Jisc Services Ltd

Managed Cloud Service

AWS and Azure provide compute, storage and other cloud services. Jisc's Managed Service, service offers a core support service, designed for customers wishing to largely manage their AWS or Azure environments for themselves but including patching, monitoring and billing, and an enhanced managed service with more comprehensive support.

Features

• Management of your AWS, or Microsoft Azure clouds.
• Patching, backups and monitoring of EC2 instances, VMs and databases
• Compute, storage and associated services capable hosting OFFICIAL information assets.
• Full range of AWS and Azure services. AWS OGVA Agreements
• Standard AWS and Azure price lists, billing portal in £'s.
• 24/7 support and AWS or Azure infrastructure automation.
• Trusted advisor and ally of the education and public sectors.
• AWS Consulting Partner, Government Reseller and Azure Cloud Solution Provider
• Microsoft Cloud Solution Provider (CSP). Microsoft Cloud Hosting Partner
• Market leading FinOps tool

Benefits

• Focus on priorities we will manage your AWS or Azure
• Reduce cloud infrastructure costs and only pay for capacity used
• Increase organisational agility with automated deployment and 24x7 support
• Build failure resilient applications in multiple AWS or Azure regions
• Improve up-time with ITIL-aligned service management
• Support well-managed, secure, highly flexible AWS or Azure hybrid solutions
• Suitable for multi-cloud (AWS/Azure) solutions.
• Option available for prepayment and multiple purchase orders
• EC2 instances, Blob storage or Azure Files
• Modernise your services with server-less, Functions, containers and Kubernetes

£2,000 a transaction a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.support@jisc.ac.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

453426502701574

Contact

Bid Support
03003002212
bid.support@jisc.ac.uk

Service scope

• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 Target response 30 Mins, P2 Target response 2 hours, P3 Target response 4 hours Out of hours - Target response 30 Mins (P1 only) .P1 incidents Service component failed or severely impaired resulting in serious business-wide impact or multiple users/services impacted. P2 incidents Service component impaired resulting in a loss of functionality, or loss of access to a single or subset of users, but work can continue in an impaired manner. P3 incidents Incident with minor or no direct impediments on the customer’s business and/or is not time sensitive
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: When buying professional services from Jisc you will usually engage directly with our Cloud Professional Services team and AWS or Azure Solutions Architects. We provide a service desk for our managed services customers but this is treated as a fall-back method of contacting us for this service. The response time indicated above is for a response from your nominated Cloud Professional Services team member or Solutions Architect.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a fully managed on-boarding service.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Data can be copied off customer VMs using SFTP or equivalent prior to contract end. Data can be extracted from databases using SQLDump or equivalent and then transferred as per above.
• End-of-contract process: Service termination is defined as end of contract without transfer of services to a new provider or customer function. In this case, on service termination Jisc will close and delete any Azure accounts, access controls and resources; off-boarding of instances and data is the customer’s responsibility and should be completed prior to termination. Jisc can provide a managed migration path out from the tenant (working alongside your new provider or function). This would be created as a standalone project and incur rates and charges per the Jisc Cloud Migration service.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can manage all aspects of the AWS / Azure service using the AWS / Azure management portals.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Accessibility of the AWS / Azure management portal is maintained by AWS / Microsoft.
• Web interface accessibility testing: N/a
• API: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: All aspects of the Azure service can be managed using the CLI.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: The hypervisor enforces memory and process separation between virtual machines.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: AWS and Microsoft Azure

