FLUIDONE LIMITED

Connected Cloud

Access to services and applications via private networks and public internet. Includes AWS, Azure, Google Cloud, Oracle Cloud, IBM Cloud, Alibaba Cloud, SAP, Salesforce, Office 365, Hosted Voice, SIP, Max Transit Duo MAX-TST-DUO-LTEA-K-T and MAX-TST-DUO-LC-SF 4G access options. Fully resilient network with multiple Data Centres and an SLA of 99.99%.

Features

• Access to multiple cloud platforms
• Peering with LINX members such as Apple, Google, thevoicefactory
• Resilient hosted IDS and firewall services
• Virtual servers for bonding multiple cellular connections
• Cellular 4G/5G bonded router x6 to support dual connections
• Cloud Hosted Virtual Hub Device
• Max Transit Duo two SIM for up to 30 users
• Multi-SIM, multi-carrier cellular solution
• Public One to One Static IP Address configuration
• Business grade roaming cellular SIMs

Benefits

• Reduce costs for Azure, AWS and GCloud via private connectivity
• Security and resilience guaranteed via Tier 3 Data Centres
• Obtain cloud access in hours

£231 to £489 an instance a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at williamlugg@fluidone.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

723494899707254

Contact

Will Lugg
02070996892
williamlugg@fluidone.com

Service scope

• Service constraints: Yes - Planned engineering work is carried out but is limited to no more than quarterly. FluidOne notifies customers in advance of Planned Engineering Work to minimise disruption.
• System requirements: Not applicable as customers will be consuming a service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: The service is truly proactive, with management and monitoring performed by a dedicated team of technical engineers based in the UK, available 24x7 (depending on the support chosen by the Buyer). Less than 5% of all support calls are inbound; pre-emptive support by our helpdesk team accounts for the rest. Buyers also have the option to view the monitoring platform via a secure portal to get an instant view of each device/node on their network with "traffic light" indications showing green, amber or red depending on connectivity status. Response times are the same at all times.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Three levels of functional service are available and are known as the Support Class. The level of functional service will be consistent across the buyer's WAN. Pricing is based on a cost per device and varies according to Support Class and term of contract. The three support classes are: Portal Access - provides a 24/7/365 monitoring and reporting service for devices. Reactive Management - provides a monitoring, alerting & reporting service with a Cloud Service Desk that will act on the alerts received, and manage the Incident until its resolution. Configuration of routers and their hardware maintenance is managed by the customer. Proactive Management - FluidOne is responsible for the full end to end management. This includes the proactive monitoring and management of the network, router configuration and hardware maintenance/replacement. Each Buyer will have a technical account manager and access to cloud support engineers throughout the contract.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Full documentation will be provided including service descriptions and service level agreements. Should buyers’ technical teams have any concerns regarding performance or connectivity issues, they will have access to the Service Desk to help with any “how to” questions. The Service Desk is available 24/7/365. ; ; The nature of the Cloud Hosting service dictates that it is fully managed on behalf of buyers with a transparent and seamless interface for users to access cloud-based content and therefore requires minimal training prior to implementation. Typically, a live demonstration of the main features will have been shown to all relevant personnel prior to signing a contract. New buyers will have a Technical Account Manager assigned to them who will help users familiarise themselves with the main features.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: There are many options open to buyers. Data is stored electronically on a per device basis and can be accessed and exported by users at any time up to the end of contract date. Assistance will be given by the Cloud ServiceDesk to ensure the integrity of any data exported and in the appropriate formats. Once the contract comes to an end access is no longer available directly – reasonable requests for information after the contract end date would be dealt with on a case by case basis.
• End-of-contract process: An exit plan is agreed in advance. As the service provided is bespoke to each buyer, any elements that would attract any additional costs would be clearly detailed and agreed as part of the exit plan. FluidOne would comply with all reasonable requests to assist with migration and will work in a collegiate and collaborative way with all third parties of a customer’s choosing – our philosophy is to focus on the benefits to customers and to ensure we protect any future business and we take the same approach with suppliers and partners, who may also be competitors in certain fields.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can make secure SSL connections via web portal. The service is provisioned and profiled for each individual buyer. No changes can be made by users via the interface.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: N/A
• API: No
• Command line interface: Yes
• Command line interface compatibility: Other
• Using the command line interface: The command line interface is used for management of the service only and is not made available to users.

