MASE TEK LTD

Long Term Backup Cloud Storage

MaseTek offers a secure cloud backup storage solution for offloading full data backups. Store unlimited backups offsite in our highly redundant cloud environment for long-term retention. Automated backups, encryption, and rapid data retrieval ensure business continuity without managing physical tapes.

Features

• Offsite Cloud Storage
• Unlimited Capacity
• Automated Backups
• Data Encryption
• Rapid Retrieval
• Scalable Architecture
• Multi-tenancy Support
• Versioning Support
• Global Availability

Benefits

• Store backups securely in our geographically remote cloud
• Virtually limitless storage capacity for your backup data
• Schedule regular, automated backup processes for consistent protection
• End-to-end encryption for data in transit and rest
• Quick restoration of backed-up data from the cloud
• Seamlessly scale storage capacity as your backup needs grow
• Separate backup environments for different organizational units
• Maintain multiple versions of backups for point-in-time recovery.
• Access your backups from anywhere with internet connectivity

£10 to £25 a terabyte a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@masetek.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

679773132519758

Contact

Michael
07862784752
info@masetek.co.uk

Service scope

• Service constraints: Internet bandwidth impacts backup/restore speeds. Initial seeding via physical media may be required for very large backups. Software compatibility is essential across the customer's systems. Scheduled maintenance windows can temporarily disrupt operations. Long-term data retention may incur additional fees based on usage. Support covers the cloud service, not on-premises sources. Available storage regions are limited by data residency rules. Protection against ransomware encrypting new backups is limited. Retrieving backups from archival cold storage incurs fees. Backup/restore procedures must align with the customer's regulatory compliance obligations, which MaseTek can guide but not guarantee.
• System requirements:
  • Compatible backup client software e.g. Veeam
  • Up-to-date operating systems and patches on backed up systems
  • High-speed internet connectivity with sufficient bandwidth
  • Site-to-site VPN or secure network connection for data transfer
  • Firewall rules to allow required service ports and protocols
  • Data encryption capabilities if sending backups un-encrypted
  • Cloud accounts/identity source for authentication to the service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: MaseTek guarantees responsive support for our cloud backup service. Monday-Friday business hours: inquiries receive an initial response within 2 business hours. Weekends and holidays: extended 4-hour initial response time. For critical, service-impacting emergencies: around-the-clock escalation with a 1-hour response target, any day. Support teams follow-the-sun across regions, intelligently routing issues for efficient resourcing based on type and severity. Whether a simple question or urgent incident, MaseTek prioritizes addressing your needs quickly while maintaining high-quality resolutions. With this responsive support model, you can rely on timely assistance to keep your cloud backups running smoothly.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: MaseTek's cloud backup storage service, we offer two primary services based on data sizes - Upload Service and Retrieval Service.; ; Upload Service:; This service covers the uploading and storing of your backup data in our secure cloud environment. Pricing is based on the total size of data uploaded each month, with competitive rates for every GB/TB uploaded. Higher data volumes qualify for further discounted rates.; ; Retrieval Service:; In the event you need to retrieve and restore backup data, our Retrieval Service handles downloading your data from the cloud back to your environment. Pricing is based on the size of data retrieved, charged per GB/TB downloaded. We offer flexible retrieval options from our hot storage tiers for rapidrecovery or cold storage for cost efficiency on infrequent restores.; ; Both the Upload and Retrieval services are designed with a simple, pay-as-you-go model based solely on the amount of data transferred. There are no upfront costs, termination fees, or penalties. You only pay for what you use each month.; ; This data transfer-based pricing model allows you to predict and optimize your cloud backup storage costs effectively based on your monthly backup volumes and retrieval needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The process begins with an initial consultation to understand the customer's requirements and provide solution recommendations. Our technical team then designs a tailored cloud backup solution. For complex environments, a proof of concept may be conducted to validate the proposed approach. Once the solution is finalized, we provision the necessary cloud resources and contract with the customer.; ; Our professional services team deploys and configures the backup software in the customer's environment, integrating it with our cloud service. For the initial full backup, we may recommend seeding the cloud repository by physically shipping storage media to accelerate data transfer.; ; We then configure backup policies, schedules, retention rules, and custom settings per the customer's specifications. Comprehensive testing, including backup/restore simulations, validates the end-to-end process before go-live. In-depth training ensures the customer's staff can effectively manage and monitor backups.; ; With everything properly set up and tested, the on-premises data backups commence to our cloud service based on defined schedules. Our support teams closely monitor the initial cycles, providing assistance as needed. Dedicated project managers coordinate all activities, providing regular updates throughout the transition.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: At the conclusion of a contract, it is vital that users have the ability to retrieve their data in a secure and accessible manner. Organisations must provide a clear and straightforward process for data extraction, which should be outlined in the contract terms or a dedicated data management policy.; ; Typically, users can initiate the data extraction process by submitting a formal request to Mase Tek Ltd. We are obligated to furnish the data in a commonly used format, ensuring compatibility with other systems, thereby facilitating ease of data transition or integration. The timeframe for data delivery should also be specified, often dictated by regulatory requirements or agreed upon during initial contract negotiations.; ; It is crucial for users to verify that the extracted data is complete and accurate. Additionally, they should confirm the cessation of their data usage by the provider post-contract to safeguard against unauthorised data retention or use.
• End-of-contract process: At Mase Tek, the end of a contract is managed with clear and transparent procedures to ensure a smooth transition for our clients. Should a client decide not to renew their contract, they are entitled to extract their data. This process is initiated through a formal request via the client dashboard or directly through our support team. Mase Tek provides the extracted data in a commonly used format, ensuring it can be easily transferred and utilized elsewhere. This service is included in the contract at no additional cost, and the extraction is typically completed within a specified period, usually 30 days.; ; Regarding our pricing structure, the base price of a contract with Mase Tek covers:; ; Secure cloud storage access.; Standard backup and data redundancy services.; Basic customer support via email and phone during business hours.; Additional costs are incurred for services such as:; ; Expedited or large-scale data retrieval.; Advanced support or customized consultancy services.; Enhanced security features like dedicated encryption.; Extended data access post-contract expiry.; Our goal is to maintain full pricing transparency, allowing clients to effectively plan and budget their storage solutions according to their specific needs.