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • VM storage
  • Azure SQL Databases
• Backup controls: Backup schedules are agreed during customer on-boarding.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: VLAN VPCs
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.9% SLA's are guaranteed by AWS and Microsoft together with their terms and conditions.
• Approach to resilience: Managed Cloud services are delivered from multiple data-centres worldwide. When deploying customer services to the Cloud, Jisc will ensure that services span multiple availability zones (data-centres) to ensure service resilience.
• Outage reporting: Public dashboards and email alerts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces and support channels is restricted through a combination of username and passwords, multifactor authentication, firewalling, IP restrictions, the use of bastion hosts as appropriate.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 10th October 2023
• What the ISO/IEC 27001 doesn’t cover: All Jisc activities related to the provision of this service are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Jisc is certified as compliant with ISO27001:2005 (Certificate CI/12868IS) by a UKAS accredited certifying body. Services that we have designed, implemented and operate have been subject to risk assessment including ITHCs and penetration testing by independent CHECK providers. We are able to supply our Information Security Policy subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Jisc is committed to ITIL aligned Change and Configuration Management for effective management and control of its infrastructure. Jisc's management tool incorporates an automated Change Management Database (CMDB) at the heart of its operation, with all service support and delivery modules linked to the CMDB to ensure a complete and accurate view of customer estates. A CAB team exists within the services department and liaises closely with all other teams to ensure changes are successful and our infrastructure is maintained and accurately modelled within the CMDB.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Jisc subscribe to vendor support services to ensure we are operating in line with the latest recommendations and are made aware of any potential vulnerabilities. The patch deployment policy is ITIL aligned and undertaken in accordance with our ISO27001 security policy. For patching of Windows operating systems, we follow a patch cycle in line with Microsoft’s "Patch Tuesday”. For exceptional patching, our processes allow for the management of exceptions which require emergency maintenance to protect your service from vulnerabilities. Notifications are sent to ensure that customers are informed of planned works and all patches are tested before deployment to live.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Jisc makes use of cloud-native applications for the collection, monitoring, analysis, alerting and reporting of all IT event, log and performance data. A real-time analytics engine is used to correlate events, logs and performance metrics across your cloud and on-premise infrastructure. A comprehensive suite of highly configurable rules allow alerts to be sent in response to malicious activity and performance-impacting events, all of which is included as standard in the service.
• Incident management type: Undisclosed
• Incident management approach: The Jisc ITIL-aligned Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes Customers can report incidents via phone, email or our portal. Our Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes. For Major Incidents, once the Incident has been resolved, the Incident Manager will ensure an Incident Review Meeting is held and a Major Incident Report is created and distributed.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: AWS and Microsoft Azure
• How shared infrastructure is kept separate: The hypervisor enforces memory and process separation between virtual machines.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: See See https://aws.amazon.com/about-aws/global-infrastructure/; and; https://azure.microsoft.com/en-gb/global-infrastructure/

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As part of our core strategy for 2022-2025 the theme ‘Be a force for good’ recognises sustainability as an organisational imperative. Committed to achieving Net Zero emissions by 2040, 10 years ahead of government target, we plan to cut our emissions by over half by 2030 and be net zero across our remaining scope three emissions (net zero plus) by at least 2050. We have a Net Zero Roadmap outlining how we will reduce emissions and our plans for future projects.; Below are some examples of what we have done:; ; Lowered our carbon footprint by: reducing the size of our estate, motion-controlled lighting to save electricity in our Bristol office, as well as generating electricity through solar power. ; ; Reduced travel emissions by: a hybrid working model, introduction of a staff electric car scheme, alongside an existing cycle to work scheme. ; ; An Environmental Policy outlining our commitment to continually improve our environmental performance: We are developing an environmental management system to ISO14001, this will guide action across key areas, such as consumption, waste, biodiversity, travel.; ; Started to embed sustainability into our procurement processes: We will introduce a Sustainable Procurement Policy to drive this further.; ; Sustainable Jisc Events: Jisc’s Digifest event offered a meat free menu, estimated to have saved 6.4 tonnes of carbon. Catering was locally sourced, and any food waste was disposed through anaerobic digestion. We encouraged exhibitors to use digital messaging, reducing printed materials. Our event app reduced the amount of printing required, and any required event printing is now FSC certified and fully recyclable. ; ; Reuse or recycle old IT equipment: Wiped and sold for reuse old IT equipment, and recycled equipment not suitable for reuse, resulting in zero waste to landfill. In 2022/23 we recycled over 370 pieces of IT equipment.

  Covid-19 recovery

  Providing our people with the flexibility they need to balance their personal lives and do well at work, Jisc offers a range of ways of working, including flexible hours and working from home. We have adopted a hybrid working model for most roles. Flexible working eliminates the limitations posed by geographical location and personal circumstances. To support their home working environment, remote workers are provided with an allowance for equipment and advice and training on DSE.; For the benefit of people and community, everyone at Jisc can make a difference, with up to three paid volunteering days per year. In 2022/23 29% of our staff took a volunteering day. Colleagues used 321 volunteering days across the year for the benefit of people and community. Examples include, foodbanks, animal sanctuaries, helping children to learn to read, litter picking, giving blood.

