Managed Azure Services - Interhost Cloud Hosting

Service scope

Service constraints: Our service is constraint free. Interhost will manage your IT systems for you. We do so by building proven environment models in Microsoft's Public Cloud (Azure).
System requirements: OS must be Windows 10 or more

Internet access required

User support

Email or online ticketing support: Email or online ticketing
Support response times: We structure our response times according to your business. This ensures you are given SLA response times that meet your expectations and therefore work for you.
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: Web chat
Web chat support availability: 24 hours, 7 days a week
Web chat support accessibility standard: None or don’t know
How the web chat support is accessible: Our webchat is simple but effective. This ensures it is accessible to the broadest range of users with the broadest range of capabilities.
Web chat accessibility testing: N/A
Onsite support: Onsite support
Support levels: The cost of the support depends on the number of users and the level required (e.g. 24x7). There are 5 Service Levels ranging from Priority 1 – Loss of Business Critical Application (30 min response, 4 hour recovery) to Priority 5 – a service request relating to a question or aesthetic issue with no impact to service delivery (12 hour response, 144 hour recovery). Dedicated account management and support engineers can be provided where necessary.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Interhost provide a full onboarding service. The systems are intuitive and do not require training. There is a trial /demo system that can be used to assess the product and evaluate performance. Any queries regarding system use can be answered via the ticketing support system.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: The data can be extracted at any time via a number of methods. Interhost can assist with the extraction. There may be offboarding fees associated to such work.
End-of-contract process: The contract provides a Cloud platform and associated software. Companies can provide 3rd party software to run on that Cloud environment. This gives you control of the software, therefore simultaneously giving you flexibility and our added support.

The systems are maintained and support is provided to users. At the end of the contract the company will renegotiate to continue obtaining the service or stop using the service and any data belonging to the client can be extracted or deleted. Regardless of choice, we will support you in transferring your services, doing everything possible to minimise business disruption and maximise security.

Using the service

Web browser interface: Yes
Using the web interface: Users can manage all aspects of the Azure service using the Azure management portal.
Web interface accessibility standard: None or don’t know
How the web interface is accessible: Accessibility of the Azure management portal is maintained by Microsoft.
Web interface accessibility testing: Microsoft have undergone extensive testing to ensure Azure is accessible to assistive technology users.
API: No
Command line interface: Yes
Command line interface compatibility: Linux or Unix

Windows

MacOS

Other
Using the command line interface: Azure is optimised for managing and administering Azure resources from the command line, and for building automation scripts that work against the Azure Resource Manager

Scaling

Scaling available: Yes
Scaling type: Automatic
Independence of resources: Each tenancy is entirely independent and all compute resource is guaranteed. Performance levels are monitored and reports can be made available to verify.
Usage notifications: No

Analytics

Infrastructure or application metrics: Yes
Metrics types: CPU

Disk

HTTP request and response status

Memory

Network

Number of active instances
Reporting types: API access

Real-time dashboards

Resellers

Supplier type: Reseller providing extra features and support
Organisation whose services are being resold: Microsoft Azure

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with another standard
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery: Yes
What’s backed up: Everything can be backed up depending on your requirements
Backup controls: You have control over your backups, being able to schedule their frequency through the web interface.
Datacentre setup: Multiple datacentres with disaster recovery
Scheduling backups: Users schedule backups through a web interface
Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
Data protection within supplier network: IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: Interhost/Microsoft guarantee 99.95% uptime.

To find out more information, please follow this link: https://azure.microsoft.com/en-gb/support/legal/sla/summary/
Approach to resilience: The Azure Cloud platform supports and advances capabilities that respond to outages in real time to ensure continuous service and data protection assurance for mission-critical applications that require near-zero downtime and high customer confidence. The Microsoft Azure services are delivered globally and are capable of multinational georedundancy.
Outage reporting: There is a public dashboard to report service status. Where appropriate a reason for outage (RFO) will be provided by the engineering team.

