nowSecure Respond
A Cyber Incident Response (CIR) service that provides a 24/7 hotline for cyber related issues. The service gives you access to an expert security team (Security Operations Centre) so, should the worst happen, you have the specialists on hand to limit the impact to the business and your customers.
Features
- UK-based cybersecurity experts available 24/7
- Comprehensive investigation and triage followed by swift, robust remediation measures
- Comprehensive documentation available for compliance
- Monthly security update and quarterly assessment with preventative recommendations
- General advice and guidance deployment of a specialist team -on-site
Benefits
- Mitigate the impact of an attack, remediate vulnerabilities,
- Secure the overall organisation in a coordinated manner
- Fast and effective response reducing the impact of an incident.
- Access to the best of breed security tools when activated.
- Reliable, expert guidance in the time of crisis
- Take proactive measures to build trust with your stakeholders
- Ensure compliance
- Opportunity to review and improve your current cyber security measures.
Pricing
£1,100 a unit
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
6 8 0 4 5 2 6 9 3 3 0 3 3 4 1
Contact
4net Technologies Limited
Corinne Stott
Telephone: 0133 2821106
Email: gcloud@nowcomm.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- There are no service constraints
- System requirements
-
- Microsoft Windows 7 and Windows 8 & 8.1
- Microsoft Windows 10
- Microsoft Windows Server 2008 R2
- Microsoft Windows Server 2012, 2012 R2
- Microsoft Windows Server 2016
- Apple MacOS 10.12, 10.13
- Apple OSX 10.11
- Apple iOS 11 and above (requires separate MDM)
- Red Hat Enterprise Linux or CentOS 6.x 7.x
- Android 2.1 (Éclair) to 6.0 (Marshmallow) (requires separate MDM)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Cisco Technical Support operate the following response times for the standard Cisco Umbrella Cloud service.
Cisco response times operate 24/7/365.
Severity 1-2: Cisco response time within 1 hour.
(Covers items such as major outage, cloud service down or causing critical impact to the business).
Severity 3-4: Cisco response within the Next Business Day.
(Cloud Service is impaired however operations remain functional with little impact to business or general service queries).
Nowcomm can provide additional technical service desk expertise and managed services capabilities to complement Cisco Technical Support above. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 A
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
There are 4 main support levels which Nowcomm offer for customers to select to further compliment Cisco Technical Support, providing additional Nowcomm technical service desk expertise and managed services capabilities. Nowcomm’s Service Desk operates 24/7/365 and a choice service levels including 24*7, 8*5 Mon-Fri or a NBD service offers to best suit the coverage required.
1) Service Desk - providing remote based technical assistance, advice and guidance to day to day issues and questions. 2) On Site Experts - providing technical engineering, training or consulting experts on site with your team as and when required.
3) Analysis Service - providing scheduled proactive insight and advisory of performance operation data - for example analysing monthly performance data, security reports and behaviour and providing recommendations, guidance and expert insights. monitoring of devices with downtime alerts.
4) Managed Service - providing complete operational service as an extension to the in-house IT team. For example performing all moves, adds, changes and deletes (MACD's), making monthly backups as necessary, any patching updating, vulnerability scanning, monthly reporting, compliance documentation completion, change advisory board reviews and so on. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Nowcomm onboards customers by gathering all key information required as part of the early data gathering activity that forms part of the planning phase within the on-boarding process. Typically the on-boarding activities, including training are provided remotely.
All go-live system information, service documentation and procedures required to describe, explain, test, educate, train and launch the service is developed and distributed to the customer as part of the on-boarding process. Any detailed design documentation is also derived from within the on-boarding process. All detailed designs are agreed and signed off by both parties within the on-boarding phase and prior to service implementation. Full copies of the system documentation and user documentation as applicable are provided as part of the user acceptance testing phase. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- As part of the Nowcomm off-boarding process, customers continue to benefit from full reporting access to the service management portal until the date of contract completion. From this service management portal customers can access, retrieve and download copies of all available data and reports as required for future use following the end of contract date. When the contract end date is reached the service is ended and customer access is no longer available. As part of contract completion, the service is considered ended and all data is erased for compliance and operational reasons as part of the customer being fully off-boarded and as such no longer subscribing to the service. Nowcomm notify the end customer with end of service data reminders and guidance to extract necessary data in advance of the contract completion date. This forms part of the Nowcomm remote off-boarding process provided as part of our standard service.
- End-of-contract process
-
Full service functionality is provided for the duration of the cloud service contract with Nowcomm. Customers may have the opportunity to extend the contract based on the rules and governance of the framework agreement at that time. Customers wishing to explore extending the service and contract options should discuss feasibility questions to the Nowcomm account team no later than 90 days before the scheduled end of contact date. As the the services approaches the end of contract date, the organisation will be off-boarded from the service following Nowcomm's standard model, set out in the previous response and which is provided at no additional cost to the standard service.
At the end of the contract the customer will no longer receive the service and all service features, benefits, access and use will cease. Any retained data still held within the system up to contact end date will be securely deleted by the Nowcomm services team at the end of contract date.
Using the service
- Web browser interface
- No
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Linux or Unix
- MacOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- No differences in the functionality (cosmetic only)
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
-
A web based service management portal for configuration and user provisioning, day to day management, reporting and service usage and for application configuration policy enforcement is provided.
Events and endpoints are categorised by priority and tied into workflows to track progress during investigation. - Accessibility standards
- WCAG 2.1 A
- Accessibility testing
- All assistive interface testing has been performed by Cisco who are the manufacturer of the cloud software service. Assistive testing details can be provided from Cisco on request.
