has reduced from 12.9% in 2019. This reduction has been due in part from promoting female talent.
• As part of TTG, our employee networks were very successful. Our BAME employee network, Empower, mentors young black students at the University of Salford, responding to higher than average drop-out rates. This has had a positive impact in its first year. At TTB, we are looking to continue this success by establishing our own employee network groups.

As part of TalkTalk Group we’ve previously achieved the ‘Inclusive Top 50 UK Employers List’ for best practice across all strands of diversity.

Wellbeing

Initiatives to support the mental and physical wellbeing of our workforce (which we will continue during the framework) include:
• Our Give Something Back policy offers three paid volunteering days per year and encourages local volunteering to promote community connection. We are currently organising a ‘donate your time and talent’ programme to support local care homes during Dementia Awareness week in May 2024.
• Our Wellbeing Community employee network shares resources and hosts events on physical and mental health and wellbeing, e.g. discussions on male mental health. Network members are champions across the business, creating blogs, interviews and podcasts about wellbeing.
• We recognise mental, physical, financial and social risks for various roles and offer employee support resources
• Employee Assistance Programme with free 24/7 access to advisors or website resources in app form, which has been very positively received.
• A Financial Wellbeing Portal helps colleagues to manage and monitor their financial health.
• Employer contributed Private Medical Insurance offered to all colleagues, along with Digital GP service and regular wellbeing Webinars from provider Aviva.
• Hardship loans to support colleagues with short term no interest loans in times of financial crisis. Our employee forum, OneVoice, includes quarterly Health, Safety and Wellbeing meetings to ensure colleague confidence in our processes.

Pricing

Price
£13.20 a virtual machine a month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.stokes@talktalk.business. Tell them what format you need. It will help if you say what assistive technology you use.