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Each buyer will be allocated dedicated bandwidth on either an MPLS, VPLS or L2VPN virtual port on the FluidOne internal infrastructure. It is not possible to exceed their allocated bandwidth. Quality of service parameters are also used, in tandem with traffic shaping and policing to prevent particular traffic types from flooding resources. User access is read-only, so only allowable reports/resources can be accessed, but in the unlikely event that any compromise occurred firewalls are configured to be able to block users' traffic by port/destination/source address if necessary.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • SMS
  • Other
• Other usage reporting: Also highlighted during regular Service Reviews

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: BT Wholesale, Megaport, Microsoft, Amazon, COLT, TalkTalk Business, CenturyLink

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Device configurations and monitored changes
  • Service elements required for compliance with ISO27001/22301 for DR purposes
• Backup controls: This is a fully managed service by FluidOne on behalf of buyers and therefore does not offer any user-controlled elements
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: FluidOne will “back-to-back” all SLAs for services provided by partners for delivery timeframes, network availability and maintenance agreements. All services entirely within the control and remit of FluidOne i.e., our response times to faults, frequency of updates will be covered by rigorous SLAs. SLA’s will be agreed and confirmed with specific, measurable targets.; ; FluidOne agrees to use its reasonable endeavours to respond within 30 minutes in the event of any issue adversely and materially affecting the services being raised by the customer. SLAs for updates are based on defined priority criteria.; ; Any device or circuit being monitored will show up as amber or red immediately upon the dashboard if a fault has occurred. FluidOne circuit availability is measured from service being unavailable at a site or a ticket being logged with our support team for an unmonitored circuit until the service has been restored. ; ; In the event that FluidOne fails to achieve the service levels in any month and the Buyer is entitled to service credits, any owing will be reported by FluidOne in the following month and are credited. Performance reviews are delivered as part of monthly meetings, monitoring performance of our service desk against our agreed SLAs.
• Approach to resilience: The FluidOne Business Continuity Plan is established according to ISO22301 and is independently audited. Supported by a fully resilient network set up on multiple Data Centres with an SLA of 99.99%.; ; All services are dual homed to provide geographic resilience for business continuity and disaster recovery scenarios as part of our ISO22301 certification. All systems conform to ISO23001. Risk assessments are carried out for any systems that are not resilient. ; ; ISO27001 covers back-up policy with systems brought back up within a fixed amount of time dependent on Maximum Tolerable Period of Disruption (MTPD) and Recovery Time Objective (RTO).; Critical systems are all designed and implemented in a resilient fashion.; ; Datacentre resilience is provided via dual data centres, with a third DR site being a FluidOne Office location. Additional information is available on request.
• Outage reporting: A public dashboard requiring user ID and password displays alerts based on traffic light systems across the entire estate and for all elements of the service. Buyers are also asked to complete a contact template with names/contact details for personnel to whom email alerts or texts are sent. This is a bespoke system allowing for different levels of authority to be notified depending on severity of the issue. Devices can be configured with different levels of alerting depending on their importance to the network. Circuit and network availability is measured directly by monitoring of each device and circuit and presented to both FluidOne and buyers on a secure portal. Availability of each circuit as a percentage of time across each buyer's network is shown real-time and in monthly Quality of Service reports. Device availability is also captured and presented on the portal and each buyer will have their own individual dashboard showing outages. Further details of the platform are available on request.

