QUADRIS LIMITED

Quadris Cloud Solo (Hosted Virtual Machine)

Create, manage, and run secure single virtual machine instances in the Public Cloud using the Quadris Cloud Solo, with complete freedom to scale your services up and down as required.

Fully integrated easy to use firewall, prebuilt machine templates, perfect for individual applications

Features

• Direct, personal support from our UK-based expert team
• Create, deploy, and manage any number of Virtual Machines
• Scale the platform up and down to meet your demands
• No training required with our intuitive interface
• No charge for transferring data to and from the cloud
• Control all your VMs with a single user interface
• All data is stored in our UK-based data centres
• Optionally move your VMs to our fully managed service
• Fully maintained online knowledge base
• Zero maintenance required

Benefits

• No expensive learning curve to get started
• Save time and effort with human help when needed
• Save space and cost by moving services to the cloud
• Complete pricing transparency with no nasty surprises
• No unexpected charges for moving data around
• Consume resource (and spend) only as you need to
• Start small and scale as your business or requirements grow
• No contracts, with complete flexibility to cancel at any time
• Ensure full GDPR compliance with UK-based storage
• Optionally save resource by moving to fully managed services

£17.25 to £172.50 a virtual machine a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@quadris.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

436207217249468

Contact

Mark Charity
01615374980
gcloud@quadris.co.uk

Service scope

• Service constraints: Although the service is available via mobile and tablet devices, the best user experience is via desktop or laptop computer running a modern browser
• System requirements:
  • Windows Clients: Windows 8.1 / 10 and 11
  • Windows Server: 2012 and above
  • Linux: Any FIPS mode e.g. Ubunto 16.04, Centos/RedHat 7
  • ChromeOS
  • Apple MacOS 10.2 and above
  • Apple MacOS 10.2 and above
  • Apple iOS 11 and above
  • Android 2.1 and above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard Support; Operating hours 8am - 6pm Monday - Friday; 8 hour response SLA ; ; Advanced Support; Operating hours 8am - 6pm 7/365; 4 hour response SLA ; ; Enterprise Support; 24/7/365; 1 hour response SLA
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web chat is available via the Quadris.cloud microsite. Automated answers are provided to the most common quesitons, chat is then forwarded to the most suitable team based on the catagory of the question.
• Web chat accessibility testing: Testing carried our with QA during development cycle / releases.
• Onsite support: No
• Support levels: Support is provided for the platform, as per below. Standard support is included with the service. See pricing sheet for addtional support levels. Quadris Cloud is available as a fully managed service if support for workloads as well as platform is required.; ; Migratation services to our cloud are also available; ; All enterprise support agreements include a technical account and resolution manager; ; Standard Support; Operating hours 8am - 6pm Monday - Friday; 8 hour response SLA ; ; Advanced Support; Operating hours 8am - 6pm 7/365; 4 hour response SLA ; ; Enterprise Support; 24/7/365; 1 hour response SLA
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding training is provided for all new customers of our service. This is a one-hour session provided by a cloud service engineer and is intended to give you an overview of the service and show customers how to access self-help resources and contact support if needed. It gives our customers a good understanding of our cloud definitions and technology. ; ; An online knowledge base is also provided, supported by videos to help our customers complete their own tasks.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be transfered by a variety of methods, Quadris put no restrictions on the internet connectivity of the customer. The most common method is via a VPN connection.
• End-of-contract process: The service ceases with no additional cost or it can be extended on request

