Maintel Europe Limited

Maintel SSE

A comprehensive cloud-based security solution providing multiple layers of protection against malware, phishing, and ransomware, securing users and data across any device, location, and cloud application. We offer a choice of best in class security platforms, ensuring you benefit from the best available technology tailored to your specific needs.

Features

• Co Managed Cloud Security;
• Optional Managed Detection and Response;
• Secure Web Gateway - Inspects web traffic for full visibility;
• DNS-layer security - first line of defence against threats;
• Cloud-delivered firewall - manage and inspect network traffic;
• Cloud Access Security Broker - controls cloud app security;
• Data Loss Prevention - visibility and control over sensitive data;
• Remote Browser Isolation - isolates web traffic from devices;
• Zero Trust Network Access - mitigates unauthorised access;
• Threat Intelligence - supports tooling in your security stack;

Benefits

• Experts support your SSE, freeing your IT resources;
• Reduced Complexity, consolidating multiple point security solutions;
• Enhanced Security and continuous threat intelligence and expert guidance;
• Improved User Experience, secure access to apps from any device;
• Zero Trust Network Access continuously verifying users and devices;
• Centralised Policy Enforcement for consistent security policies;
• Access Control, integrate with identity and access management;
• Micro segmentation to limit lateral movement if a breach occurs;
• Improved Security Posture, reduce attack surface;

£1,000.00 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@maintel.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

591527324529388

Contact

Hannah Cook
07730521482
bids@maintel.co.uk

Service scope

• Service constraints: No
• System requirements: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Maintel offers 24*7 support to all customers, response times are based on the severity of the fault ranging from <30 mins for a Cat 1 to <8hrs for a Cat 5 fault.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Maintel offer 4 support tiers of service. Maintain Tier manages events and Incidents; resolving issues as and when they occur, either remotely or on-site with; up to 24x7x365 fully UK based service desk & remote technical support, Incident Management, Supplier Management, Self-Serve Portal to raise and track tickets, quotes and requests, Parts replacement & Field Engineers (for hardware-based solutions).; Assist Tier additionally offers Remote Customer Experience Manager, Quarterly online review meetings & quarterly basic reports, Reactive problem & risk management, Optional: Change Management packs and Patching review and recommendation reports. ; Assure Tier additionally offers; Monthly online review meetings & monthly enhanced reports , Proactive problem & risk management, Availability monitoring of your service with automatic incident ticket generation.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Maintel's project team will support users via Service Delivery Management, and will work with the customer to devise a suitable transition plan for the adoption of any new services.; ; If a field based Customer Experience Manager is included as part of the service options, then this enhances the ability to ensure a smooth adoption. Self help documentation can be provided if required.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: N/A - this is a network service not storage.
• End-of-contract process: Services will renew unless the customer ceases the contract or gives such notice. Once notice is received services will be ceased in a timely manner as agreed with the customer.

Using the service

• Web browser interface: Yes
• Using the web interface: Access and manage billing, raise and track tickets.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Through Secure website (SSL) with user authentication.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Cloud-Based Infrastructure with automatic scaling. ; Resource Allocation and Prioritization; Anycast Routing; Content Delivery Network (CDN); Threat Intelligence Sharing
• Usage notifications: No

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Cisco, Fortinet, Zscaler

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Never
• Protecting data at rest: Other
• Other data at rest protection approach: N/A
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Built in resilience via global network of data centres
  • Virtual appliances don't cache data for core operations
  • Speedy recovery via cloud platform in case of VA malfunction
• Backup controls: N/A
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Maintel SSE does not directly establish a connection between a customer's network and the Maintel network
• Data protection within supplier network: Other
• Other protection within supplier network: N/A

Availability and resilience

• Guaranteed availability: Depending on selected technology for Maintel SSE, commercially reasonable efforts maintain service availability of 99.99% of each calendar month. More details on request.
• Approach to resilience: Resilient global cloud infrastructure.
• Outage reporting: Public Dashboard for Service Status & Email alerts

