Fantastic Cloud Services Ltd

Veeam Backup & Replication

Veeam Backup & Replication. Veeam Backup & Replication Managed service.
Backup your onsite or cloud data to our UK based data centres or cloud repositories.

Features

• Enterprise Data protection to ensure data availability
• Meet data governance and security requirements
• Backup for On-Premise and Cloud Data
• Data encrypted at source in flight and at rest
• Offsite hosted cloud repository for backups via secure SSL connection
• Leverage AWS and Azure Storage or FCS UK Data Centres
• Complete visibility and control directly from the Veeam backup console
• Data located in the UK only

Benefits

• Best Practice to meet 3-2-1 Backup Rule
• Cost Effective
• FCS Expertise
• Compliance

£4.20 to £7.56 an instance a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@fcs-protect.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

627247461350306

Contact

Jez Wyatt
03336669991
info@fcs-protect.co.uk

Service scope

• Service constraints: Veeam Availability Suite™, Veeam Backup & Replication™ & Veeam Backup Essentials™ needs to be installed where the data resides to protect the data.
• System requirements:
  • Veeam Availability Suite™
  • Veeam Backup & Replication™
  • Veeam Backup Essentials™

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: FCS UK Business Hours 9am - 5pm:; Business Impact & Target Response Times:; High - 1 Hour; Medium - 2 Hours; Low - 4 Hours; None - 8 Hours; ; FCS None UK Business Hours; Business Impact & Target Response Times:; High - 2 Hour; Medium - 4 Hours; Low - 8 Hours; None - Next Business Day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Chat via Microsoft Teams so accessible by everyone who has access to MS Teams.
• Web chat accessibility testing: N/A
• Onsite support: Yes, at extra cost
• Support levels: Full Support is provided in the costs including:; Initial Setup; Assistance in Backup & Restores; Administration Assistance; ; Support is provided by: Email, Ticketing System or Phone via the FCS Support desk.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: FCS Will provide full training to administer the solution as required as part of the subscription. Training will be provided remotely
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: If required data can be exported to a device supplied by the customer and shipped to them. Data could also be made available to be downloaded at the end of the contract if an extension is not chosen.
• End-of-contract process: At the end of the contract the ability to backup & restore will stop. Any required data must be requested prior to the end of the contract. Any requested data will be exported to either the device supplied by the customer or made available to download for up to 30 days after the contract ends at which all held data will be deleted.; If there is no request for the data, all held data will be deleted within 30 days of the contract end date.

Using the service

• Web browser interface: No
• API: Yes
• What users can and can't do using the API: Veeam provide a large number of API's to control the backup & restore of data such as: Starting a backup, 1 click restore, restoring a whole VM & assigning a restore scope.; For more details of the options available please get in touch.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility: Windows
• Using the command line interface: Veeam Backup & Replication comes with the PowerShell extension — a snap-in to Microsoft Windows PowerShell. The Veeam Backup PowerShell snap-in allows you to do almost all operations that are available in the user interface. Keep in mind that actions performed with PowerShell have the same force as actions performed via Veeam Backup & Replication: for example, if you delete a job with a PowerShell script, the job will be removed from the Veeam Backup & Replication database, and you will not be able to undo changes.; Please get in touch to fins out more.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: FCS Infrastructure is built on redundant hardware and networking. The infrastructure can scale quickly to meet demand.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • Number of active instances
  • Other
• Other metrics:
  • Backup Storage data size usage in TB's.
  • Number of protected servers
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Veeam Availability Suite

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Cloud, virtual and physical backup and recovery options
  • Image-based virtual machine (VM) replication from a VM or backup
  • Simple 2-step direct restore to AWS, Microsoft Azure and more
  • Microsoft Exchange, Microsoft Active Directory, Microsoft SharePoint, Microsoft SQL Server
  • Oracle
• Backup controls: As scheduled in the Veeam Backup and Recovery Console
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.99% - Availability indication is based on an average 730 hours per month. Excludes planned and emergency maintenance.; Users are refunded with credits.
• Approach to resilience: FCS only use T3+ Rated Data Centres; Redundant ISP links; Resilient Network, Firewalls, Switching, Routers; Multi Host Virtual Infrastructure; Multi Controller Storage utilising RAID technology for disk failure protection.; More details available on request.
• Outage reporting: If FCS are experiencing service issues then an email will be sent to the listed customer contacts