Identity and authentication

User authentication: 2-factor authentication

Username or password
Access restrictions in management interfaces and support channels: Azure-AD can designate separate administrators to serve different functions. These administrators will have access to features in the Azure portal and, depending on their role, will be able to create or edit users, assign administrative roles to others, reset user passwords, manage user-licenses, and manage domains, among other things. A user who is assigned an admin role will have the same permissions across all of the cloud services that your organization has subscribed to, regardless of whether you assign the role in the Office365 portal, or in the Azure classic-portal, or by using the Azure-AD module for Windows PowerShell
Access restriction testing frequency: At least once a year
Management access authentication: 2-factor authentication

Username or password
Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: British Assessment Bureau
ISO/IEC 27001 accreditation date: 3rd June 2013
What the ISO/IEC 27001 doesn’t cover: Everything within our business is covered by our ISO:27001 certification.
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: The security policies are designed and maintained as part of the ISO 27001 process which is reviewed and improved on a regular basis by Interhost and third party consultants.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Any change management should be carried out to the appropriate ISO standard using third party tools.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Regular patching is carried out as standard along with auto-update procedures.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Any compromise incident would be treated as urgent and dealt with within a short timeframe.
Incident management type: Supplier-defined controls
Incident management approach: Any incident management is managed according to the process set out in the regularly compiled and updated ISO27001 documentation.

Secure development

Approach to secure software development best practice: Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
Who implements virtualisation: Supplier
Virtualisation technologies used: Other
Other virtualisation technology used: Microsoft is responsible for the virtualization technology.
How shared infrastructure is kept separate: Microsoft provides virtualisation technology as part of the Azure platform. Segmentation of resource and separation between users is managed in this way and vai separate tenancies in the Cloud Solution provider's management portal provided by Microsoft.

Energy efficiency

Energy-efficient datacentres: Yes
Description of energy efficient datacentres: Microsoft regularly audits their datacentres for compliance with "EU Code of Conduct for Energy Efficient datacentres". Recommendations are reported to the decision makes who roll out updates and improvements.

Fighting climate change: Fighting climate change

We have four primary means of fighting climate changes within our organisations:

1) We are primarily paperless, however will aim to be completely paperless by 2024.

2) We will continue to advocate working from home where possible to minimise our emissions through commuting and joint office use.

3) We will continue to use data centres that are offsetting their carbon usage through sustainable means.

4) We will review and identify the uptake of sustainable resources and consumables within our workspaces, including recyclable coffee pods and pens made from 100% recycled material.
Covid-19 recovery: Covid-19 recovery

We will partner with other local, SME businesses to improve our community's COVID-19 recovery. We will also continue to provide our staff with free COVID tests and offer working from home options to minimise the spread and keep our community healthy.
Tackling economic inequality: Tackling economic inequality

We will provide internal training and support requests for external training to upskill our workforce and improve their employability. We will extend our training and seminars to schools and other groups to help address the technology skill gap and improve technology literacy.
Equal opportunity: Equal opportunity

We will continue to make our company appealing to those with hidden and visible disabilities by making reasonable adjustments and removing barriers from our recruitment process.

We will offer training and education to those with disabilities to improve performance in the job market. This will be supplemented through our workforce training and awareness sessions to help remove prejudices and barriers to employment.
Wellbeing: Wellbeing

Implementing the six standards within the Mental Health at Work Commitment (link can be found here https://www.mentalhealthatwork.org.uk/commitment/#make_the_commitment) | we will enhance integration into the community by offering work experience opportunities.

Pricing

Price: £65 to £120 a user a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: https://azure.microsoft.com/en-gb/free/
Link to free trial: https://azure.microsoft.com/en-gb/free/

Managed Azure Services - Interhost Cloud Hosting

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Pricing

Service documents

Cookies on Digital Marketplace

Managed Azure Services - Interhost Cloud Hosting

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Social Value

Pricing

Service documents