Skip to main content

Help us improve the Digital Marketplace - send your feedback

Ultima Business Solutions Ltd

Ultima Managed Cloud

Managed Cloud is built to address the ongoing challenges of running a public cloud environment: controlling costs, patch management and backup. Backed by our 24x7 support centre and our extensive technical enablement services Managed Cloud allows staff to refocus from business as usual to innovation.

Features

  • Delivered from our UK-based ISO27001 certified 24x7 Technical Service Centre
  • Two service tiers, providing accountability across both CSP and Azure
  • Bundle resources, management, licensing and support into affordable monthly subscription
  • Interactive dashboard grants insight into consumption, subscriptions, governance, billing, workloads
  • Eliminate excess resources through rightsizing, reducing consumption cost
  • 24x7 support for on-boarding, subscription, service management and security activities
  • Support for Azure compute, databases, management, networking, security, storage technologies
  • Managed Cloud costs scales on a per-service basis
  • Based on CSP framework, with contracts setup and renewed annually
  • Compliant with the 14 x NCSC cloud security principles

Benefits

  • Managed Cloud extends the out-of-the-box Azure experience
  • Automated provisioning, configuration, reporting, monitoring, security, optimization and maintenance
  • We have simplified cloud ownership, dramatically reducing operating costs
  • Dramatically reduce the need for human intervention around BAU activities
  • Offload majority of support tasks to a Microsoft Gold partner
  • Overcome the most common Public Cloud challenges plaguing IT teams
  • Our platform continually analyses Azure expenditure and optimizes licensing/usage
  • Reduce TCO and siphon the difference into an innovation budget
  • Stimulate innovation, kick-start growth and accelerate digital transformation
  • Scale your public cloud footprint using automation, over additional staff

Pricing

£1,000 to £65,000 a unit

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectorbids@ultima.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

6 3 9 2 5 8 3 0 1 1 3 7 5 3 6

Contact

Ultima Business Solutions Ltd Ultima Bid Office
Telephone: +44333 0158000
Email: publicsectorbids@ultima.com

Service scope

Service constraints
This service can only be provided on Azure CSP and EA agreements
System requirements
  • Azure CSP
  • Azure EA
  • Azure MCA/PAYG

User support

Email or online ticketing support
Email or online ticketing
Support response times
Priority 1 Tickets - 15 Minutes
Priority 2 Tickets - 4 hours
Priority 3 Tickets - 1 Day
Priority 4 Tickets - 2 Days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
No
Support levels
Ultima’s Managed Cloud is delivered through a single tier providing full 24x7 support and a range of add-on services from optimisation through to security analytics.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
As part of the on boarding to the service full user guides are sent out to the users which will be interacting with the service. There is also a FAQ and knowledge base that is provided to all registered users of the service.

If required online training can be arranged at an additional cost to the service.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
.docx
End-of-contract data extraction
The customers data is never stored on our systems, it will always reside within the customers tenant which at all times they are in control of.
End-of-contract process
All off boarding activities are included within the cost of the contract, would the management service is removed it is down the the customer to administer all aspects of there platform.

Using the service

Web browser interface
Yes
Using the web interface
Managed Cloud allows for users to have access to a service management portal or the Azure native user interface in order to create and manage services. Any action taken in either will be automatically reflected in the other portal without user interaction.

Within the service management portal there are a list of pre-approved changes which do not require any change control from a customer, if a customer wishes to go outside of this using there normal change control procedure this be facilitated directly in the Microsoft Azure portal or through the service management portal.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Detail for the service management portal can be found here https://docs.servicenow.com/bundle/orlando-release-notes/page/administer/accessibility-508-compliance/reference/r_VPAT.html

Details for the Azure portal can be found here: https://cloudblogs.microsoft.com/industry-blog/government/2018/09/11/accessibility-conformance-reports/
Web interface accessibility testing
Details of the testing for the service management portal can be found here: https://docs.servicenow.com/bundle/orlando-release-notes/page/administer/accessibility-508-compliance/reference/r_VPAT.html

Details for the Azure portal can be found here: https://cloudblogs.microsoft.com/industry-blog/government/2018/09/11/accessibility-conformance-reports/
API
Yes
What users can and can't do using the API
The service management portal does not surface any APIs for access as this is designed to be the single tool for service management. However Azure has a fully documented REST API which can be utilised, full documentation for this API can be found at the following link: https://docs.microsoft.com/en-us/rest/api/azure/
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
API documentation
Yes
API documentation formats
HTML
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
The service management does not have customer facing CLI and all changes to the underlying platform are handled by ourselves or third parties if required.

The Azure platform has full CLI access, documentation for this can be found here: https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
The management platform exists within each customers tenant rather than as a shared services environment and therefore cannot be impacted by any noisy neighbour. In order to provide the 3rd line support continual capacity planning takes place to make sure that there is capacity within our support facility for new and existing customers as they scale.

