20I LIMITED

Managed Hosting

Our Managed Hosting gives you the freedom and power of a private server or cluster but without the overheard of self-management or self-hosting. For Managed Hosting our team will discuss, design and implement a platform to your needs. If you have any problems, support is on hand to help, 24/7.

Features

• Free Global CDN
• Expert UK Support 24x7x365
• Automatic Malware Scans
• 30-days backup technology as standard
• 1 Tbps+ DDoS Protection
• Optimised PHP-FPM
• Free Global CDN
• Unlimited Email Accounts Included

Benefits

• 99.99% Uptime Guarantee
• No bandwidth charges
• Easy server management (fully responsive for all devices)
• Powered by 100% Renewable Energy
• Host in the UK or USA

£49.99 to £499.99 a server a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@20i.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

669365461928031

Contact

Lloyd Cobb
0333 344 2720
gcloud@20i.com

Service scope

• Service constraints: We have planned maintenance from time to time. We will use reasonable endeavour to perform such works out of hours and give customers at least 72 hours minimum notice. We reserve the right to conduct emergency maintenance if necessary and we'll always make efforts to inform impacted customers before hand, but this may not be possible.
• System requirements: Our Terms and Conditions must be followed

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Urgent tickets receive a reply within 10 minutes. Standard response is within 30 minutes. Live chat support is instant chat.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: None specific to web chat.
• Onsite support: No
• Support levels: Our UK based technical support is available 24/7. Managed Hosting services are immediately dealt with at a higher priority and have an assigned technical account manager available 0900-1700.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: User documentation through online support knowledgebase and our Getting Started Guides cover the control panel functionality and most interface functionality, with 24/7 access to tickets/live chats to further clarify any queries or questions.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Backups of all services are available from the control panel and can be downloaded on demand.
• End-of-contract process: Automatic renewal for the original term unless otherwise cancelled. Cancellation can occur up to 72 hours prior to renewal date.

Using the service

• Web browser interface: Yes
• Using the web interface: Hosting accounts can be added, removed, suspended, unsuspended and deleted via the control panel. All management functionality is available via the interface and actions are performed in real time.
• Web interface accessibility standard: WCAG 2.1 A
• Web interface accessibility testing: Yearly external UX/UI testing.
• API: No
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Managed Hosting resources are pre-allocated/dedicated depending on the service specification chosen.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • All files
  • All databases
• Backup controls: Automatic daily snapshots are taken and kept for 30 days. An unlimited number of 'on demand' snapshots can be initiated at anytime via the control panel, they are automatically removed after 30 days.; ; All backups are stored entirely offsite in a secondary UK data centre.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.99% network availability in a given month for our Virtual Private Servers (VPS). Upgrades, scheduled maintenance, or emergency maintenance windows excluded. If availability falls below this guarantee in any given calendar month we shall credit your account with a half day (12 hours) service credit for each hour that the service is not available
• Approach to resilience: Systems have been designed to eliminate single points of failure. Data is replicated between physically different machines on single-purpose servers. Data is regularly copied to separate ‘backup’ servers for disaster recovery. 20i operate multiple layers of network protection to help keep its network safe. Known ‘command and control’ networks are blocked at the network edge and various layers of brute force and application layer protection are used to filter out common HTTP attack techniques such as SQL injection and DDoS vulnerabilities. External attack surface is kept to a minimum by only deploying purpose-built load balancers at the network edge, with further connectivity utilising internal and ; dedicated private network links. Every link and network connection is redundant.
• Outage reporting: All service impacting events are reported through a public dashboard. We keep the information up to date throughout the incident and follow up with an evaluation once the incident is resolved. RSS feeds can be used to record and alert upon new and ongoing incidents.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
• Access restrictions in management interfaces and support channels: 20i employees need to identify themselves before accessing any internal system. 20i use centralised identification and security policies that follow a least privilege and need-to-know access policy.; ; 2 Factor Authentication (2FA) is available to all staff and customers,
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: An ISO 27001 ISMS is in place and operational. Our ISO regularly audits the system and ensures policies are adhered to.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A code review process is followed to help increase the security and reliability of any code used to provide the 20i service. New code releases are always tested in a development and further staging environments, and where applicable, a Canary release technique is then used as part of live deployment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Every machine connected to the 20i network is managed by a central identity management system and logging platform. 20i conducts regular audits across the entire platform and automatically scans for common software vulnerabilities using a combination of commercial and in-house tools. These reports are made available to Customer’s through the control panel.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Automatic multi-layered DDoS protection ensuring any malicious traffic is dropped. Centralized audit log and automated monitoring of installed software vs known CVEs and alerts to ensure all software is kept up to date.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident management process is aligned with ISO27001:2013, incident status also made available via online system status portal

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: KVM hypervisor
• How shared infrastructure is kept separate: No two customers share the same virtual machine, virtual machines are kept apart using the Hypervisor security controls. Network protection is enforced through the use of network filters, additionally customers can also create their own private networks (Utilizing VXLAN) if necessary.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: All of our hosting runs on 100% renewable power Data Centre PUE (Power Usage Effectiveness) rating of 1.12. We run a paperless office and recycle all our waste. It’s lit by automatic LED lighting. Everything from the snacks we eat to our cleaning products are chosen for their green credentials. Our headquarters are in Ransom Wood, in Nottinghamshire, UK. The office complex is powered by 2,088 solar panels, which offset thousands of tonnes of carbon each year.

Social Value

• Fighting climate change:

  Fighting climate change

  All of our hosting runs on 100% renewable power Data Centre PUE (Power Usage Effectiveness) rating of 1.12. We run a paperless office and recycle all our waste. It’s lit by automatic LED lighting. Everything from the snacks we eat to our cleaning products are chosen for their green credentials. Our headquarters are in Ransom Wood, in Nottinghamshire, UK. The office complex is powered by 2,088 solar panels, which offset thousands of tonnes of carbon each year. Employees are encouraged to work from home when they can, car share when possible, and we run cycle to work scheme.
• Equal opportunity:

  Equal opportunity

  20i recognises the benefits of a diverse workforce and is committed to providing a working environment that is free from discrimination. It will seek to promote the principles of equality and diversity in all its dealings with employees, workers, job applicants, clients, customers, suppliers, contractors, recruitment agencies and the public.

Pricing

• Price: £49.99 to £499.99 a server a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@20i.com. Tell them what format you need. It will help if you say what assistive technology you use.