NTT DATA UK Limited

Vulnerability Management Service

NTT Security cloud based Vulnerability Management services, combined with threat intelligence, helps maintain full visibility and security control of your public cloud workloads . Instances and VMs are spun up and down quickly and frequently and exploit tracking, focus vulnerability management efforts on the highest impact vulnerabilities in an environment.

Features

• Asset documentation
• Scanning set up and configuration
• Scanning execution validation
• NTT Data managed ad-hoc scanning
• Unlimited self-service re scanning
• Cloud based service
• Unlimited self-service re scanning

Benefits

• Reducing scanning time and prioritize vulnerability scanning activity more efficiently
• NTT Threat Intelligence Platform enhances results for better contextual awareness
• Stronger compliance, accelerate achievement and ongoing compliance with international standards
• Flexible service tiers so costs can be tailored more precisely
• Easy and efficient deployment within a public or private cloud
• Less implementation requirements meaning faster return on value.
• Full vulnerability lifecycle management lowering operational overhead for our clients

£375 to £1,950 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Nttdatauk.requirements@nttdata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

470378252114404

Contact

Tom Watson
+44 (0)20 7220 9200
Nttdatauk.requirements@nttdata.com

Planning

• Planning service: Yes
• How the planning service works: We will help our client plan, design and implement of the vulnerability scanning environment according to their cloud hosting services. We will even support Hybrid Cloud and infrastructure in terms of planning , design and implementation. We will also configure the cloud based vulnerability management platform software and complete manage the service.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: The service can provide continued and seamless vulnerability management as clients transform to the cloud. As the vulnerability management software is already cloud based it would be simple a case of ensuring the vulnerability scanners were deployed within the cloud hosted environment before go live , this would give you the seamless transition , maintaining compliance and managing your risk all the way.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: All MSS related services are performance tested & quality checked during the on-boarding process. All services must be enrolled following documented procedures and pass various checks related to the service before going live or being accepted into service.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Security Advisory
  • Security Compliance
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme
  • Other
• Other security testing certifications: OSCP

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Yes a valid license for all scanners must be installed before the service can go live. This can be purchased as part of the service or you can buy these licenses individually.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The speed of response will depend on how the services are being provided, including whether the delivery team is working at your premises or remotely, and whether the team or consultants are assigned on a full-time or part-time basis. We will agree with you how support should be provided to meet your organisation’s needs and the needs of service delivery.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: UAT testing has been performed for all our communications methods within the portal.
• Support levels: The On-boarding of this service is done remotely with the SOC enrolment teams and any required scanners can be installed in the cloud or virtually within on premise supplied infrastructure. ; ; However we do offer consulting on-site services than can assist you in Strategy, Design. On –Site Technical Account Management and Service Delivery management is also available for these services.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amazon and Microsoft
• ISO/IEC 27001 accreditation date: Annually
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Fighting climate change:

  Fighting climate change

  We understand that sustainable development is key to protecting our environment and our future. As part of our commitment to the UN Sustainable Development Goals, we will continue to conduct business with minimal environmental impact and will continually enhance environmental performance, with the aim of achieving Carbon Neutral status by 2050.; ; We are accredited to ISO14001 standard and adhere to a robust Sustainability/Environmental policy.; ; To support our commitment to fighting climate change, we will:; ; * Implement our Carbon Reduction Plan to support the Government’s aim of achieving Net Zero by 2050. We are reducing our carbon footprint by 32% (C02 Tonnes) by reducing travel, increased recycling, and minimising single-use materials. We will share our plan and annual reporting metrics as part of our reporting regime; ; * Monitor the carbon footprint of our Service team, measuring progress towards net zero greenhouse gas emissions; ; * Host education and learning events on Environmental and Social Governance with the buyer and our partners, to encourage collaboration on our journey to delivering environmental benefits; ; * Provide our Service team with zero-carbon travel options through our electric car scheme and cycle to work initiative; ; * Minimise our consumption of natural resources, and encourage the buyer and our partners to uptake similar recycle, re-use and waste reduction schemes to those we have implemented in our offices; ; * Comply with the relevant environmental compliance obligations; ; * Achieve the United Nations SDG 11 of ‘Sustainable Cities and Communities’ by 2030
• Covid-19 recovery:

  Covid-19 recovery

  The COVID-19 pandemic has amplified economic and social challenges across the UK. We are committed to delivering additional benefits that can aid the recovery of local communities and economies during the pandemic, especially through creating re-training and employment opportunities in the high-growth technology sector in which we operate. ; ; We will support business’s recovery by:; ; * Continuing to align our business and supply chain with the Prompt Payment Code, to ensure the cash flow position of our smaller business partners are not impaired by delayed invoicing; ; * Continuing to allow our supply chain partners to deliver with a location-agnostic model, enabling our partners to conduct business whilst working remotely in varied locations; ; * Supporting our people with flexibility around their location and working rhythm providing that Service commitments are met; ; We will support the local community through initiatives such as:; ; * ‘The City Gives Back’, our project to bolster and expand the food bank run by Christ Church Spitalfields in the East End of London, supporting local families during the COVID-19 pandemic; to date we have raised over £50,000; ; We will support our people by:; ; * Continually reviewing and updating our flexible working policy, supporting a progressive return to work policy and providing our people with choice; ; * Ensuring our offshore teams (such as India) have access to appropriate healthcare Services; ; We will create employment, re-training and other return to work opportunities for those left unemployed by COVID-19. This will depend on each contract, but recent examples include:; ; * Appointing FTEs from the ‘Route 2 Work’ programme – connecting individuals and communities who have been hit hard by COVID-19 with new education and employment opportunities in the tech sector ; ; * Running CV improvement classes and mock interviews for our young apprentices
• Tackling economic inequality:

