CYPRO CONSULTING

IT Disaster Recovery

Become resilient to cyber attacks and sleep better at night. We provide comprehensive resiliency strategies tailored to your specific technologies that ensure rapid recovery and continuity of operations in the event of a successful cyber attack.

Features

• Customised resiliency strategies for specific technologies
• Rapid recovery and continuity of operations post-cyber attack
• Detailed and clear recovery steps tailored to specific IT infrastructure
• Regular testing of plans to ensure effectiveness under duress
• Employee awareness and rehearsal of responsibilities
• Expert guidance in building confidence with executives
• Comprehensive assessment of current IT infrastructure resiliency capabilities
• Development of robust disaster recovery policies and procedures
• Implementation of redundancy, backup and failover mechanisms
• Ongoing support and updates to the recovery plans and procedures

Benefits

• Zero downtime in disaster scenarios with efficient recovery methods
• Clear recovery steps tailored to specific infrastructure
• Stakeholder confidence in recovery plans through regular testing
• Prepared and rehearsed employees for effective response
• Enhanced resilience against cyber attacks and disruptions
• Compliance with industry regulations and best practices
• Peace of mind knowing systems are protected and recoverable
• Minimised financial losses and reputational damage
• Increased trust and confidence from stakeholders
• Continuity of business operations avoiding loss of revenue or clients

£525 to £1,400 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@cypro.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

