Barrier Networks

ADP Cloud Data Management, Backup & Recovery (Rubrik)

Rubrik simplifies backup, restore and disaster recovery for virtualised and physical environments. Eliminate backup software by integrating data orchestration, catalogue management, and ‘deduplicated’ storage into a single, scale-out fabric.

Features

• Converged Backup and Recovery Platform
• Bespoke Public, Private and Hybrid Cloud
• API 1st Driven Architecture
• Offsite Replication and Archive
• Fully Managed Service
• SLA Policy Driven Management
• Application Consistent Snapshots
• Virtual and Physical server support
• Instant Recovery from anywhere
• Granular RPOs

Benefits

• Proactive Support
• Fully Managed Solution
• Consolidated multi-site monitoring
• Simple Pricing Model

£18.75 to £87.50 a terabyte a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@barriernetworks.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

452090556502692

Contact

Iain Slater
0141 356 0101
info@barriernetworks.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: N/a
• System requirements:
  • Network Connectivity
  • 10Gb Network (recommended)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 - 15 minutes; P2 - 1 Hour; P3 - 2 Hours; P4 - 4 Hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide a single level of support which its included in the cost of the sale. This a 24x7x365 supoort with the following SLAs; ; Inital Response Times:; P1 (Urgent) - 15 Minutes; P2 (High) - 1 Hour; P3 (Normal) - 2 Hours; P4 (Low) - 4 Hours; ; Target Resolution Times:; P1 (Urgent) - N/A*; P2 (High) - 12 Hour; P3 (Normal) - 24 Hours; P4 (Low) - 36 Hours; ; * There is no target resolution time as all reasonable endeavours will be made to resolve the P1 situation at the earliest possible time.; ; A Client Services Manager will be assigned to each customer manage the customers commercially and initiate/run the service reviews with the customers.; ; A Technical Account Manager is available depending on the oppertunity.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once the sale has been completed, it is passed over to our implementation team. Implementation is included in all oppertunities. The implementation team will work with the customer all the way from Pre-Reqs to installation, configuration, testing and finally BAU. Knowledge transfer sessions can be aranged in to the form of screenshare during installation or dedicated online sessions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Depending on the service/produce procured, data can be extracted by download export or restoration back into the customers environment.
• End-of-contract process: Access to store additional data under the Services shall cease immediately and its access to any data already stored as part of the Services shall be permanently terminated upon 7 days’ notice from ADP.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: Rubrik is an API 1st technology, with all features and functionalities accessed in this manner.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Almost every aspect of the service can be customised, from payment plans, through to service and support levels.

Scaling

• Independence of resources: Rubrik is infinitely scaleable. The backup service is capacity based and additional "Brick" can be added to cope with increased demand with no limit to the scalability.

Analytics

• Service usage metrics: Yes
• Metrics types: Data Usage, locally, replicated and cloud-based Number of objects protected Throughput usage Bandwidth usage VMware statistics
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Assured Data Protection/Rubrik

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: AES-265 Encryption FIPS-142-2 Level 2 certified
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be downloaded at any stage through the API's or GUI
• Data export formats: Other
• Other data export formats: Original Format
• Data import formats: Other
• Other data import formats: Original Format