Using the service

• Web browser interface: No
• API: Yes
• What users can and can't do using the API: MaseTek's comprehensive API enables programmatic control over our Upload and Retrieval cloud backup services. For Upload, initiate backups, set retention policies, monitor jobs. For Retrieval, restore data, browse backups, track retrieval status. Automate backup/recovery workflows by integrating with scripts/tools. Configure repositories, control access permissions, cross-region replication. Get usage/analytics. However, APIs have limitations around initial large backup seeding and direct low-level storage modifications to ensure data integrity. Overall, leverage the robust API capabilities to orchestrate and customize your cloud backup processes while maintaining core service guardrails for data protection and security.
• API automation tools: Ansible
• API documentation: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: At Mase Tek, we guarantee that user performance remains unaffected by others' demands through several key strategies:; ; Resource Isolation: Each client operates in a segregated virtual environment, ensuring private resource use.; Scalable Architecture: We employ load balancing and auto-scaling to adjust resources dynamically, maintaining performance during peak demand.; Traffic Management: Implementation of Quality of Service (QoS) rules prioritizes critical operations, stabilizing performance.; Capacity Planning: Proactive capacity management ensures our infrastructure supports growing demands and unexpected spikes.; Monitoring and Incident Management: Continuous system monitoring and an adept IT team provide swift issue resolution, preventing user impact.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: AWS / AZURE / GCP

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Database
  • Application Data
  • Media Files
• Backup controls: During the discovery phase at Mase Tek, clients provide detailed information about their data protection needs, including the types of data to be backed up, their criticality, volume, and compliance requirements. Based on this input, we tailor a backup strategy that aligns with their operational and regulatory needs. We then set up and manage the backup schedules, ensuring data integrity and availability. Our managed backup service allows clients to focus on core activities while we handle data security and recovery. This approach ensures efficient, compliant, and reliable data protection, giving our clients peace of mind.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Other
• Other protection between networks: Buyer can be sent a disk or NAS device for faster upload
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We provide high-level service availability, underpinned by robust Service Level Agreements (SLAs) to ensure reliability and trust. We guarantee an uptime of 99.9% across all our cloud storage and backup services. This target reflects our dedication to maintaining a resilient and operational service environment, minimizing downtime and ensuring continuous access for our clients.; ; Our SLA includes specific terms regarding service credits as a form of compensation if we fail to meet our guaranteed uptime. In cases where availability drops below the promised threshold, clients are eligible for service credits. These credits are calculated as a percentage of the monthly service fee paid by the client, proportionate to the amount of time the service was unavailable beyond the agreed terms.
• Approach to resilience: It’s available on request
• Outage reporting: Email Alerts will be sent out