471010560653705

Contact

Jonny Pelter
020 80 888 111
accounts@cypro.co.uk

Planning

• Planning service: Yes
• How the planning service works: Resiliency Assessment: Begin with a thorough assessment of potential IT risks and vulnerabilities, considering factors such as natural disasters, cyber attacks, hardware failures, and human error.; Business Impact Analysis: Conduct a comprehensive analysis to determine the potential impact of IT disruptions on critical business operations, revenue, reputation, and regulatory compliance.; Recovery Objectives: Establish clear recovery objectives, including recovery time objectives (RTOs) and recovery point objectives (RPOs).; Plan Development: Develop a detailed disaster recovery plan outlining the steps and procedures to be followed in the event of an IT disaster. This includes procedures for data backup and restoration, communication protocols, and roles and responsibilities of key personnel.; Testing: Regularly test the disaster recovery plan through simulated exercises.; Documentation and Communication: Document the disaster recovery plan and make it easily accessible to all relevant stakeholders. Establish communication channels for notifying employees, customers, vendors, and other stakeholders in the event of an IT disaster.; Continuous Improvement: Review and update the disaster recovery plan regularly to incorporate lessons learned from testing.; Review and Compliance: Periodically review the disaster recovery plan to ensure compliance with industry regulations, standards, and best practices. Conduct audits and assessments to verify the plan's readiness and effectiveness.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Cloud Security Best Practices Training: Cover encryption, access management, and secure configurations for the chosen cloud platform.; Threat Identification and Response Training: Educate on detecting and mitigating common cloud security threats like data breaches and DDoS attacks.; Compliance Training: Ensure awareness of industry-specific compliance requirements and methods to maintain adherence.; Incident Response Procedures Training: Teach reporting security incidents and coordinating with cloud service providers effectively.; Emerging Threat Awareness Training: Provide updates on evolving threats and trends in cloud computing security.; Interactive Workshops and Simulations: Engage participants in hands-on learning through workshops, simulations, and real-world scenarios.; Security Awareness Programs: Foster a culture of security awareness and responsibility across your organisation.; ; All this can be delivered via in-person training, eLearning, virtual instructor-led training (VILT), interactive training simulations, blended learning approach, gamified learning or access to peer learning communities.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Data Encryption: Utilize TLS for transit encryption and AES for data at rest to secure data during migration.; Identity and Access Management (IAM): Implement RBAC, MFA, and least privilege principles to secure user access.; Network Architecture: Strengthen security with firewalls, segmentation, VPNs, and intrusion detection/prevention systems.; Vulnerability Management: Conduct regular assessments and penetration testing to identify and remediate cloud security weaknesses.; Logging and Monitoring: Set up cloud-native monitoring tools and SIEM systems to track user activities and security incidents.; Data Loss Prevention (DLP): Enforce measures to protect sensitive information during migration, including data classification and encryption.; Compliance and Governance: Ensure adherence to regulatory requirements and industry standards using governance frameworks like the CSA Cloud Controls Matrix.; Disaster Recovery and Business Continuity: Develop and test DR/BC plans with cloud-native backup, failover, and recovery services.; Secure Development Practices: Implement secure coding and DevSecOps methodologies to build and deploy applications securely.; Security Awareness Training: Provide education on security best practices to mitigate human error and insider threats during migration.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: - Test Planning: Develop a comprehensive plan outlining objectives and methodologies for QA and performance testing.; - Functional Testing: Verify security service functionality, including IAM, encryption, and DLP, ensuring compliance with requirements.; - Penetration Testing: Simulate real-world attacks to identify and address vulnerabilities in the cloud environment.; - Vulnerability Assessment: Use automated tools and manual analysis to detect and prioritise security weaknesses.; - Load and Stress Testing: Assess performance and scalability under peak traffic conditions to ensure reliability.; - Resilience Testing: Validate failover mechanisms and disaster recovery plans for business continuity.; - Logging and Monitoring Testing: Confirm effectiveness in capturing security events and generating timely alerts.; - Compliance Testing: Ensure alignment with regulatory mandates such as GDPR and PCI DSS.; - Documentation and Reporting: Document findings and recommendations for stakeholders, facilitating informed decision-making.; - Continuous Improvement: Implement feedback-driven enhancements to adapt to evolving threats and technology trends.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Secure architecture review
  • Secure solution designs
  • Vulnerability scanning and discovery
  • Secure cloud migration
  • Identity and access management audits
  • 24/7 cyber security monitoring
  • Cyber security accreditation (ISO 27001, Cyber Essentials, SOC 2)
  • IT Disaster Recovery Planning
  • Cyber security project and program management
  • Cyber threat assessments
• Certified security testers: Yes
• Security testing certifications:
  • GBEST
  • CHECK
  • CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by a third-party organisation
• How the support service works: - Cloud Security Assessments: Evaluate the security posture of cloud environments to identify vulnerabilities and compliance gaps.; - Secure Cloud Architecture Design: Develop robust and scalable cloud architectures with built-in security controls and best practices.; - Identity and Access Management (IAM) Solutions: Implement IAM solutions to manage user access and permissions, ensuring least privilege principles.; - Data Encryption and Key Management: Secure sensitive data in transit and at rest through encryption and robust key management practices.; - Continuous Monitoring and Threat Detection: Monitor cloud environments continuously to detect and respond to security threats in real-time.; - Security Incident Response and Forensics: Develop and implement incident response plans and conduct forensic investigations to mitigate security incidents effectively.; - Vulnerability Management and Penetration Testing: Identify and remediate vulnerabilities through regular assessments and penetration testing exercises.; - Compliance Audits and Governance Frameworks: Ensure compliance with regulatory requirements and industry standards through audits and governance frameworks.; - Secure DevOps and CI/CD Pipeline Integration: Integrate security into the software development lifecycle to automate security checks and ensure code integrity.; - Security Awareness Training and Education: Educate employees on security best practices and emerging threats to promote a culture of security awareness and responsibility.

