Cloud Backup & Recovery, Data Protection, Network & Email Security, DRaaS
Provision of cloud-based backup, email protection, data retention, archive, migration and DRaaS (Disaster Recovery as a Service).
Partner technologies include Barracuda, AvePoint, Redstor, Trustwave, Unitrends & Spanning. Protection for MicroSoft Office 365, Google Workspace, Google Classroom, Dynamics 365, Salesforce, SIMS data and Azure workloads.
Features
- Cloud Backup for Microsoft 365
- Spam, Malware & Phishing Email Protection
- Cloud Backup for Google Workspace and Google Classroom
- Cloud Backup for Dynamics 365
- Cloud Backup for Salesforce
- Email Archiving
- Server, Virtual Machine and Endpoint Backup
- Lond term data archiving
- Microsoft co-pilot ingetration
- Customisable backup scheduling & retention
Benefits
- Automate backup and Disaster Recovery operations
- Meet specific data retention policies
- Meet offsite Disaster Recovery compliance requirements
- Retain budgetary control of backup environment
- Enhance protection in mixed physical and virtual environment
- Reduce recovery times
- Monitor backups through single pane-of-glass
- Leverage existing Cloud providers including AWS, Azure, Google
- Easily manage multiple and remote sites
- Recover instantly from local disaster
Pricing
£17.50 a user a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 9 6 7 5 9 3 6 3 5 1 0 2 0 2
Contact
PMD Data Solutions Limited
Matthew Gwynn
Telephone: 01789 268579
Email: matthew@pmddatasolutions.co.uk
Service scope
- Service constraints
- None
- System requirements
-
- Compatible with Windows, Mac, Citrix, Linux environments
- Compatible with 200+ apps and hypervisors
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Response goals are intended to provide a target for initial response to an issue or problem. Responses are base on severity level/prior defined when the case is opened. We have 4 severity levels and each have a different target response times:
- Severity level 1 = One (1) Business Hours
- Severity level 2 = Three (3) Business Hours
- Severity level 3 = Six (6) Business Hours
- Severity level 4 = Ten (10) Business Hours - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
-
Salesforce Live Agent for Web chat. This Web chat application conforms to WCAG 2.0 AA
Details including features and constraints can be found in the Salesforce Lighting Service Console Web Content Accessibility Guidelines 2.0 Level A and AA
Voluntary Product Accessibility Template
https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/508%20accessibility/wcag-2-dot-0-vpat-service-console-winter2018.pdf - Web chat accessibility testing
- No testing has been done with assistive technology users.
- Onsite support
- Yes, at extra cost
- Support levels
- There is a single level of support available which is Platinum. Platinum provides a One (1) business hours response for Severity level 1 issues, Severity level 2 has a Three (3) business hour response, Severity 3 has Six (6) business hour response and Severity level 4 has a Ten (10) business hour response. Cloud support engineers are assigned for cloud related issues.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We offer a range of services including a white glove service for Unitrends cloud products. The Engineer team on-boards the customer and then sets up a replication relationship between the customers on site backup and their chosen cloud target (AWS, Azure, Unitrends Cloud etc). Details of the Unitrends cloud service schedule with summaries can be found at the following link. https://www.unitrends.com/legal-notices/service-schedule-unitrends-cloud-services or https://www.unitrends.com/wp-content/uploads/Unitrends-Cloud-Services-Service-Schedule.pdf
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- The Unitrends cloud agreement stipulates the following: Unitrends Cloud saves a copy of the Customer Content that the Customer designates through the Services’ web-based interface. The Unitrends Cloud periodically scans these files for changes and newly designated files and creates a copy of modified or newly designated files. Customer will not be able to restore files that the Unitrends Cloud has not completed Replicating or files that have been changed but not yet Replicated or not eligible for Replication. If Customer’s license to use Services, the Unitrends Cloud Services or any other associated product or service expires, is terminated, is not renewed, or is otherwise discontinued for any reason, Unitrends may, without notice, delete or deny Customer access to any of Customer’s Replicated Content or Retained Content and Customer Content may not be available to Customer. Customer agrees that Unitrends may retain (but shall have no obligation to retain) Customer’s Replicated Content or Retained Content for a period of time following any termination, expiration or lapse of Customer’s subscription in connection with Unitrends’ making such Customer Content available to Customer should Customer later decide to purchase, renew or extend its subscription to the Unitrends Cloud Services.
- End-of-contract process
-
The Unitrends cloud provides long term retention/archiving services as well as DRaaS. At the end of an agreed contract, customers can choose to continue using Unitrends services based on a new negotiated cost or choose to have their data removed based on point 5.4 in Unitrends cloud services eula. A link to the cloud service eula is listed below for reference.
https://www.unitrends.com/legal-notices/cloud-services-eula
Using the service
- Web browser interface
- Yes
- Using the web interface
- Users access their data locally via a web interface to configure and manage backup copies that are sent to the cloud. The local backup acts as self-service portal for the end user. Providing the capability to restore data from the cloud back on premise. The web interface does not provide the end user to invoke/start DRaaS services within the cloud. DRaaS services in the cloud is a white glove service (managed on behalf of the customer).
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- Simple point the web browser, ideally Chrome to the appliance IP address. This will give the end user operational access to the Unitrends product.
- Web interface accessibility testing
- Details of the testing done are not currently available at the time of this response. We are happy obtain and provide the appropriate details at a later stage.
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- Unitrends DRaaS is a white glove service. Resources are agreed upon during the on-boarding process. Users cannot change the resource allocations themselves. The Unitrends cloud team manages the resources and ensure SLAs are met for each customer.