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access to management interfaces and support channels through:; ; Role-Based Access Control (RBAC): Ensures only authorized personnel access sensitive areas.; Multi-Factor Authentication (MFA): Requires verification of multiple credentials for access.; Secure VPNs: Mandatory VPN use for remote access ensures encrypted data transmission.; Audit Logs: All actions within interfaces are logged and monitored for unusual activity.; Regular Access Reviews: Frequent reviews and adjustments of access rights to align with current roles.; Security Training: Staff accessing these areas undergo regular security training to reinforce responsible usage and awareness of protocols.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 01/01/2020
• What the ISO/IEC 27001 doesn’t cover: Geographical Exclusions: If Mase Tek operates in multiple locations, the certification might only apply to certain offices or data centers, excluding others that don’t implement the ISMS.; ; Service Exclusions: Certain services offered by the company might not be included if they do not fall within the defined scope of the ISMS. For example, if Mase Tek has a division that deals with physical security solutions separate from their main IT services, this might not be included.; ; Operational Exclusions: Specific operations or departments may be excluded, such as subcontracted processes or auxiliary support functions that are outside the core IT services.; ; Product Exclusions: If Mase Tek develops or sells software products, the development environment or certain products might not be covered by the ISMS.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01/01/2020
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We designed to safeguard our clients' data and ensure compliance with industry standards, such as ISO 27001 and GDPR. Our comprehensive approach includes several key elements:; ; Policy Framework: We maintain a suite of security policies covering data protection, access control, risk management, and incident response. These policies are regularly updated to reflect the latest security practices and regulatory requirements.; ; Access Control: We employ strict access control measures to ensure that only authorized personnel have access to sensitive information. This includes using multi-factor authentication, role-based access controls, and regular access audits.; ; Regular Audits and Compliance Checks: Our security team conducts regular audits to ensure compliance with our security policies. Any discrepancies are addressed promptly through corrective actions.; ; Reporting Structure: Our Chief Information Security Officer (CISO) oversees our security program and reports directly to the CEO. This ensures that security concerns are escalated efficiently and receive the necessary executive attention.; ; Incident Response: We have a formal incident response plan that outlines procedures for managing security breaches. This plan is tested regularly to ensure effectiveness and is updated based on lessons learned from exercises and actual incidents.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to our systems are rigorously assessed for potential security impacts before implementation. This assessment includes a thorough review by our security team, who evaluate the change against our security standards and the potential risks it may pose. Any identified risks must be mitigated, and approvals obtained from relevant stakeholders, including our security and operations teams, before changes are deployed. This structured approach ensures that our services remain secure and reliable, even as they evolve.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our vulnerability management process involves continuous monitoring and assessment of potential threats to our services. We utilize leading industry sources, such as CVE databases, security bulletins, and threat intelligence feeds, to stay informed about new vulnerabilities. Upon identifying potential threats, our security team conducts risk assessments to prioritize responses based on severity and potential impact. Patches are deployed swiftly—critical vulnerabilities are addressed within 24 hours, and less critical ones within a week, ensuring robust protection. This proactive approach to vulnerability management safeguards our systems and maintains the integrity and security of our client data.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring process is designed to swiftly identify and respond to potential security compromises. We use advanced monitoring tools that analyze system logs, network traffic, and user behaviors to detect unusual activities that may indicate a security breach. When a potential compromise is identified, our incident response team is alerted immediately. They assess the situation and, depending on the severity, respond within minutes to mitigate risks. Our response protocol includes isolating affected systems, conducting forensic analysis, and implementing necessary patches or configurations. This prompt and decisive action minimizes potential damage and restores normal operations as quickly as possible.
• Incident management type: Supplier-defined controls
• Incident management approach: We have established protocols for a range of typical incidents, as data breaches, service disruptions, and unauthorized access, which enable our team to respond promptly and effectively.; ; Users can report incidents through multiple channels, including a dedicated support email, phone, and a ticketing system accessible via our client portal. It is logged and tracked through our incident management system.; ; We provide comprehensive incident reports to affected users, detailing the nature of the incident, actions taken to resolve it, and measures implemented to prevent recurrence. These reports are communicated through the initial reporting channel used by the user.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Handled by Third Party (Microsoft/Amazon)

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  We employ anyone from everyone despite, race, gender, ethnicity, sex.

Pricing

• Price: £10 to £25 a terabyte a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@masetek.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.