Stripe OLT

Security Operations Centre (SOC)

Stripe OLT's Managed Cyber Security services, leveraging Microsoft 365 and Azure, offer real-time monitoring and threat detection. Utilizing Microsoft's SIEM and EDR, they ensure network protection. Their team promptly addresses breaches, supports recovery, and enhances security proactively. Compliance is reinforced through educational programs and regular assessments, following Microsoft's security frameworks.

Features

• 24/7 Event Monitoring
• SIEM Deployment (Microsoft Sentinel)
• Endpoint Protection Management (DFE)
• Alert Investigation & Containment
• Advanced Threat Detection
• Compliance & Vulnerability Reporting
• Phishing Training Platform
• Microsoft Sentinel and Defender for Endpoint Implementation and Support

Benefits

• Real-time, continuous cyber event monitoring
• Endpoint protection with advanced EDR
• Cyber defense available 24/7
• Immediate security alert response
• Proactive threat hunting techniques
• Comprehensive vulnerability reporting
• Cloud security posture management

£0.50 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tom@stripeolt.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

715858449517742

Contact

Thomas Robbins
07702001146
tom@stripeolt.com

Planning

• Planning service: Yes
• How the planning service works: Our service rollout begins with a comprehensive cybersecurity audit of your organization's entire IT landscape, pinpointing security gaps through an in-depth analysis. We then tailor Microsoft Sentinel to send custom alerts, integrating your systems into this advanced SIEM platform for robust event monitoring.; ; Microsoft 365 security configurations follow, deploying toolsets like MCAS and Azure AD Identity Protection, all feeding into Stripe OLT’s SOC for centralized threat management. A dedicated risk register is created to track and mitigate security vulnerabilities systematically.; ; Findings are distilled into a clear presentation, with actionable recommendations shared during an interactive workshop. The engagement concludes with meticulous documentation and a seamless handover to SOC support, ensuring continuity in your cybersecurity defenses.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: To enhance your team's competency in managing cybersecurity and cloud infrastructure, we offer a customized training program aligned with our services. This training encompasses essential cybersecurity principles, teaching your team how to conduct audits, interpret posture reports, and recognize security gaps.; ; We also deliver in-depth sessions on Microsoft Sentinel, ensuring your team is proficient in utilizing this powerful SIEM tool for real-time monitoring and threat detection. The training includes hands-on experience with setting up custom alerts, integrating services, and managing the platform.; ; For risk management, we educate your team on creating and maintaining a risk register, along with strategies for prioritizing and addressing potential vulnerabilities.; ; Moreover, we include a module on cloud migration, where participants learn the nuances of moving services to the cloud securely and efficiently, with a focus on maintaining performance and compliance throughout the transition.; ; Finally, the training ensures that your team can apply these skills practically, with an emphasis on continuous improvement and adaptation to the evolving cybersecurity landscape. Through interactive workshops, real-world scenarios, and expert guidance, we prepare your team to confidently manage and safeguard your digital assets.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Our service facilitates a seamless migration to the cloud or transition between cloud services, focusing on secure and efficient processes. We commence with a comprehensive cybersecurity audit of your existing infrastructure to pinpoint areas for improvement and provide a detailed report on your security posture.; ; We then tailor Microsoft Sentinel, a cutting-edge SIEM system, with custom alerts to enhance your security monitoring capabilities. Your services are integrated into Microsoft Sentinel, ensuring a unified analysis platform across your cloud environments.; ; The implementation extends to optimizing Microsoft 365 security features, encompassing tools like Microsoft Cloud App Security (MCAS) and Azure AD Identity Protection, all streamlined through our Security Operations Centre.; ; A risk register is established to manage and mitigate identified security gaps effectively. We engage with your team through workshops to discuss findings and strategic recommendations, empowering your staff with the knowledge needed for a secure cloud presence.; ; The migration concludes with a thorough documentation process and a structured handover to SOC support, ensuring ongoing security management and readiness in your new cloud environment.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Microsoft 365
  • Microsoft Azure
  • Microsoft Sentinel
  • Microsoft Windows

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Our service provides buyers with comprehensive quality assurance and performance testing to ensure their cloud-based solutions meet the highest standards. We start with an in-depth evaluation of the existing infrastructure to establish quality and performance benchmarks. This initial step is crucial for pinpointing areas that might compromise quality or impede performance.; ; Moving forward, we meticulously develop a series of tests customized to the buyer's unique environment and requirements. These include a combination of automated and manual quality assurance tests to verify that all features function correctly under various conditions. Additionally, we conduct load testing to observe system behavior under typical and peak load scenarios, ensuring that the infrastructure can handle real-world use without faltering.; ; Stress tests are also executed to define the system's capacity limits and resilience. By pushing the system beyond its normal operational capacity, we can identify and rectify breakpoints before they become critical issues in a production environment. Through this rigorous testing regimen, we aid buyers in not only maintaining optimal performance but also in fostering a robust and reliable cloud service deployment.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: To support cloud hosting or software services, we start by thoroughly evaluating your current infrastructure to understand your specific needs and challenges. This assessment allows us to tailor solutions that ensure seamless cloud integration. We provide robust cybersecurity measures, including regular audits and compliance checks, to maintain a secure cloud environment.; ; Our team specializes in configuring and managing cloud resources, optimizing them for performance, scalability, and cost-effectiveness. We offer continuous monitoring and support to anticipate and address issues proactively, minimizing downtime. In addition, we provide comprehensive training for your staff to equip them with the necessary skills to utilize cloud services effectively.; ; On top of these services, we facilitate smooth migrations between cloud services, ensuring data integrity and minimal disruption to operations. Our goal is to support your cloud hosting or software services in a way that aligns with your strategic objectives and provides a solid foundation for your business growth.