- Usage notifications
- Yes
- Usage reporting
-
- API
- SMS
Analytics
- Infrastructure or application metrics
- No
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Barracuda, Unitrends, AvePoint, Redstor
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
- Physical access control, complying with SSAE-16 / ISAE 3402
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- In-house destruction process
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Files and Folders
- Databases including MS-SQL and Oracle
- Virtual machine including VMware, Hyper-V, Xen Server and Nutanix
- NAS devices using the NDMP protocal
- NAS devices using CIFS or NFS shares
- CISCO UCS tempates
- Physical Servers, Windows, Linux, Unix and AS400, Novell
- Backup controls
-
Users control backups locally using a web interface. Jobs are created and scheduled using this interface, however there also the option to use the rest API or command line as well. Jobs can have different type of schedules, which include full, differential, incremental, incremental forever and transaction log truncation for databases.
Link to our Rest API https://github.com/unitrends/unitrends-api-doc/wiki - Datacentre setup
-
- Multiple datacentres with disaster recovery
- Single datacentre with multiple copies
- Scheduling backups
- Users schedule backups through a web interface
- Backup recovery
- Users can recover backups themselves, for example through a web interface
Data-in-transit protection
- Data protection between buyer and supplier networks
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- Unitrends uses OpenVPN to tunnel and encrypt data transfers between local customer site and Unitrends cloud.
Availability and resilience
- Guaranteed availability
-
Detailed information on SLA agreements can be reviewed on the Unitrends website under the legal section. This link provides quick access to the said information.
https://www.unitrends.com/legal-notices/cloud-services-eula
In summary:
Unitrends will use commercially reasonable efforts to maintain reliable and redundant infrastructure to store Customer Content in the Unitrends Cloud and complete selected Replications via the Services within 72 hours subject to delays caused by Customer or its network or systems or by telecommunications failures, utility outages or the Internet.
If the Services indicate that Customer Content has been successfully Replicated and it is determined that the Customer Content was not Replicated as a direct result of a defect or error with the Services or the Unitrends Cloud, as Customer’s sole and exclusive remedy, and Unitrends sole liability, Unitrends will refund to Customer the total fees paid by the Customer for the Unitrends Cloud Services for the immediately preceding thirty (30) days. Except for the foregoing sentence, Unitrends shall have no liability for any failure of the Customer Content to successfully Replicate to the Unitrends Cloud.
Note customers should review section 3.2 specifically in the cloud EULA for more information. - Approach to resilience
- Available on request.
- Outage reporting
- Outage reporting is provided via the Unitrends portal.
Identity and authentication
- User authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
- Access restrictions in management interfaces and support channels
-
The management interfaces for cloud devices are out of band.
Only the Unitrends cloud team have access to cloud devices.
Customer access to cloud data is managed through their local backup.
Unitrends provides role based access to customers on the local backup which is able to restrict access to recovery points replicated to the Unitrends cloud. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Public key authentication (including by TLS client certificate)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Less than 1 month
- How long system logs are stored for
- Less than 1 month
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- AlcumUS
- ISO/IEC 27001 accreditation date
- 25/8/2017
- What the ISO/IEC 27001 doesn’t cover
- Cloud is ISO 27001
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- SOC 2 Certification
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- Other
- Other security governance standards
- Health Insurance Portability and Accountability Act (HIPAA) with BAA available.
- Information security policies and processes
- Information security policies are based on NIST Cybersecurity Framework with ISO 27002 controls. Unitrends policies and controls also satisfy GDPR and the US standards HIPAA and CJIS.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
All changes to software and services provided are tracked throughout the SDLC process.
All CVEs are monitored on release by a dedicated member of the development team, and appropriate remediations are provided based on the severity of the CVE.
All changes are tested by QA prior to release to the production team.
All changes to production are controlled by the operations team who apply them after acceptance by QA and approval by business management - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Unitrends conducts vulnerability scans against its environments monthly and penetration tests annually or after major changes to the environment or applications.
Unitrends monitors publication of all CVEs and a dedicated security member of the development team assesses their impact on the Unitrends software and service and provides remediation based on the severity of the CVE. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Unitrends conducts vulnerability scans monthly and penetration tests annually or after significant changes to the infrastructure or application.
Vulnerabilities detected are referred to Unitrends Incident Response Procedures and are triaged, analyzed and remediated as appropriate.
Incident response is based on the severity of the incident detected - Incident management type
- Supplier-defined controls
- Incident management approach
-
Unitrends has an regular Incident Response Procedure to be followed all levels of incidents.
If the incident is detected by a user, they can call the security hotline or submit the incident via email to the security-incident email alias.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- VMware
- How shared infrastructure is kept separate
- Unitrends uses multiple virtualization technologies to facilitate for the services provided. The primary technologies used for the Unitrends DRaaS services are VMware and Hyper- V. Unitrends is able to isolate tenant services using storage and networking technologies. Further information can be obtained by engaging with the Unitrends cloud team.
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- Unitrends leverages an Equinix data center and Equinix is a Corporate Participant in the European Code of Conduct for Energy Efficiency in Data Centres programme.
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
We recommend leveraging cloud services to encourage customers to move from legacy onsite technologies which typically have much higher and inefficient power consumption.
Pricing
- Price
- £17.50 a user a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
All services are available as free trial of 14 or 30 days.
Trials are typically fully-featured. - Link to free trial
- https://www.unitrends.com/landing/enterprise-backup-software