ANS Group

Sovereign Cloud

ANS' Sovereign Cloud offers the ability to deliver a highly secure, dedicated VMware private cloud platform, using the right mix of technology based on a simplified range of equipment to ensure you receive the perfect balance of technology and service.

Features

• Create as many virtual machines as resources allow.
• Run storage synchronously across two separate data centres.
• Maximum network performance and reliability with dedicated Cisco Equipment
• Designed to meet standards equivalent to Tier1 (OFFICIAL and OFFICIAL-SENSITIVE
• Automated VM & Application backup
• Multiple network connectivity offerings via Internet, HSCN, PSN and MPLS.
• 28 day retention as standard.

Benefits

• 100% UK-based and operated ISO accredited data centres
• Scalable to meet the changing demands.
• Fixed Pricing approach to ensure billing remains predictable
• SC-cleared operational staff

£0.01 to £0.30 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

494535914596421

Contact

Steve Carroll
+44 (0) 1612271000
tenders@ansgroup.co.uk

Service scope

• Service constraints: All planned maintenance is covered by a mandatory 5 day notice period. We reserve the right to conduct unplanned emergency maintenance where necessary, but will always make reasonable efforts to inform impacted customers before work commences. Support is limited to services, hardware and applications provided by ANS and does not extend into the customer's application stack.
• System requirements:
  • Proof of license ownership for customer-provided Microsoft licenses
  • Customers must adhere to fair use policy and ToS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Calls are responded to within 6 rings. Service Ticket response time is dependent on the criticality: 1. Critical - Immediate Response 2. High - Response within 10 minutes 3. Medium - Response within 1 hour 4. Low - Response within 4 hours 5. Very Low - Response within 24 hours. The standard SLA response times are applicable from 09:00 to 17:00 Monday to Friday (excluding UK Bank Holidays). 365/24/7 Support is also available as a service at an additional cost.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: All ANS customers have access to ticket and telephone-based support, unless they choose to take an unmanaged service.; ; Customers have access to a named Account Manager who takes overall responsibility for the customer's commercial, technical and support relationship with ANS.; ; Customers are assigned a support "pod" based on the type of solution they have with ANS. This ensures customers will always be supported by the same core team of support engineers who are technical experts in their particular solution.; ; Enterprise and public sector customers also have access to a named Service Manager in addition to their Account Manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer services to enable seamless on-boarding and collaborate to design a bespoke solution to meet your requirements. An onboarding process would typically include - Discovery process / Timeline setting / Risk assessment / Implementation process / Quality Assurance
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract any customer data stored will only be extracted by ANS with the prior consent of the customer.; ANS shall purge and destroy (as defined in security accreditation for different ILs) customer data from any of its own equipment after the contract ends.
• End-of-contract process: A similar process to on-boarding is provided for customers wishing to leave ANS. We provide full transitional services at an additional charge (please refer to the pricing document for more details). An example phased off-boarding process is as follows:; 1. Discovery: ANS meets the customer’s new provider who will lead the project; 2. Timelines: Timelines are agreed where possible and alternatives offered when needed; 3. Risk: ANS identifies any risks that may not be apparent to the new provider or that are inherent to the ANS solution; 4. Implementation: ANS assists the new provider if needed; 5. Quality Assurance: ANS offers a debrief and review meeting if the new provider requires.

Using the service

• Web browser interface: Yes
• Using the web interface: Glass is the customer's web interface where they can manager all aspects of their solution - for example creating/managing/deleting/scaling virtual machines, managing reports and monitoring alerts, firewall configuration and more.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Glass is in the process of being rebuilt from the ground up. This will deliver a fully-accessible web interface.
• Web interface accessibility testing: Testing against WCAG has been performed to understand requirements for Glass rebuild.
• API: Yes
• What users can and can't do using the API: Create VMs; Manage VMs; Delete VMs; Scale VMs up / down; Power VM on / off; Clone VM; Create and manage templates; Manage nodes; Manage Datastores; Manage firewalls; Manage system resources
• API automation tools:
  • Ansible
  • Chef
  • SaltStack
  • Puppet
  • Other
• Other API automation tools: Any appropriate tool can be used
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
  • Other
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: N/A
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS
  • Other
• Other usage reporting: Private network or public sector network; TLS (version 1.2 or above); IPsec or TLS VPN gateway

