ZURI TECHNOLOGIES

Infrastructure as a Service (IaaS) - zCloud Hybrid Cloud Solution

Our Hybrid cloud is hosted in the UK and provides a secure, resilient and robust enterprise cloud platform.
The solution provides compute, storage, networking and security coupled with our 24x7 service desk.
We deploy cutting-edge technologies including HCI NGFW, SIEM, enterprise EDR, flexible backups and DR solutions.

Features

• Enterprise Class Compute and Storage
• End-User Computing (VDI)
• Application Agnostic
• Managed Vulnerability Scanning and Remediation
• Backup and Disaster Recovery
• Next-Generation Vitual Firewall as standard
• Intrusion Prevention System as standard
• DDoS as standard
• 24x7 Proactive Monitoring and Real Time Reporting
• High availbility Datacentres

Benefits

• Secure, Resilient & Scaleable
• Flexible & Customisable Environment
• 24/7 Accessibility & Support
• Flexible pricing
• Online customer portal
• Independent or Extension To Your Current Cloud Set-Up
• No Initial CapEx, soley an OpEx model
• Active-Active Datacentres
• Hybrid Cloud intergration
• Synchronous Replication - Low RTO & RPO

£140 to £3,000 a virtual machine a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@zuri-tec.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

619722360396417

Contact

Kevin Soobadoo
+44 (0) 207 993 9344
sales@zuri-tec.com

Service scope

• Service constraints: Service constraints will include planned or emergency maintenance work.; ; Planned maintenance schedules will be shared with the customer in advance (30/60/90 days).; ; Emergency maintenance works will be shared with the customer up to 72 hours in advance.; ; Irrespective of whether works are planned or emergency, customers are not expected to experience any downtime as a result of the resiliency in every layer of the solution.
• System requirements:
  • Requirements vary due to the customized nature of the offering.
  • OVA or OVF files supported
  • Compatible with ESXi 6.7 and later
  • Bring your own Licencing (BYOL) is supported
  • Bring your own Anti-Virus (BYOAV) is supported
  • Bring your own Patch Management (BYOPM) is supported
  • Minimum 10MB Internet bandwidth is recommended to access hosted services

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our response times are determined by the customer's respective SLA (Service Level Agreement).; ; As an example, please see indicative response times:; Support Tickets Requests:(24 x 7 x 365); Severity 1 (Loss of Service) - 30mins ; Severity 2 (Intermittent Loss of Service) - 1 hour; Severity 3 (Non-service Impacting) - 2 hours; Severity 4 (Investigation ) - 12 hours; ; Service/Change Ticket Requests: (24x7x365); Severity 1 (Emergency) - 1 hour ; Severity 2 (Urgent) - 2 hours; Severity 3 (Planned) - 4 hours; Severity 4 (Maintenance) - 12 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our support level includes both in-hours and out of hours support with 24x7 or 9x5 telephone & email communication as part of our cloud solution.; ; In-hours support:; Start from £125 per server, per month; ; Out of Hours/Weekend support: ; Start from £150 per server, per month ; ; The support levels are agreed as part of the SLA and are in place to determine the severity of the incident in hand. ; For example, issues relating to either access or a drop in internet connectivity would be deemed as critical, with the SLA reflected to ensure a prompt response to our customer. Less critical requests will be responded to in the respective time frame. ; ; Each customer will have a dedicated Account Manager as well as a Technical resource dedicated to their account. The Account Manager will act as the day to day contact for the customer ensuring their needs are being met whilst the technical resource will be on hand to answer and resolve matters of a more technical nature. In both cases, there will be a further cover for the customer should their primary contacts not be available.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We aim to make our clients adoption of our cloud services as seamless as possible, providing them with a dedicated Technical and Account Management resource.; ; In the early stages of adoption, both onsite and remote support will be provided to the customer. This process will also allow us to tailor the service and the functionality of the solution to the customers' specific requirements, providing them with more of a bespoke solution. The number of days we provide our customers with for onsite training will be agreed as well as the complexity of the solution being delivered. During the initial set up process and through to the completion of the term of the contract with our customer, they will have access to our 24/7 support services as well as other dedicated resources.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The extraction of data from our platform will vary from customer to customer depending on the services provided. ; The return of data will be driven by the clients requirements with services continuing until the contract end date.
• End-of-contract process: As we approach six months to the end of the contract, we will provide options on the renewal of service. At this stage, commercials can be renegotiated and the level of services determined. ; ; In the event the client wish to exit at the end of the contracted term, we will begin the Exit Protocols. As part of the Exit Protocols we will provide a detailed exit plan for the client outlining key timelines to ensure the clients infrastructure remains resilient and secure until the end of the term. We will also provide details of any renewals/subscriptions that are due prior to or after the contract term.; No additional cost will be applied as part of the Exit Protocols, however, any work required by the client outside of exit plan will be deemed chargeable. Any charges will be discussed with the client in advanced.

