HCL Technologies UK LImited

Rubrik - Backup as a Service

Rubrik providces a zero trust data protection platform across all data and applications whether it be located on premises or in the public, private or hybrid cloud. Rubrik provides Ransomware detection and remediation, Sensitive Data Discovery , Incident containment and Orchestrated Application Recovery all within a single management plane

Features

• Backup data on premises, across multi cloud and SaaS environments
• Instantly recover data and applications locally or within the cloud
• Zero trust architectire - Fully encrypted and immutable platform
• Ransomware investigation and remediation
• Sensitive data discovery for GDPR and other data classification types
• Malware threat hunting and containment
• Orchesterated and automated application recovery
• API first architecture for 3rd party integration
• M365 protection with air gap
• Single pain of glass presented via SaaS

Benefits

• Assured recoverability against ransomware via a zero rust immutable platform
• Detect, identify and remiediate against ransomware
• Database and unstructured data protection at scale
• Policy based automation for simplicty of management
• Rapid reocvery of services at scale
• Orchestrated recovery of applications and services
• Single SaaS platform extending from data center to cloud
• Provide intelligence and compliance via senstive data discovery
• Meet and exceed NCSC and NIST compliant data protection strategies
• Provide a secure by design air gapped environment

£90 to £120 a terabyte a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at CCSFrameworks@hcl.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

508816669622682

Contact

Paul Montgomery
+44 (0) 20 7105 8600
CCSFrameworks@hcl.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: On premises deployment requires specific hardware and/or resource configurations
• System requirements: Customer provided networking

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 system down SLA within 30 minutes; P4 query next business day SLA
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Premium - 24x7x365 follow the sun support; Basic - Mon-Fri 8am-8pm (local time); optional Customer Experience Manager (cost uplift)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Install Skills Transfer Handover via Professional Services; Online Free training via Rubrik University; Classroom/virtual training with certifications
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Via natural expiration or manual migration via professional services.
• End-of-contract process: Customer has recovery only capabilities with no support on product or services. For Rubrik hosted services, customer will have set amount of days to expire/export

Using the service

• Web browser interface: Yes
• Supported browsers: Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: CLI based support interface for Rubrik Support personel - enabled by customer via a secure support tunnel
• Accessibility standards: None or don’t know
• Description of accessibility: Via Web Browser, cli or API
• Accessibility testing: Not Applicable
• API: Yes
• What users can and can't do using the API: Any function within Rubrik can be accessed via API's
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: Through an intelligent and automated task scheduler managed via SLA policies.

Analytics

• Service usage metrics: Yes
• Metrics types: SLA compliance metrics; backup and restore; uptime and capacity
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Multiple export options available via Rubirk interface and chosen cloud storage provider.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JavaScript Object Notation (JSON)
• Data import formats: Other
• Other data import formats: Data can be uploaded in JavaScript Object Notation (JSON) format.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Not Applicable
• Approach to resilience: Various hardware and software resilliency - details available on request
• Outage reporting: Yes - public statistics

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Rubrik uses MFA and biometric credentials for authentication to applications and baseline access is provisioned via RBAC and internal approvals (break glass) processes.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: 16/10/2022
• What the ISO/IEC 27001 doesn’t cover: No exception in the scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001; ISO 20000; EU/US Privacy Shield; EU GDPR; SSAE 16 SOC 2; US HIPAA; US CJIS; UK ICO

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Rubrik has a set standard and processes for configuration and change management which can be provided on request
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Rubrik performs ongoing and constant reviews of its infrastructure and services as well as maintaining a trained staff within InfoSec and Compliance. Details of this can be provided on request
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Rubrik provides regular and proactive monitoring processes. Details of which can be provided on request
• Incident management type: Supplier-defined controls
• Incident management approach: Rubrik has a full set of IM and RCA processes. Details of these can be provided on request.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks: Not Applicable

Social Value

• Fighting climate change:

  Fighting climate change

  At HCL Technologies, we believe that we have got accountability to the future, as well as an imperative role to play in addressing global challenges, such as climate change and environmental sustainability. ; ; HCL commits itself to confronting these challenges by assuming a leadership role in fostering a sustainable environment and responding appropriately to the risk posed by environmental degradation. ; ; HCL will strive to achieve excellence in environmental management by: ; ; Integrating environmental considerations into our all areas of operations, considering our environmental risks, responsibilities and organisational capability ; ; Meeting all environmental compliance obligations applicable to the organisation ; ; Reducing our ecological footprint through optimised utilisation of natural resources, including land, water and by ensuring the responsible use of energy throughout our operations, including conserving energy, improving energy efficiency and giving preference to renewable over non-renewable energy wherever feasible ; ; Introducing more sustainable and green procurement approaches ; ; Preventing pollution and minimising all types of waste, including e-Waste by adopting a Reduce-Reuse-Recycle-Recovery philosophy ; ; Being an environmentally responsible neighbour in the community where we operate, and correct incidents or conditions that endanger the environment ; ; By committing ourselves to open and constructive engagement with communities surrounding our operations on environmental matters ; ; Providing a framework for setting and reviewing environmental objectives and targets ; ; Continually improving and learning from our efforts in working towards environmental sustainability ; ; Monitoring and reporting our environmental performance to key stakeholders ; ; Ensuring that environmental policy is communicated to all the concerned persons working for or on behalf of the organisation, to make them aware of their environmental responsibilities ; ; By making our environmental policy available to all stakeholders, including public on demand ; ; Maintaining appropriate controls, including periodic review of environmental policy, to ensure its applicability and relevance to the changing scenarios and stakeholder’s expectations.
• Covid-19 recovery:

  Covid-19 recovery

  The outbreak of the COVID-19 pandemic and its ruinous effect on lives and livelihoods has been unprecedented in modern times. HCL has used its position as a global IT company to mitigate the effects where possible, supporting our clients to continue operating in these difficult times and providing help to those affected. We have developed rapid solutions to support our customers in returning to work during the pandemic with examples ranging for PPE stock management, workforce social-distancing solutions and the deployment of remote working technology. ; ; Our HCL Foundation is a focal point for global programmes and has coordinated our support for COVID-19 affected communities. ; ; As a result of the pandemic there have been many industries that have been heavily impacted economically and many job losses have been caused as government support is reduced, companies going into administration and many freelance/self-employed prospects have simply disappeared. ; ; Some of the people displaced by the pandemic will have transferable skills and just need limited support in cross-training. ; ; We offer a number of opportunities to help semi-skilled staff enter the IT services world. Schemes such as our ‘Consultant in Training’ programme where staff are taken on and have a mix of formal training and on the job mentoring to give them the skills to continue on this path. The formal training can result in recognised qualifications such as technology or project management certifications. Many alumni of this programme are taken on by HCL as the first rung on their new career ladder. ; ; With regard to the less skilled people left stranded by the Coronavirus outbreak we provide targeted help in a similar way to how we support disadvantaged individuals. ; ; We will work with our customers to understand the impact of COVID-19 and develop CSR plans to support these at a local level.
• Tackling economic inequality:

  Tackling economic inequality

  HCL is committed to Corporate and Social Responsibility (CSR) to help equality/diversity, the economy, health/wellbeing and local communities. For local economies/ communities, HCL creates and maintains positive industry partnerships, engaged employees (including a focus on staff behaviours) and a diverse workforce, working collaboratively to make work a great experience for all. ; ; In the UK, HCL works in partnership with the Prince’s Trust to maximise our CSR activities relating to how technology can make a positive difference to the lives of people and organisations worldwide. We have developed an education programme called “Get Started with Technology” to upskill disadvantaged youth across the country. ; ; In the UK, HCL runs a CIT (Consultant in Training) programme every year, whereby we hire fresh graduates with no prior corporate experience in the UK and train them on relevant technologies and then employ and groom them to be Consultants. This has been run in conjunction with Manchester Business School and we are looking to expand this programme to include the other Higher Education establishments. ; ; We are mindful of our role to play in of supporting local businesses and generating additional economic development through our engagements. As such, we consider using local suppliers to meet requirements that we cannot fulfil ourselves. As an example, a significant proportion of the initial User Experience and Design work for new Manchester United app was undertaken by Manchester based Small/Medium sized Enterprises (SMEs). ; ; HCL runs innovation labs, collaborating through global Hackathons or developing patents for new and emerging technologies. We share this knowledge via events and Webinars, as well as providing access to thought leadership in the guise of our Chief Information Officer (CIO) Council. Recent events have covered such diverse topics as Blockchain, Robotic Process Automation (RPA), Cognitive Systems and Artificial Intelligence (AI) and Internet of Things (IoT).
• Equal opportunity:

  Equal opportunity

  HCL focusses on creating/sustaining a nurturing environment for all employees, irrespective of backgrounds, gender, nationality, culture, ethnicity, age or differing abilities of individuals. ; ; Gender parity and inclusion at all levels of the hierarchy is our top priority, with a special focus given to increasing the representation of women leaders at key leadership positions. The female employee ratio is a crucial metric that is reported and reviewed quarterly in the company board meetings. All our recruitment teams carry a target on gender hiring and all our job specifications have been reviewed to make them gender neutral. ; ; HCL is committed to Corporate and Social Responsibility (CSR) to help equality & diversity, the economy, health & wellbeing and local communities. We have initiatives running to support, nurture, develop and celebrate the successes of disadvantaged communities or individuals. We endeavour to make a positive impact in the lives of people within the communities we operate in. ; ; For local economies/communities, HCL creates and maintains positive industry partnerships, engaged employees (including a focus on staff behaviours) and a diverse workforce, working collaboratively to make work a great experience for all. ; ; The company implements and maintains a management system that sets targets to monitor and continually improve our social performance across the company. Also, we comply with all relevant legislative and regulatory requirements relating to be a responsible business, including but not limited to the Modern Slavery Act, the Equality Act, the Public Services Act and the Living Wage Act. ; ; To propagate an inclusive culture at HCL, a virtual Inclusion Lab model has been designed in consultation with business and HR stakeholders. The objective was to design a systemic, top down approach where each leader was sensitised and given the necessary skillset, mindset and toolset to actively demonstrate and promote inclusive behaviours.
• Wellbeing:

  Wellbeing

  HCL is committed to employee overall wellbeing through. ; ; Physical/Occupational ; ; Ergonomics Training; Employees have access to e-Learning based ergonomics training. ; ; Chiropractor consultations; Organised at the workplace to advise employees on correct sitting posture. ; ; Virtual General Practitioner; This allows employees to seek an appointment and follow ups with a GP to discuss medical issues. ; ; Gym Flex/Cycle to Work; This benefit allows employees to seek attractive discounts on gym memberships and purchase a cycle. ; ; Health Check-ups; We organise for basic health check-ups, like Body Mass Index (BMI), Glucose and Cholesterol screening at the workplace for all our employees. ; ; Preventive Healthcare; Webinar on smoking cessation and good nutrition. ; ; Mental/Emotional ; ; Employee Assistance Programme; Free, confidential counselling services available for employees and their families in the local language on areas of emotional health, family issues, financial and legal guidance and other work and personal matters. ; ; Wellbeing Webinars; Monthly workshops facilitated by clinical psychologists around various topics to have a better understanding on mental health issues and practical tips on how to deal with them. ; ; Mental Health Awareness; Campaign to create awareness on mental health, breaking stereotypes and proactive ways for employees to become more self-aware, mentally resilient and emotionally secure. ; ; Mindfulness and Yoga Workshops; To help employees overcome stress, anxiety and increase resilience and emotional intelligence, while improving communication. ; ; Financial ; ; HCL Discount Scheme/Perks at Work; Employees and family access to avail attractive discount schemes on over 3,000 products ; ; Financial Wellbeing Workshop; To help employees understand the various financial instruments to enable them make the right decision on investments, pension decisions and future savings. ; ; Emotional/Psychological ; ; Chat sessions, culture and festive celebrations; This helps to bring various teams to interact and come together to create a livelier environment at the workplace. ; ; Part time and Flexi Working Policies to help people effectively manage their work life balance.

Pricing

• Price: £90 to £120 a terabyte a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at CCSFrameworks@hcl.com. Tell them what format you need. It will help if you say what assistive technology you use.