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Depending on the selected technology, generally a multi-layered approach to restrict access in its management interfaces and support channels is adopted. Login credentials with strong password policies to enforce complexity and regular password changes. Role-Based Access Control (RBAC) assigns roles with specific permissions. Communication between a user device and Maintel SSE is encrypted using HTTPS protocol. Multi-Factor Authentication (MFA). IP Address Restrictions
• Access restriction testing frequency: At least once a year
• Management access authentication: Public key authentication (including by TLS client certificate)
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Externally assessed and certified by British Assessment Bureau
• ISO/IEC 27001 accreditation date: 18/03/2022
• What the ISO/IEC 27001 doesn’t cover: Supplier's ISO27001:2017 certificate covers the whole business.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Audited and certified by a QSA from IT Governance
• PCI DSS accreditation date: 02/06/2023
• What the PCI DSS doesn’t cover: Not applicable to this service.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: CyberEssentials, PCI-DSS, N3, HSCN (ongoing).
• Information security policies and processes: ISO27001:2013 policies and procedures. Security governance is in place throughout the whole business and managed regularly.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration changes will be made remotely and managed by the Maintel NOC Technical Support Team, access to equipment will be centrally controlled via Authentication, Authorisation and Accounting (AAA) based services. Configuration changes are classified as Standard or Non-standard, details of which can be made available on request.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Maintel’s Vulnerability Management process is comprised of the following services and functions;; ; Vulnerability discovery/research; - Incident response vulnerability discovery; - Public source vulnerability discovery; - Vulnerability research; ; Vulnerability report intake; - Vulnerability report receipt; - Vulnerability report triage and processing; ; Vulnerability analysis; - Vulnerability triage (validation and categorisation); - Vulnerability root cause analysis; - Vulnerability remediation development; ; Vulnerability coordination; - Vulnerability notification/reporting; - Vulnerability stakeholder coordination; ; Vulnerability disclosure (also aligned to ISO 29147:2015); - Vulnerability disclosure policy and infrastructure maintenance; - Vulnerability announcements / communication/dissemination; - Post-vulnerability disclosure feedback; ; Vulnerability response; - Vulnerability detection / scanning; - Vulnerability remediation.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Third Party SaaS provider responsible.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Maintel's Service Desk manages all customer incidents and will restore service as soon as possible following an incident. The support processes are designed to be consistent with ITIL best practice and aligned to the ISO/IEC 20000 standard for IT Service Management. Incidents are reported by the web portal, telephone, email or auto-generated from monitoring tools. Incident reports are created and distributed by Maintel Service Delivery Management.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Maintel Environmental, Social and Governance strategies enable us to work with customers to improve local, national, and international environments. For example, for every 500 cloud seats enabled through Maintel, we plant 25 trees at no cost to our customers. Planting trees has been identified as assisting movement towards target achievement in multiple UN Sustainable Development Goals. The trees are young when planted and will not sequester carbon for some years. The planting, particularly outside of the UK, enables jobs to be created to plant and maintain trees, environments are improved, including life in water where mangrove planting takes place. We also plant in the UK through not-for-profit organisations that ensure appropriate areas are rewilded and create a better space for local communities to use and for wildlife to flourish.

  Covid-19 recovery

  Maintel assists in the Covid 19 recovery in a number of ways. ; ; By supporting local communities with the provision of a contract aligned Social Value tech fund, which can be utilised for customer identified projects. For example, providing devices and broadband to underprivileged young people to assist them with their education and access to the world of work, or to a local small business that is identified as needing assistance to change the way in which they work.; ; Our employee volunteer scheme provides support for physical and mental health of people. By working with us to identify how we can assist your local organisations to provide support to the wider community, we become involved in the creation of jobs.; ; We are willing to share all vacancies with our customers, including apprenticeships and identify any appropriate candidates to fill a vacant or new permanent or temporary positions.

  Tackling economic inequality

  Maintel works closely with customers and suppliers to provide support for tackling economic inequalities. With the provision of contracts aligned to a Social Value tech fund, which can be utilised for customer identified projects. For example, providing devices and broadband to underprivileged young people, to assist them with their education and access to the world of work. Or to a local small business that is identified as needing assistance to change the way in which they work.; ; We are willing to share all vacancies with our customers, including apprenticeships, and identify an appropriate local candidate to fill a vacant or new permanent or temporary position.

  Equal opportunity

  Maintel is an equal opportunities employer and makes appropriate adjustments to ensure we have a full and diverse range of employees connected to the contract.; ; Our learning management and development plans ensure all employees have access to appropriate training and qualification. This includes apprenticeships to support in-work progression, particularly those from disadvantaged or minority groups, to move into higher paid work by developing skills relevant to our contracts.; ; Maintel supplier management expects all critical suppliers to meet at least Maintel required standards of employee caring and adherence to relevant regulations including modern slavery.; ; As part of our equal opportunities scheme we have set targets. These include; 40% of all employees being female by 2030 (we’re currently at 33%), focussing on increasing the number of women hired into technical roles and reducing and maintaining the gender pay gap. We’re also aiming to ensure women are better represented in leadership roles, with 40% of senior management to be women by the end of 2025, and a minimum of one female member on the board. ; ; We expect and set up contractual arrangements with our suppliers to ensure, not only adherence to relevant regulations such as Modern Slavery Act, but to work with them to ensure they meet at least Maintel standards. We centrally manage the new and existing suppliers, ensuring full due diligence and risk assessment are regularly undertaken, and working with suppliers to identify and implement improvements. Our zero-tolerance stance to Modern Slavery is supported by our policies on anti-bribery and corruption and whistleblowing.

  Wellbeing

  Maintel has a wide reaching, multi-dimensional employee well-being package in place. We understand that our people are our most valuable assets, and are therefore passionate and committed to providing support and compassion at all times. We are certified to ISO45001 – Health and Safety and have representatives at each site, our First Aiders and Facilities team. We offer all employees a range of benefits to support health and wellbeing including; discounted gym memberships, enhanced sick pay, 24x7 private virtual GP, an employee assistance line to help employees with their mental health, various health assessments, health care cash plans and more.; ; Maintel is adamant it will be there to support all employees working on the contract whatever life throws at them. We have introduced a trained network of employee Wellbeing Ambassadors, there to assist individuals, and also provide all employees with great wellbeing information throughout the year.; ; In addition, one of Maintel’s core values is to be agile and flexible, and so we encourage employees to take advantage of their flexible working and hybrid working benefits, while maintaining excellent customer service. This helps to alleviate any pressure and stress for employees and promotes a healthy, sustainable work-life balance.; ; Our volunteer policy enables all employees to participate in volunteering activities arranged by Maintel, with local communities, but also to access paid time to actively participate in volunteering activities that are important to them directly.; ; Working with our customers, we agree where we can help the most, and set up appropriate schemes to participate in improvement of local communities using our volunteering scheme as the basis for providing environmental and social support in our local communities.

Pricing

• Price: £1,000.00 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@maintel.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.