Digital Space Cloud Services Limited

Digital Space Private Cloud Managed Service

Digital Space Private Cloud Managed Service (VDC) - this is hosted from four UK based data centres. Virtual machines can be managed by Digital Space, unmanaged by customer or a mixture of both. This service can also integrate with AWS, Azure and IBM Cloud to provide hybrid cloud capabilities too.

Features

• Private cloud single-tenant compute solution provides stronger isolation assurance
• Disaster tolerant - four UK data centres
• Flexible connectivity options
• Data sovereignty is UK - data doesn't leave the UK
• Dedicate hosts can be provided at customer request
• SAP HANA hosting available
• Build and configure unmanaged virtual machines using secure self-service portal
• Private cloud powered by VMware technology
• Hybrid cloud available integrating with AWS, Azure and IBM Cloud
• Integration with IBM Power Systems (IBM I)

Benefits

• Security assured: hosted in the UK
• Highly scalable private cloud, private compute dependent on needs
• Procure private cloud, private compute as either CAPEX or OPEX
• Offers unique hardware configurations (e.g. SAP HANA)
• Choose the technology required as part of your multi-cloud solution
• Dual site private cloud resiliency option available
• Fast network backbone linking data centres and public cloud

£595.00 a unit a day

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@digitalspace.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

491741686421601

Contact

Gary Beddow
0333 220 0222
frameworks@digitalspace.co.uk

Service scope

• Service constraints: The virtual machines supported (guest operating systems and hardware levels) are aligned to the current VMware Compatibility Guide for ESXi.
• System requirements:
  • Digital Space must provide Microsoft Windows OS licensing
  • Customer can provide Linux OS licensing and/or support
  • Digital Space can provide Linux OS licensing and/or support
  • Customer will require appropriate network connectivity
  • Customer is responsible for data security over their connectivity method
  • Customer is responsible for providing application configuration
  • Customer is responsible for providing application licensing
  • Customer is responsible for providing application support

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our service desk operates 24/7/365 and is available at weekends. Tickets raised into our service desk are triaged within 30 minutes. They are then dealt with in line with their priority level in line with our service promise and the Service Level Agreements (SLAs) put in place for that contract.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Support is categorised into levels 1st, 2nd or 3rd. Technical expertise ranges from basic end user support through to deployment of virtual machines and configuration. Digital Space also monitor, maintain and patch in line with our standard policies and your requirements. The relevant support is discussed at the time of solution design. Remote hands available for data centres.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Both Digital Space and the customer will attend a project kick-off meeting at the start of the service. This meeting will set expectations for both parties around timelines, dependencies and deliverables. These deliverables may include but not limited to documentation and training. These requirements are defined on a case by case basis depending upon the scope of service being provided.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: There are a variety of different options for this dependent on the solution that has been provided, and this requirement will be discussed and agreed with the customer once notice of the contract has been given.
• End-of-contract process: An Exit Provision is built into the Service Provider Agreement. At the point a request to terminate the contract an exit plan will be agreed including the format and provision of data and any novation to an alternative supplier.

Using the service

• Web browser interface: Yes
• Using the web interface: There are a number of portals available:; 1) Portal for customer management of unmanaged resources in private cloud. Digital Space will provide customer with login credentials and URL. Customer can then login and manage their unmanaged resources from this portal.; 2) Integration with Digital Space ServiceNow for service desk ticket integration. This is provide as an API with instructions and the customer then follows these to setup the connectivity with their ServiceNow.; 3) Portal for customer monitoring of service availability. This is a read-only portal and is setup by Digital Space. Digital Space will provide customer with login credentials and URL.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: There are a number of portals available:; 1) Portal for customer management of unmanaged resources in private cloud. Digital Space will provide customer with login credentials and URL. Customer can then login and manage their unmanaged resources from this portal.; 2) Integration with Digital Space ServiceNow for service desk ticket integration. This is provide as an API with instructions and the customer then follows these to setup the connectivity with their ServiceNow.; 3) Portal for customer monitoring of service availability. This is a read-only portal and is setup by Digital Space. Digital Space will provide customer with login credentials and URL.
• Web interface accessibility testing: None.
• API: Yes
• What users can and can't do using the API: Only applicable to the ServiceNow integration. This is purely for service desk ticketing between both parties.
• API automation tools: Other
• Other API automation tools: ServiceNow
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Reources are monitored and load balanced to ensure an even distribution of workload across Digital Space Private Cloud.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Alert Logic, Cyber Q, Red Spam, Veeam and Zerto

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Secure racks and/or cages;; ISO27001 and PCI aligned Physical Security policy in all datacentres;; Backups encrypted in transit and at rest to 256-Bit AES;; Data encrypted at rest to FIPS-140-2 standard;; ISO27001 aligned Media Handling and Disposal Policy in place.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines (image level)
  • File level backup
• Backup controls: The customer either manages their own backups when then service is unmanaged or contacts Digital Space to arrange backups on a given schedule. This is normally defined during the onboarding and can be modified during the contract as required.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Data is only encrypted within the customers environment or from endpoint to endpoint with the agreed encryption methods (IPSEC/CAS-T). Packets across our network are not encrypted, but seperated by MPLS label at layer three or VLAN segmentation within data centres. The network infrastructure has physical, configuration, and administrative security applied aligned to our security standards.