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics: Application Services
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: ANS encrypts all of its data at rest and in backup format. ANS has controls in place across its business systems in its datacentres to ensure physical protection against tampering.
• Data sanitisation process: Yes
• Data sanitisation type: Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Folders
  • Virtual Machines
  • Databases
  • Operating Systems (Linux and Windows)
  • Microsoft Exchange Servers
  • Active Directory
• Backup controls: ANS will agree and implement a robust and granular backup schedule on the customer's behalf
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: ANS architects its solutions to industry baselines such as the CAF, WAF, Secure By Design. All access into customer solutions is conducted via ANS devices which are protected and monitored by our SOC and have full XDR. During design phase and architecture, firewall designs ensure that only required ACLs are in place to restrict network connectivity and segmentation.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Within ANS internal network, There's full protective monitoring in place to understand data transfers between users and systems. ANS uses RBAC and principle of least privilege to restrict access to data to those who need it and use sensitivity labelling to prevent the transfer of confidential and sensitive information to specific segments. ANS uses DLP tooling to identify and prevent data being transferred outside of its documented boundary. All access to ANS internal information requires authentication via a valid user account, and from a compliant device as part of our implementation of ZTNA.

Availability and resilience

• Guaranteed availability: Infrastructure availability - 99.95%; Availability is based on the total number of operating hours of a given calendar month and excludes planned and emergency maintenance.; Service credits of up to 10% of the standard monthly support fee are payable for any month where the availability SLA is not met.
• Approach to resilience: ANS owns and operates a 5.52MW tier 3 1,000 rack data centre estate. This contains multiple physically separate buildings, connected by dedicated fibre. High voltage power connections are provided from separate primary sub-stations. All mission-critical services including Standby Generation, Cooling systems and UPS (uninterruptible power system) are provided at N+1 or greater across the whole facility. The complex has a power density of over 6KW per square foot, providing diverse A & B power to each data rack, and all eCloud service platforms are supported from quadruple power feeds. The data centre complex is supported by 9MW of standby generation with over 100,000 litres of fuel storage and eight hour fuel supply SLA. All critical services are supported by 4.6MW of UPS power and 4.9MW of data centre cooling. The public sector hosting suite has fully resilient networking, switches, carrier-redundant leased lines, power and backup generators, all separated from the rest of the ANS network and data centre complex.
• Outage reporting: A public status page is available on the ANS website, which shows live status of our core network and infrastructure along with details of any incidents. Customer notifications are managed via our ticketing system accessible via Glass.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Separate accounts are required for Administrative Access, with authentication and authorisation controls applied to all Administrative functions. SSH access to the Virtual machines command line, and RDP sessions requires key-based authentication from a specified source location into a bastion host, which then requires further authentication and account escalation at each onward connection to the specific administrative services.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Other
• Description of management access authentication: Management access is typically from dedicated OOB Management networks, external access is restricted by source address and requires key based auth to a bastion host server from which secondary logins and privilege escalation is required.
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LQRA
• ISO/IEC 27001 accreditation date: 18/08/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Blackfoot UK Limited
• PCI DSS accreditation date: 10/08/2023
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO27017.
  • ISO27018.
  • NCSC Certified.
  • SOC 2 Type 2 Report.

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 27017, 27018, NIS CAF, PCI DSS Level 1 SP
• Information security policies and processes: ANS have a fully documented ISMS in line with ISO 27001 with policies covering all elements of the control set listed within our SoA. All published on our internal intranet which is updated regularly with ongoing training conducted to ensure user awareness of all policy and procedure. notifications are sent when any changes are made to policy and procedure

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Internal ANS Change is managed through the application of standard project management process with all projects progressing through approval, CAB review and sign off by stage. All ANS Business Change includes the following managed stages (whether these are deployed on a formal or informal basis is determined by the size of the project, by cost, resource application and risk):; ; • Executive or Higher Management sponsor; • Business Case and Success Criteria; • Scope definition; • Documentation; • Risk & Opportunity assessment; • Milestone or stage review; • Stage sign off; • Final Review; • Testing; • Deployment; • Lessons Learned
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: ANS has a vulnerability management process which is certified against all of our security certifications. Vulnerability management is conducted at host level for internal scans, as well as external scans being ran against all public facing services. ANS uses EASM across its whole business estate, includes threat intelligence notifications against breaches relevant to technologies ANS uses, relevant APTS, dark web monitoring and VIP monitoring. ANS patches inline with industry standards, where all CVEs are risk assessed in their relevance and potential impact to the affected assets. For critical and high vulnerabilities, that risk to ANS assets, patching is conducted immediately.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: ANS employ protective monitoring services in compliance with Protective Monitoring for HMG ICT systems (formerly GPG-13).
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: ANS has developed and documented pre-defined processes for common events that may affect the confidentiality, integrity, or availability of its information assets. These are based on best practices and guidelines from ISO 27001.; Examples includes:; • malware infection; • denial-of-service attack; • unauthorized access; • data breach; • data loss; ; For each event, ANS has defined:; ; • the roles and responsibilities of the incident response team; • the incident classification and escalation criteria; • the incident response procedures and steps; • the incident communication and notification channels; • the incident recovery and closure actions

