Barracuda Email Protection
Barracuda Email Protection provides the most comprehensive protection against all 13 email threat types, from spam and ransomware to socially engineered threats such as spear phishing, business email compromise, and account takeover.
Features
- Spam, Malware and Advanced Threat Protection
- Phishing & Imprsonation Protection
- Account Takeover Protection
- Domain Fraud Protection
- Post Delivery Rememdiation and Aleting
- Email Encryption and DLP
- Security Awareness Training
- Email Archiving
- Office 365 Cloud backup
- Office 365 Data Inspector
Benefits
- Spam, Malware and Advanced Threat Protection
- Phishing & Imprsonation Protection
- Account Takeover Protection
- Domain Fraud Protection
- Post Delivery Rememdiation and Aleting
- Email Encryption and DLP
- Security Awareness Training
- Email Archiving
- Office 365 Cloud backup
- Office 365 Data Inspector
Pricing
£70 to £90 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
6 3 2 3 8 0 3 4 6 2 7 9 1 7 9
Contact
Central Networks and Technologies Ltd
John Blackburn
Telephone: 01706747474
Email: sales@centralnetworks.co.uk
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Office 365
- Cloud deployment model
- Public cloud
- Service constraints
- None
- System requirements
-
- Per user license model
- Optional Outlook Plugin for reporting
- SaaS platform with no additional requirements
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 4 hour response SLA
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Log and update Tickets, view incident information.
- Web chat accessibility testing
- N/A
- Onsite support
- Yes, at extra cost
- Support levels
- All Barracuda SaaS software comes with 24x7x365 support services included with the service. Premium support can be purchased at additional cost
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- All Barracuda customer have access to Barracuda Campus which documents both how to use the system and gives access to self paced video training. Customer may also purchase Professional Services direct from Barracuda to support installation and delivery of the solution. Professional Services are an additional cost.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- At end of contract Barracuda will destroy any data held within the system within 90 days of license expiry. If customer would like to extract data contract Barracuda Support or Account Manager to discuss options. Professional Services charges may apply for data extraction
- End-of-contract process
- At end of contract Barracuda will destroy any data held within the system within 90 days of license expiry. If customer would like to extract data contract Barracuda Support or Account Manager to discuss options. Professional Services charges may apply for data extraction
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- Yes
- What users can and can't do using the API
- All Barracuda customers have access to Barracuda Campus which documents both how to use the system and gives access to self paced video training. Customer may also purchase Professional Services direct from Barracuda to support installation and delivery of the solution. Professional Services are an additional cost.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- No
Scaling
- Independence of resources
- Barracuda SaaS platforms are buily including multiple monitoring mechanisms in place to ensure resilliance of services with auto scale capabilties. This ensures as load veries on the platform the correct services are allocated to ensure performance for eac customer and across the platform.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Email alerts related to security incidents and statistics
- Reporting types
-
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Barracuda
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- Other locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Other
- Other data at rest protection approach
- Cloud to cloud Backup secures data transfers using HTTPs. Before data is stored in the Barracuda Cloud, CCB breaks protected files down into parts that are variable in size and fingerprints those parts for analysis, comparison and deduplication. Those parts are AES 256- bit symmetrically encrypted, are written into storage at the Barracuda Cloud in an encrypted state and remain encrypted until requested for restore.
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Customers have the ability to export data user by user or may request services for bulk export
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- ZIP format
- Email are .EML Files
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- ZIP Format
- Email are .EML Files
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection between networks
- Email data will be received either in clear text for via TLS dependant on configuration settings. All other Data is protected in transit via TLS 1.2 encryption
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection within supplier network
- Email data will be received either in clear text for via TLS dependant on configuration settings. All other Data is protected in transit via TLS 1.2 encryption
Availability and resilience
- Guaranteed availability
-
"Barracuda Networks supply a service with an SLA of 99.9%. See link for latest SLA documentation
https://assets.barracuda.com/assets/docs/dms/Barracuda_Email_Protection_SLA.pdf" - Approach to resilience
- Barracuda SaaS platforms are designed and built with resillence in mind. Further Information is available upon request.