Identity and authentication

• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Other user authentication: Users authenticate to the Veeam Backup & Replication console or Enterprise manager to control their backups and restores.
• Access restrictions in management interfaces and support channels: Access is only possible via the customers Veeam Backup & Replication Console as this controls the security and authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 12/01/16
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: FCS Information Security Policies and Processes has a range of policies that are meet the ISO27001 standards and requirements; All staff are vetted against the companies hiring policy and will receive any required training. They must also sign a document acknowledging they have read and will comply with the company policies. Controls are applied to enforce compliance.; Overall responsibility for Information Security rests with the ISMS Manager. FCS implements formal, documented policies and procedures that provide guidance for operations and information security within the organisation. Policies address purpose, scope, roles, responsibilities and management commitment. Policies are accessible from a centralised and accessible location.; FCS has established information security functions that are aligned with defined structure, reporting lines, and responsibilities. Policies are approved and reviewed by FCS leadership at least biannually or following a significant change to the FCS environment.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All configuration and change management is controlled as per the FCS ISO27001 Change Request Management Process
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: FCS run weekly authenticated vulnerability scans of our infrastructure and applications using Alienvault vulnerability scanner and remediate issues according to our patching schedule or as required (for medium and above criticality vulnerabilities). Our Pen Testing supplier also runs monthly external scans. We analyse internal logs for abnormalities. Anything unusual triggers an alarm and a standard playbook solution. Systems that can run automatic patching are set to do so. Bugs that we have detected so far have been resolved within hours at most and none of them at present have been related to security issues.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: FCS protects its services with protective monitoring inline with CESG published GPG13
• Incident management type: Supplier-defined controls
• Incident management approach: FCS has established processes and controls as per ISO27001

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Dedicated VLAN's and Storage container per customer

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Best practice energy efficiency measures and more beyond this voluntary code of conduct. Cold Aisle Containment PUE < 1.4 Intelligent controls on AC systems (variable speed) Free air cooling 100% renewable energy contract 2MW Battery storage system (stores renewable energy) Voltage Optimisation to reduce energy wastage Super low loss transformer

Social Value

• Fighting climate change:

  Fighting climate change

  FCS are always looking to reduce any impact to climate change where possible utilising the cleanest and most efficient solution. ; ; Employees are encouraged to bike to work with FCS offering bike to work schemes for any staff member who wants to utilise it. ; ; FCS’s primary data centre has just become the first DC in the UK to install a Hydrogen Ready Fuel Cell to provide clean energy to the data centre helping to reduce greenhouse gases.
• Covid-19 recovery:

  Covid-19 recovery

  FCS followed one of the popular Covid 19 Recovery guides that followed three phases, Respond, Recover, Thrive taking steps at each point during Covid 19 with the new challenges that came up working through them. ; ; FCS have always offered a flexible working environment with the ability to work from home and working hours to suit a work life balance. As part of Covid-19 recovery FCS have been mindful that staff had different needs and requirements during the period and supporting where possible.
• Tackling economic inequality:

  Tackling economic inequality

  FCS use several local businesses for services and support who are start up businesses rather than using larger more well known companies.
• Equal opportunity:

  Equal opportunity

  It is the Policy of the Organisation that all employment decisions are based on principles of Equal Employment Opportunity. Accordingly the Organisation does not discriminate on the basis of race, colour, creed, gender, national origin, disability, age, veteran status, citizenship, marital status or sexual orientation. The Organisation maintains a professional business environment that is free from harassment of verbal or physical nature.
• Wellbeing:

  Wellbeing

  FCS take staff wellbeing seriously ensuring that all staff’s health and wellbeing is a top priority allowing a flexible working environment with team building activities and remote working to name a few.

Pricing

• Price: £4.20 to £7.56 an instance a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full Setup and trial for 1 months up to 10 Instances.; If a longer or larger trial is required this may be possible.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@fcs-protect.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.