Using the service

• Web browser interface: Yes
• Using the web interface: Quadris Cloud Console gives full control to our cloud platform, allows users to easily:; ; * Create new virtual machines from prebuilt templates in seconds; * Create firewall rules; * Assign new public IP addresses; * Access virtual machine console; * Create site to site or remote access VPN; * Create user accounts; * Assign backup policies to machines; * Assign DR policies to machines ; * Power up, down, reset virtual machine; * Create volumes (two tier choices) ; * Add or remove compute resources on demand; * Show resource metrics
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The Web interface is supported by but not limited to the following Web browsers:; ; Microsoft Edge; Mozilla Firefox; Google Chrome; Apple Safari
• Web interface accessibility testing: Testing carried our with QA during development cycle / releases.
• API: Yes
• What users can and can't do using the API: Full API control is provided to the QuadrisCloud. Any action that can be carried out in the portal can be carried out via our API service
• API automation tools:
  • Ansible
  • Chef
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: We do not over provision constrained resources in our cloud, therefore noisy neighbour issues do not occur. ; ; Our infrastructure nodes self-balance their workloads to maintain even resource distribution
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Via online control panel

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Databases
  • Multiple Volume Consistency
  • Offsite backup copies
  • No performance impact
  • Near instant recovery times
• Backup controls: Backups are chosen via a cloud portal, eight preconfigured retention and frequency options are available to end users. Custom retention and frequency can be requested from support
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.99% Availability in any calendar month
• Approach to resilience: Three Copies of all customer data (RF3) are held on our cloud platform per data centre location, two simultaneous failures can be tolerated without data loss. The system is self-healing at the block level meaning rapid reprotection times. Compute resource all offer High Availability as standard, virtual machines will recover in <5m automatically in the event of a compute node loss. Network components are software defined and distributed across the platform, router failure is recovered within 100m/s Disaster recovery, with replication to a separate UK datacentre location is optional and configurable per virtual machine.
• Outage reporting: A public portal reports on service availability in real-time. The portal is hosted separately from the Cloud Service itself.; ; Email notifications are sent to the account nominated contacts in the event of downtime

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role based application security model together with MFA service for each user. System access is controlled by these roles which are in turn applied to groups of users to control what if any management access they have
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 07/01/2016
• What the ISO/IEC 27001 doesn’t cover: None
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Self Certified
• PCI DSS accreditation date: 15/06/2019
• What the PCI DSS doesn’t cover: All card related activities are covered
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Quadris holds the following certifications that govern our security policies and processes: ISO27001, Cyber Essentials Plus, PCI DSS (self certified) and NHS Data Security and Protection Toolkit. Security incidents are monitored and reported in real time. Security is managed via weekly management and monthly board meetings. Policy adherence is audited internally and externally via independent third party security specialists.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our Change Management process is designed around the ITIL standard and supported by our Change Management system. All changes are detailed by our engineers, including the assets affected, the reason for the change, proposed scheduled time, risk and risk mitigation analysis and actions including the impact of change on the backup and security systems. Detailed implementation, testing and backout plans must be defined for each change. All changes must be approved by Quadris and the customer’s CAB team or individual. All configuration changes are tracked through the same system and made available via email and our self-service portal.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We operate an internal and external vulnerability testing toolset on a weekly basis to identify vulnerabilities so they can be remediated immediately. An independent CREST, CISSP accredited security specialist conducts PEN tests of our network annually. Patch management operates in accordance with our ISO27001 certified Patching Policy to ensure all relevant devices are routinely patched against an effective schedule. We deploy a specialist patching application which automatically updates third party applications, such as Chrome, Adobe Reader etc. Zero day threats are monitored continuously via a specialist security service provider and actioned immediately.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Quadris' Cloud portal interface is protected by a hosted cloud WAF service from Imperva, proxied access from Imperva is the only access permitted. This system automatically detects attempts to use the system maliciously and blocks and alerts automatically. We also subscribe to RSS security feeds from NVD to alert on relevant software solutions used in our cloud Alerts are sent directly to our SoC with <15m response to take appropriate action.
• Incident management type: Supplier-defined controls
• Incident management approach: Quadris operates an Incident Management (IM) process for failures or degradation to services, aligned to the ITIL standard. Our IM process includes impact analysis to determine the severity of the incident which has SLA backed response times. Where the cause of an incident is not diagnosed within 30 minutes the incident is automatically escalated to our incident escalations team with senior technical expertise in the related technology. Our IM process includes steps for developing workarounds to protect customers mission critical processes, including invocation of disaster recovery services and post incident review.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: KVM hypervisor
• How shared infrastructure is kept separate: Customers are kept separate using software defined networking technilogy based on VxLAN network isolation.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Quadris is an ethical and environmental conscious organisation that has adopted the best practices of the code. The EUCOC ensures that our Data Center operational procedures regarding the management of a data centre are appropriate and the energy saving initiatives the company; adopts meet the objectives of this code of conduct.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Quadris has been a carbon neutral organization since the 1st of April 2020 and aims to be carbon zero by 2050. To achieve this target, we have implemented a Sustainable Development policy that commits Quadris to have a carbon reduction plan in place. As we work towards our 2050 zero carbon goal, we have from 1st April 2020 been carbon net zero (or carbon neutral) in our own operations. We’ve done this by investing in verified carbon reduction projects overseas to offset our own emissions. Our Carbon Net Zero plan is aligned to the PAS 2060 specification for detailing how to demonstrate carbon neutrality which is produced and published by the British Standards Institute (BSI). ; ; Emissions are reported and recorded in accordance with the published reporting standard for Carbon Reduction Plans and the GHG Reporting Protocol corporate standard1 and uses the appropriate Government emission conversion factors for greenhouse gas company reporting. Scope 1 and Scope 2 emissions have been reported in accordance with SECR requirements, and the required subset of Scope 3 emissions have been reported in accordance with the published reporting standard for Carbon Reduction Plans and the Corporate Value Chain (Scope 3) Standard. ; ; We set ongoing initiatives for reducing our carbon emissions each commitment period which runs in parallel to our financial year and reporting on these initiatives annually.

