SIFY DIGITAL SERVICES LIMITED

CloudInfinit

Cloudinfinit is a collection of hosted services based in the UK. It forms part of a wider portfolio of remote-managed IT services for design, implementation and support services tailored to your needs and budget.

Features

• Backup/DR: policy configuration, media selection, monitoring, health checks, media management.
• Compute: Hypervisor and server provisioning, monitoring, upgrades and patching
• Container: Orchestration management, deep Integration, easy development
• NoSQL databases: OracleDB, MongoDB, DynamoDB all supported
• RDBMS: AuroraDB, MariaDB, MSSQL, MYSQL, PostgreSQL all supported
• Firewall: Configuration and maintenance, access to certified specialist, 24x7 monitoring
• SIEM: Centralised monitoring and management, 24x7 Incident response and remediation
• Networking: Includes, High Availability Routing, Load Balancing, SDN, WAN Optimisation
• Block/Object storage: NAS, SAN and Solid State Supported

Benefits

• Backup/DR: Service restoration designed around your RTO and RPO objectives
• Compute: service assurance that maintains rightsizing and steady state running
• Container: Faster Application startup, improved security
• Database: Support and expertise, reduced maintenance and operating costs
• Firewall: security assurance with reporting and cost savings
• SIEM: Vulnerability and Threat management offering total peace of mind
• Networking: Supported by Sify networking expertise backed by service assurance
• Block/Object storage: Cost efficient and easier data storage and recovery

£30 to £76 an instance a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at justin.polley@sifycorp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

488441433965228

Contact

Justin Polley
07375416538
justin.polley@sifycorp.com

Service scope

• Service constraints: Design, planning and migration are offered as separate advisory and planning services. Support on some client-specific hardware specifications may be out of scope.
• System requirements:
  • Buyers may bring their own licenses or buy through Sify
  • Sify supplied hardware specifications available on request
  • Some specific hardware and platforms specifications may not be supported

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 - P4 15 mins response to fault/trouble ticket; General enquiries within 24 hrs
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: P1 -Critical An incident affecting the Core Business application organisation-wide.; P2 - High An incident affecting multiple users/locations or service degrade of the core application.; P3 - Medium An incident affecting high availability of the infrastructure or a single user within a centre.; P4 - Low Service Request or Information Request; ; - All support levels are included in the service price as standard; ; - Sify provide a technical solutions manager
• Support available to third parties: No

Onboarding and offboarding

• Getting started: This is done as part of the onboarding exercise. Online Documentation is available for self-learning.; User Documentation & Training materials are available for self-learning
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The decommissioning process is followed to disconnect and shut down the services.
• End-of-contract process: The subscribed services rate card is defined with deliverables and some components like bandwidth, backup, etc are provided at additional cost. However, the same can also be included as a rate card model.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can self-manage their IaaS, like creating or delete Servers, Storage, and Network, Configure Firewall rules, and CPU/RAM/Disk for Servers. The user can provision the services in a user-friendly interface by providing the configuration details. The user can select the resource and can perform changes to the same like upgrade or degrade CPU/RAM, etc. The users are allowed to utilize the services up to the subscribed capacity. Utilization of resources beyond subscribed capacity is controlled by the Super Admin only.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The user interface is accessible over the internet with text and images relevant to the services. The interface does not support voice control but with keyboard accessibility.
• Web interface accessibility testing: Web interface testing is done through internally developed tools for functionality and performance
• API: Yes
• What users can and can't do using the API: API can be used to upload and manage predefined blueprints. ; API documentation and support are provided to set up the subscribed services. ; API documentation and support are provided to change the subscribed services. Concurrent connections are limited per tenant through API
• API automation tools:
  • Ansible
  • Terraform
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: The user can provision the services, select the resource and can perform changes to the same such as an upgrade or degrade CPU/RAM, etc. ; Access via CLI are allowed to utilise the services up to the subscribed capacity. Utilisation of resources beyond subscribed capacity is controlled by the Super Admin only.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Resource scheduling on the infrastructure layer and sizing of the infrastructure is considered to ensure committed performance is delivered.
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: Dashboard