- API
- Yes
- What users can and can't do using the API
- The API is provided via an open framework to allow for integration into other threat management and threat intelligence platforms. Details of the API can be provided on request from Cisco, the manufacturer of the cloud software service.
- API documentation
- Yes
- API documentation formats
-
- HTML
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
-
Cisco have designed a global platform with significant excess capacity to handle ongoing growth in demand.
Cisco operate through a validated design guide detailing system maximum's and minimums to enable customers to scale, adhering to many industry standards including ISO 9001 and 27001.
Nowcomm perform our service delivery model based on ITIL v4 framework. Our service and support teams are scaled to respond to the needs of our customers of various sizes across both the public and private sector.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
A range of flexible service metrics reports and dashboards are available as part of the service.
Service usage data can also be output to other correlation, alerting and management systems, including many SIEM and SOC platforms and applications. - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Cisco
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Customers export data is performed via the manufacturer options available within the management portal. Exporting of data is provided to the customer on both a self service and as required basis. No charge or restrictions of the export of data is enforced by Nowcomm. Data is not hidden, restricted or locked from end users that hold the correct service access privileges. Data, reports and logs will be available for export from the service in the formats and options supported by the manufacturer, Cisco. Available data formats may be subject to change by the manufacturer from time to time.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- HTML
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- Nowcomm are providing a service built on a global cloud infrastructure from the manufacturer Cisco and as such are beyond our control. Any Service Level Agreements (SLAs), availability guarantees and any service credit models will form part of the manufacturers terms, which may change from time to time and can be found at: https://www.cisco.com/c/en/us/about/legal/cloud-and-software/cloud-terms.html.
- Approach to resilience
- Available on request.
- Outage reporting
-
Service outages are reported in a variety of ways. High level public dashboards of Cisco cloud services can be viewed at https://www.cisco.com/c/en/us/support/web/cloud-status.html.
Further detailed service outage information may be available to customers via their specific service portal access.
Automated email alerts and progress updates of a range of possible service outages or service matters are provided for each Cisco cloud service.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Access management is controlled and restricted via secure role-based access controls on a per user basis. This allows the configuration of system access and permissions to be set based on the designated role of the individual user, ensuring only the agreed specific tasks can be performed across the Cisco Umbrella cloud service.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- QMS
- ISO/IEC 27001 accreditation date
- 17/09/2021
- What the ISO/IEC 27001 doesn’t cover
- Nowcomm follow all processes and procedures to the ISO 27001 level
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Nowcomm are an accredited Cyber Essentials Plus organisation and have adopted and incorporate key processes and procedures set out within ISO27001 and ISO9001 and ISO14001 standards. Nowcomm ensure our business services and operational delivery model processes including our security polices are performed within a structure of continual improvement and review. This includes regular internal audits and annual external audits from qualified third party organisations of our policies and processes.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- All changes and configuration management follow ITIL V4 standards.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Potential vulnerabilities are identified via proactive, continual review and analysis. This combines Nowcomm's own vulnerability scans of systems and services with threat data from a variety of third party sources including but not limited to Cisco Talos, Cisco TAC, Microsoft, ATT Cybersecurity, Qualsys, Google and Symantec.
Identified vulnerabilities are reviewed on the basis of risk and impact.
Standard system patching for low risk and ongoing items is performed monthly.
High risk or high impact vulnerabilities may require high priority patching within 7 days.
Items identified as critical risk or critical impact may require emergency patching, e.g. within 24 hours. - Protective monitoring type
- Undisclosed
- Protective monitoring approach
- All external facing services are subject to monthly vulnerability scans. Standard patching policy is monthly, with critical patching being performed sooner including within the day if deemed necessary to protect the customer as part of our 24/7/365 operations. Nowcomm obtain continual vulnerability information and alerts from many third parties including Cisco Talos, Cisco TAC, Microsoft and AT&T Cybersecurity. We use independent third party scanning engines to correlate all known CVE's, enabling our experts to establish impact for all managed assets scanned.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
Nowcomm operates both proactive and reactive response services. All service requests and incidents to Nowcomm are logged via the Nowcomm Network Operation Centre with a unique case reference number and tracked from triage through to resolution via our service desk platform. Customers are encouraged to report incidents via email or telephone.
Nowcomm operate a pre-approved process / change model for certain tasks. However, bespoke customer requirements can also be designed and implemented depending on the organisation’s needs.
Reports are provided via email in either HTML or PDF format. Major incident reports are provided within 48 hours of the incident resolution.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Covid-19 recovery
-
Covid-19 recovery
With Nowcomm being in a high growth sector within the East Midlands, we have a policy on recruiting from the local area as part of the current government levelling up strategy. Employees have total flexibility with tools and resources to work remotely enabling social distancing and reducing unnecessary travel. Nowcomm are currently growing between 20 and 30% per annum. We also employ graduates and apprentices, along with providing opportunities for work experience for those thinking of retraining in the information technology and cyber security fields.
During pandemic situations the business was/can continue effective, due to our robust and resilient working environment. Emphasis was placed on employee wellbeing with access to mental health support, encouraging a clear work / life separation driving a healthy work life balance.
Nowcomm are also part of the Derby Bondholders group (a vibrant community of local companies and organisations), who strive to provide a supportive business network, celebrate achievements, and engage in the shaping of our place (Derby). From sole traders to the region’s largest firms, our Bondholder community is a vast and vibrant collection of what makes Derby great. More than a vibrant business club, Bondholders are engaged proactively in supporting each other and influencing Derby and Derbyshire to be a better place in which to live and work, and to visit.
Pricing
- Price
- £1,100 a unit
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- A 14 day full feature trial is available. Trials are subject to availability and maybe for a limited number of users /devices only.