  Covid-19 recovery

  Quadris is committed to supporting local communities to recover from the impacts of COVID-19. At the heart of our social values and business planning is that we met and continue to meet and exceed, the ‘Good Work Plan’ recommendations (Taylor Review 2017) in advance of its publication and introduction into legislation in 2020. This includes the following COVID-19 recovery activities. ; Recruitment & Employment: ; Priority given to eligible unemployed applicants to join our workforce since 2020. ; Agile working offered since 2020. ; Above market median salaries, and a competitive value-add benefits package reviewed annually benchmarked against CIPD data. ; Patterning with local Community Colleges and Universities to offer employment opportunities. ; Apprenticeship partnering (Programme-led). ; ; Health & Well-Being: ; COVID education and risk assessment. ; Access to free health supplements and fresh fruit. ; Best practice line management in supporting health conditions through measures such as return to work meetings and alignment to CIPD & HSE best practices. ; Provision for supporting Long-COVID through flexible and agile working options. ; Rapid collaboration across the business to ensure employees children had access to laptops for education continuity during home schooling and beyond. ; ; Workplace conditions: ; Safe, open plan offices with safe working practices. ; Home working options available, with full H&S risk assessment. ; Workplace restructuring to new hybrid models of working. ; ; Supporting Organisations & Business : ; Launched our Managed Digital Workspace offering enabling our customers to operate successful remote working practices. ; Products and services sourced locally wherever possible, across a range of SME’s to invest back into our local economy’s recovery plan. ; Fair payment terms. ; Use of suppliers that are ethically like-minded.

