Selcom

Managed Hosting

Selcom provide a managed hosting platform for a range of web applications and servers based on LAMP and Windows technology. If your organisation utilises solutions such as ASP, .NET and SQL, or Linux based solutions including PHP, Python, Ruby and Perl, we have the hosting environment to support your applications.

Features

• 2-Factor Authentication
• Dedicated Server and Private Cloud segregated further by VLAN
• Site-to-site replication between our data centres for robust DR
• Unified Threat Management utilising WatchGuard firebox solutions
• Comprehensive infrastructure and network metrics
• Microsoft .NET Framework and SQL technologies application hosting environment
• Hosted Linux based solutions like PHP, Python, Ruby and Perl
• Microsoft Remote Desktop Services (RDP) and User Licensing
• Windows Server and SQL Hosting
• ISO27001 certified

Benefits

• 20+yrs experience implementing solutions for private and public sector
• Email and telephone support at no extra cost
• 99.9% availability, backed by service credits
• Unlimited off-site backups for secure audit accountability
• Automatic 24x7x365 system monitoring calling operations to action when necessary
• Hosting systems entirely within the UK
• Multiple environments: development, staging/UAT/pre-live, live
• Each customer has their own infrastructure, no shared services
• Automatic or ad hoc KPI and SLA performance reports

£500.00 to £3,300.00 a server a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@selcom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

557540342825147

Contact

Stephanie Sellers
01904788181
accounts@selcom.co.uk

Service scope

• Service constraints: Any routine downtime required for system maintenance is scheduled outside of normal office hours. ; A maximum of 1 hour per month maintenance window is provisionally allocated for system maintenance, if required. However, this can be adapted based on buyer requirement.
• System requirements: No specific requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Weekday during office hours we will respond within 1 hour.; ; Out of hours support is agreed on an individual basis.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Our support levels can be found in our SLA, detailed in our Service Definition Document
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On-boarding for our hosting services are fully supported by a named, dedicated Service Manager who provides a point of contact for the customer throughout the entire service delivery. They will assist with anything that you might need, and will walk through any training required, where necessary.
• Service documentation: No
• End-of-contract data extraction: Selcom will securely export data and metadata using industry standards that can be re-used, such as Tab-Delimitated and XML formats. ; Selcom will cooperate with any new cloud provider and there are no additional costs when switching. We will only retain data after contract termination for the timescale specified by the customer. Selcom will undertake full deletion of the data on our cloud service infrastructure after the time specified by the client.
• End-of-contract process: Selcom will provide an exit plan which ensures continuity of service. This will set out Selcom’s methodology to ensure continuity of service and an orderly transition to the replacement supplier. Selcom will work with the buyer to ensure that the exit plan is aligned with the buyers own exit plan and strategy. ; When requested, Selcom will help the buyer migrate the services to a replacement supplier in line with the exit plan. This will be at Selcom’s own expense if the call-off contract ended before the expiry date due to supplier cause.

Using the service

• Web browser interface: No
• API: No
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: There are no limitations regarding what users can set up or make changes through the command line

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: We can traffic shape based on user experience and usage patterns. We can also segment system resources to protect service levels
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Databases
  • Operating Systems
  • Active Directory
  • SQL Database
• Backup controls: We offer fully customisable back up options which will be agreed before the Contract is taken out
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Single datacentre with multiple copies
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.9% application uptime as measured through 1-minute polls using ICMP echo-requests. 99.9% network connectivity uptime of the customer service as measured through 1-minute polls using ICMP echo-requests Users are refunded by negotiated settlement outlined in the SLA
• Approach to resilience: Selcom do not want to make this information public. However, we are willing to share information with a specialist security expert on how we have designed our service to be resilient
• Outage reporting: Our system issues email, text and telephone call alerts to named contacts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: IP and or network level authentication
• Access restrictions in management interfaces and support channels: All access to service interfaces and support channels are constrained to authenticated and authorised individuals with appropriate access privileges.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: 3Core2 (IAS Accredited)
• ISO/IEC 27001 accreditation date: 14/03/2024
• What the ISO/IEC 27001 doesn’t cover: All of Selcom's network is covered by the ISO 27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • QG GDPR Management Standard and GDPR Practitioner
  • Microsoft (MCSE, DBA) and VMware accreditation
  • WatchGuard (security, firewalls) partner
  • Nominet Membership

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Selcom have an Information Security Management System which incorporates all of the requirements of the ISO 27001 Standard including policies such as Access Contol, Asset Management, Communications Security, Cryptography, Information Classification and Handling, Incident Management, Physical and Equipment Security, Back Ups Procedure, amongst others. ; These are audited every quarter through external and internal audits and management reviews, and during the audit evidence is seen and recorded to ensure compliance with the policies.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Physical storage, internet bandwidth and operational systems are monitored with 24/7 automatic monitoring alerting when predefined thresholds are exceeded. ; Changes are identified on the Change Request form and logged in the change Change Control log. The originator obtains sufficient information to complete the Change Request. The Internet Services Director then reviews and/or carries out a risk assessment identifying potential risks, security impacts and then identifies and costs the required controls in line with the Selcom's risk management framework. The Internet Services Director in consultation with the Managing Director is then responsible for authorising the change to go ahead.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Firewalls are configured 24/7 to alert in the event of significant intrusions or incidents occurring.; We use advanced monitoring and live detection defence systems to detect vulnerabilities Anti-Virus is configured to be patched automatically. Our automatic patch policy covers binary, executable source code modification, service pack and firmware patches. Technical services will then identify the priority for the update to be tested and deployed dependant on the nature of the treat and any known exploits. ; Any patch deployment and software updates must comply with our defined change management process.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Systems are monitored 24/7 by RMM software and in-house systems, calling the operations team to action when necessary. The RMM notifies of: Warning Alerts, Critical Alerts, System Down and System Recovery Regular scanning using Barracuda’s Vulnerability Manager (BVM) tool finds vulnerabilities such as those on the OWASP Top 10, including SSL injection, cross-site scripting, and others. Any issues found will be imported into the Barracuda Web Application Filter, which will automatically generate and apply mitigation rules. Servers are professionally managed and conform to guidelines under the Government's e-Government programme.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have an Incident Management policy for our ISO 27001 certification, this works hand in hand with a Disaster Recovery plan, BCP plan and incident management plan which details the processes to take for common incidents. ; Users report incidents either by email or telephone, and Selcom's staff reports these in our job system, this generates an incident report which staff fill out and use to report to clients as necessary.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: VMWare and Proxmox
• How shared infrastructure is kept separate: Separate VLANS and Firewalls are deployed therefore segmenting system resources ensuring different organisations sharing the same infrastructure are kept apart.

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  To improve server consolidation, increase operational efficiency and increase utilisation rates, Selcom deploy servers on industry standard virtualisation platforms. This has enabled our customers to reduce power consumption, cooling and management demands. ; Utilising technologies such as Microsoft RDP allows customers to work remotely, reducing carbon emissions from travel across all industries, RDP and other technologies have also allowed remote support in a way that is consistently improving, and therefore our staff are required to travel less for support queries, further reducing our environmental footprint. Our own team is also hybrid remote and office based, therefore reducing our own carbon footprint.; ; More information can be found in the 'Energy Efficieny' section of our Service Definition document.

Pricing

• Price: £500.00 to £3,300.00 a server a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Available only on a secured shared hosted service for a limited time to test speed and performance

Service documents

• Pricing document

  ODT

• Skills Framework for the Information Age rate card

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@selcom.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.