- Outage reporting
- Customer may subscribe to outage notifications via SMS and Email for the relevant services. They can also view the outage status by visiting https://status.barracuda.com
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Other
- Other user authentication
- Authentication is required to access the platform. This can be username and password with inbuilt MFA or syncronised with Azure AD
- Access restrictions in management interfaces and support channels
- Accsses is based on username and password with MFA. Access to functions is control via RBAC.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Other
- Description of management access authentication
- Authentication is required to access the platform. This can be username and password with inbuilt MFA or syncronised with Azure AD
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- Between 1 month and 6 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- Soc 2 type 2
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- CSA CCM version 3.0
- ISO/IEC 27001
- Other
- Other security governance standards
- SOC 2 Type 2
- Information security policies and processes
-
"Please see below for overview of security standards
https://www.barracuda.com/company/legal/trust-center/security-compliance#paranav-navbar"
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Details around policies and procedures are not published to the public. Information can be requested during procurment if required
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Details around policies and procedures are not published to the public. Information can be requested during procurment if required
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Details around policies and procedures are not published to the public. Information can be requested during procurment if required
- Incident management type
- Supplier-defined controls
- Incident management approach
-
If Barracuda becomes aware of any unlawful access to any Customer Data stored on Barracuda’s equipment or in Barracuda’s facilities that results in the loss, disclosure or alteration of Customer Data (each a “Security Incident”), Barracuda will promptly (1) notify Customer of the Security Incident; (2) investigate the Security Incident; and (3) take reasonable steps to mitigate the effects of, and minimize any damage resulting from, the Security Incident.
Security Incidents Notification(s) will be delivered to one or more Customer administrator by a means selected by Barracuda, including via email.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
Central is committed to taking all opportunities to fight climate change by using the most efficient power sources possible and performing remote diagnostics and engineering where possible thus reducing carbon emissions. To sustain and protect the environment, we will: 1. Ensure that waste and pollution is minimised 2. Liaise with other suppliers and customers to facilitate the best possible environmental practices in the manufacturing and installation processes. 3. Discuss environmental issues regularly at the highest levels of the Company. 4. Co-operate with the appropriate authorities and technical bodies in the formation of standards and the means of compliance. 5. Regulate and improve our manufacturing processes to ensure the least practicable impact on the environment, encouraging our employees to help, and investing ahead of legislative requirements. 6. Endeavour to source products and components that can be remanufactured or recycled and have the least impact on the environment in their manufacture or use. - Covid-19 recovery
-
Covid-19 recovery
Centrals office is now fully open to employees with some choosing to work from home. We still have restrictions in place in terms of social distancing in the office however there is no longer a need to wear masks at work. We have fully recovered our systems back to pre-covid levels. - Tackling economic inequality
-
Tackling economic inequality
Central examines our supply chain to ensure that our suppliers follow a strategy of tacking economic inequality. Procurement of goods and services does not hinder progress. Within this we pay all our employees a living wage and actively encouraging suppliers to do the same, thus ensuring that our employees and our suppliers employees can afford a decent standard of living for their households. We eliminate employee discrimination and again actively encourage suppliers to do the same. We therefore take no notice of age, gender, disability, ethnicity, origin, religion or economic or other status – all have equal access to employment, training and advancement opportunities. We address employee concerns in these areas and again actively encourage suppliers to do the same. We believe that our employees are empowered to voice concerns over unequal treatment or breaches to their rights, and that such concerns are handled appropriately. - Equal opportunity
-
Equal opportunity
Central Networks and Technologies Limited (CNT) are an equal opportunities employer. We believe it is wrong to discriminate on grounds of sex, marital status, age, race, colour, religion, national origin, disability or sexual orientation. We believe that our future depends on employing staff of the highest calibre, and we should therefore recruit as widely as possible. The company will therefore provide equal opportunities in terms of recruitment, training and promotion. The company will continually monitor the effectiveness of this policy. Recruitment 1. Jobs will be open to anyone who meets the requirements. Each job will have a precise job description. All items in the job description will relate strictly to the performance of the work. Standards of English, education or qualifications higher than the job strictly requires will not be included in job descriptions. Any selection test will cover only matters relevant to the tasks to be performed. 2. All job advertisements will be free of any reference to sex, marital status, colour, religion, age, national origin or physical limitation unless this is a genuine occupational qualification. Language commonly used, but associated with the sex, e.g., ‘milkman’ will be avoided. All adverts will make clear the company is an equal opportunities employer. 3. Vacancies will be advertised in Job Centres, Careers Offices, Employment Agencies, local newspapers, and publications circulating amongst women, ethnic minorities, and people with disabilities, in order to broaden the field of possible applicants. 4. Job application forms will make it clear the company is an equal opportunities employer and will not include questions regarding marital status or dependants. - Wellbeing
-
Wellbeing
Central has a wellbeing framework which is understood company wide and applied. We encourage employees to have control over their own function. What is expected of them is clearly communicated and understood. There are a variety of roles in Central and employees can adapt them selves into roles as they see fit. We have a positive relationships between managers and employees, much as in a customer and supplier relationship. each employee is provided with assessment and supervision at least once a year. Each employee has several training events per year. The office is a safe and pleasant working environment. Central offers a good work./life balance and flexible working methods.
Pricing
- Price
- £70 to £90 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- 7-14 days free trial - all features unlocked
- Link to free trial
- https://www.barracuda.com/email-protection-trial