I-KONIC LIMITED

Microsoft Azure Cloud Service Provider

Microsoft Azure offers the widest platform for public cloud compute, storage, networking, backup, and business continuity along with unrivalled global reach. I-KONIC is a Microsoft certified Azure Cloud Service Provider (CSP) delivering solutions across all sectors, through proven combinations of Microsoft Azure cloud hosting, best practice consulting and managed services.

Features

• Azure migration and modernisation centre
• Azure Application and data modernisation
• Azure Back up and disaster recovery
• Run business-critical applications in Azure
• Business intelligence
• Azure Virtual Desktop
• Azure confidential computing
• Implement remote government access
• Azure network security
• Tailored methodology and approach to Cloud Service problem solving

Benefits

• Improve efficiency by migrating and modernising your workloads to Azure.
• Accelerate time to market and deliver innovative experiences.
• Minimise disruption to your organisation with cost-effective disaster recovery.
• Azure hosted mission-critical apps increase operational agility and security.
• More efficient decision-making by drawing deeper insights from analytics.
• Access your desktop and applications from virtually anywhere with AVD
• Protect your data and code hosted in the cloud.
• Empower cross-agency collaboration, and deliver secure services
• Cloud-native network security for protecting applications, network and workloads.
• +22 years of industry experience to achieve your desired results

£0.01 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sean.russell@i-konic.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

788132419689730

Contact

Sean Russell
01418105848
sean.russell@i-konic.com

Service scope

• Service constraints: I-KONIC delivered Azure subscriptions and managed services offer the full range of Infrastructure-as-a-Service and Platform-as-a-Service publicly available through the Microsoft Azure Platform. ; ; Please refer to https://docs.microsoft.com/en-gb/azure/ to ascertain constraints relevant to specific customer technical and service conditions
• System requirements:
  • Microsoft Azure Subscription (CSP) supplied by and managed through I-KONIC
  • Please refer to https://docs.microsoft.com/en-gb/azure for technical requirements.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Microsoft Azure Technical Support (Standard offering) assistance is available 24/7/365 for Severity A and B incidents; ; Severity A - Critical business impact – Standard Response: < 1 hr; Severity B - Moderate business impact – Standard Response: < 4 hr; Severity C - Minimum business impact – Standard Response: < 8 hr; ; 24/7 access to technical support by email and phone after a support request is submitted
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Required support Levels and associated costs agreed with customer to deliver exact support requirements. Example of support services available include the following additional services as required: technical account management, telephone and web support during standard working hours 0900-1700, 24/7, out of hours and Cloud Support Engineer services.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: I-KONIC provides new customers with Customer Success Manager to assist with the on-boarding and adoption of the service. They provide guidance and walk-through the process of signing up the service. The Customer Success Manager will: Identify project teams, Discuss Use Cases, Create Success Plan, Develop rollout schedule, Create training plan. ; ; Training is provided via Training Guide Documentation and How-to Videos. All on-boarding guides are available from the Microsoft website.; ; If additional or customer specific training is required I-KONIC can provide consultant-led training sessions (either onsite or remotely) at our standard GCLOUD 14 professional service rates.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customer data is their business, and they can access, modify, or delete it at any time. Microsoft will not use customer data without their agreement. Customers can extract their data at anytime using Azure Import/Export service. ; ; As an alternative to extraction, customers also have the option to transfer their Azure services purchased through I-KONIC to a different CSP at the contract end.
• End-of-contract process: At the end of the contract, customers will have the option to renew for additional periods with I-KONIC. Alternatively they would be able to transfer the Azure services to a different CSP, or extract their data via the Azure Import/Export service. ; ; Transition or extraction services are available from I-KONIC at our standard GCLOUD 13 professional service rates, and are completely dependent on the scale and scope of the customers' Azure environment.