  Tackling economic inequality

  We are an accredited Living Wage Employer. Jisc meets the standards set by Citizens UK and the Living Wage Foundation by signing the ‘UK Living Wage Employer' licence agreement. This agreement confirms that Jisc pay the Real Living Wage as a minimum. We also ensure that people in our supply chain delivering goods and services are paid the National Living Wage as a minimum.; Jisc is committed to the development of our people, and encourage they use 10% of their time on development. To help our people to upskill and achieve, they have access to a huge variety of learning resources including access to the full LinkedIn Learning catalogue. Where a qualification is directly linked to career progression, Jisc contribute or cover the full cost of the training. ; Jisc provide their employees with a number of benefits. For example, our Pay Framework gives a fair, flexible and transparent pay structure to work within. Our employee Healthcare cash plan allows members to claim back everyday healthcare costs, like dental or eye care. ; Apprenticeships provide an amazing opportunity to boost the skills of the local community and beyond. We are extremely proud of our apprenticeship scheme at Jisc, which cover legals, marketing, network engineering, procurement, HR and finance. Our scheme celebrates diversity, and we know that it is critical to our success. We work hard to make sure we’re inclusive and welcome all applicants who share our values and want to join us in our mission to improve lives through digital transformation.

  Equal opportunity

  One of Jisc’s guiding principles ‘Always Inclusive’ reflects our commitment to equity, diversity and inclusion (EDI). ; Our EDI policy outlines our commitment to de-constructing systemic racism and other barriers which have historically affected under-represented groups in the workplace. We strive to be an organisation where everyone here is able to be their authentic self and recognise the benefits of diversity with regards to innovation, team performance and organisation-wide productivity. ; We engage with external partners such as the Black Leadership Group and Emerge. Emerge are co-designing on the delivery of our Conscious Inclusion of Leaders Programme. In 2023 we launched a new Board and Committee diversity policy. The Board believes a mix of skills, knowledge and experience with different perspectives and insights builds a strong foundation for well-informed decision-making and as a consequence, better performance of Jisc in support of its stakeholders. ; Our EDI steering group meets quarterly to address inclusion-related topics from our employee networks, including the faith and LGBTQIA+ networks. We provide EDI training through our leadership program and have conducted anti-racism masterclasses for staff. Our recruitment team has also received inclusion-focused personal development and assists hiring managers in refining their practices.; We won’t accept modern slavery, forced labour or any human trafficking anywhere within our operations or supply chain. Our Modern Slavery working group assess risk areas, implement improvements and monitor progress against our Modern Slavery objectives and policy. Staff are educated on how to report modern slavery in the workplace and what signs to look for. ; Currently four of nine of our executive leadership team are women, including our CEO. According to benchmarking we carry out as part of our commitment to the Tech Talent Charter, we are above the national average for employing women in tech roles, having 31% taken by women against 28% nationally.

  Wellbeing

  The health and wellbeing of our staff is crucial to us. In 2023 we introduced a new benefits package for staff including an employer paid healthcare cash plan, an electric car scheme and the opportunity to buy additional annual leave. We offer a cycle to work scheme and an employee assistance programme for advice on a range of legal, financial, physical, emotional and mental health issues. We value good work/life balance and work flexibly. We also offer a generous leave entitlement, enhanced sick policy and enhanced maternity, paternity and adoption leave in addition to statutory entitlement, and shared parental leave. ; Trained to support our staff, we have 41 (April 2024) mental health first aiders easily assessable to our people across our geographical locations. Promoting and delivering wellbeing initiatives within Jisc, some of our mental health first aiders are also wellbeing champions. ; Providing staff with education, support and tools to help them live a happier and healthier life, they have access to a Wellbeing centre through our Jisc reward scheme, where they can access a range of resources to support wellbeing.; Our employee assistance programme provides staff and their immediate family access to confidential advice on a number of topics covering physical, mental, financial advice and is accessible through various mediums. ; Volunteering has been shown to improve mental health, by giving a sense of purpose and reducing stress and anxiety. Our staff can use up to three days volunteering per year. Through our volunteering network, staff share their experiences with others.

Pricing

• Price: £2,000 a transaction a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.support@jisc.ac.uk. Tell them what format you need. It will help if you say what assistive technology you use.