Using the service

• Web browser interface: Yes
• Using the web interface: Users are able to access their compute, storage and networking statistics and can also raise change requests to modify their instances.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Web Interface is via Web UI and we are currently developing our CLI access.
• Web interface accessibility testing: We use standard Web technologies and sophisticated security methods to reduce risk, such as HTTPS, SSL and support various access control methods.
• API: Yes
• What users can and can't do using the API: There are an extensive set of API's allowing integration with the majority of transaction types and static data.
• API automation tools:
  • Ansible
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats: PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Our internal systems coupled with our specialist engineers are regularly checking our capacity and ensuring our users are operating within the bandwidth and capacity agreed from the outset. Should any of our customers require additional capacity, we are able to provide them with this, ensuring the demand of each respective customer does not have any impact on the others.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Other
• Other data at rest protection approach: Please contact Zuri Technologies directly, as we can offer physical media or individual VM's encryption.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • Servers
  • Files
  • Databases
  • Applications
  • Physical Machines
• Backup controls: Our users can determine their own unique back up schedule, whether this is once a day, once a week or once a month. Users are in full control in what they want to back up and have the ability to change their back up requirements with 24 hours notice. Our system allows full optimizations RPO and RTO with continuous replication.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: 1.Controlling Access Within the Network; 2.Encrypting Data for Network Transmission; 3.Secure Sockets Layer (SSL) Protocol; 4.Firewalls; 5.Use rights management to retain control
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: - TLS (Version 1.2 or above) ; - Daily backups ; - Scheduled patch management and vulnerability scanning ; - Next Generation Virtual firewalls; - Next Generation EDR; - SIEM - Real time monitoring; - Use file-level and share-level security; - Password-protect documents; - Use of 3+ Tier Datacenters; - Protect data in transit with IP security; - Use rights management to retain control

Availability and resilience

• Guaranteed availability: 99.75% uptime/availability results in the following periods of allowed downtime/unavailability (excluding planned or emergency maintenance): ; ; Daily: 3m 36s; Weekly: 25m 12s; Monthly: 1h 49m 34s; Yearly: 21h 54m 52s
• Approach to resilience: Our infrastructure is designed with a minimum of N+1 resiliency, spanned across three Datacentres. Our Hyper Converged Infrastructure (HCI) is fully resilient with data replicated in real-time across our datacentres. This results in a 'Recovery Point Objective' of zero. Our Active/Active design, allows for VMs to move freely between our datacentres, without the need of manual intervention.
• Outage reporting: Clients are informed of service degradation or system outages via email alerts and through the customer portal. ; Hourly updates are provided detailing;; - Incident Description, ; - Current Impact, ; - Timeline of Actions ; - Next Update.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Our Privileged Access Management (PAM) solution authenticates and authorize user access.
• Access restrictions in management interfaces and support channels: Management access is restricted to the IP addresses of our Privileged Access Management (PAM) solution (direct access is not permitted). Support Channels can only access the systems once a remote session is initiated by Zuri Technologies from the PAM access gateway.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS
• ISO/IEC 27001 accreditation date: 25/05/2017
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: As part of our ISO 27001 accreditation, we regularly examine our organization security risks by taking account of the threats, vulnerabilities, and impacts.; We have designed and implemented a clear and comprehensive suite of information security and risk controls. This allows us to identify any potential breaches and remediate with necessary actions in a prompt manner.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We follow best practices with regards to configuration & change management as set out in ITILv3. When a change is required, a Change Request form is completed and peer reviewed by the Team Leader. The form details any potential risk and roll-back procedure. The timing of the change will be determined by both parties to reduce the risk of any potential outage. ; The entire change configuration and change management process is fully documented and signed off by both parties before any changes are made.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Our vulnerability management processes are compliant with ISO27001:2013 and supported by a comprehensive Patch Management policy. ; Our vulnerability scanning is scheduled based on the client's requirements. Once a scan has been completed, the remediation plan is discussed with the client and necessary actions are scheduled accordingly.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We monitor large volumes of data across many locations allowing visibility into applications, user, and file behavior. This allows us identify potential attacks or compromises in real time allowing us to respond to incidents in a matter of minutes. ; Our Security Operations Center provide constant monitoring on a 24x7 basis, ensuring any new or modified files are scanned in real time allowing our security analysis to monitor events on our clients cloud infrastructure.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incidents can be logged into our Service Desk via telephone, email or through our ticketing system. The severity of the incident coupled with the client's SLA, will then determine the next course of action. ; ; We have an escalation procedure in place to ensure incidents are managed in accordance with the client's SLA. ; ; Customers will be able to track the progress of the incident by telephone, email or through our ticketing system.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Each tenant is segregated using:; 1. Layer Two (L2) VLANs separation ; 2. VXLAN technology to span the VLAN across multiple datacentres; 3. Virtual Routing and Forwarding (VRF) to separate each tenant’s routing table ; 4. Micro-segmentation technology to protect against intra-vlan traffic; 5. Dedicated virtual firewall for each tenant providing Inter-vlan access and in/outbound access

