TECHNOLOGY SERVICES GROUP

Backup, and Disaster Recovery Services with DATTO

TSG and Datto provides an industry-leading hybrid on-premise & cloud backup & DR solution. This technology provides localised granular data backup and recovery, with a secondary cloud backup.
This allows you to locally recover servers on the appliance or to recover your servers in the Datto cloud in a disaster.

Features

• Secure data backup on premise with rapid local granular restore
• Hybrid cloud backup to provide additional off-site backup copy
• Option for 1-year cloud retention with unlimited data capacity
• Screenshot verification
• AES 256 + SSL key-based encryption
• Backup monitored and protected with TSG SystemCare
• Option for unlimited cloud retention with unlimited data capacity

Benefits

• Instant on-site virtualisation
• Instant off-site virtualisation
• On-premise disaster recovery keeps your business operational
• Cloud disaster recovery provided even if local DR service lost

£1,050 to £13,500.00 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@tsg.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

645242312307005

Contact

Marketing Team
03332200777
info@tsg.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Planned maintenance arrangements
• System requirements:
  • Physical servers
  • Virtual servers
  • Storage size needed

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 08:00 - 18:00 Weekdays Excluding Bank Holidays and 24x7 cover if the client has TSG SystemCare support add-on. 1 to 4 hour response dependent on priority call, P1 - 30 mins, P2 - 1 hour, P3 - 4 hours, and P4 - 1 day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Interface has a compliant contrast ratio: 11.3 as well as WCAG compliant features which enable the use of page readers and keyboard navigation.
• Onsite support: Yes, at extra cost
• Support levels: 08:00 - 18:00 Weekdays Excluding Bank Holidays, and 24x7 cover if relevant SystemCare agreement is in place
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: User needs to provide TSG with a guide to the potential backup/storage size to ascertain the correct sizing for backup/dr.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: End users could utilise the export image functions to relevant supported devices.
• End-of-contract process: Relevant hardware appliance for initial storage capacity.; Install and configuration of appliance and connection to physical and virtual servers.; Upfront costs for appliance and implementation services; Monthly cost for Datto service

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: The Datto cloud offering would be reviewed, through their control process.

Analytics

• Service usage metrics: Yes
• Metrics types: Report can be generated via the Datto portal. These reports cover elements as backup schedule, backup success, and screenshot verifications.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Datto

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Never
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This option allows you to export a selected recovery point to vSphere Hypervisor (via VMDK or VMDK-linked) or Microsoft Hyper-V (via VHD or VHDX). You can export to an attached USB drive or a network share (CIFS/Samba or NFS).
• Data export formats: Other
• Other data export formats:
  • VHD
  • VHDX
  • VMDK-linked
• Data import formats: Other
• Other data import formats: VHD

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Contractually Datto's Service Level is guaranteed to 99.9% availability for any calendar month.
• Approach to resilience: All data is redundantly stored across a minimum of 2 data centres, and all services are designed to leverage the redundant data centre infrastructure powering Datto's services.
• Outage reporting: Datto provides information via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: MFA can be enabled and reviewed accordingly.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyd's Register
• ISO/IEC 27001 accreditation date: 22/07/2021
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Information security policies and processes TSG follow our own Information Security policy, more info available on request. Ultimate responsibility for ensuring Information Security rests with TSG’s Senior Management Team. They are responsible for ensuring a culture where Information Security is taken seriously by all employees and third parties acting on behalf of TSG. Responsibility for securing specific IT systems rests with the Head of IT, the Group Applications Director and the Service Delivery Director depending whether the systems are internal to TSG or are hosted on behalf of a customer.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The components of services are tracked through their lifetime Services are defined in conjunction with customer requirements at the point of initial engagement and as part of the onboarding process. During this definition of service, change management and service lifecycle management processes are designed around customer requirements and specific service needs. Changes are assessed for potential security impact All service changes are evaluated by a technical resource with focus on service performance, availability and security impacts.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Annual penetration tests carried out by a verified tester. We have an industry std Anti-Virus package deployed, utilise std tools such as threat management tools, anti ransomware etc. TSG also have a documented Disaster recovery policy. Patches are deployed weekly to end user devices/servers after been through internal testing. TSG have bespoke reporting and management software to assist in identifying potential threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Protective monitoring approach All devices have a monitoring agent on them which can identify potential issues and report back to our service desk. If an issue is identified we have an internal 4HR SLA to ensure remedial actions are carried asap, the seriousness of an incident will be assessed on discovery so that any priority issues can be responded to quickly. The internal SLA on a P1 is 30 minutes.
• Incident management type: Supplier-defined controls
• Incident management approach: TSG have a pre-defined incident process for common events. Users can report incidents via the Support desk. Incident reports are also provided via Support desk and/or Account management team. Benefits The benefits of a robust Incident Management process include: • Higher end user satisfaction through improved resolution time and quality of services. • Better performance against agreed service levels through higher service availability. • Higher efficiency and productivity for the customer due to fewer hours lost to interruptions to IT service. • Better alignment and collaboration between internal TSG departments.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  TSG are actively working to reduce their own Carbon output and evolving services and practices to support our customers on this journey as well.

Pricing

• Price: £1,050 to £13,500.00 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@tsg.com. Tell them what format you need. It will help if you say what assistive technology you use.