Service scope

• Service constraints: Our expertise is centered on Microsoft's security solutions, and as such, we specialize in supporting clients within the Microsoft ecosystem. While we recognize the value and capabilities of Google Cloud and AWS, our services are tailored to organizations that leverage Microsoft-based platforms, aligning with our core strengths as a dedicated Microsoft security partner

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 30 minutes across all severities.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: Our incident response framework prioritizes alerts to ensure timely and effective management. ; ; P1 - Critical and high alerts, which signal a major organizational impact or data breach, we assign a team within 15 minutes and respond within 30 minutes. ; ; P2 - Medium alerts, indicating multiple affected users or endpoints, also have a 15-minute assignment window but a 60-minute response time. ; ; P3 - Low Alerts affect a single user and warrant a response within 4 hours, with an initial 15-minute assignment period. ; ; P4 concerns Root Cause Analysis (RCA), for which we start the process within 60 minutes and provide a detailed report within 48 hours of the incident's containment. ; ; P5 - Proactive work, covering preemptive and project-based tasks, does not follow a specific response schedule, emphasizing flexibility and forward planning. This structured approach ensures clarity and efficiency in our incident response and resolution efforts.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Amtivo Group Limited T/A British Assessment Bureau Ltd.
• ISO/IEC 27001 accreditation date: 01 July 2022
• What the ISO/IEC 27001 doesn’t cover: We wish to formally acknowledge that the scope of our services includes all internal business processes. However, it excludes customer systems, over which we do not maintain complete control. Despite this, we assure you that our internal processes, particularly those like information security within Project Management, are designed to positively influence and secure customer systems and solutions. It must be emphasized, though, that the customer systems themselves remain outside the ambit of our direct management and ownership. We are committed to working within these parameters to deliver exceptional service and support.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Stripe OLT has implemented a comprehensive sustainability policy that underscores the organization's dedication to reducing its environmental impact. This policy is centred around conscientious practices in waste management, recycling, and travel, demonstrating our commitment to mitigating adverse environmental effects.; ; Furthermore, Stripe OLT is actively pursuing the goal of achieving Net Zero emissions. We are currently in dialogue with suppliers to acquire additional insights into the necessary steps to achieve this objective. Recently, we initiated a program in collaboration with a local entity, Carbon Managers, aimed at tree planting to offset our emissions. As a Bristol-based organization, we prioritize engaging local suppliers to bolster our green initiatives wherever feasible.

  Covid-19 recovery

  Stripe OLT offers its employees access to private healthcare via Vitality Plus. This healthcare coverage includes an Employee Assistance Programme, which encompasses a range of counselling services such as stress and debt counselling, financial and legal advice, and mental health counselling.; ; Moreover, Stripe OLT is currently in the process of establishing a Mental Health First Aid provision internally. This initiative is designed to be accessible to all staff members and primarily aims to provide support and guidance to individuals experiencing mental health concerns, including those exacerbated by the effects of Covid-19.

  Tackling economic inequality

  Stripe OLT maintains a robust Equality, Diversity, and Inclusion (ED&I) policy, subject to annual revisions. To cultivate a diverse workforce, job vacancies are advertised through both industry-specific channels and general job boards, with the aim of reaching a broad demographic. This strategic approach not only advances inclusivity within our team but also ensures equitable access to employment opportunities for individuals from diverse backgrounds and members of the local community.

  Equal opportunity

  Our proactive Equality, Diversity, and Inclusion (ED&I) strategy places significant emphasis on educational initiatives, including the implementation of annual training sessions for both existing staff and new hires. Additionally, we are steadfast in our commitment to heightening awareness by offering specialized training for recruiting managers to effectively address unconscious bias throughout the recruitment process.; ; Integral to our approach is the incorporation of ED&I-related questions into our annual staff survey, and the provision of an events calendar on our intranet to ensure employees remain abreast of significant dates pertinent to equity, diversity, and inclusion.; ; To cultivate a diverse workforce, we employ a multifaceted approach to job vacancy advertising, utilizing both industry-specific channels and general job boards to attract candidates from diverse backgrounds. This strategy not only advances inclusivity within our team but also promotes equitable access to employment opportunities for individuals with varied backgrounds and members of the local community.

  Wellbeing

  Stripe OLT has established a Mental Health and Wellbeing Policy, which underscores the company's dedication to safeguarding the mental, as well as physical, health, safety, and wellbeing of its workforce.; As part of this commitment, Stripe OLT provides all employees with private healthcare coverage through Vitality Plus. This healthcare package includes an Employee Assistance Programme offering counselling services encompassing stress and debt counselling, financial and legal advice, and mental health counselling. Furthermore, Vitality Plus extends access to 8 sessions of Cognitive Behavioural Therapy and private GP services if required.; In addition to these external provisions, Stripe OLT is currently in the process of implementing a Mental Health First Aid provision accessible to all staff members. This initiative aims to offer support and guidance to individuals experiencing mental health concerns, with the Mental Health First Aider coordinating company-wide activities during Mental Health Week to further raise awareness and promote wellbeing.

Pricing

• Price: £0.50 a unit
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tom@stripeolt.com. Tell them what format you need. It will help if you say what assistive technology you use.