Backup for G-suite
CSI’s can build a scalable, resilient, robust and cost-efficient infrastructure solution for backup and recovery for Google G-Suite. Provisioned in a private, public or hybrid approach we offer; long term archival; fast disaster recovery with pre-defined recovery and restore SLAs; data tiering; fully managed backup solutions for your physical/virtual machines.
Features
- Comprehensive reporting, monitoring and alerting
- Unlimited technical support
- Remote management and out-tasking
- Guaranteed backup success, underpinned by service credits
- Can provision an offsite recovery vault for long-term retention
- Cost optimisation via cloud storage solutions and various licensing models
- Remote management and out-tasking
- Data Protection Maturity Model identifies your as-is and to-be environment
Benefits
- Reduce business risk by identifying critical applications and data
- Provide insight and visibility of your IT infrastructure
- Identify and help resolve data protection exposure
- Reduce TCO of data protection environment.
- Meet compliance and regulatory requirements
- Faster recovery times - reduced risk of revenue/productivity loss
Pricing
£0.07 to £0.35 a gigabyte a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 6 5 9 8 3 8 2 9 9 0 5 3 5 8
Contact
CSI Limited
Jennifer Billett
Telephone: 08001088301
Email: jennifer.billett@csiltd.co.uk
Service scope
- Service constraints
- Our suite of Helix Protect offerings supports the majority of backup infrastructures (providing reporting, monitoring, support or management) on a minimum of 1 year contract. Please see relevant Service Definition Document.
- System requirements
-
- Operating systems and applications at supported levels.
- Suitable internet links to transfer data.
- Provision of physical or virtual hosts to host the software.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Request for Information – 4 hour response – whether emailed, phoned or on the Community Restore Request – 2 hour response Critical Restore Request – 1 hour response – must be phoned through Out of Hours – Chargeable for all 10x5 customers – contract hours are 8am – 6pm Monday to Friday Monday – Friday between 6pm – 8am Must phone the Service Desk 6pm – 10pm - £150 per hour All day Saturday - £150 per hour 10pm Saturday – 6am Monday - £200 per hour
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- CSI provide advanced monitoring, reporting and alerting, access to a first, second and third line service desk, through to a fully managed solutions. Most accounts will be allocated a Technical Account Manager.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- The service is simple and easy to understand. However, CSI provide full support in helping our clients familiarise themselves and ensure successful roll-out of the service. Online training and documentation will also be provided
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- In the vast majority of cases, data remains within the customer's core infrastructure, and is only remotely managed. Where CSI are hosting data, we will work with the customer during the off-boarding process to facilitate extraction of the data.
- End-of-contract process
- The principle of the suite of services is to provide insight, support or remote management of the customer's backup infrastructure. Therefore, at the end of the contract, we will disengage and hand responsibility back the customer as per our off-boarding process, which is included within the cost of the contract.
Using the service
- Web browser interface
- Yes
- Using the web interface
- The web interface allows users to raise questions, incidents and requests. It also gives access to knowledge, databases, forums and comprehensive reporting consoles.
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- Interface doesn't comply with EN 301 549 9 as this specifies how much users can zoom, how colour is used, and the contrast of web pages.
- Web interface accessibility testing
- Interface doesn't comply with EN 301 549 9 as this specifies how much users can zoom, how colour is used, and the contrast of web pages.
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Through regular monitoring with performance and capacity management of the overall infrastructure.
- Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
- Other
- Other metrics
-
- Backup success rates.
- Backup statistics.
- Storage utilisation.
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- IBM and Dell-EMC
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Less than once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- No
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Majority of servers, applications, files and volumes (see SDD).
- Mobile and endpoint devices.
- Cloud applications (e.g. O365).
- Backup controls
- CSI will define a data protection catalogue which the customer or CSI will use to govern the backup policies. There is huge flexibility on what can be backed up, when and how
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users contact the support team to schedule backups
- Backup recovery
-
- Users can recover backups themselves, for example through a web interface
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
- Other
- Other protection between networks
- In the vast majority of cases, data is held within the customer's backup environment, and CSI provide remote support and management as required.
- Data protection within supplier network
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- For our managed service (Helix Protect Enterprise) CSI provide an SLA of greater than 98% backup success rate, with a 5% service credit if we are unable to meet this SLA. Please see relevant Service Definition Document for more details.
- Approach to resilience
- CSI have ensured their service delivery is resilient in terms of site loss and component failure.