  Tackling economic inequality

  Tackling economic inequality is critical to narrowing community disparity. Through inclusive and fair employment and training opportunities, we are committed to taking tangible actions to tackle economic inequality.; ; We will create employment opportunities particularly for those who face barriers to employment and/or who are located in deprived areas. This will depend on each contract, but recent examples include:; ; * Appointing FTEs from the ‘Route 2 Work’ programme – enabling disadvantaged individuals and communities to access education and employment opportunities in the technology sector; ; * Appointing FTEs from our Tech Academy programme – an Apprenticeship programme we run to retrain people from disadvantaged backgrounds, enabling them to gain experience within the high growth tech sector; ; To create opportunities for entrepreneurship and help new, small organisations to grow, supporting economic growth and business creation, we will:; ; * Actively identify suitable opportunities for SME’s to engage as part of any contract; ; * Continue to run global, regional and UK based innovation programmes such as the Supplier’s Open Innovation Contest (oi.nttdata.com) designed to identify and support innovative scale-up organisations; ; * Conform to the Prompt Payment Code throughout the course of delivering any contract, recognising our role in ensuring our smaller business partners are not disadvantaged by cash flow difficulties; ; We will support educational attainment, including training schemes that address skills gaps and result in recognised qualifications. This will depend on each contract, but recent examples include:; ; * Providing people with access to training and learning opportunities via our Udemy training platform; ; * Upskilling team members with Scaled Agile or vendor accreditation training (e.g. Microsoft, Appian)
• Equal opportunity:

  Equal opportunity

  We understand that identifying and tackling inequality in the workplace, by supporting in-work progression and championing Diversity and Inclusion in the technology sector, is vital to advancing equality in our people. We want our workforce to reflect the diversity of our society. Some highlights:; ; * We are ranked in the top 3% of companies for diversity and inclusion (Source: Financial Times); ; * 50% of our UK board are women; ; * 60% of our people business identify as BAME; ; * We have reduced our pay gap by 1.7% over the last 2 years; ; We continue to close the inequality gap across our business and promote an inclusive working environment for all, through various initiative including:; ; * Continuing to proactively recruit people identifying as disabled – spanning mental health issues, dyslexia, dyspraxia and autism; this includes employment of physically disabled employees; ; * Committing a minimum of 5 additional training days per employee identifying as disabled, to assist them with developing skills relevant to the contract and working toward relevant qualifications, for example SaFE certification; ; * Committing 2,000 people-hours of free training for our UK-based staff on our Udemy platform to support the development of new skills; ; * Running a D&I annual events calendar, which spans Women’s Business Network, Cultural Diversity, Mental Wellbeing and LGBTQIA+ forums; ; * Continuing to follow a well-defined process across the business to ensure that we comply with section 54 (“Transparency in supply chains etc.”) of the Modern Slavery Act 2015 (MSA); ; * Annually reporting on and communicate our obligations to our people on a regular basis, and review our compliance on an annual basis; ; * Continuing to operate an independent external whistleblowing service which can be used to register non-compliance
• Wellbeing:

  Wellbeing

  We understand the importance of Wellbeing for our people, especially at a time of considerable change and instability. Wellbeing has UK Board level sponsorship.; ; For all contracts resulting from this framework we will leverage proven ways of working that promote physical and mental health, including but not limited to:; ; * A calendar of wellbeing activities spanning weekly meditation, ‘time to talk’ days, and coaching sessions on healthy eating; ; * Providing access to trained Mental Health First Aiders and Mental Wellbeing Champions, ensuring people have the right mental wellbeing tools and support; ; * Appointing a Wellbeing and Mental Health Champion for any contract resulting from this framework, ensuring mental health tools and support; ; * Encourage our people to take regular breaks and engage in physical activity throughout the day, such as: schedule a minimum of one ‘walk and talk’ meeting a day in the fresh air (either on their mobile or in person), block out time for lunch in diaries, schedule calls for 45 minutes to allow for 15 minute break between calls, take part in the quarterly company-wide ‘step challenge’, and participate in our weekly free, business-wide yoga and meditation sessions; ; * Involving the buyer in a joint community initiatives, including ‘The City Gives Back’, our initiative to support workers and families in the Spitalfields area with a foodbank service, tackling food poverty. To date we have raised over £50,000 for the local community. ; ; * Involving the buyer in the ‘Pride in the City’ initiative, of which we are proud sponsors. This supports the LGBTQIA+ community by providing a platform for meaningful discussions on how we can transform organisations to be even more LGBTQ+ inclusive. We would invite the buyer to ‘Pride in the City’ events to share our experiences

Pricing

• Price: £375 to £1,950 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Nttdatauk.requirements@nttdata.com. Tell them what format you need. It will help if you say what assistive technology you use.