Answers and Solutions ltd

Dedicated Server / Hardware Hosting Service. Any OS. Any application. Any Platform

This is a fully hosted server. It is unshared and supplied with a virtualisation platform. It will allow skilled IT administrators to install an operating system of choice and to maintain their own applications.

Available with up to 2 TB of RAM memory and a variety of Hard Disc sizes.

Features

• No Sharing of Software Systems with other G-Cloud users
• Higher capacity than a VPS Pool

Benefits

• No resource sharing so bespoke settings possible.
• Full access to the power of the Physical Server

£500 to £3,000 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Christopher.Wainwright@letsdiscuss.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

485902942805806

Contact

Christopher Wainwright
02920733722
Christopher.Wainwright@letsdiscuss.co.uk

Service scope

• Service constraints: We cannot support software apps installed on a Physical server. You will be responsible for Operating System support and application support.; ; From the GDPR perspective, they are provided on the understanding that you are acting as the data processor, and will fully secure the system and your data.
• System requirements: Your staff must understand how to support all products installed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Online support requests will be acknowledged and users will be able to view the status of tickets.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: No
• Support levels: Support is limited to server reboots, OS reinstalls and adjustment to the hardware provisioned.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide logon details on creation of a valid account. VPS only accounts must be pre-funded.
• Service documentation: No
• End-of-contract data extraction: Users can extract their data using the tools provided by their choice of software
• End-of-contract process: No professional services are included. Compute resources will be released on cessation.

Using the service

• Web browser interface: Yes
• Using the web interface: A dedicated server is primarily managed via a SSH client. The system will have a VPS management system installed.; ; Initiate server reboots / server status can view viewed from a web client
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: A dedicated server is primarily managed via a SSH client.
• Web interface accessibility testing: A dedicated server is primarily managed via a SSH client. There are several clients available.
• API: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: Users have full root access. They can do anything that their chosen OS is capable of doing.; ; By default we do not provide access to the hardware KVM, but that can be provided. The security implications will need to be discussed and agreed upon.

Scaling

• Scaling available: No
• Independence of resources: You will be the only user on the server, all the physical resources is devoted to your usage. You will be sharing the data pipe, but this has adequate capacity. If you wish, you can order a dedicated data pipe.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Virtual machines can be backed up and restored.
• Backup controls: There is no control over this. Backups user data needs to be taken using backup facilities available via the installed applications
• Datacentre setup: Single datacentre
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Our networks systems are within a datacentre with the minimum of physical access. Virtual networking can be deployed, but if required, this would also indicate that the client has security concerns above the usual run-of-the-mill. They may need one of our other solutions with higher levels of isolation implemented.

Availability and resilience

• Guaranteed availability: The buyer will be eligible for one free days hosting for every hour the service was inaccessible to the buyers users, capped at 100% of the days in a free month. Planned maintenance events taking place at weekends or overnight are excluded. Details are in the service description document.
• Approach to resilience: Full details on request
• Outage reporting: A public dashboard available to customers will indicate any outages.

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access is restricted via strong passwords
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: WorldPay
• PCI DSS accreditation date: 31/12/2019
• What the PCI DSS doesn’t cover: A VPS is out of remit for our PCI DSS accreditation since there is nothing to be accredited.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Good Practice security governance is practiced. Our Physical server(s) are located in a restricted access datacentre. Strong passwords are enforced and stored safely.; ; ID's of clients appointed officers are stored and will be used to validate requests for support and assistance.
• Information security policies and processes: The staff at our office do not have physical access to the hardware, ensuring that data at rest is protected.; ; Username and password combinations are securely stored.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Not Applicable to a Dedicated Server
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Not Applicable to a Dedicated Server
• Protective monitoring type: Undisclosed
• Protective monitoring approach: For security reasons, we do not publish details of protective actions taken since such details substantially increases the risks we face.
• Incident management type: Undisclosed
• Incident management approach: Not Applicable to a Dedicated Server

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Linux KVM
• How shared infrastructure is kept separate: This service is hosted using purpose designed VPS management software

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our services help climate change by reducing and where appropriate, reducing or even eliminating the volume of home-office commuting necessary. Our data-centres are powered by suppliers who use renewable energy.

  Covid-19 recovery

  Large in-person meetings by people traveling long distances carries a high risk of spreading Covid-19. Through digital communications, our services are helping towards the recovery through reducing mixing between widely spaced geographical locations.

  Tackling economic inequality

  We encourage our staff to do pro-bono work for UK-based charities because it allows them to assume high levels of responsibility and thus gain experience not easily obtained in a high-consequence workplace. Staff who are undertaking such activities are still paid a salary; this has multiple benefits. It benefits the people who use the services of the charity being supported. It also benefits the individual who can strengthen their skills in a safe environment.; ; We also employ people in the regions of the UK still affected by the post-industrial economies. We are able to redistribute economic activity and thus enhance the economic well-being of people in these economically disadvantaged areas.; ; We actively look for SME sized organisations when seeking suppliers and sub-contractors because they offer better value for money, and are usually staffed by highly motivated individuals. Contracts awarded to Answers and Solutions will help the UK Government in its drive towards its leveling up agenda.

  Equal opportunity

  Answers and Solutions are committed to equal opportunities and do not discriminate in any way. We provide opportunities for people whose family commitments make it easier for them to fit their work duties around family duties through not prescribing fixed working hours; we work to goals achieved and not the number of hours spent watching the clock. We allow staff to take extended time off during school holidays or when other caring duties require that.

  Wellbeing

  Self-fulfilled individuals will always make good employees, good employees make for conscientious staff, and that is always good for a Buyer.; ; We encourage al of our staff to develop their skills and stretch their abilities. We encourage our staff to do pro-bono work for UK based charities because it allows them to assume high levels of responsibility and thus gain experience not easily obtained in a high-consequence workplace. We pay our staff while they do such work.

Pricing

• Price: £500 to £3,000 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Christopher.Wainwright@letsdiscuss.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.