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Centersquare

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files & Folders
  • Virtual Machines
  • Databases
• Backup controls: A backup selection list and schedule form is made available for the users to decide. The services are configured based on the user confirmation.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: SLA are defined for every service along with the service credits. Different services are committed for different SLA and can be made available as part of the contract.
• Approach to resilience: All components are configured in HA mode to avoid single point of failure.
• Outage reporting: Email Alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role-based access controls are defined to provide authentication and authorisation to access any service.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: TÜV SÜD
• ISO/IEC 27001 accreditation date: 22/01/2022
• What the ISO/IEC 27001 doesn’t cover: A.14.2.7 (outsourced development) . As per SoA V7.0
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: TÜV SÜD
• PCI DSS accreditation date: 15/06/2023
• What the PCI DSS doesn’t cover: Req 1, 2, 3, 4, 5, 6, 7, 8, 10, 11
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27001:2013 that covers our cloud related security controls
  • SOC -1 Type II Report
  • SOC -2 Type II Report
  • SOC -3
  • PCI DSS V3.2.1
  • ISO 27017:2015
  • ISO 27018:2019

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001:2013

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The support team performs based on the ITIL framework and is registered/tracked through ITSM tools
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Assets are scanned for Vulnerabilities using the Vulnerability Management Software; Mitigation timelines are categorised based on the severity of the identified vulnerability.; We have subscribed with multiple Threat Intelligence Services to get information about potential threats
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Monitoring tools and processes are in place for ensuring service availability and performance.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The Process is based on ITIL and is managed through the ITSM Tool available through a secure web portal. The process follows a well-defined management process that includes: Incident Identification, Incident Logging, Incident Categorization, Incident Prioritization, Response and Resolution and, Closure.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: VMware ensures isolation between VMs and organizations through the following mechanisms: ; Hypervisor: this is a thin layer of software that sits between the physical hardware and the VMs. It manages the allocation of resources (CPU, memory, storage) to each VM. ; Resource Pools: Organizations can create resource pools within vSphere. Network Segmentation: VMware allows organizations to create separate virtual networks (VLANs) for different groups of VMs. ; Storage Isolation: VMs use virtual disks (VMDK files) stored on shared storage. ; Access Controls: Organizations can set granular access controls to restrict which users or groups can manage specific VMs or resource pools.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Sify’s (Partner) Data Center in Reading has not been certified by the EU DC CoC but does comply with the same energy-saving ethics and code of conduct set out by the two main areas IT Load and Facilities Load. Our Reading facilities also boosts high sustainability and efficiency credentials for its wireless sensors and smart lighting. ; In 2023 a new strategic investment into liquid cooling was implemented that will now vastly reduce our carbon footprint impact. Liquid Cooling now efficiently manages the thermal output of our facility by directly absorbing heat from components that significantly reduce the energy required for cooling. This effectively translates into lower operational costs and a smaller carbon footprint.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Sify, we recognise that addressing climate change is not only a global imperative but also a fundamental responsibility. As stewards of the environment, we are committed to making a positive impact by reducing our carbon footprint and promoting sustainable practices. Our approach to fighting climate change encompasses several key principles: Net Zero Emissions, We are dedicated to achieving net-zero greenhouse gas emissions across our operations; Innovation and Collaboration, We believe that innovation is essential for combating climate change. We actively collaborate with industry partners, research institutions, and startups to develop solutions; Supply Chain Sustainability, our commitment extends beyond our immediate operations. We work closely with our suppliers to ensure that they share our climate goals; Employee Engagement: Our employees are our greatest asset. We empower them to contribute to our climate initiatives through education, awareness campaigns, and volunteer opportunities.