Using the service

• Web browser interface: Yes
• Using the web interface: All Azure services can be made available to users to manage and deploy services via the Azure Portal. See https://azure.microsoft.com/en-gb/
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Please review Microsoft Azure interface testing for accessibility at the following: https://www.microsoft.com/en-us/accessibility/
• API: Yes
• What users can and can't do using the API: Microsoft Azure offers a complete REST API that can be utilised to manage Azure resources and integration. Please refer to the following link for detailed documentation for the REST API: https://docs.microsoft.com/en-us/rest/api/azure/; ; Additionally customers can use the Azure API Management service to create their own API's for solutions implemented on the platform. Please refer to https://azure.microsoft.com/en-gb/services/api-management/ for full description of capabilities and requirements.
• API automation tools:
  • Ansible
  • Chef
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
  • Other
• Using the command line interface: The Azure command-line interface (Azure CLI) is a set of commands used to create and manage Azure resources. The Azure CLI is available across Azure services and is designed to get you working quickly with Azure, with an emphasis on automation.; ; The Azure Command-Line Interface (CLI) is a cross-platform command-line tool to connect to Azure and execute administrative commands on Azure resources. It allows the execution of commands through a terminal using interactive command-line prompts or a script.; ; For interactive use, you first launch a shell such as cmd.exe on Windows, or Bash on Linux or macOS, and then issue a command at the shell prompt. To automate repetitive tasks, you assemble the CLI commands into a shell script using the script syntax of your chosen shell, and then you execute the script.; ; You can install the Azure CLI locally on Linux, Mac, or Windows computers. It can also be used from a browser through the Azure Cloud Shell or run from inside a Docker container.; ; See https://docs.microsoft.com/en-us/cli/azure/ for full documentation on Azure CLI

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Microsoft Azure is one of the largest public cloud services in the world and offers almost limitless scalability and performance. This is underpinned and guaranteed by Microsoft based on the cloud resources and levels of service purchased by the customer.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft Azure

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Machines
  • Databases
  • Storage
  • Web Services
  • Applications
  • System state
  • On-premises servers and databases
  • Desktops
• Backup controls: Azure backup controls are highly granular and configurable per resource. These backup polices are configured in the Azure Backup Portal which specify frequency, timing, retention etc. Azure Backup provides independent and isolated backups to guard against accidental destruction of original data. Backups are stored in a Recovery Services vault with built-in management of recovery points. Configuration and scalability are simple, backups are optimised, and you can easily restore as needed
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLAs are dependent on specific services that customers purchase.; Please refer to the following link for details of the SLA relating to each service within the Microsoft Azure platform; https://azure.microsoft.com/en-gb/support/legal/sla/summary/
• Approach to resilience: Microsoft Azure global infrastructure spans 60+ regions.; Please refer to the following regarding Microsoft Azure global resilience architecture:; https://azure.microsoft.com/en-us/global-infrastructure/; Also the following link regarding data resilience.; https://www.microsoft.com/en-gb/trust-center/
• Outage reporting: A public dashboard is available at https://status.azure.com/en-gb/status; Customers can also configure customised alerts on the Azure Management Portal.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference; ; Azure AD role-based access control manages access to Azure AD resources. You can create custom roles, assign roles that use administrative units to restrict scope of control, assign application access to groups or users, manage eligibility with Privileged Identity Management (PIM), or delegate permissions to distribute identity. management tasks.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Information security policies and processes are managed by Microsoft. To help customers meet their own compliance obligations across regulated industries and markets worldwide, Azure maintains the largest compliance portfolio in the industry both in terms of breadth (total number of offerings), as well as depth (number of customer-facing services in assessment scope).; ; See the following for further details: https://docs.microsoft.com/en-us/azure/compliance/offerings/