The service is underpinned by Microsoft Azure, as part of the underlying service as part of the infrastructure platform Microsoft continuously monitors service usage to project infrastructure needs to support availability commitments/requirements, further more there is continual capacity planning to support future demands.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
  • Other
Other metrics
  • Active connections
  • Configuration changes
  • Backup state
  • Patch state
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
What’s backed up
Virtual machines
Backup controls
By default there are 4 different schedules that can be applied based on the type of machine as well and the operating system that the machine is running.

Each of these 4 schedules has a patching window which is automatically used if there is not an override requested by the customer.
Datacentre setup
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
Scheduling backups
Supplier controls the whole backup schedule
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
For the management platform the there are SLA's for response based on the priority of the tickets with a 95% KPI:
Priority 1 tickets: 15 minutes
Priority 2 tickets: 4 hours
Priority 3 tickets: 1 day
Priority 4 tickets: 2 days

For the management platform the there are SLA's for resolution based on the priority of the tickets with a 95% KPI:
Priority 1 tickets: 4 hours
Priority 2 tickets: 8 hours
Priority 3 tickets: 2 days
Priority 4 tickets: 4 days

The SLA of the Azure platform is governed by Microsoft, details of which can be foound here: https://azure.microsoft.com/en-gb/support/legal/sla/
Approach to resilience
The service uses hyper-scale cloud technology with resilience built into the design of the components. The design follows best practice guidance for building cloud services which covers both security and resileince.
Outage reporting
The Azure platform has a publicly available here: https://status.azure.com/en-gb/status

As part of the service customers will also receive alerts as part of the service from the management platform.

Identity and authentication

User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
Access restrictions in management interfaces and support channels
As part of the service setup and ongoing reviews account can be added and removed from the access to the service by approved users. As part of this process the user can be setup as an Incident Contact, Change Requester or Change Approver or a combination of all three.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyd's Register
ISO/IEC 27001 accreditation date
23/08/2018
What the ISO/IEC 27001 doesn’t cover
Please see https://www.microsoft.com/en-us/trustcenter/compliance/iso-iec-27001
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
ISO 27001 and ISO 9001 are followed across the business

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our change management system logs all systems into our ITSM platform. From here changes are validated by technical professionals before actioning.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The processes used as part of the service are ITIL aligned and are required to meet our ISO27001 accreditation
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The processes used as part of the service are ITIL aligned and are required to meet our ISO27001 accreditation
Incident management type
Supplier-defined controls
Incident management approach
The processes used as part of the service are ITIL aligned and are required to meet our ISO27001 accreditation

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
The shared platform is part of the Microsoft Azure hyper-scale platform.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
For this service we are leveraging Microsoft datacentres for hosting of services. Details on how the Microsoft datacentres meet the EU code of conduct for energy efficient datacentres can be found within this document: https://download.microsoft.com/download/6/8/F/68F6C057-7ED4-440C-81A9-E289AACFB3DA/DublinDataCentreCasestudy_FINAL.pdf

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

Fighting climate change

Fighting climate change

Specific targets will be agreed with each customer at contract commencement, such as dedicated hours to a cause, green consultancy, or activities in the local area. However, at a broader level Ultima will deliver wider benefits. Our services are carried out remotely, wherever possible, reducing carbon emissions. Public transport will be encouraged for any mandatory travel. This ensures that customers working with us will have low supply chain carbon emissions. The services provided will also enable our customers to reduce their carbon emissions. For example, reduction of hardware and datacentre reliance through hosting and management. Resources used will be maximised through replicated use, reducing overall impact on the environment. Additionally, for every new member of staff hired, Ultima will plant one tree to offset their carbon footprint. Therefore, through working with Ultima, customers are reducing carbon emissions through a greener supply chain, and through reduction of their own infrastructure.

Covid-19 recovery

Covid-19 recovery

Specific targets will be agreed with each customer at contract commencement, such as dedicated hours to CV/interview training, work placement targets, or retraining. However, at a broader level Ultima will deliver wider benefits. Working with Ultima will enable cloud services, and therefore, flexibility to effective and reliable remote working for customers. Therefore, those most vulnerable will have better access to IT services and allow efficient social distancing. Furthermore, Ultima is committed to the mental health of those working with us. Support will be offered to anyone working on each customer contract.

Tackling economic inequality

Tackling economic inequality

Specific targets will be agreed with each customer at contract commencement, such as percentage of SME supply chain, work placement targets, or apprenticeships. However, at a broader level Ultima will deliver wider benefits. By working with Ultima, customers will be spending with an organisation with the flexibility to work directly with SMEs, and can offer this as a choice. Ultima work with SMEs as part of the supply chain. Therefore, customers are supporting SMEs through working with Ultima.

Equal opportunity

Equal opportunity

Specific targets will be agreed with each customer at contract commencement, such as targeted training, work placement targets, or apprenticeships. However, at a broader level Ultima will deliver wider benefits. Ultima are committed to ending modern slavery. This is demonstrated through the actions outlined in the modern slavery statement. Therefore, by working with Ultima, customers are actively reducing risks associated to modern slavery via their supply chain.

Pricing

Price
£1,000 to £65,000 a unit
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
A trail is available for customer to access a controlled environment to test the features of the service

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectorbids@ultima.com. Tell them what format you need. It will help if you say what assistive technology you use.