BRADLEYSOFT

Data Protection (Backup and Recovery) System Implementation - Veeam and Acronis based.

Data Backup & Restore, AI-Powered Malware Protection, Centralised Administration / Cloud Console, Patch Management. Any Platforms. Cloud and On-Premises. We provide complete integrated cybersecurity and data protection by implementing Veeam or Acronis solutions. We help to choose and install optimal and cost-effective model based on our Customer needs study.

Features

• Continuous Data Protection
• Instant Recovery for NAS, Databases, Servers and more
• Native Immutable Backups - Malware Protected
• On-Premises and Cloud Backup Storage
• Centralized Management Console (Cloud based)
• Cloud Services Backups (365, Azure, AWS, Google etc)
• Monitoring and Analytics Tools
• Scheduled Automated Backups
• AI-Powered Anti-Malware Engine
• Software Licenses Distribution and Maintenance

Benefits

• Protect Business from Data Loss
• Minimizes Downtime of Vital Applications and Systems
• Simple Administration
• Comprehensive Anti-Malware Protection
• Most Platforms Compatibility for Cloud / On-Premises Workloads
• Patch Management
• Flexible Strorage Options
• Drive Health Monitoring
• One Click Recovery
• Very Flexible Licensing and Implementation

£65 to £639 a server a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alneste@bradleysoft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

706417057686387

Contact

Alex Nesterov
07404933156
alneste@bradleysoft.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Veeam Data Platform,; Acronis Cyber Protect
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No constraints.
• System requirements: Widely compatible

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Same business day - from minutes to hours, depending on service - defined by SLA.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Simple chat system (Webchat) with direct chat to support operative, the interface is widely adjustable - tested.
• Onsite support: Yes, at extra cost
• Support levels: In addition to base vendor helpdesk we provide additional support if necessary and we charge it based on our regular tariffs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customers are supplied with user guides, online video tutorials for self-service; ; Remote and onsite training (case by case basis); Assisted installation (case by case basis)
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: At the end of the contract the ability to backup & restore will stop. We will return all your data and materials which cannot be deleted or exported by you, and securely destroy all copies of your data on your written instruction. We will return any pre-paid sums for services not delivered to you. We will also return all of your confidential information, unless there is a legal requirement that we keep it.
• End-of-contract process: Downloading data is included in the cost; Physical shipping (upload to hardware) is optional

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mostly same but configuration and management functions may be less convenient on mobile devices.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Access to secure content management features for use in your own product, including automation of file storage, sync, share, and search.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Secure content management features for use in your own product, including automation of file storage, sync, share, and search.

Scaling

• Independence of resources: Data and usage is managed at a 70% utilisation ratio, meaning even with spikes in the service, customers are not affected.

Analytics

• Service usage metrics: Yes
• Metrics types: The service is monitored via a Live Dashboard with customisable widgets, Instant reports and Scheduled Reports; Licencing and ticket information is available through a portal
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Veeam, Acronis

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Download from the console (Free) or Physical Data Shipping (optional extra)
• Data export formats: Other
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Cloud Service SLA's are targeted to meet 99.99 percent availability.
• Approach to resilience: Ensuring that your organization’s mission-critical data has one of the highest levels of availability, leveraging data centres that provide redundant HVAC, network and UPS systems. The approach of Need plus Two (N+2) for greater redundancy. If there is a failure in a hardware-layer component, it will not affect critical infrastructure or customers. We store customer data employing its own software-defined storage solution, Cyber Infrastructure with CloudRAID technology.
• Outage reporting: Email Alerts currently, with a Public dashboard in development

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Multi-Factor Authentification; Login Control (IP Address lockdown for Console); Encryption password (for accessing data)
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
• Description of management access authentication: Role-based Access

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Standards Institution (BSI)
• ISO/IEC 27001 accreditation date: 03/10/2018
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 06/05/2020
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: On Request
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001
  • AICPA SOC 2
  • PCI DSS
  • HIPAA
  • HDS

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Supplier-defined controls

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: This redundant infrastructure allows Vendors to fulfill most types of preventives and maintenance without service interruption. Scheduled maintenance and change to the infrastructure are carried out in accordance with the manufacturers’ specifications and internal documented procedures. All infrastructure is covered under the respective vendor’s SLAs.; ; The team follows a standardized maintenance approach designed to improve infrastructure availability, and reduce operating and maintenance costs.; ; Security and critical updates have the highest priority and are rapidly installed. Every update is fully tested before it is implemented.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vendors monitor all official repositories and bulletins for the latest information. Security and critical updates have the highest priority and are rapidly installed. Every update is fully tested before it is implemented. Vendors employ skilled technology professionals and experts at every level of its infrastructure and actively collaborates with its thirdparty vendors to resolve issues.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Vendor’ Network Operations Center (NOC) takes the lead on incident identification and response, identifies the root cause of a problem, and contacts the appropriate internal incident response team to triage the technology incident. All response times are driven by internal SLAs targeted to meet 99.99 percent availability.; ; The Vendor network is multi-layered and zone-based. The managed network equipment separates and isolates internal, external and customers’ environments, and provides routing and filtering of network protocols and packets
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Acronis / Veeam incident approach:; 1. Preparation; 2. Identification: Acronis decides whether an event is an incident. (Information about the incident can come from Acronis’ monitoring system or through communication channels from different teams and customers.); 3. Containment: The team determines the impact, coverage and the affected systems and customers.; 4. Eradication: The team investigates to discover the origin of the incident and root cause of the problem; 5. Recovery: The team monitors every environment; 6. Lessons learned; 7. Notification: Communications ensure all teams and customers understand the impact and resolution steps and are apprised of status during an incident

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our service helps organisations to reduce their carbon footprint by utilising energy efficient virtualisation technology.; Inside our organisation we consider energy saving as one of top priorities.; We also try hard to reduce our waste output.

  Covid-19 recovery

  We support our employees who are still suffering from Covid.

  Tackling economic inequality

  Bradleysoft is creating new businesses and new employment opportunities, improving education and training. We are committed to tackling economic inequality at root. Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.

  Equal opportunity

  Bradleysoft is committed to achieving a working environment which provides equality of opportunity and freedom from unlawful discrimination on the grounds of race, sex, pregnancy and maternity, marital or civil partnership status, gender reassignment, disability, religion or beliefs, age or sexual orientation. This Policy aims to remove unfair and discriminatory practices within the Company and to encourage full contribution from its diverse community. The Company is committed to actively opposing all forms of discrimination. The Company also aims to provide a service that does not discriminate against its clients and customers in the means by which they can access the services and goods supplied by the Company. The Company believes that all employees and clients are entitled to be treated with respect and dignity.

  Wellbeing

  Bradleysoft well-being program is open to all our employees. The program is geared to encouraging vitality, a healthy quality of life, and a positive working environment in which people thrive.

Pricing

• Price: £65 to £639 a server a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 30 days; Unlimited storage

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alneste@bradleysoft.com. Tell them what format you need. It will help if you say what assistive technology you use.