Vizst Technology

Managed Backup & Disaster Recovery (DR) Service

Vizst Technology’s Backup and DR solution provides cloud-based file, image and application back up services with additional disaster recover features. With solutions from leading vendors including Acronis, protect every workload with best in breed backup while accelerating management and security to safeguard your organisation.

Features

• Backups for on-premise or cloud servers
• Backup services for Microsoft 365
• Backup to vendor cloud, public cloud or private cloud
• File and disk image backup
• Integrated anti-malware scans and MI based ransomware protection
• Forensic data backup options
• Data compliance reporting and protection mapping
• Safeguard data across all platforms
• Real time dashboard and service reports
• ITIL 4 aligned service and support

Benefits

• 24x7x365 management and monitoring from our NOC
• Industry leading RTOs / reduced recovery time
• Single pane of glass management
• Data protection across all your platforms
• Control of your own tenant management and data
• Customisable backup services
• Flexible storage options
• Faster operations and automation
• ISO27001, ISO9001 and ISO14001 accredited approach to services
• Detailed reporting on behaviour and risks

£37.00 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@vizst.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

725549163871439

Contact

Sonia Krishnan
03333442204
tenders@vizst.com

Service scope

• Service constraints: Our service has zero constraints
• System requirements: No specific system requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Vizst offers flexible support packages and levels based on customer requirements. ; ; Our standard Response Time SLAs are: P1 = 30 mins, P2 = 1 hour, P3 = 2 hours, P4 = 4 hours. ; Tickets can be logged by phone, email or online portal. Note P1 responses are immediate when logged by phone. ; ; Service Desk core hours 0830-1730 Mon-Fri and on call cover out of hours. 24x7 support available. Anything outside of the scope of the support agreement is not covered by the SLAs and will be considered on a case-by-case basis for all support packages.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Vizst offers flexible support packages and SLAs based on customer requirements, from break/fix through to fully managed service. Our standard Response Times are: P1 = 30 mins, P2 = 1 hour, P3 = 2 hours, P4 = 4 hours.; ; Service Desk core hours 0830-1730 Mon-Fri with on call cover out of hours. 24x7 support available. Anything outside of the scope of the support agreement is not covered by the SLAs and will be considered on a case-by-case basis for all support packages. ; ; All customers, regardless of their support package, have a dedicated account manager and access to technical pre-sales and support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onboarding occurs for all managed service customers for the devices and users in scope. Documentation of every element is captured within our secure Configuration Management Database (CMDB) and data is classified to allow for easy support. A risk register is produced to identify and categorise potential service impacting events, how likely the event is, and the impact of the event happening. In addition, a full handover document to both the customer and the service support teams is created to allow the customer to understand how to engage our services, what SLAs are in place and what the escalation processes are. The support team are then provided with a handover document that details specific key information about the customer, what they do, what is supported, what the key services and priorities of those services are, and who the key points of contact are within a contract.; We can also provide customer training on the solution - this may be via work shadowing, vendor classroom based training, self paced online training or remote webinars depending on the customer's needs.; Full documentation of the solution including user guides and build documents will be provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: For ease for the customer, Vizst Technology can simply one-click export all of the data within our secure Configuration Management Database (CMDB) that creates a password encrypted zipped file with all of the data. This is classified in an order the customer can follow.
• End-of-contract process: Assuming the contract model is CAPEX, all data and licenses are handed to the customer. If the model is OPEX, a termination agreement will be drafted detailing the specifics of the contract, any termination fees, and options to purchase the equipment.

Using the service

• Web browser interface: Yes
• Using the web interface: Accessible via a secure web portal, through which users can manage and monitor their network, applications, users and devices, as well as investigate and remediate issues.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: All accessibility testing and acceptance is done as part of vendor's own development
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Vendor's robust planning, testing and redundancy measures mean user experience remains stable even during high demand or unexpected incidents.; ; Vizst's team work to a priority-based system meaning that depending on the severity of any incident, the team would assess the most urgent enquiry and respond accordingly. Additionally, we scale our teams based on booked and expected capacity and ticket trending. Using this information we can predict when we are likely to need new staff and recruit ahead of the curve ensuring users are not affected by increases in demand.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Acronis

