BECHTLE LIMITED

Bechtle Cloud Infrastructure as a Service and Hosting

Bechtle offer Cloud Infrastructure as a Service with a choice of platforms including Bechtle UK Hosting’s VMware vCloud based cloud platform. This Service Definition provides details of the said Bechtle UK Hosting’s vDC (IaaS) service.

Features

• Vmware based cloud
• Full administrative access
• Flexible SAN and Compute
• SPLA Licensing

Benefits

• Easily restore In the event of a data disaster.
• High availability – VMware Private Cloud environment
• Full administrative access dedicated vCloud Director login
• Scalable and Flexible Storage and Compute customisable to your requirements
• UK Based Datacentre

£57.00 a virtual machine a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.uk@bechtle.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

357372849263128

Contact

Public Sector
01249 467900
publicsector.uk@bechtle.com

Service scope

• Service constraints: No
• System requirements:
  • Windows Server 2003 SP1/2003 R2 and later
  • Windows Server 2008, 2008 R2, 2012/2012 R2, 2016, 2019, 2022
  • Windows 11, 10, 8/8.1, 7 – all editions
  • Linux with kernel from 2.6.9 to 5.14 and glibc 2.3.4
  • MacOS Sierra 10.12 and later

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 8 Hours standard - premium support options available with higher response times on a chargeable basis
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Multiple levels of support are available via a separate Managed Service Agreement
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers are supplied with user guides, online video tutorials for self-service; ; Remote and onsite training (case by case basis); Assisted installation (case by case basis)
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be downloaded at end of the service
• End-of-contract process: Downloading data is included in the cost; Physical shipping (upload to hardware) is optional

Using the service

• Web browser interface: Yes
• Using the web interface: The entire suite of products can be managed via the Web Interface as a single pane of glass.
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: The vCloud API is an interface for providing and consuming virtual resources in the cloud. It enables deploying and ; managing virtualized workloads in private, public and hybrid clouds as well as interoperability between clouds. ; The vCloud API is an open RESTful, pure virtual API that supports multi-tenancy. It uses the industry standard Open ; Virtualization Format (OVF) as a unit of distribution and storage supports, compatibility and deployment across a ; wide variety of applications. The vCloud API enables the upload, download, instantiation, deployment and ; operation of vApps.; The API does not expose any aspect of the physical infrastructure (servers, storage, networks) or how the physical ; infrastructure is virtualized. In a cloud service only virtual forms of the infrastructure can be exposed through the ; API. The pure virtual nature of the API helps make it simple to use and implement. ; The vCloud API may be made available dependent on product selection. Access to the API will be provided ; following discussion and agreement of use in line with client requirements.
• API automation tools: Other
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Tenants are logically separated. Capacity management and monitoring.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Bechtle UK Hosting

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Windows Virtual Server
  • Microsoft SQL Server
  • VMware vSphere
• Backup controls: A 7 Day rolling Veeam Backup is included with each Bechtle UK Hosting virtual server and virtual data centre.; Further Backup and Disaster recovery options can be provided as optional components of the overall service.; Most backup and DR requirements differ greatly from organisation to organisation.; In all cases Bechtle UK Hosting advise customers to discuss their DR requirements in detail with us prior to making ; any decisions or judgements on the cost and viability of this option.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Target value is 99.9% uptime for the service.
• Approach to resilience: Available Upon request
• Outage reporting: Email Alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Other user authentication: Username, Password and 2 Factor Authentication
• Access restrictions in management interfaces and support channels: Multi-Factor Authentification; Login Control (IP Address lockdown for Console); Encryption password (for accessing data)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Role-based Access
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institution (BSI)
• ISO/IEC 27001 accreditation date: 07/03/2014
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All activities are governed by our ISO27001 Information Security Management System, further details of which are available upon request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: In order to reduce risk of unplanned downtime, Bechtle UK Hosting will apply strict change management procedures and configuration management control in applying system or application changes. A regular maintenance schedule will be applied for timely application of systems and application updates. Change control will consider impact of change and rollback procedures if release is unsuccessful. Where downtime cannot be avoided, they will be scheduled to impose least impact of service disruption (typically out of office hours).; All activities are governed by our ISO27001 Information Security Management System, further details of which are available upon request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Patch management is key to the continued availability and security of the Cloud platform that is described in this service description. Bechtle UK Hosting take patch management very seriously and apply all necessary patches to the platform at regular intervals in line with manufacture recommendations. Patches will be applied under the Planned Maintenance as described previously.; All activities are governed by our ISO27001 Information Security Management System,further details of which are available upon request
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Ongoing Monitoring and regular Pen testing. All activities are governed by our ISO27001 Information Security Management System, details of which are available upon request
• Incident management type: Supplier-defined controls
• Incident management approach: All activities are governed by our ISO27001 Information Security Management System, details of which are available upon request

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: KVM hypervisor
• How shared infrastructure is kept separate: Data is encrypted at rest