  Tackling economic inequality

  Quadris is committed to working with people and businesses to create employment opportunities that stretch and challenge, resulting in high quality career development, positive social engagement, and a sense of value in the wider economy. In addition, we purposefully seek out and encourage local, small, diverse high-quality suppliers as part of our procurement approach, and treat our suppliers fairly through fair terms and conditions, and prompt payment practices. We pride ourselves on strong links with local college and university career hubs, offering opportunities for work in the IT sector that can help to kick start careers for the inexperienced. We work very closely with local training providers to source externally accredited courses, and engage with them for our apprenticeship placements. We operate the following activities focused on tackling economic inequality: ; Focus on local sourcing and attraction, with priority given to eligible unemployed applicants to join our workforce wherever possible, encouraging return to work applicants since 2020; partnering with local Community Colleges and Universities to offer employment opportunities; development of employment and skills through Personal & Professional Development planning; financial support for Industry recognised skills shortage technical and digital qualifications; financial advice for all employees joining; Apprenticeship partnering (Programme-led); work placements/work experience programmes; Diversity & Inclusion and all other policies aligned with Equality Act 2010 & EHRC; clear anti-harassment and anti-bullying policies underpin our workplace culture of inclusion; developing our relationship with BiTC (Business in the Community) in community-based volunteering opportunities; aligning with our staff social well-being.

  Equal opportunity

  Quadris operates specific governance policies and processes to ensure it is a diverse and representative organisation that challenges itself and its staff to do all it can to ensure that diversity and inclusion is embedded in our ways of thinking, and in our ways of working. Through recruitment, to the development and promotion of our people, we encourage opportunity for all to shape the future of Quadris’ professional and specialist levels of expertise. We value different skill sets, perspectives, and backgrounds and this is reflected in our Core Values around teamwork, and knowledge and learning. We take pride in ensuring we can deliver the best possible outcomes to our customers through staff that feel empowered to be the best version of themselves and feel respected, valued and included which in turn, we believe, unlocks their true potential as individuals and our potential as an organisation. By continuously increasing the diversity of our teams we encourage a culture of empowerment, continuous learning, creativity, a sense of ownership and responsibility, wider thinking, and collaborative working. We achieve this position through: ensuring recruitment practices are inclusive with regard to socio-economic diversity, and accessible by supporting reasonable adjustment requirements; voluntarily collecting data on the backgrounds of those who apply to, and make up Quadris’ workforce; investment and commitment to apprentice upskilling into digital & technology-based careers, whilst also supporting functional skills achievements; addressing the gender imbalance in technology, by increasing our female headcount % of the workforce; increasing our ethnic minority representation; actively attracting female STEM Graduates into our business, and offering flexible employment and facilities to aid the employment of people with disabilities. All our operations must take place in accordance with policies we have for: Equality & Diversity Policy and Modern Slavery Policy.

  Wellbeing

  Well-being is integrated into our organisation, and embedded in our culture, our leadership, and people management processes. We operate a ‘people first’ approach as part of our culture and strategy. Wellbeing activities include: ; Good Work: effective people management policies; clear job roles and key deliverables for each employee; externally accredited Employee Assistance Programme for all staff to support them with their health; personal, physical, mental and emotional, their relationships, their lifestyle and their financial well-being. ; Health & Lifestyle: access to free health supplements and fresh fruit to improve health and relieve pressures on health services; encouraging physical fitness as well as mental fitness as part of our culture; social ‘activity based’ events for employees; commitment to Mental Health at work initiative. ; Values//Principles: values based leadership and company vision; encourage openness, empowerment and autonomy through our leadership approach; company core-values that support trust, respect and encouragement across colleagues woven into the fabric of our business; Diversity & Inclusion and all other policies aligned with Equality Act 2010 & EHRC. ; Collective/Social: ‘employee voice’ formal staff survey and reporting and action planning against this output into continuous improvement plans; social calendar of Quadris funded staff and family events. ; Personal growth: Career Development Planning – mentoring, coaching, performance management, development plans, succession planning. ; Financial ; Financial advice for all employees joining us; life assurance provision; ; Pay & Reward; Above market median salaries, and a competitive value-add benefits package reviewed annually and benchmarked against current market CIPD data; all salaries maintained above the voluntary National Living wage.

Pricing

• Price: £17.25 to £172.50 a virtual machine a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full feature trial, two weeks use
• Link to free trial: https://quadris.cloud/sign-up/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@quadris.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.