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: As part of ANS's continual improvement programme, ANS will develop and implement an environmental management system which is in line with ISO 14001:2004 standard and contains only those initiatives which can be objectively audited.; ; In addition ANS will continually monitor and measure its Carbon Footprint as directed by the ISO 14064-1:2006(E) standard and guidance issued by both the DECC and Defra. Further, ANS will ensure that all ANS Business Operations may be demonstrated to be Carbon Neutral by adherence to the PAS 2060:2010 specification.; ; Through the ANS environmental programme, ANS will strive to:; ; Achieve 100% carbon neutrality for business operations.; To reduce business operation CO2e by 2%, year on year.; Achieve the award of a Carbon Trust Stamp for the ANS EMS and carbon offset actions.; Achieve 100% carbon neutrality for client solutions.; Continue to achieve independent, third party PAS 2060 certification in respect to demonstrating carbon neutrality.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are a company built on our culture and values, with a strong committing to protecting the world and demonstrating our social responsibility. ANS are PAS2060 Carbon Neutral Certified and compliant for a number of years and are aiming to be net zero by 2050. Furthermore, we have and extensive variety of processes and procedures in place to support our commitment, which include: ; • Recycled 10 Tonnes of old servers with all profits going to charity. ; • Relocated data centre cooling equipment in 2022 to reduce the solar gains and save energy. ; • Removed old, inefficient computers so all staff PCs are now modern efficient laptops. ; • Recycle 100% of our WEEE waste using appropriate 3rd party providers.; • PAS2060 certified and compliant. We appointed Carbon Footprint Ltd, a leading carbon and energy management company, to independently assess our Greenhouse Gas (GHG) emissions in accordance with the UK Government’s ‘Environmental Reporting Guidelines: Including Streamlined Energy and Carbon Reporting Guidance’.; • In 2023 we offset 1265 tons of Carbon Dioxide by supporting numerous projects. ; • Cycle to Work scheme available to all employees including great bike sorage facilities on site.; • Introduced a salary-sacrifice electric car scheme.; In addition to the above, we believe environmental awareness is something which needs to be considered further, at home and at work. We provide environmental internal training and communication, which includes:; • Environmental Aspects and Impacts ; • Employees’ responsibilities ; • Environmental Policy ; • Waste Disposal ; • Travel and Transport ; • How ANS helps employees reduce their carbon footprint ; • CSR; • Our Certification

  Covid-19 recovery

  ANS is a proud Manchester based organisation and supports the local community, businesses and charity’s which has helped in the recovery from COVID-19. ANS continued to operate throughout Covid, with measures in place and allowing for remote working.; Creating Employment for those affected by COVID; ANS worked on numerous projects in the lockdowns to assist frontline organisations. One example was a council, to quickly and easily coordinate requests for support and volunteering in the community in response to the Covid.; Furthermore, ANS worked alongside universities to enable students to resume studying, in addition to working with NHS Trust to assist with the tracking and coordination of the Royal Free Hospital’s 15,000 staff during the pandemic.; This meant ANS was able to recruit and provide opportunities.; Support organisations to recover and a new way of working; ANS worked with a council to build a mobile-friendly application using the Microsoft Power Platform which works by pulling together data on individuals who are considered to be vulnerable, from a range of sources and formats, along with a request service.; Furthermore, ANS worked with a university to enable remote working for students.; A council worked with ANS to launch a complex case management system for coronavirus contact tracing which helped contain and manage Covid-19 outbreaks across their population of over 300,000 residents.; ANS had controls in place which included social distancing, we also operated a remote service where this was possible alongside ensuring measures were in place for those unable to work from home, including:; Social Distancing; Covid testing; Workspaces sanitised daily; Adequate ventilation is the building; ANS have numerous flexible working policies in place, including remote and hybrid working which has allowed a large majority of the company to remain working from home post-Covid, however, some roles do require being in the facility.

