ILEERO LIMITED

Ileero managed Cloud hosting service

leero cloud services provides a secure, scalable
and competitive managed cloud hosting on
dedicated infrastructure for multi-framework
applications.

Features

• Multi-platform application hosting and support
• Domain and sub domain
• Email service
• MI and cumulative reporting for analytices
• Integration with major public cloud provide
• Server account managemnet

Benefits

• Cost effective cloud solutions
• Scalable cloud services
• Flexible implementation approach to delivery
• Simplification of complex cloud service integrations

£80 to £150 a virtual machine a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@ileero.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

614499682685453

Contact

Peter Fajemisin
02039742167
info@ileero.com

Service scope

• Service constraints: Leverage commercial contracts for the; inclusion/exclusion of service and support; requirements
• System requirements:
  • Security restrictions should be known prior to enabling service
  • Ileero security policy must be adhere to
  • Penetration testing of services should be carried out
  • Vendor maintenance agreements are held and managed by Ileero

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Within 1 hr 24/7
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Our web user interface requires authentication and; authorisation. Clients would need to register for desired; service, following which they will be given access to that; service on the Ileero Cloud Management Portal
• Web chat accessibility testing: Web interface assistive user testing carried out include; Screen Reader, buttons and labels and Audio
• Onsite support: Yes, at extra cost
• Support levels: Ileero services can be provided at different levels on top; of the Ileero Managed Cloud Application Hosting; Services. This could include a complete business; process outsourcing model, infrastructure services and; application support and development.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Ileero provides user guides for all our Managed Cloud Hosting; Services and are available to support via our support contract.; Ileero is also able to provide onsite training for a fee.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Leero provides a migration service where we can assist in; migrating the data under contract to a secondary location.; Clients can also be provided with an extract of their data to a; secure location
• End-of-contract process: Via the Ileero Managed Cloud Administration Interface,; clients can request termination of each selected services.; Upon requesting, Ileero will make relevant checks that clients; are not in breach of contractual agreement and the; termination process can begin with a month's notice. During; this notice period, Ileero support team will work with our; client to ensure all pre-termination steps are completed to; satisfaction. We maintain an encrypted backup of our client's; data which can be provided for a small admin fee

Using the service

• Web browser interface: Yes
• Using the web interface: The web interface allows for brokering your cloud services.; Our web interface allows for you to integrate both with the; Ileero Managed Cloud as well as several other public cloud; providers. The interface functionality includes some basic; server related tasks, email registration service, cloud spend; management, and other configuration management; function et
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Our web user interface requires authentication and; authorisation. Clients would need to register for desired; service, following which they will be given access to that; service on the Ileero Cloud Management Portal
• Web interface accessibility testing: Web interface assistive user testing carried out include; Screen Reader, buttons and labels and Audio
• API: Yes
• What users can and can't do using the API: We provide an API test endpoint and documentation for; users integrating with the service. During integration users; can submit a support ticket or via our documentation forum; ask techniical questions. Once integration is tested and; proven, we then switch the users over to our production API; and begin charging for use.
• API automation tools: Other
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Server instances allocations are specific to each client.; Where users have opted for a shared resource for cost; reasons, these resources will be shared evenly with; threshold checks to determine when clients are using; more resources than they specified at registration
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • HTTP request and response status
  • Memory
  • Network
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Databases
  • VMs
  • Files
• Backup controls: There is an option provided via the; administration portal, non-trivial backup; request can be requested via a support; ticket
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: As a minimum, Ileero managed cloud is designed; for 99% availability. We can aim to increase this; on a client by client basis at an additional cost.; This cost is made transparent to the clien
• Approach to resilience: On request
• Outage reporting: Email alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Users are authenticated against a; username/password and via 2 factor. Role based; access control are also employed to ensure users; are authorised to perform certain operations
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Ileero has a robust security framework with an in-house; security team whose main role is to mature the framework,; ensure compliance on all our systems, be ahead of the curve; for new vulnerabilities and regulation and our security team; works closely with Ileero Managed Cloud delivery and support; team to ensure our security policy is adhered to in its entirety.
• Information security policies and processes: Ileero's information security policies and processes are based; on ISO-27001 framework. We have an in-house INFOSEC team; led by a Chief Information Security Officer. The team is; responsible for implementing Ileero's INFOSEC policies and; procedures and ensuring other areas of the business, which; includes Ileero Managed Cloud, aligns to the security; guidelines. Additionally, our Senior Information Risk Owner; ensures risk relating to information are identified and properly; managed. Our SIRO also provides assurance to the board.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Leero's change and configuration management framework; is based on ITIL. We have specific processes and; procedures that are followed and approved via Ileero; change board.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Ileero has an in-house and up to date threat scanning tool; that runs as a scheduled task frequently. At least once a; year we invite third party organisations to identify; potential threats and provide recommendations. Our; technology team reacts immediately to remediate any; vulnerabilities identified.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We have in place adequate controls, based on risk; assessments, to prevent malicious activity/user error that; could compromise our assets. Once a treat is identified,; we immediately mobilise the correct people/process/tech; to limit the impact of a security incident.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Ileero have a pre-defined set of internal processes for; incident management. Some of these processes are; selected and reengineered based on client service level; agreement. Client report incidents through our incident; management tool, configured based on agreed workflow; for incident prioritisation. Incident reports are generated; periodically and on demand

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Oracle VM
• How shared infrastructure is kept separate: On registration, our automated system will provision a; new oracle VM instance for the client. The specification; of the VM will match the selected package. In; exception where an error occurs, our dedicated support; team are notified and they will create the VM instance; manually

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Our third-party platform partner is AWS and they; are committed to running their business in the; most environmentally friendly way possible

Social Value

• Fighting climate change:

  Fighting climate change

  NA
• Covid-19 recovery:

  Covid-19 recovery

  NA
• Tackling economic inequality:

  Tackling economic inequality

  NA
• Equal opportunity:

  Equal opportunity

  NA
• Wellbeing:

  Wellbeing

  NA

Pricing

• Price: £80 to £150 a virtual machine a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@ileero.com. Tell them what format you need. It will help if you say what assistive technology you use.