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and change management processes are managed by Microsoft. https://www.microsoft.com/en-us/securityengineering/osa; ; Microsoft Azure has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines including ISO 27001, SOC 1 / SOC 2, NIST 800-53, and others; ; OSA incorporates the knowledge gained through capabilities that are unique to Microsoft, including the Microsoft Security Development Lifecycle (SDL), the Microsoft Security Response Center program, a deep awareness of the cybersecurity threat landscape, and data from industry standard tools.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: When suspicious activity is detected and escalated, Service-specific Security Response teams initiate a process of analysis, containment, eradication, and recovery. These teams coordinate analysis of the potential incident to determine its scope, including any impact to customers or customer data. Based on this analysis, Service-specific Security Response teams work with impacted service teams to develop a plan to contain the threat and minimize the impact of the incident, eradicate the threat from the environment, and fully recover to a known secure state.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: To detect malicious activity, each of Microsoft's online services centrally logs security events and other data and perform various analytical techniques to find anomalous or suspicious activity. Log files are collected from Microsoft online services servers and infrastructure devices and stored in central and consolidated databases. Based on the analysis performed by the security response team, the service team, and others, an appropriate containment and recovery plan is developed to minimize the effect of the security incident.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Microsoft has developed robust processes to facilitate a coordinated response to incidents.; • Identification – System and security alerts may be harvested, correlated, and analyzed.; • Containment – The escalation team evaluates the scope and impact of an incident.; • Eradication – The escalation team eradicates any damage caused by the security breach, identifies root cause for why the security issue occurred.; • Recovery – During recovery, software or configuration updates are applied to the system and services are returned to a full working capacity.; • Lessons Learned – Each security incident is analyzed to protect against future reoccurrence

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: On each Azure physical server node, there is a hypervisor that runs directly over the hardware. The hypervisor divides a node into a variable number of guest VMs. Each node also has one root VM, which runs the host operating system. Windows Firewall is enabled on each VM. You define which ports are addressable by configuring the service definition file. These ports are the only ones open and addressable, internally or externally. All traffic and access to the disk and network is mediated by the hypervisor and root operating system. See the following for further details: https://docs.microsoft.com/en-us/azure/security/fundamentals/infrastructure-components

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Please refer to Microsoft Azure energy efficiency documentation at https://www.microsoft.com/en-us/corporate-responsibility/sustainability

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The service provision aligns with the goal of fighting climate change by prioritizing environmental sustainability throughout our operations. We leverage cloud-based technologies to optimise resource utilisation, minimise energy consumption, and reduce carbon emissions associated with traditional on-premises infrastructure. Additionally, our solutions promote remote work and collaboration, reducing the need for commuting and thereby lowering greenhouse gas emissions. We are committed to continuously improving our environmental performance and implementing eco-friendly practices across our service delivery.

  Tackling economic inequality

  The service provision plays a role in tackling economic inequality by fostering economic opportunities and promoting inclusivity. Our initiatives focus on skills development, equipping individuals with the necessary tools and qualifications to succeed in the digital economy. By partnering with diverse suppliers and supporting small businesses, we contribute to a more equitable distribution of economic benefits. Our commitment to social responsibility extends beyond our core services, as we actively engage with stakeholders to identify and address socio-economic challenges within our communities.

  Equal opportunity

  The service provision is dedicated to fostering equal opportunity by championing diversity, inclusivity, and accessibility in the workforce. Our solutions are designed with accessibility in mind, ensuring that everyone, regardless of their background or abilities, can fully participate and benefit from our services. We advocate for fair and inclusive recruitment practices, providing opportunities for career advancement and professional development for all employees. By creating a supportive and inclusive work environment, we strive to eliminate barriers and create equal opportunities for everyone to thrive.

  Wellbeing

  The service provision prioritises the wellbeing of users and communities by promoting initiatives that support physical and mental health. Through our solutions, we facilitate remote work and flexible arrangements, promoting a healthy work-life balance and reducing stress. Our platforms provide access to resources and support networks, fostering a sense of community and connection. We are committed to continuously evaluating and improving the wellbeing impact of our services, ensuring that they positively contribute to the health and happiness of individuals and communities.

Pricing

• Price: £0.01 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Full details of free trial are detailed at the following https://azure.microsoft.com/en-gb/free/
• Link to free trial: https://azure.microsoft.com/en-gb/free/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sean.russell@i-konic.com. Tell them what format you need. It will help if you say what assistive technology you use.