  Tackling economic inequality

  ANS has a strong commitment to tackling economic inequality, and this is demonstrated through our employees and companies we work alongside.; Our people; ANS have continued to grow as a business and are now a team of over 700 employees.; ANS take Continual Professional Development (CPD) seriously, from skills development to apprenticeships. ANS are committed to giving every employee 12 days per year to devote to professional self-development or business innovation.; ANS have a strong commitment to apprenticeships and have the ANS Academy. Upskilling the local workforce, we invest heavily into our junior staff giving them the best development opportunities. The ANS Academy provides industry-leading training and hands-on experience for the next generation of passionate tech leaders. We were recently rated ‘Outstanding’ by Ofsted.; We engage with schools and colleges based in Manchester, ANS has direct access to the rich and diverse mix of cultures. This ensures that all groups have access to the information on our apprenticeships. In 2022, this resulted in 45% of Apprentices hired identifying as BAME.; We partner with 2 girls’ schools in our community by running immersive days at our office where groups of students can speak with women from at ANS.; Fostering an inclusive workspace, our diversity groups represent various communities, including LGBTQ+, BAME, disability groups and gender.; Increase supply chain resilience and capacity; We also take into consideration the standards and qualification level of those in the supply chain that we choose to work with and/or recommend. At a practical level, we maintain relationships with local businesses, we value our position as a key contributor to the ‘Northern Powerhouse’. For our own on-site operation, we have contracted with many SMEs and VCSEs.; Demonstrating the value of these partnerships, advantages include:; Fewer overheads; Local employment growth opportunities; Innovation; Reduced carbon footprint; Less bureaucracy

  Equal opportunity

  ANS are proud to be a Disability Confident Employer. The scheme, set up by the Department for Work and Pensions, is designed to help employers recruit and retain disabled people and people with health conditions for their skills and talent. As a Disability Confident committed employer, ANS is providing inclusive and flexible recruitment processes such as offering video interviews and supporting flexible working patterns where possible. We also ensure our workplace is suitable to support any employee that may have a disability.; ; ANS recognises equity and fairness throughout the business and that discrimination in any form is unacceptable. Equal opportunities has long been a feature of our employment practices and procedure, that’s why we have an equal opportunities policy in place. Breaches of the policy will lead to disciplinary proceedings and, if appropriate, disciplinary action.; ; The aim of the policy is to ensure no job applicant, employee or worker is discriminated against. We ensure the policy is circulated to any agencies responsible for our recruitment and a copy of the policy will be made available for all employees and made known to all applicants for employment.; ; ANS have a strong commitment to equality in the workplace. We have a full modern slavery policy, but in addition to policies, we have internal iniatives in place to tackle workplace inequality such as having internal EDI groups:; ; • Women in ANS; • Diversity and Beyond (DAB); • The Rainbow Alliance; • The Association for Better Living and Education (ABLE) Group; • ANS Squirrel Club (Neurodiversity); • Parents in ANS; • Let’s Talk About Mental Health; ; ANS also has a strong commitment to equality in the workforce through being a living wage employer, alongside a disability confident employer.

  Wellbeing

  ANS is committed to the wellbeing of our employees and this extends to the wider community, we are strongly committed to the wellbeing of our teams, and provide numerous benefits to help with physical and mental health, which include but are not limited to:; ; • An extra day’s holiday on birthdays and an extra 5 days for tying the knot ; • ‘Celebration Day’ - staff can use for any occasion that is meaningful to them; • Hybrid, flexible and remote working ; • Free onsite gym ; • Private healthcare ; ; Furthermore, we emphasise the importance of mental wellbeing. Internally, we obtained a group of volunteers so that we could provide training to become Mental Health First Aiders (MHFA), accredited by MHFA England. They provide online drop-in and in-person sessions, which is accessible for both staff who work in our office and those who work remotely. The sessions continue to support our employees with their personal issues. In addition to health benefits, ANS are committed to ensuring our employees are able to develop in their careers, and therefore, we provide numerous measures, which include but are not limited to 12 development days per year. These days can be used for courses, examinations, partner training and many other reasons. Additionally, we provide regular PDR’s which enable ANS employees to reflect and set future goals on their career. ; ; ANS have a strong commitment to the local community, this is demonstrated through our community outreach in recruitment for the academy alongside our local community when selecting local suppliers. ANS look to use local suppliers where this is possible, and is demonstrated through the selection of local food vendors for our events, local event management specialists, our active support to local charities, such as the Manchester Youth Zone and using local waste service companies.

Pricing

• Price: £0.01 to £0.30 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@ansgroup.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.