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: When selecting our data center providers and data ; center locations, we thoroughly assess providers taking ; into account the capabilities of the facility, the current ; evaluation of the threats (constructional, technical, ; environmental, etc.), and the relative attractiveness and ; business requirements for the specific region.; With regard to the environment, we review their ; commitment to sustainability, assess their power usage ; effectiveness (PUE) performance, and ask for their ISO ; 50001 or ISO 14001 certification or membership in the ; iMasons Climate Accord. We treat their environmental ; performance as an important deciding factor. While we ; are not always able to influence a data center’s choice ; of power source or greenhouse gas emissions, we ; are making a statement by selecting providers that are ; serious about protecting the environment.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Bechtle are actively taking steps to ensure that we operate our business with as little environmental impact as possible. As a group, we are Ecovadis Gold and ISO14001 certified, and are committed to becoming carbon net zero by 2030. We launched the Bechtle Sustainability Strategy 2030 to serve as a roadmap for how we will get there, identifying 4 areas of action as part of this strategy: • Ethical business practices • Environmental Approach • People • Sustainable digital future Bechtle have established a database for recording Scope 1 and 2 (direct and indirect CO2 emissions) and Scope 3 (that of the Bechtle Group, such as purchased goods and services, transportation and distribution, business travel, and employee commuting) emissions. We are collecting data through group-wide sustainability software, WeSustain, and have used the data to produce a Carbon Reduction Plan (CRP) that is published on our website (Carbon-Reduction-Plan-BechtleUK-2022.pdf) and updated annually. Supply chain management We work closely with our vendor partners to broaden our portfolio of sustainable technologies, solutions, and services, and could help to minimise the future environmental impact. Recycling/Asset disposal Bechtle actively encourage our customers to make sustainable use of their resources, through secure asset disposal, refurbishment, and recycling of devices. Bechtle have recently helped facilitate a self-funding recycling program for a large local authority, who wanted to prevent their old laptops from going to landfill. Green Logistics Bechtle design our logistics processes around an ecological efficiency criteria, both in terms of transport and packaging. Internal Sustainability team We have a dedicated sustainability team, who’s aim is to improve and promote sustainability within three areas: social, personal, and business. The team have defined and actioned sustainable methods, changes in practice and greener alternatives across the whole of Bechtle UK and help to drive our sustainable

  Covid-19 recovery

  Many organisations have had to change their operating models and ways of working following the COVID-19 pandemic. IT also became clear to a number of our customers that their infrastructure that supported old ways of working, no longer supported new hybrid or remote working models. Through a thorough infrastructure review we can not only advise our customer on what best suits their current operating models but we can also help them to be future-ready. We can help them improve productivity, utilisation and adoption, getting maximum productivity out of their investment, whilst saving costs and limiting environmental impact through cloud/ hybrid adoption.

  Tackling economic inequality

  Bechtle’s equal opportunities policy applies across the whole company and includes recruitment, selection, training, career development and promotion. No employee or applicant will be treated less favourably on the grounds of colour, race, religion, nationality, ethnic or national origin, gender (including gender reassignment), sex, sexual orientation, age, marital status, disability, or be disadvantaged by conditions or requirements that cannot be shown to be relevant to the job in hand. Specifically the Company is committed to: 1. Preventing any form of direct or indirect discrimination or victimisation. 2. Promoting equal opportunities for men and women. 3. Promoting equal opportunities for people with disabilities. 4. Promoting equal opportunities for ethnic minorities. 5. Promoting a good harmonious working environment where all employees are treated with respect and dignity and in which no form of intimidation or harassment will be tolerated. 6. Fulfilling all legal obligations under relevant legislation and associated codes of practice. 7. Taking all necessary permitted positive action including setting of goals and timetables. Breaches of the Equal Opportunities Policy will be regarded as misconduct and could lead to dismissal in certain cases. Equality and Diversity policy is available upon request

  Equal opportunity

  Bechtle’s equal opportunities policy applies across the whole company and includes recruitment, selection, training, career development and promotion. No employee or applicant will be treated less favourably on the grounds of colour, race, religion, nationality, ethnic or national origin, gender (including gender reassignment), sex, sexual orientation, age, marital status, disability, or be disadvantaged by conditions or requirements that cannot be shown to be relevant to the job in hand. Specifically the Company is committed to: 1. Preventing any form of direct or indirect discrimination or victimisation. 2. Promoting equal opportunities for men and women. 3. Promoting equal opportunities for people with disabilities. 4. Promoting equal opportunities for ethnic minorities. 5. Promoting a good harmonious working environment where all employees are treated with respect and dignity and in which no form of intimidation or harassment will be tolerated. 6. Fulfilling all legal obligations under relevant legislation and associated codes of practice. 7. Taking all necessary permitted positive action including setting of goals and timetables. Breaches of the Equal Opportunities Policy will be regarded as misconduct and could lead to dismissal in certain cases. Equality and Diversity policy is available upon request

  Wellbeing

  Bechtle believe Health & Safety and wellbeing of employees contributes to a good working environment which is key to a business. Throughout the year Bechtle hold different events, this gives everyone a chance to meet one another from different office branches which lends itself to a healthy work environment, some of these events are “Summer Festival (BBQ, Music, Dancing), Christmas Party, New Year kick off, Games events” to name a few. Each branch also have a relaxing area where employees can congregate and take time out in a chilled environment. Bechtle have also introduced initiatives to promote social and economic wellbeing, such as: • Competitive salary, which is well above the National Minimum Wage • Cycle to work scheme • Hybrid working model, where employees can work from home 2 days a week to reduce commuting time • My Bechtle Benefits discount portal, offering employees discounts via numerous retailers • Employee Assistance Programme, providing employees with mental health and wellbeing support • WPA Health Cash Plan • Enhanced pension contribution • Reduced health and gym memberships • Paid for professional training • Piloting an electric vehicle salary sacrifice scheme, which is being rolled out to the wider company.

Pricing

• Price: £57.00 a virtual machine a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector.uk@bechtle.com. Tell them what format you need. It will help if you say what assistive technology you use.