  Covid-19 recovery

  As we navigate the aftermath of the COVID-19 pandemic, Sify remains steadfast in its commitment to fostering a resilient community and economy. Our dedication to corporate social responsibility is unwavering, and we pledge to: • Support Health and Well-being: Prioritise the health of our employees, customers, and community members by maintaining safe work environments and promoting mental health awareness. • Enhance Digital Inclusivity: Bridge the digital divide by providing technology access and training, ensuring everyone can benefit from the digital economy. • Strengthen Community Ties: Collaborate with local organisations to support those most affected by the pandemic, focusing on education, healthcare, and social services. • Champion Sustainable Practices: Integrate sustainability into our operations and supply chain, reducing our environmental footprint and contributing to a healthier planet. In unity, we have emerged stronger and more connected than ever before. Sify is dedicated to building a future that reflects our core values of integrity, innovation, and inclusivity, as we believe that our collective efforts today will pave the way for a brighter tomorrow.

  Tackling economic inequality

  At Sify, we recognise that technology has the power to transform lives and societies. As we advance into the future, we are committed to using this power to address and reduce economic inequality. Our corporate social responsibility is rooted in the belief that everyone deserves equal opportunities to thrive in the digital era. We are dedicated to: • Empower Through Education: Provide accessible and inclusive educational programs to equip individuals from underserved communities with the skills needed to succeed in the tech-driven economy. • Foster Entrepreneurship: We offer initiatives to support startups, particularly those led by underrepresented groups, with resources, and financial assistance. • Promote Fair Employment: Ensure fair hiring practices and create a diverse workforce that reflects the communities we serve, offering competitive wages and growth opportunities. • Invest in Community Infrastructure: Build and enhance technological infrastructure in areas lacking access, enabling communities to connect and participate in the global economy. • Advocate for Policy Change: Work alongside policymakers to advocate for regulations that promote economic equality and protect against the digital divide. Sify is more than a technology provider; we are a catalyst for positive change. By integrating these commitments into our business model, we aim to create a world where progress benefits all, not just a few. Together, we can build a future of shared prosperity and enduring success.

  Equal opportunity

  At Sify, we believe in the transformative power of technology to create a level playing field for all. Our mission extends beyond innovation; it is about ensuring that every person, regardless of background, has the opportunity to reach their full potential. We are committed to: • Cultivate Diversity and Inclusion: Foster a workplace culture that embraces diversity, equity, and inclusion, where every voice is heard and valued. • Access to Technology: Strive to make our products and services accessible to all, breaking down barriers that prevent people from using technology to improve their lives. • Education for All: We partner with educational institutions to provide internships, and training programs, especially for those from historically marginalised communities. • Transparent Governance: Uphold the highest standards of corporate governance, ensuring fairness and transparency in all our business dealings. Sify is dedicated to building an inclusive future where technology empowers everyone equally. We pledge to continuously evaluate and improve our practices to ensure that we try to be a force for good in the world, driving equal opportunities for growth, learning, and success.

  Wellbeing

  At Sify, we understand that well-being is the cornerstone of a productive and happy society. Our commitment to enhancing well-being extends through every aspect of our operations and into the communities we serve. We are dedicated to: • Promote Work-Life Balance: Implement policies that support flexible work arrangements, allowing our team to thrive both professionally and personally. • Mental Health Initiatives: Introduce mental health programs and resources to support our employees' emotional and psychological health. • Healthy Living Technologies: Develop and provide technologies that encourage and facilitate healthier lifestyles for our customers and communities. • Sustainable Solutions: Ensure that our products and services are designed with sustainability in mind, contributing to the well-being of our planet. Sify is committed to being a catalyst for positive change, fostering an environment where well-being is accessible to all. Through innovation and empathy, we pledge to contribute to a world where technology serves as a tool for health and happiness.

Pricing

• Price: £30 to £76 an instance a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at justin.polley@sifycorp.com. Tell them what format you need. It will help if you say what assistive technology you use.