Synextra Ltd

Enterprise Cloud - IAAS

We provide a secure, reliable cloud hosting platform. Our platform is a UK-based solution whereby you pay for exactly what you need, giving you scalability and flexibility to adapt to the evolving needs of your business.

Features

• Customisable Machine Sizes
• Secure backup's included as standard
• Remote access
• 24/7 monitoring
• Citrix Hosted Desktop

Benefits

• Access your data from any location
• Protect your data from security threats
• Pay for exact capacity you need
• Maintain control as if its your own infrastructure

£79.50 a virtual machine

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@synextra.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

428460650075212

Contact

Abbey McAllister
01618831383
sales@synextra.co.uk

Service scope

• Service constraints: Planned maintenance windows take place for all patching or service improvements. These windows will take place out of core hours.
• System requirements: Chrome / Edge for accessing management interface.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P0 - 30 minutes ; P1 - 60 minutes; P2 - 90 minutes ; P3 - 4 Hours ; Service requests - 1 Day ; ; Out of hours, tickets are not picked up however, critical issues will be actioned, the user would need to raise a ticket. Then call the helpdesk to escalate to an on call enigneer. Critical issues are covered 24/7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All cloud offerings come with inclusive infrastructure support. If managed support is taken for the OS/solution level this is provided on a single-tier support service. All customers receive 24/7 support with monitoring. ; ; 8am-6pm Monday to Friday are our standard helpdesk hours. Outside of these hours we always have on-call engineers to hand to assist with critical issues. ; ; Our monitoring system is set up to contact our on-call engineers should something alert at any point. Our engineers will proactively contact the customer and begin triaging the issue as soon as the alert comes in.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: For all new customer solutions, they will go through our provisioning procedure for hosting services. ; ; Customers will be assigned an engineer during our project meetings, internally we will review the order, and confirm with the sales representative what has been purchased. ; ; Next, they will be included in a pre-sales call, where we clarify the solution with the customer and confirm technical requirements. ; ; Following this, a statement of works will be provided to the customer to review and sign to agree the method and peramiters of the order. ; ; For larger projects, the customer will then be given access to a project management board for full visibility of progress on the order. ; ; For most services, if training is required, this will be scoped during the proposal phase to determine how this would look. ; ; During the build, we will require the customer to perform testing.
• Service documentation: Yes
• Documentation formats: Other
• Other documentation formats: Online Project Management Tool
• End-of-contract data extraction: Data will be provided over an encrypted medium on a time and materials basis.
• End-of-contract process: We have a 60-day notice period for customer terminations. At the end of the contact, a Change Request will be raised and require approval from the customer to cancel/turn off serivces. ; ; If the customer requires Synextra time to onboard to a new vendor, this is chargeable. The data extraction would be chargeable. The customers account must be up to date for this work to begin.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Capacity planning is carried out before any new tenants are provisioned on our platform. Our shared platform is oversubscribed unless dedicated resources are ordered. ; ; Our hybrid / private solutions provide dedicated compute capacity.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Volume level encryption (solution dependant) is available.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Databases
  • Device Configuration
• Backup controls: As standard we back up nightly with 14 days of retention however, customers can request bespoke backup configuration, and additional requirements may be chargeable.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: MPLS segmentation.

Availability and resilience

• Guaranteed availability: 99.999% availability per availability zone guaranteed. ; ; Service credits must be requested via the customers account manager.
• Approach to resilience: Synextra occupies 4 data centres with compute resources available in 2 locations that are over 50 miles apart. Resiliency can be facilitated with either replication or geo-resilient load balancing. ; ; All locations are connected by multiple carrier and path diverse 10GB connections.
• Outage reporting: We utilise a monitoring software to alert for outages and problems within certain parameters. ; ; P0 outages will have an RFO produced to report on the issue, the resolution, and the future mitigation method. ; ; If an outage occurs an email alert will be issued through our management system.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All management networks are within an isolated environment. Access to this environment is protected by 2FA. All 3rd party access is monitored with accounts disabled when not in use.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 19 May 2019
• What the ISO/IEC 27001 doesn’t cover: Customer Solutions. Only Synextra is covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow all standards of ISO27001 to ensure our security practices up to date. We follow routine reporting and audits to ensure that policies are being followed and we are following a strict protocol for security standards. ; ; Examples: Change Request procedure, Daily checks procedure, regular uptime reports and monthly patching.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We follow ISO 27001 Standards. ; ; Our Change requests are monitored via our helpdesk solution. Each change request details :; -Planned Dates and Proposed Maintenance window; - Reason for Change ; -Technical Impact ; -Potential impact on security ; -Change Plan ; - Test plan Change ; - Roll Back Plan ; - Test Plan - Roll Back; ; All CR's needs approval from a senior memeber of the Synextra team and from the primary contact at the customers side.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We run weekly vulnerability scans of all hosting infrastructure and subscribe to vendor security bulletins. We run a regular patching schedule on a monthly basis - or as and when critical CVSS score vulnerabilities are identified. Any critical vulnerabilities identified will be prioritised for resolution within 14 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All core infrastructure and systems are logged into a SIEM solution reviewed by our security team. Any alerts generated will be triaged and escalated for review. The most critical alerts will be reviewed within 15 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents are all recorded within our service helpdesk. Users can email ticket@synextra.co.uk to raise a ticket. ; ; Once in the system, an engineer will be assigned to the ticket and a priority rating will be assigned. ; ; The updates/timeframes are managed based on our SLA matrix. ; ; If an incident is urgent, we request users to raise a ticket, obtain a reference number and then call into the main office number. ; ; This is the same process 24x7. ; ; Incident reports are supplied upon request, P0 incidents are provided with an RFO

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Isolated tenants inside VCloud Director with NSX segmentation providing network isolation.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Datacentres follow standards to cover energy efficiency.

Social Value

• Fighting climate change:

  Fighting climate change

  Synextra is committed to utilising carbon-neutral datacentre's. ; ; Our data centres at present either are carbon neutral or ensure carbon offsetting.
• Covid-19 recovery:

  Covid-19 recovery

  Synextra has ensured during the peak of the pandemic and throughout the recovery that we protect our staff members but also ensure that service and availability of services for customers remain at normal standards.
• Tackling economic inequality:

  Tackling economic inequality

  Synextra is committed to developing its apprenticeship training program and is aiming to develop 5 new apprentice roles over the next 5 years. These apprentices will be provided with full training and industry qualifications in the high growth technology sector.
• Equal opportunity:

  Equal opportunity

  Synextra has the policy to ensure that staff members have the same opportunity regardless of sex, ethnicity, age ect.; ; The workforce at synextra are a large mix of backgrounds and we ensure that progression, salary and opportunity is the same for all.
• Wellbeing:

  Wellbeing

  Synextra provides a well-balanced well-being program including flexible working, overtime payments, health cover with Axa and an employee rewarding program.; ; We are keen on regular catch-ups with employees to ensure satisfaction and uncover the employee goals. ; ; Synextra ensures that staff are knowledgeable of the business goal and objectives and conduct a regular all-hands session where they are updated and employee success is praised.

Pricing

• Price: £79.50 a virtual machine
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@synextra.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.