DATAQUEST (HEATHROW) LIMITED

Acronis Cyber Protect Cloud - Disaster Recovery as a Service (DRaaS)

Move beyond backup with flip-of-a-switch disaster recovery.

Disaster Recovery for us, means providing a turn-key solution that allows you to securely protect your critical workloads and instantly recover your critical applications and data no matter what kind of disaster strikes.

Features

• Backup-based replication of production environments
• Unites Disaster Recovery, Backup and next-generation, AI-based anti-malware, antivirus.
• Instant off-site failover to the cloud recovery site
• Immutable storage ensure backups cannot be encrypted/deleted by ransomware attacks
• AES-256 data encryption for data in transit and at rest
• Protect multiple environments - Physical, Virtual, Cloud.
• All the tools. One simple interface for managing your Disaster-Recovery
• Get back into Business faster with Disaster Recovery orchestration runbooks

Benefits

• Flexible Recovery Point and Recovery Time Objectives
• Protects your business against hardware and/or network failures
• Protects your business against software/patching failures
• Protects your business against on-premises power outages

£0.10 a gigabyte a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

450694632656547

Contact

Michael Lyons
07799894781
gcloud@dqgroup.com

Service scope

• Service constraints: Any Servers being protected by the DRaaS solution must be protected by the Acronis BaaS Solution and the data must be held on Acronis Cloud Storage, not any other cloud or local storage.
• System requirements:
  • Agent based service running on Microsoft Windows or Linux Servers
  • Customer must have adequate internet bandwidth
  • Customers firewall will need ports open to Acronis Datacentre
  • DR Storage is required as well as Backup storage
  • RPO will depend on the firewall having adequate throughput

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Support is provided through a Contracted Service Agreement. This Agreement is purchased separately to the BaaS solution. Depending on the level of service purchased the period of cover is either 24/7 or Normal hours.; ; Normal hours for telephone/email support for product related issues from Dataquest are: Monday to Friday 0900-1730 excluding public holidays; ; Response time are within 1 hour for all services depending on the contracted period of cover
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All support is co-ordinated by each dedicated customer account manager and levels are agreed on a customer-by-customer basis. A technical account manager or cloud support engineer can be appointed, as requested.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All of Dataquest's managed cloud service contracts start with an initiation meeting, it is at this point that the Customer will be trained on how get started and how to interact with Dataquest 's service desk. This training will take the form of either remote or onsite training dependent on the customer's preference. Documentation will also be provided.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Before the end of a contract is reached the assigned Service Delivery Manager at Dataquest will reach out to the customer to discuss and agree on a contract exit strategy. Part of the agreed strategy will include data extraction and deletion from the Dataquest infrastructure. Furthermore the customer can add change or remove their data at any time with or without Dataquest's input.
• End-of-contract process: Where a client chooses to terminate their subscription with Dataquest, we are able to provide support for data extraction and/or migration where reasonable. We will agree a point of service termination with the client when the transition is complete. At this point, our dedicated support and technical teams will cease to provide any services. We will work to ensure that this transition is seamless.

Using the service

• Web browser interface: Yes
• Using the web interface: All the tools are made available through one simple interface
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The Customer will have validated their email login as part of the on-boarding process. Furthermore 2FA will have been enabled on the account, the customer will need to have loaded either Google or Microsoft Authenticator for an access code.; ; The customer can also access their tenancy through a mobile App that is available for Apple IOS and Android.
• Web interface accessibility testing: We have not carried out any testing to date.
• API: Yes
• What users can and can't do using the API: Platform Core; https://developer.acronis.com/doc/
• API automation tools: Other
• Other API automation tools:
  • Alerts API enables activation, inspection, and removal of alerts.
  • Tasks API enables inspection of the tasks and activities performed
  • Agents API provides information about agents registered in Acronis
  • Resource and Policy Management API enables protection of workload
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Customer environments are isolated and segmented. We use analytic tools that predict when additional resource is likely to be required to remain within the SLA parameters that have been set by the business which is approximately 80% utilisation..; ; As well as using analytical tools we do not over provision, CPU
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Managed Service wrap covering; Backup/restore & integrity check

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • Active Directory
  • SQL
  • Exchange
  • Sharepoint
  • File data
  • Short , Medium and Long Term storage
• Backup controls: Users can create there own backup schedule through a web portal. We can provide advice on what retention cycle to follow based on the customer's data protection objectives along with any compliance requirements.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Each service is provided with a guarantee of availability at contract level and sanctions in case of the service availability dropping below guaranteed level.
• Approach to resilience: Available on request
• Outage reporting: An API, email alerts, SMS