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • PC File Level
  • SaaS services
  • Virtual and physical servers both onsite and to cloud simultaneously
  • Firewall and switch back up to cloud
• Backup controls: Backups, content, and the frequency of backups are agreed at the deployment phase of the project.; ; Customers can access cloud based tools to perform self-restores or contact the Vizst Service Desk to perform more complex restores such as servers, etc.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service availability is backed off by vendor specific SLAs. ; ; Not all our customers require/request service credits. Where these are required we will discuss and agree on on a case by case basis. ; Our support is available 24x7 regardless of vendor support.
• Approach to resilience: This information is available upon request as it is backed off to specific cloud-based vendors.
• Outage reporting: Real-time information about service availability, planned maintenance, degraded performance, and service disruptions are published through ; Acronis' Partners Portal and Vizst will relay this information to the customer. ; Additionally Vizst's service team pro-actively contact customers via email if monitoring detects outages. On average, the time taken from identification of an outage to notifying customers of the issue is under 1 hour.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
• Access restrictions in management interfaces and support channels: Access is restricted in management interfaces and support channels by either limiting or disabling the affected account.; ; By restricting user permissions via limiting access to the account, we can limit the damage that is done if a customer account becomes compromised. RBAC permissions can be applied to achieve this.; ; By disabling the account, users will be unable to use the account locally or remotely, ensuring the safety of the files/information.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 04/03/2024
• What the ISO/IEC 27001 doesn’t cover: There are no limitations to our certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus, ISO 9001, ISO 14001
• Information security policies and processes: Vizst Technology are ISO 27001, ISO 9001 and Cyber Essential Plus certified and compliant with GDPR and the Data Protection Act. All certificates held are current and we have a set of security policies and procedures which we operate via our security framework. Governance is achieved through centralised staff training which includes induction and regular ongoing training. Compliance is monitored by our Operations Director and line managers via our HR system.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: 1. Change Request: Request for Change (RFC) documented by the Change Initiator/Requestor within ticketing system by creating a change record. ; 2. Categorise/Prioritise: change urgency/impact on infrastructure, customer productivity, and budget assessed. ; 3. Analyse/Justify: develop change justification and identify potential infrastructure impacts (developing technical requirements, reviewing implementation steps, and roll-back plans). ; 4. Approve/Schedule: RFC submitted for Peer Review or to Change Advisory Board (CAB - including customer contacts) for approval/rejection. ; 5. Plan/Implement: minimising infrastructure and customer impact in line with RFC. ; 6. Post-Implementation Review: accepting, modifying, or backing-out the change; contacting customer to validate success; finalising change documentation within ITSM.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are assessed through bespoke customer Risk Registers. On-boarding engineers create the RR at service start and continually review at service meetings with the AM/Client Strategy Manager. Notification of potential Common Vulnerabilities and Exposures (CVE) from any vendor is assessed within 1 working day as to who is affected, what stepped changes need to happen to resolve the concern, and the customer contact is made aware. A change record is created assessing risk and peer/management/customer approval is sought before change is implemented. Information about potential threats is taken from the CVE list of publicly disclosed computer security flaws.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our Remote Monitoring Management (RMM) system is configured to allow us to know what is considered ‘normal’ and what is ‘abnormal’ for many specific monitors. If the system detects events outside these identified parameters, it will automatically log a ticket for the affected client, and depending on the type of event, will either: • Automatically run pre-designed automation scripts to remedy the event and automatically close the ticket; • Will log a ticket for a qualified engineer to resolve. Certain event types, such as compromises, are automatically categorised and set a high priority so engineers can act upon those instantly.
• Incident management type: Supplier-defined controls
• Incident management approach: Our incident management system uses complex workflows to automatically categorise and assess impact for many events, such as pre-defined and agreed thresholds being breached and the system automatically logging a ticket, running a script and the ticket being closed automatically if the threshold returns within normal parameters. End users can log tickets either via phone, self-service online portal (directly into the ticketing system), email. Incident reports are provided as part of scheduled reports/reviews with our customers and/or as live dashboards that the customer can access. We provide Root Cause Analysis for P1/critical incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Vizst Technology is committed to promoting sustainability. Concern for the environment and promoting a broader sustainability agenda are integral to Vizst Technology’s professional activities and the management of the organisation. We are ISO14001 certified and aim to follow and to promote good sustainability practice, to reduce the environmental impacts of all our activities and to help our clients and partners to do the same. ; ; Our Sustainability Policy is based upon the following principles: ; • To comply with, and exceed where practicable, all applicable legislation, regulations, and codes of practice. ; • To integrate sustainability considerations into all our business decisions. ; • To ensure that all staff are fully aware of our Sustainability Policy and are committed to implementing and improving it. ; • To minimise the impact on sustainability of all office and transportation activities. ; • To make clients and suppliers aware of our Sustainability Policy and encourage them to adopt sound sustainable management practices.; • To review, annually report, and to continually strive to improve our sustainability performance. ; ; Specifically, we are committed, amongst other initiatives, to: ; • Efficient printing, for example by double-siding all paper used and only printing where necessary. ; • Reducing the amount of waste produced by the business by encouraging employees to utilise reusable bottles, lunch boxes etc. ; • Ensuring that water/electricity is used responsibly by our staff by making sure lights, computers, taps etc. are turned off when not in use. ; • Recycling materials as extensively as possible by making sure we have paper, glass, plastic, and carboard recycle bins throughout the office. ; • Using technology to lessen the need for travel and reduce our overall carbon footprint and use public transport wherever possible when travelling is unavoidable.