- Outage reporting
- Email alerts.
Identity and authentication
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
- Each user can have policy-driven profiles applied to govern their level of access.
- Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
- Devices users manage the service through
- Dedicated device on a government network (for example PSN)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Bureau Veritas
- ISO/IEC 27001 accreditation date
- 14/01/2022
- What the ISO/IEC 27001 doesn’t cover
- N/A
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- NCC Services Ltd
- PCI DSS accreditation date
- 27/02/2022
- What the PCI DSS doesn’t cover
- N/A
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- CSI subscribe to and actively embrace ISO 27001. Our internal auditing process and the annual external audits ensure that the policies are being followed. Any breach of our information security policy is logged and escalated to the information security officer for a full and thorough review.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- As a service provider,CSI have a mature change-management process, which includes risk analysis, roll-back plans, and approval and verification steps.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- CSI subscribe to multiple threat-alert channels through our security partners and vendors. Critical patching will be completed within 3 days. Routine patching is completed on either a monthly or quarterly cycle.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- CSI use regular vulnerability scans and penetration testing to identify potential compromises which will be addressed as soon as commercially reasonable.
- Incident management type
- Undisclosed
- Incident management approach
- Our incident management process is based on ITIL and has been refined over the many years of CSI being a service provider. Individual incidents are addressed and closed. Multiple incidents can trigger a problem management process. Major incidents will generate a incident report.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- CSI provide a TCO Tool which provides the output on cooling requirements to make sure that the energy requirements are optimised.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Equal opportunity
- Wellbeing
Fighting climate change
Along with our customers and carefully selected partners, environmental responsibility is extremely important to CSI when making our own decisions on platform choices and system purchases – IT sustainability is also being factored into our choice of sustainable infrastructure for our clients to deliver to their own ESG ambitions.
Data centre consumption of energy, greenhouse gas emissions and managing e-waste are all considerations. The CSI Power10 environment shows considerable reductions in energy consumption to over 50% from our old IBM Power8 estate. The IBM Power10 system have been designed to deliver high performance with a reduced environmental impact. Over 97% of IBM Power server components are reused or recycled at the end of life.
CSI are ISO 14001 accredited. CSI are committed to a programme of management, continuous improvement and reporting of our direct/ indirect impacts, which mark our contribution to improving the world in which we live.
We recognise that our business activities have direct and indirect impacts on the societies in which we operate. We endeavor to manage these in a responsible manner, believing that sound and demonstrable performance in relation to corporate social responsibility policies and practices is a fundamental part of business success.
Examples of our activity in this area are:
• Webcasts to deliver All Employee meetings to avoid excess travel
• Turn off all lights and PC monitors at night
• Corporate functions at venues that support sustainable environments
• Double sided printing set as default
• New marketing material produced on material sourced from sustainable sources
• Support of remote/flexible working – enabled reduction in office spaceCovid-19 recovery
We are also committed to making a sustainable positive impact on the communities in which we operate. We aim to make a distinctive contribution to inequality and social development through the establishment of effective partnerships and programmes that make the best use of the energies and skills of our employees.
We support our employees in fundraising for charities and voluntary work, recognising both the benefit to the community and to the employees themselvesEqual opportunity
CSI aim to provide equal opportunities and avoid discrimination in all aspects of employment and to ensure that the talent and skills of all individuals are maximised. Our approach applies to recruitment, terms and conditions of employment (including pay), appraisals, promotion, disciplinary and grievance procedures and training.
The policy applies to employees, officers, agency workers, casual workers, consultants and self-employed contractors.
Part-time and fixed-term staff shall be treated the same as comparable full-time or permanent staff and enjoy no less favourable terms and conditions (pro rata where appropriate), unless different treatment is justified.Wellbeing
The Company proactively supports Remote workers who are affected by time management and social isolation issues by:
a) regular one-to-one meetings between remote workers and their line managers
b) regular meetings between remote workers and their co-workers; networking, training, etc.
c) regular visits to their designated office
d) providing access to secure Company resources, e.g. CRM, SharePoint, Concur and BambooHR
e) providing access to Company communication tools such as Microsoft Teams, Microsoft Outlook and Yammer
f) providing access to helplines for support with software problems and equipment failures
g) providing online meetings or virtual discussion forums
h) including remote workers in social activities, along with company newsletters and updates
Pricing
- Price
- £0.07 to £0.35 a gigabyte a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A 2 week POC can be requested and provided by CSI.