Availability and resilience

• Guaranteed availability: The default SLA for availability is 99.99% and this is based upon a single private cloud node. This availability target can be increased by adding additional nodes as well as looking at adding addition resilient services such as network. The availability target is agreed at service inception / design workshop. If the availability target is not met then Digital Space will agree to recompense the customer with service credits - this will be agreed upfront and as part of the service contract discussions.
• Approach to resilience: The data centre (private cloud node) is resilient in a number of components including resilient network POP, dual power supplies and virtual host clusters are in N+1 configuration. This is just one data centre, the resilience is increased by adding more data centres to the configuration. This removes geographical dependencies.
• Outage reporting: Digital Space's monitoring and management suite, proactively manage event and performance information and perform triaged and escalation of events to incidents within our ITSM where our NOC are notified.; ; Once an incident is confirmed, this is available within the Dashboard on our portal, consumable via the API and email alerts are generated.; ; On wider outages, we operation a status page and generate email alerts to subscribed users.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: All customers are required to complete a customer contact list with associated levels of authorisation. The customer is in control of this list, with only key contacts able to make changes. Where customers call by telephone from an unknown number or request major Changes, Digital Space have a secure password agreed with each customer in advance to authenticate that user.
• Access restrictions in management interfaces and support channels: All customers are required to complete a customer contact list with associated levels of authorisation. The customer is in control of this list, with only key contacts able to make changes. Where customers call by telephone from an unknown number or request major Changes, Digital Space have a secure password agreed with each customer in advance to authenticate that user.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus Isoqar Limited
• ISO/IEC 27001 accreditation date: 25/08/2021
• What the ISO/IEC 27001 doesn’t cover: Nothing - all areas of our business covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: ISO27017 Cloud Security

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Digital Space have a set of information security policies, which are reviewed and audited regularly by Digital Space's Compliance team working alongside external auditors. Digital Space also work in partnership with customers to ensure their information security policies are also compliant for the customer's external auditors too. Digital Space have a training and awareness infrastructure in place that ensures that the staff are kept up to date and educated in the latest version of the information security policies.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The primary objective of our Configuration and Change Management (and part of our ISO9001 and ISO27001 processes) is to enable changes to be made with minimal or no disruption to the services we provide. The goals of the this policy include a standard process for requesting, planning, approving, communicating, implementing and reporting changes to services. Policies are in place to perform risk and impact assessments against Confidentiality, Integrity and Availability are carried out and documented prior to any change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Digital Space's Patch Management Policy provides processes and guidelines necessary to maintain the integrity of systems and data by applying the latest Operating System security updates/patches in a timely manner, and establish a baseline methodology and time frame for confirming patch-management compliance. Digital Space will monitor the deployment of patches and investigate any issues during this process. Management of critical patching are dealt with as a security incident. Devices accessible from the Digital Space network receive critical security patches during the next maintenance window, no later than 30 days following release by the vendor or as determined by the incident.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Digital Space's Managed Monitoring Policy defines which systems and services are monitored and provides the processes and guidelines necessary to monitor and alert for events requiring escalation or remediation. Digital Space manages a number of tools and systems to enable the monitoring, and the threshold (the monitoring parameters/polling frequencies and monitoring thresh-holds and limits for when an alert or notification is raised) the collectors or agents will work to is defined within the Service Description for each product, with resolutions to incidents being provided in line with the SLAs associated with each service.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: A detailed/documented incident process is included within our Information Security Manual, and forms part of our ISO 9001/27001 certifications. Any incident is logged in our ServiceNow platform, where all updates are added, with the incident flag selected. As soon as the incident is logged, the relevant people will then: -; ▪ Assess the Incident and its seriousness; ▪ Ensure communications take place with those affected; ▪ Develop tactics for containing the Incident, so any damage does not spread; ▪ Ensure analysis takes place to help ascertain its root cause(s); ▪ Ensure correctives actions are implemented, and aim to prevent recurrence

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Tenants are grouped into logical units or folders for administrative purposes.; ; Within the infrastructure, layer two separation exists to segregate local traffic and layers three to seven are controlled by dedicated security appliances.; ; Resources within the hypervisor, are segregated by the hypervisor.

