Microsoft Azure Service Bus
Resilient, standards-based Messaging Bus
Features
- Queues
- Topics
Benefits
- A PaaS approach for Messaging
Pricing
£0.04 to £0.05 a unit
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at richard.howes@nak.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
6 7 3 5 5 3 9 7 4 2 4 8 3 6 5
Contact
NAK Consulting Services Ltd
Richard Howes
Telephone: 08450 230 286
Email: richard.howes@nak.co.uk
Service scope
- Service constraints
- Underlying maintenance arrangements and other restrictions as stipulated by Microsoft Azure
- System requirements
- Azure subscription procured through NAK
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
P1 (Critical Business Impact) – 15 minutes
P2 (Moderate Business Impact) – 1 hour
P3 (Minimum Business Impact) – 24 hours - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Relay of Azure Support Requests to Microsoft - Response SLA:
P1 (Critical Business Impact) – 15 minutes
P2 (Moderate Business Impact) – 1 hour
P3 (Minimum Business Impact) – 24 hours
Relay of Quota Increase Requests to Microsoft - Response SLA:
8 hours
Creation of Azure Reservations and Azure Savings Plans:
- Response SLA of two business days
- Resolution SLA of two business days (once buyer has provided all required information) - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Depending on the level of service taken, NAK will provide varying levels of assistance to users when onboarding the service. If a fully managed type service is chosen, NAK will run through an onboarding exercise and provide documentation.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- NAK are providing Azure services, when a contract ends the users can move their Azure services to another Microsoft CSP and retain their data in the same way. If users want to remove their data from Azure, NAK can facilitate on a chargeable basis.
- End-of-contract process
- Any requests outside of the scope of support defined in the service at the end of a contract would be an additional cost.
Using the service
- Web browser interface
- Yes
- Using the web interface
- All operations provided and supported by the Microsoft Azure web-based Portal
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- The Azure Portal is developed and maintained by Microsoft in line with generally-accepted industry accessibility standards
- Web interface accessibility testing
- None - the Azure Portal is provided by Microsoft Azure
- API
- Yes
- What users can and can't do using the API
- All operations supported by the underlying Microsoft Azure API
- API automation tools
-
- Ansible
- Chef
- Terraform
- Puppet
- Other
- Other API automation tools
-
- PowerShell
- Bicep
- Azure Resource Manager
- API documentation
- No
- Command line interface
- Yes
- Command line interface compatibility
-
- Linux or Unix
- Windows
- MacOS
- Using the command line interface
- All operations supported by the underlying Microsoft Azure API and associated providers (such as Az PowerShell and the Azure Command Line Interface - az cli)
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
- Microsoft Azure manages the underlying infrastructure and handles servicing user demand, including separating demand from different groups of users
- Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
- Other
- Other metrics
-
- Incoming Requests
- Successful Requests
- Server Errors
- User Errors
- Throttled Requests
- Server Send Latency
- Incoming Messages
- Outgoing Messages
- Messages
- Active Messages
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft Azure
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- Never
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- No
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Availability is as per underlying Microsoft Azure SLAs
- Approach to resilience
- Resilience is per support provided by underlying Microsoft Azure capabilities and options
- Outage reporting
- Microsoft Azure provides a public dashboard tracking any service outages
Identity and authentication
- User authentication
- 2-factor authentication
- Access restrictions in management interfaces and support channels
- NAK utilises a multi-tenant ITSM toolset, this ensures all customer data is kept separately within it's own tenant. Individual buyer users are validated during the onboarding process. Technical access for buyer users to Azure resources is facilitated by granting the minimum set of roles or permissions to Entra ID groups whose members receive the roles or permissions. Access for NAK staff to Azure resources is granted using Granular Delegated Admin Privileges (GDAP).
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- 2-factor authentication
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QAS International
- ISO/IEC 27001 accreditation date
- 27/01/2024
- What the ISO/IEC 27001 doesn’t cover
- NAK's lab environment
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Below is the list of processes and policies we follow. NAK go through an annual surveillance audit and at least 3 annual internal audits of the various components. All identified non-compliances are reported to NAK's Information Security Management Committee.
Information Security Policy
Access Control Policy
Acceptable Use of Assets Policy
Business Continuity Procedure
Change Management Procedure
Communications Policy
Cryptographic Controls Policy
Human Resource Security Policy
Information Classification Policy
Information Security Incident Management Procedure
Mobile Device Policy
Operating Procedures for IT Management
Password Security Policy
Secure System Engineering Principles Policy
Supplier Security Policy
Server Maintenance Procedure
Determining the Scope of the ISMS Policy
Performance Evaluation Procedure
Planning to Achieve security Objectives
Risk Assessment Procedure
Document, Records & Data Control
Internal Audit Procedure
Management Review
Control of Nonconforming Product
Multi-Factor Authentication Policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- NAK manage a Configuration Management Database through our ITSM toolset. NAK's Change Management process is run and managed through our ITSM toolset.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- We assess vulnerabilities on their CVE score. CVE vulnerabilities of 8+ will be remediated within 14 days, providing a patch is available. NAK receives alerts from key vendors of any vulnerabilities and we also scan vendor security updates.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Compromises are picked up through Microsoft Defender and Deep Instinct. Once identified, the compromise would be handled as part of NAK's standard Incident Management process
- Incident management type
- Supplier-defined controls
- Incident management approach
- NAK run a standard ITIL Incident/Major Incident process. Users are able to report incidents via telephone, e-mail or portal. For Major Incidents, NAK will provide a root cause analysis report detailing a timeline of events, the cause of the incident and any remedial actions.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Third-party
- Third-party virtualisation provider
- Microsoft Azure
- How shared infrastructure is kept separate
- This is handled within Microsoft Azure
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- In an independent review, SCOPE Europe determined that Microsoft Azure datacentres meet the EU Cloud CoC Second Level of Compliance
Social Value
- Social Value
-
Social Value
Tackling economic inequalityTackling economic inequality
Buyers who procure Microsoft Azure Services support the economic growth of NAK Consulting Services as an SME, resulting in the creation of new jobs and distribution of new skills.
Pricing
- Price
- £0.04 to £0.05 a unit
- Discount for educational organisations
- No
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at richard.howes@nak.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.