Transputec Limited

Microsoft 365 backup - SkyKick

SkyKick Cloud Backup for Microsoft 365 offers unlimited backup and retention for Exchange Online, SharePoint, OneDrive, and Teams. With up to six daily automated backups, it ensures minimal data loss. The cloud-based solution provides fast search, one-click restore, and strong encryption, supporting GDPR and HIPAA compliance. Ideal for MSPs.

Features

• Microsoft 365 Backup
• Continuous Backup
• Point-in-Time Recovery
• Granular Recovery Option
• Cross Tenant Backup
• Secure and Compliant
• Flexible Retention Policies
• Comprehensive Data Protection

Benefits

• Automated Backup
• Quick and Easy Recovery
• Unlimited Retention
• Secure Storage
• Encryption

£25.92 to £850 a user a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@transputec.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

713436820078943

Contact

G-Cloud Team
0203 5886570
G-cloud@transputec.com

Service scope

• Service constraints: For Microsoft 365 and exchange online
• System requirements:
  • Microsoft 365
  • Exchange Online

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are dependant on service level procured
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AAA
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: Subject to agreement a bespoke service is offered from standard to advanced such as a fully managed service. technical Account Managers and Strategic Advisors are available. Costs are based on scope of agreement
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: SkyKick implementation is configured using the tenant ID on the agreed go-live date. Users wishing to access support from that point onwards can do so to obtain assistance in recovery of any M365 data
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Microsoft Word, Excel and PowerPoint
• End-of-contract data extraction: On termination date of the service, tenant ID will be removed from configuration and account deleted. SkyKick will delete all data.
• End-of-contract process: Data is deleted with no further access to it

Using the service

• Web browser interface: Yes
• Using the web interface: Log support request
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: None
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Not a factor
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: SkyKick

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Microsoft 365 data (Word, Excel etc!)
  • Exchange Online
• Backup controls: Automated process, it's either on or off.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: The standard uptime guarantee for the solution is 99.9% - excluding planned and notified downtime for maintenance.
• Approach to resilience: High-availability and redundant infrastructure are designed to minimize associated risks and eliminate single points of failure.
• Outage reporting: - email alerts

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Role based access provisions
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRGA Limited
• ISO/IEC 27001 accreditation date: 31st May 2023
• What the ISO/IEC 27001 doesn’t cover: Nothing relevant to this framework response
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO/IEC 27001:2013; CyberEssentials; All issues and suspected non-compliance and suspicious activities are reported immediately to our SoC and senior managment (Director level and above) via monitored mailbox/DL (nc@Transputec.com)

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration management - SkyKick implementation process based on the M365 and exchange online licensed users. Any changes in the tenant level are reflected in SkyKick Cloud Backup in terms of new users. No change management processes are required as service is automated
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: SkyKick Security Architecture:; SkyKick develops its security architecture from the ground up using industry best practices.; Key components include:; Access Controls: Implementing breached password detection.; Encryption: Utilizing AES-256-bit symmetric key encryption for data at rest.; TLS 1.2+: Ensuring encrypted HTTPS connections for migration data transmitted directly to Microsoft 365; ; Transputec - Internal network vulnerability scans are carried out periodically, based on Internals vulnerability scan program. All elements of corporate network must be covered by this internal vulnerability scans. Regular assessments, timely remediation, and continuous improvement is practiced.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Transputec uses multiple industry tools to monitor threats and vulnerabilities with a SOC team to assess and mitigate any threats.
• Incident management type: Supplier-defined controls
• Incident management approach: Standard approach to incident management, with users raising a support ticket to access support

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  ISO 14001:2013 certified; Science Based Targets Initiative registered; Transputec is committed to managing its CO2 emissions and is focused on working with its clients and suppliers to address Scope 3 emissions; ; ISO 14001:2013 certified; Science Based Targets Initiative registered; Transputec is committed to managing its CO2 emissions and is focused on working with its clients and suppliers to address Scope 3 emissions For more information please visit https://www.transputec.com/about-us/sustainability/

  Equal opportunity

  Transputec is and always has been a non-discriminatory organisation, employing a global workforce without bias or prejudice and are supportive of gender diversity Transputec is part of the Minority Supplier Development UK (MSDUK) Ethnic Minority Business (EMB) network. As MSDUK EMB suppliers we are part of a broad network of innovative, high growth minority owned businesses, providing an important role in the UK and international IT services supply chain.. for more information please see of website.; https://www.transputec.com/about-us/social-responsibility/

  Wellbeing

  Transputec has an open approach to health and wellbeing, encouraging communication and understanding through wellbeing events delivered generally on an annual basis as well as community out reach and our international outreach programme; https://www.transputec.com/about-us/our-charity-partners/

Pricing

• Price: £25.92 to £850 a user a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at G-cloud@transputec.com. Tell them what format you need. It will help if you say what assistive technology you use.