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Fighting climate change:

  Fighting climate change

  We monitor and publish our carbon emissions annually and have committed, via the Science Based Targets Initiative, to reduce them by 42% by 2030 against 2020 levels. We hold ISO14001 and have a Corporate Social Responsibility group that meets monthly to design and deliver improvement projects including improvements to the energy efficiency of our data centres. We use virtualisation technologies to improve consolidation of workloads and utilisation in our data centres and then use a combination of building management systems, free-air cooling, cold aisle containment and battery storage to maintain high Power Usage Effectiveness (PUE).; ; We enable our customers to reduce their emissions through use of our private and public Cloud services which are typically 80% more energy and carbon efficient than on-premises systems. Our SD-WAN services enable re-use of networking hardware and we provide recycling and re-use of laptops through our partners.; ; We gained a bronze award in 2022 from EcoVadis for being in the top 50% of the companies for whom they track Corporate Social Responsibility.
• Tackling economic inequality:

  Tackling economic inequality

  Digital Space is tackling economic inequality primarily by recruiting Apprentices. Digital Space has a programme in place to source local apprenticeship talent for several of our first line roles. These apprentices are then developed into the business. Key areas of focus for the scheme are our Network Operation Centre and Helpdesk 1st lines, Customer Services and Sales. We will also look to take Product Managers, HR and Administration/Finance apprentices on an ad hoc basis. Our apprenticeship programme works with local schools but also partners with specialised external companies to ensure we get the right talent for the future talent pool of our business. ; ; More generally, Digital Space creates employment for approximately 200 positions in the company head office and warehousing facilities in Newark, with the remaining 150 roles located across all regions of the United Kingdom.; We support home and flexible working, offer salary sacrifice for childcare vouchers, and all staff have the opportunity to opt into private health and dental care schemes. In addition, an Employee Assistance Programme is provided free of charge. ; Each year, the team at Digital Space chooses a charity to support and raise money for through numerous fundraising activities and initiatives.
• Equal opportunity:

  Equal opportunity

  Digital Space addresses equal opportunity by ensuring that everyone is treated with dignity and respect at work. We enforce and regularly review a number of HR policies, ensuring that all employees are treated as individuals, fairly and without bias, including through recruitment, training, promotion and career development and our values or “ways of working” reflect that.; The company aims to create a workplace where employees are confident of fair treatment, have access to opportunities and where the company has a mechanism for solving any problems that occur.; ; Digital Space supports the Equality Act 2010, where “equal opportunities” upholds the idea that all employees should be entitled to and have access to all of Digital Space’s facilities at every stage of employment, including the pre-employment phase.; That means every employee at Digital Space should have:; • An equal chance to apply and be selected for posts pre-employment; • An equal chance to be trained, developed, and promoted whilst employed with the company; • An equal chance to have their employment terminated equally and fairly; Employees have the right to:; • Fair practices and behaviour in the workplace; • Fair allocations of workload; • A workplace that is free from unlawful discrimination, harassment or bullying; • Merit based selection process for recruitment and promotion; • Fair processes to deal with work-related complaints and grievances; ; We have completed the government's Modern Slavery Assessment Tool and are working to educate our staff so that they are more aware of potential issues.
• Wellbeing:

  Wellbeing

  Digital Space provides a number of facilities for its staff to encourage a healthy work environment. Employees at Digital Space benefit from discounted physiotherapy sessions, the bike to work Government scheme and a range of discounts on products and services, including gym membership. The company offers a free corporate healthcare cash plan – Medicare benefits include cashback on prescriptions, consultations, diagnostic tests, scans, and complementary/alternative therapies. This also includes a 24/7 health and stress-related helpline service in order to assist with better mental health.; ; The company's objectives are to promote the health and wellbeing of all colleagues and to provide a safe working environment. This is evident in the investment made in the Newark office refurbishment, creating an agile workspace including several standing workstations to help prevent health conditions arising from prolonged sitting, along with new ergonomically designed chairs with body balance mechanisms.; ; We encourage and invest in our staff's ongoing career development, recommending and supporting training and further education across all teams and disciplines. We also work to encourage information sharing including regular 'all hands' meetings, weekly video presentations and the OfficeVibe survey tool which asks all employees to answer a number of questions about how they feel they're being treated and how this could be improved on a weekly basis.

Pricing

• Price: £595.00 a unit a day
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: A free trial may be available for this service - subject to the requirements and the actual solution required, and subject to agreement by both parties.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks@digitalspace.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.