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: All managed devices are secured via TACACS and/or vendor specific orchestration platforms; all engineering access is logged by individual user and time stamped. Read-only access to customer premise equipment can be made available on a case by case basis. FluidOne can further provide customers with a Terminal Access Controller Access-Control System (TACACS) authenticated, limited command login. This login will be controlled by the TACACS servers and will provide access to the unprivileged mode on routing equipment; this will provide the ability to carry out basic diagnostics i.e. ICMP ping and trace routes from the router.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 12/03/2025
• What the ISO/IEC 27001 doesn’t cover: Anything out of the boundaries of the scope as defined in Information Security Management System (ISMS) Manual. The scope of the organisation’s ISMS is as follows: Managed Network and Communications Infrastructure Solutions The boundaries of the scope include the Network Operations Centre and associated systems and resources. The organisation can determine the relationship between its selected information security controls and its risk assessment and risk treatment processes, and subsequently, back to the ISMS policy and objectives. This is demonstrated by the following documentation: • Information security policy statement (ISPS001) • Procedures and controls that support the ISMS • ISMS risk assessment procedure (ISP005) • Risk assessment (ISMS risk assessment.xls) • Risk treatment plan
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All information security policies are dictated by our ISO27001 governance. All employees have access to our QMS via CRM linking directly to the guidance and policies themselves. These policies are:; ; Acceptable Use Policy, Access Control Policy, Anti-Bribery Policy, Backup Policy, Clear Desk and Screen Policy, Conflict of Interest Policy, Control of Documents, Control of Records Policy, Corrective and Preventative Action Policy, Data Classification and Confidential Data Policy, Email Policy, Encryption Policy, Equipment Reuse and Disposal Policy, Group Retention Criteria Policy, Guest Access Policy, Information Security Incident Reporting Policy, Information Security Policy Statement, Internal Information Security Management System Audit Policy, ISO 27001 Awareness Policy, Mobile Device Policy, Network Security Policy, Outsourcing Policy, Password Policy, Remote Access Policy, Risk Assessment Procedure, Information Security Awareness Policy, Secure Development Policy, Social Media Policy, VPN Policy, Wireless Access Policy

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to components of the service are tracked and managed via the same systems that are used to track changes to customer devices. All managed devices are secured via TACACS servers and/or vendor specific orchestration platforms; all engineering access is logged by individual user and time stamped. All device configuration files are checked daily for any changes - these changes are then automatically added to the Network Configuration Management system change database.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Threats are assessed under the guidance of the Internal Information Security Management System Audit Policy. Internal audits of all Information Security Management System policies, procedures and controls are carried out at least once per annum in accordance with the Information Security Management System Internal Audit Schedule. Certain policies, procedures and controls may require more regular review according to importance or history of problems. Information from vendors is regularly monitored regarding patches which may need to be applied in between audits. Any discrepancies found during the audit are recorded on the Issues Register and acted upon.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: FluidOne Implements Dual Skinned firewalls with Next Gen Security Features, Malware Intrusion Detection and Prevention Services. For the purpose of this policy an information security event or incident is defined as:; ; ''An identified occurrence or weakness indicating a possible breach of information security policy or failure of safeguards, or a previously unknown situation which may be security relevant.''; ; All responses are responded to within 30 minutes by default. Special measures/policies exist for critical threats, details of which are available on request.
• Incident management type: Supplier-defined controls
• Incident management approach: FluidOne has a documented Incident Management Process which is updated annually. A summary is provided here:; ; Users will be notified proactively within 30 minutes of any incident that is service affecting. Users can also log incidents via phone, web or email. All incidents are logged and reported on via the Advanced Reporting Module (ARM). Availability reporting shows when, and for how long a device has been down. Live incident reporting provides analysis of incident category and resolution codes. This helps customers identify incident trends.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: FluidOne uses Layer 2 tunnels to segregate customer traffic on the core. Each connection is terminated directly on a separate, physical port or ports on our edge router and assigned a VRF tag. Network equipment maintains segregation and integrity of traffic throughout. FluidOne also implements role-based access control. Roles are based on several factors, including authorisation and responsibility. Buyers will be designated as end users within their own virtual environment and will not have access outside of their own virtual environment. Access to computer resources is limited to the ability to view, but not create or modify files.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Our data centres are governed by a certification in ISO 5001:2011 Energy Management Systems. Electricity has been purchased solely as "green electricity" from renewable sources since 1.02.2019.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  FluidOne recognises that climate change is one of the most prominent challenges which threatens our global community. We are committed to the continual improvement of our performance in reducing and minimising negative impacts on the environment through the adoption of sustainable practices. Our Environmental Policy includes regular documented updates that monitor, measure, report and reduce energy use.; ; We actively reduce our consumption of resources and improve efficiency in their use by re-using or recycling where possible. We promote individual and company awareness of good environmental practices and integrate recognised applicable best practice into our business activities.; ; We work closely with our suppliers to ensure environmental criteria are considered in the procurement of goods and services including asset lifecycle management and agreed mean lifecycle of a product. We are working with partners who sponsor several reforestation projects and have a focus is on giving technology a second life and contributing to the circular economy.; ; We encourage developing plans with buyers so that they can achieve their own sustainability targets. Introducing our sustainability partners forms part of this whilst as part of service reviews, we can develop plans including completing remote diagnostics and report on buyers’ utilisation level of all services. We can provide excess utilisation (for example power draw in data centres) as well zero usage (unused services) reports that lead to potential changes in services.