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Our datacentres are ISO 50001 and ISO 14001 certified. ; ; To conform to the EU code:; ; - 100% carbon free power; - Efficient buildings; - Procurement of their energy from wind, hydro and solar energy.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We understand that tackling climate change is everyone’s responsibility and we fully support the strategies for decarbonising all sectors of the UK economy to meet the net zero target by 2050. Our aim is to continue with educating our staff on ways as a business we can help protect the environment by recycling goods, reducing waste, smarter use of energy, as well as being as green as possible.

  Covid-19 recovery

  As a socially responsible company our priority is to ensure the health and wellbeing of employees, clients and the community at large. Our staff continue to be encouraged to stay away from the office and isolate should they either feel the symptoms of Covid or indeed test positive. We encourage a working from home protocol when required to reduce the risk of contagion. ; Our internal systems and processes are resilient and offer a flexible and secure means of access, ensuring a seamless approach to our day-today activities. This results in a ‘business-as-usual’ protocol. This is further bolstered by disaster recovery measures which allow our business to be able to continue with limited impact.; As part of our ongoing recovery from COVID-19 we have implemented the following objectives to manage and recover from the impact of COVID-19:; - Improved and flexible workplace conditions ; - Training and re-training of staff; - Wellbeing meetings to support staff affected by COVID-19; Our business has also enabled our clients to operate from their homes, where they have been required to isolate and stay away from the office. Their ability to continue working from home means their businesses in turn are able to continue to operate throughout the Covid epidemic and in turn see their business flourish. ; Our continued effort to provide both our staff and clients alike, with the ability to work from home does not stop there. We also support our team in times of mental and physical stress by allowing them the time they need to seek the professional help they require to help them on their road to recovery.; The continuation of our service results in our need to find new people to join the business and help the growth of the firm in a socially responsible manner.

  Tackling economic inequality

  We understand the need to provide opportunities to those who have not been able to take advantage of the education system or have fallen in between the cracks of the social environment they have been raised in. Our apprenticeship program is primarily in the field of Information Technology, where we see a huge gap in human resources. These apprenticeships provide real world experience and provide a fast track into the technology industry and work amongst other members of the team who can share their knowledge and experiences.; We are also committed to the development and growth of our employees and are proud to have a workforce whom we continue to invest in by offering training at all levels of the business. ; We offer competitive remuneration as well to continue to invest in their development giving them further exposure new technologies and regulatory changes, coupled with career ‘Personal Development Plans (PDP).

  Equal opportunity

  At Zuri Technologies, we are committed to actively promoting diversity and equality of opportunity for all, irrespective of colour, religion, or social background. This is reflected in the diverse team we currently have at Zuri Technologies. We recognise that people come from a wide variety of backgrounds will give us a range of skills, abilities and experience; highlighting our commitment to these areas and outline the standards we expect from our staff and wider stakeholders.; We also welcome those people with disabilities and operate from premises which provide full mobility access to all parts of the office.

  Wellbeing

  Wellbeing is an important part of Zuri Technologies as we are focused on our employees’ mental and physical health and wellbeing are always a priority. We promote healthy lifestyles and positive mental health by encouraging our staff to better manage the demands of work-life balance. We regularly participate in team events, whether this be fortnightly football training or participating in events such as Tough Mudder, where we work as a collective team.; Mental health is a disease which is becoming more prevalent, and we recognise the need to offer staff the time they need to obtain the professional assistance they need. If staff are away from the office because of this issue, we maintain regular contact to track their recovery until they are ready to come back to work, where ‘back-to-work’ meetings are held.

Pricing

• Price: £140 to £3,000 a virtual machine a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Included for 1 month:; 1. 2 x Virtual Machines (spec); 2. Access to 9x5 support Monday to Friday ; 3. Software Licenses; 4. Virtual firewall; ; Not included:; 1. 24x7 support; 2. Application Support

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@zuri-tec.com. Tell them what format you need. It will help if you say what assistive technology you use.