  Tackling economic inequality

  We are fully committed to the principle of Corporate Social Responsibility (CSR) and aim to ensure that no relevant policy decisions are made within the business, without first evaluating the potential CSR impact. ; ; To tackle economic inequality, Vizst are committed to apprentices and work placements throughout all areas of our business including HR, Technology, Finance, Support and Marketing. We recognise that employing apprentices is a valuable way to upskill the local labour market and provide training opportunities with several of our directors developing via the apprenticeship route. ; ; Where possible, we hope to drive our recruitment of people from low-income backgrounds, BAME communities and those from the NEET category. As such, we refer all opportunities to local Jobcentres and work with local recruitment agencies and colleges to ensure vacancies are circulated within the area. In the event a skills gap is identified when undergoing monthly employee reviews as part of employee personal development plans, Vizst will actively support the employee(s) to undergo relevant training courses. ; ; We utilise a DMAIC approach while developing and implementing social value principles, utilising the Six Sigma DMAIC approach to identify any shortfalls or methods for improvement. Summarised, the DMAIC approach will entail: ; • Define: the issue/area is defined ; • Measure: the extent is measured. ; • Analyse: Root cause analysis is undertaken through investigations, identifying potential causes ; • Improve: improvement measures are suggested and implemented.; • Control: increased frequencies Along with the DMAIC approach ; ; Vizst will utilise the ability to collect direct feedback in the form of community surveys or online comment sections. We will be able to identify any trending service shortfalls. The data will be kept safe and secure accessible only by our Head of HR who will review these on a weekly basis.

  Equal opportunity

  Documented in our Equal Opportunities Policy, as well as in staff handbooks, our approach to recruitment, training and promotion has been developed based on best practice and statutory requirements such as the Equality Act 2010 guidance from the Equality and Human Rights Commission. ; ; In terms of recruitment, we: ; • Conduct quarterly reviews of our workforce, striving to ensure it represents the demography of the areas in which we work. ; • Utilise pre-prepared, anonymous application packs to eliminate potential prejudice from the application process. ; • Offer guaranteed interview schemes for disabled and protected characteristic individuals should they meet the criteria of a given job. ; ; The above are enabled through our Recruitment Policy, in conjunction with our Equal Opportunities Policy. ; ; Mandatory equality and diversity training is delivered to all staff, covering: ; • Our equality and diversity policy and its principles. ; • What constitutes as discrimination and how to report it. ; • Protected characteristics under the Equality Act 2010. ; • Positive equality and language techniques. ; • Fair recruitment and selection. ; ; This is then promoted through our positive equality culture, via: ; • Noticeboards: Reiterating our commitment to equality and creating positive workspaces, noticeboards provide contact details for senior staff to raise any equality issues with, as well as our commitment to maintaining fair, positive workspaces. ; • Office talks: We hold equality talks to discuss new initiatives and contributing to a positive equality culture, with focus on topics such as our zero-tolerance policy to discriminatory behaviour and inclusiveness. ; • Subcontractors: Where utilised, subcontractors are required to evidence their own equality and diversity commitments and adhere to our policies and procedures, with equality training delivered by ourselves as part of our induction.; • Reviews: Our Equal Opportunities Policy is reviewed annually, following incidents or changes to best practice to ensure maximum effectiveness.

  Wellbeing

  Our people are the lifeblood of our business and so just as important as industry and vendor awards are the recognitions we have received from Great Place to Work UK and as a Real Living Wage employer. We keep our employees fully informed of our policies and procedures and encourage them to share their ideas with us on both internal processes and the way our service is provided to customers. ; ; Continuous feedback is critical to ensure we don’t get complacent as a business. We send a quarterly Employee Survey out and report back to the employees on the results and our action plan. This ensures complete transparency builds trust within the business, ensures we are continually supporting our staff and they are being fairly recompensed for their work. ; ; Our organisation is keen to support and become involved in community initiatives and charitable work. We currently do this in the form of sponsorship and donations to national and local charities, which may be suggested by our staff, and the funding of community projects. Every suggestion is given due consideration. We recognise the importance of education in our community and supporting individuals during this process is key to advancement. We actively encourage our employees to progress professionally, offering training courses which are often funded by ourselves. We also offer a number of work experience placements in partnership with local schools to help reduce the number of those who are Not in Education, Employment, or Training (NEET). ; ; We maintain an open and honest approach to all of our communications, both internally with staff and externally with clients and stakeholders.

Pricing

• Price: £37.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Proof of concepts for a defined period are available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@vizst.com. Tell them what format you need. It will help if you say what assistive technology you use.