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through a combination of username and passwords, multifactor authentication, firewalling, IP restrictions, the use of bastion hosts as appropriate.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institute (BSI)
• ISO/IEC 27001 accreditation date: 19/05/2022
• What the ISO/IEC 27001 doesn’t cover: Software development
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: A mature security program is in place. Head of Compliance manages the company’s risk through security technologies, auditable work processes, and documented policies and procedures such as; Acceptable Use Policy (AUP), Access Control Policy (ACP), Change Management Policy, Information Security Policy, Incident Response (IR) Policy, Remote Access Policy, Email/Communication Policy, Disaster Recovery Policy, Business Continuity Plan (BCP). These policies are just some of the basic guidelines Dataquest use to build successful security programs.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The key elements of Dataquest's configuration management are:; version control, baseline and release information, audits & review; documented process and build, integrate and deploy scripts.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Evaluated and appropriate measures are taken to address any associated risks; management of technical vulnerabilities, restrictions on software installation, information systems audit controls. In accordance with Dataquest’s ISO 27001 ISMS (technical vulnerability management) testing is carried out at least once annually and when applicable patches to the system are introduced to the main systems, when new network infrastructure or applications are added, if significant upgrades or modifications are applied to infrastructure or applications and end user policies are modified.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: PMCs used to assist Dataquest in the protection of its staff, assets and information and to assist in the investigation of misconduct or criminal activity. Accurate time in logs, recording relating to business traffic crossing a boundary,recording relating to suspicious activity at a boundary,recording of workstation, server or device status, recording relating to suspicious internal network activity,recording relating to network connections,recording of session activity by user and workstation,recording of data backup status,alerting critical events, reporting on the status of the audit system,production of sanitised and statistical management reports and providing a legal framework for protective monitoring activities.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: As part of Dataquest's service operation, incident management aims to manage the lifecycle of all incidents. Our primary objective is to return the IT service to users as quickly as possible. The incident management sub-processes and objectives are aligned to ITIL and ISO 27001:2013 standard. Incident management support, incident logging and categorisation, incident resolution, incident monitoring and escalation, incident closure and evaluation, pro-active user information and incident management reporting.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: VLANs; Each customer's environment is protected via a Next Generation FireWall.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Design PUE of less than 1.3; Highly efficient chilled water cooling system configured; as N+1; Highly efficient UPS systems; DCIM metering and monitoring; Waste heat reuse in communal parts; Advanced cooling design, utilising VIRTUS air; flooded room principle; Free cooling chillers

Social Value

• Fighting climate change:

  Fighting climate change

  Dataquest operates an Environmental Management System (EMS) that has gained ISO 14001: 2015 certification. Our EMS is a continual cycle of planning, implementing, reviewing, and improving Dataquest’s processes and actions to meet environmental obligations and objectives. Energy efficiency makes a significant contribution to environmental sustainability and helps us to reduce our operating costs. We monitor our use of key sources of energy (electricity, gas,) with the aim of reducing our carbon emissions.
• Covid-19 recovery:

  Covid-19 recovery

  Dataquest continues to follow and update our business continuity plan with a focus on protecting the health and well-being of our colleagues, while keeping the business running, supporting our partners and continuing to provide the best possible service levels. In line with our ISO 27001 Standard, we have a robust disaster recovery and business continuity plan in place. This includes significant investments in technology and infrastructure to ensure we can continue to operate the business in a variety of unforeseen scenarios. We have extensive online collaboration capabilities to help ensure business continuity and we’re working tirelessly to help everyone stay safe while at the same time continuing to serve our customers.
• Tackling economic inequality:

  Tackling economic inequality

  Dataquest is committed to tackling economic inequality at root, from creating new businesses and new employment opportunities, to improving education and training, Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.
• Equal opportunity:

  Equal opportunity

  Dataquest is an equal opportunities employer and in general would wish to go beyond the strict legal requirements as determined by statute in order to be seen to promote sound and fair management practices and procedures at all times. ; ; It is therefore the Company’s aim to provide equality of opportunities for all employees by providing a working environment free from unlawful discrimination, harassment, bullying or victimisation on the grounds of sex, marital status, sexuality, disability, age, race, colour, ethnic origin, nationality, religious or political beliefs. This principle will equally apply to recruitment, training, promotion, dismissal, transfer and all benefits, terms and conditions of employment. ; ; The Company will not tolerate acts which breach policy and all instances of such behaviour will be taken seriously, be thoroughly investigated and in proven cases, will be subject to the Company’s disciplinary procedures. Policies for recruitment, selection, training, development and promotion are designed to ensure that individuals are selected, promoted and otherwise treated solely on the basis of their relevant aptitudes, skills and abilities.
• Wellbeing:

  Wellbeing

  We encourage vitality, a healthy quality of life, and a positive working environment in which people thrive. Our priority is to be proactive, so employees can gain awareness, education, and support to successfully function at work and at home, free from factors which may negatively impact upon their health.

Pricing

• Price: £0.10 a gigabyte a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The trial encompasses a fully functional suite of Acronis Cyber Protect Cloud services. The trial will initially run for up to 30 days.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.