  Covid-19 recovery

  Covid and the subsequent adoption of new working practices amplified the operational benefits of flexible working and effective collaboration, but there are some important environmental advantages too.; ; The businesses' working policies were adjusted during the Covid-19 pandemic to ensure the safety of colleagues with changes made post pandemic during recovery to maintain limiting the possibility of transmission.; ; FluidOne deploy solutions that help people work effectively from anywhere. We carefully found the balance that maintains culture but reduces the need for teams to always meet physically. The results help to lower the amount of travelling and the subsequent environmental impact that creates. ; ; We are helping our customers with this; collaboration tools like Microsoft Teams (or other platforms) to the implementation of smart meeting room technology support reducing the frequency of physical office visits and in turn can help to reduce energy consumption or may even help reduce the footprint taken by office space.

  Equal opportunity

  FluidOne values and actively strives to have a diverse and inclusive workforce in a working environment free from discrimination. An inclusive work culture where people of different backgrounds are valued equally will ensure better outcomes for us all. We seek to promote the principles of equality, diversity and inclusion in all dealings with employees, workers, job applicants, clients, customers, suppliers, contractors, recruitment agencies and the public. ; ; We continually engage with our staff as well as external partners to help us to understand how we can make our workplace more inclusive and gain an insight into what our staff need most from us. With our industry being approximately 80% male, this makes the candidate pool for recruitment of experienced roles predominantly male and not as diverse as the wider community. Our leadership team believe the most effective long-term way to change the balance is to encourage more females and diverse candidates to make their first career move to be into the IT and Comms industry. ; ; We have aligned with a local university in London with a less privileged student base than other London universities. Our engagement has resulted in planning events where we can give support and to aid students on their career planning, creating some internships and entry level roles each year with FluidOne. Our representatives attend campus to discuss their experiences offering a more interactive approach to a traditional career fair, talking to students as they visit, with a view to continuing conversations.

  Wellbeing

  At FluidOne, our people are our most important assets, with. staff mental wellbeing one of our top priorities. We offer all employees - regardless of how long they’ve been with us - an Employee Assistance Programme (EAP). With EAP, staff can get 24/7 support, guidance, counselling, and expert legal advice on any personal and professional issues that could be affecting their home or work life. The wellbeing portal also offers a virtual library of wellbeing guides, with everything from dietary tips, fitness plans, and financial advice. ; ; We actively seek and retain talent and are proud of our culture of being straight-forward and one that promotes well-being, collaboration and innovation, as well as having fun.; ; Help employees flourish in the best ways possible is a continuous area of attention to. More flexibility in the scheduling of training and coaching is provided with additional support to managers to best support their teams. Staff culture is key to our success with teamwork and collaboration at our centre, As we support each other and work together to achieve our ambitions, this is represented with focus on regularly understanding how staff feel through one-to-ones, regular team meetings and mini-surveys.; ; The company deliver regular initiatives such as hosting company Pow Wow meetings in person or via video conference which shares company updates, as well as enjoying informative and fun get-togethers. Combining work and play this way proved popular with employees.; ; We are extremely proud to be recognised as an organisation that puts its employees first with recognition testament to our continued commitment to make FluidOne an incredible place to work.

Pricing

• Price: £231 to £489 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at williamlugg@fluidone.com. Tell them what format you need. It will help if you say what assistive technology you use.