Service scope

• Service constraints: We can provide on-site resource but only to organisations within the UK.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depends on the service level agreement.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: We provide different support levels depending on the needs of the client:; ; 1. Basic Support: Offers essential support services such as email or ticket-based assistance during standard business hours. Basic support may include help with basic troubleshooting, account setup, and general inquiries.; ; 2. Standard Support: Provides more comprehensive assistance with faster response times and extended support hours. Standard support often includes phone support, dedicated support representatives, and access to a self-service portal.; ; 3. Advanced Support: Offers advanced technical support services such as proactive monitoring, performance optimization, and regular health checks. ; ; 4. Advanced support may include on-site visits, dedicated account managers, and customised solutions tailored to the client's specific needs.; ; 5. 24/7/365 Support: Delivers round-the-clock support for critical security incidents and emergencies. This level of support ensures rapid response and resolution to security incidents regardless of the time of day.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Energy Efficiency Assessments: we can evaluate the energy usage of existing IT infrastructure and recommend strategies for optimizing energy consumption through cloud migration and resource consolidation.; Server Utilisation Optimisation: we analyse server workloads and resource utilisation patterns to optimise server usage and reduce energy consumption in cloud environments.; Renewable Energy Integration: Assist in integrating renewable energy sources such as solar, wind, and hydroelectric power into cloud data center operations to minimize reliance on fossil fuels.; Green Data Center Design Consulting: Provide guidance on designing environmentally sustainable data centers, including efficient cooling systems, modular architecture, and waste heat reuse.; Remote Work Enablement Solutions: Implement cloud-based collaboration tools and remote work solutions to reduce commuting and office energy consumption, supporting environmental sustainability efforts.; Lifecycle Management Services: Manage the entire lifecycle of IT hardware, from procurement to decommissioning, in an environmentally responsible manner, including recycling and disposal programs.; Workload Optimisation Solutions: Implement workload optimisation strategies using cloud services such as auto-scaling, load balancing, and serverless computing to streamline resource usage and improve energy efficiency.

  Equal opportunity

  Recruitment and Hiring Practices: We employ fair and unbiased recruitment processes that focus on qualifications, skills, and experience, ensuring that all candidates are evaluated based on merit alone. We actively seek candidates from diverse backgrounds and underrepresented groups to build a talented and diverse workforce.; Diversity and Inclusion Training: We provide ongoing training and education on diversity and inclusion topics to our employees. This training helps raise awareness of unconscious biases, promotes inclusive behaviors, and fosters a culture of respect and belonging.; Equal Pay: We adhere to principles of pay equity and provide equal pay for equal work, regardless of gender, race, ethnicity, age, sexual orientation, or other personal characteristics.; Career Development and Advancement: We offer career development opportunities and support for all employees to reach their full potential. This includes mentorship programs, training workshops, and leadership development initiatives aimed at advancing individuals from underrepresented groups into leadership roles.; Flexible Work Arrangements: We recognize the importance of work-life balance and offer flexible work arrangements, including remote work options, flexible hours, and part-time schedules, to accommodate diverse lifestyles and responsibilities.; Zero Tolerance for Discrimination and Harassment: We have strict policies in place to prevent discrimination, harassment, and retaliation in the workplace. We investigate all complaints promptly and take appropriate action to address any violations of our policies.; Community Engagement and Partnerships: We engage with external organisations and community partners to promote diversity and inclusion initiatives, support underrepresented groups, and contribute to positive social change.

  Wellbeing

  Health and Safety Measures: We implement robust health and safety protocols in the workplace, including ergonomic workstations and compliance with regulations.; Mental Health Support: We offer counseling services and mental health resources to help employees manage stress, anxiety, and other challenges.; Work-Life Balance: We promote work-life balance through flexible work arrangements, including remote work options and flexible hours.; Wellness Programs: We provide wellness activities and programs to promote physical health, such as fitness challenges and nutrition workshops.; Employee Assistance Programs: We offer confidential support services through employee assistance programs for personal and work-related issues.; Professional Development: We invest in the professional growth of our employees through training, workshops, and tuition reimbursement programs.; Recognition and Appreciation: We regularly recognise and appreciate the contributions of our employees to cultivate a positive work environment.; Social Connections: We encourage social connections and community engagement through team-building activities, social events, and volunteering opportunities.; Wellbeing Policies: We have policies in place to support employee wellbeing, including flexible work policies and anti-harassment policies.; Leadership Support: Our leadership team prioritizes employee wellbeing and serves as role models for healthy work habits and self-care practices.; Feedback Mechanisms: We provide avenues for employees to provide feedback and suggestions for improving workplace wellbeing, ensuring their voices are heard and valued.; Health and Wellness Resources: We offer access to resources such as health screenings and wellness workshops to empower employees to take proactive steps towards their wellbeing.; Community Involvement: We engage in community initiatives and partnerships focused on health, wellness, and social responsibility, providing opportunities for employees to make a positive impact beyond the workplace.

Pricing

• Price: £525 to £1,400 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@cypro.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.