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The Rubrik software will have a target uptime of 99.5% (10% Service Credit if SLA not achieved); Availability shall be measured as a percentage of the total time in a month, in accordance with the following formula:; Availability % = ((MP-SD)x100)/MP; Where:; MP = Total number of minutes, excluding any permitted maintenance agreed in advance between the parties in writing, within the relevant month; and; SD = Total number of minutes of any period of time during which a service is not available, excluding any permitted maintenance agreed in advance in writing between the parties, in the relevant month.
• Approach to resilience: Rubrik employs security tooling to continuously and dynamically scan their products and related infrastructure against common security vulnerabilities. Rubrik maintains a dedicated in-house product security team to continuously test and drive remediation of any discovered issues based on internally defined service level agreements (SLAs). The source code repositories for Rubrik platforms are also scanned for security issues.
• Outage reporting: Rubrik employs security tooling to continuously and dynamically scan their products and related infrastructure against common security vulnerabilities. Rubrik maintains a dedicated in-house product security team to continuously test and drive remediation of any discovered issues based on internally defined service level agreements (SLAs). The source code repositories for Rubrik platforms are also scanned for security issues.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Management access to the portal is controlled by the customers support account (2FA in place)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: 19/10/2017
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ADP have created their own incident management process.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: ADP - centrally managed with Intune for PC infrastructure and combination of Puppet/Zabbix for data center infrastructure. ; ; Implementation of systems provide insight/management solutions to monitor the changes throughout the information systems. ; Unauthorized Change Detection Data Center ; Maintaining uniformity throughout its IT infrastructure, ADP manages backup units through Zabbix monitoring software for unauthorised changes. Unauthorised change will display an alert for administrators to perform an investigation. ; Office Network ; Users are provided with minimum user rights to their computers. Changes/updates to systems require administrative approval. Implementation of changes will be managed by Intune ensuring unauthorised changes does not occur on company equipment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The implementation of configuration standards are distributed throughout the organizational systems. This implementation of configuration standards is centrally managed through Zabbix and Puppet. Centralized controls for these devices will ensure that the change controls are properly maintained. Centralized configuration controls are also implemented through Microsoft Intune to maintain the office network.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: ADP have created their own monitoring portal to give their clients full reporting capabilities. Daily reports are sent to the customer.
• Incident management type: Supplier-defined controls
• Incident management approach: ADP have created their own incident management process based on:; ; • Designated an Incident Response Team (IRT) with clear roles and responsibilities. ; • Monitor systems for unauthorized access, unusual activity, and potential breaches. ; • Ensure a reporting mechanism for staff and external entities to report potential security incidents. ; • On receiving a report, the IRT should convene immediately to confirm if an incident or breach has occurred. ; 3. Containment

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to sustainable development (meeting the needs of the present without compromising the ability of future generations to meet their own needs) as a guiding principle within our work. Concern for the environment is an integral and fundamental part of this commitment. Our aim is to reduce the impact on the environment from our operations. Our environmental/sustainability action plan ; We aim to promote good governance in charities as well as dealing with aspects of poor practice. Through our work with charities we are in a position to promote the wider sustainability agenda. ; ; We will: ; • Promote responsibility for the environment within the organisation and communicate and implement this policy at all levels within the workforce; ; • reduce the use of energy, water and other resources; ; • minimise waste by reduction, re-use and recycling methods; ; • comply with all relevant environmental legislation/regulation; ; • ensure that our policies and services are developed in a way that is complimentary to this policy; ; • not prioritise funding needs ahead of sustainability requirements; ; • encourage all charities to commit to the sustainable development philosophy; ; • identify and provide appropriate training, advice and information for staff and encourage them to ; develop new ideas and initiatives; ; • provide appropriate resources to meet the commitments of this policy; and ; • promote and encourage involvement in local environmental initiatives/schemes.

  Equal opportunity

  • To create an environment in which individual differences and the contributions of all our staff are recognised and valued.; • Every employee is entitled to a working environment that promotes dignity and respect to all. No form of intimidation, bullying or harassment will be tolerated.; • Training, development and progression opportunities are available to all staff.; • To promote equality in the workplace which we believe is good management practice and makes sound business sense.; • We will review all our employment practices and procedures to ensure fairness.; • Breaches of our Equality Policy will be regarded as misconduct and could lead to disciplinary proceedings.; • This policy is fully supported by Senior Management.; • The policy will be monitored and reviewed regularly.

  Wellbeing

  • We promote an open, supportive company culture where employees look out for one another and feel comfortable discussing any difficulties. Mental health is valued equally to physical health.; • Employees have access to confidential counselling, therapy, and other mental health resources through our employee assistance program.; • We encourage taking time off when needed for mental health days in addition to sick days. Employees are trusted to manage their time off responsibly.; • Training is provided to managers on recognizing signs of burnout, ; work overload, and other mental health concerns. Managers work to ; proactively address issues and reduce employee stress.; • Employee workloads and schedules are designed to be reasonable ; and sustainable. ; • Wellness initiatives like meditation breaks, stress management ; workshops, mindfulness programs, and social events are offered ; throughout the year.

Pricing

• Price: £18.75 to £87.50 a terabyte a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@barriernetworks.com. Tell them what format you need. It will help if you say what assistive technology you use.