PMD Data Solutions Limited

Cloud Backup, Data Protection, Network & Email Security, DRaaS

Specialist reseller of cloud-based backup, email protection, data retention, archive, migration and DRaaS (Disaster Recovery as a Service).

Partner technologies include Barracuda, AvePoint, Redstor, Unitrends & Spanning. Protection for MicroSoft Office 365, Google Workspace, Google Classroom, Dynamics 365, Salesforce and Azure workloads.

Features

• Long-term Cloud retention
• Customizable data retention policies from 90 days to infinite
• Scalable transparent pricing tool
• DRaaS including 1-hour VM spin-up
• Automated Disaster Recovery Assurance testing
• Unitrends Cloud or 3rd party Hyperscale integration
• Self service granular recovery - no retrieval fees
• Protect only capacity or VMs required
• 1, 3 or 5 year subscription model
• Microsoft 365 Backup & retention

Benefits

• Automate backup and Disaster Recovery operations
• Meet specific data retention policies
• Meet offsite Disaster Recovery compliance requirements
• Retain budgetary control of backup environment
• Enhance protection in mixed physical and virtual environment
• Reduce recovery times
• Monitor backups through single pane-of-glass
• Leverage existing Cloud providers including AWS, Azure, Google
• Easily manage multiple / remote sites
• Recover instantly from local disaster

£0.78 to £1.33 a gigabyte a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew@pmddatasolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

788788061271324

Contact

Matthew Gwynn
01789 268579
matthew@pmddatasolutions.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No
• System requirements:
  • Compatible with Windows, Mac, Citrix, Linux environments
  • Compatible with 200+ apps and hypervisors

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response goals are intended to provide a target for initial response to an issue or problem. Unitrends responses are base on severity level/prior defined when the case is opened. ; ; We have 4 severity levels and each have a different target response times: ; ; - Severity level 1 = One (1) Business Hours ; - Severity level 2 = Three (3) Business Hours; - Severity level 3 = Six (6) Business Hours ; - Severity level 4 = Ten (10) Business Hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Unitrends uses Salesforce Live Agent for Web chat. This Web chat application conforms to WCAG 2.0 AA Details including features and constraints can be found in the Salesforce Lighting Service Console Web Content Accessibility Guidelines 2.0 Level A and AA Voluntary Product Accessibility Template https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/508%20accessibility/wcag-2-dot-0-vpat-service-console-winter2018.pdf
• Web chat accessibility testing: No testing has been done with assistive technology users.
• Onsite support: Yes, at extra cost
• Support levels: There is a single level of support available which is Platinum. Platinum provides a One (1) business hours response for Severity level 1 issues, Severity level 2 has a Three (3) business hour response, Severity 3 has Six (6) business hour response and Severity level 4 has a Ten (10) business hour response. Cloud support engineers are assigned for cloud related issues.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Unitrends cloud service is a white glove service. The Unitrends team on-boards the customer and then sets up a replication relationship between the customers on site backup and the Unitrends cloud. ; ; Details of the Unitrends cloud service schedule with summaries can be found at the following link. https://www.unitrends.com/legal-notices/service-schedule-unitrends-cloud-services or https://www.unitrends.com/wp-content/uploads/Unitrends-Cloud-Services-Service-Schedule.pdf
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The Unitrends cloud agreement stipulates the following: Unitrends Cloud saves a copy of the Customer Content that the Customer designates through the Services’ web-based interface. ; ; The Unitrends Cloud periodically scans these files for changes and newly designated files and creates a copy of modified or newly designated files. ; ; Customer will not be able to restore files that the Unitrends Cloud has not completed Replicating or files that have been changed but not yet Replicated or not eligible for Replication. If Customer’s license to use Services, the Unitrends Cloud Services or any other associated product or service expires, is terminated, is not renewed, or is otherwise discontinued for any reason, Unitrends may, without notice, delete or deny Customer access to any of Customer’s Replicated Content or Retained Content and Customer Content may not be available to Customer. ; ; Customer agrees that Unitrends may retain (but shall have no obligation to retain) Customer’s Replicated Content or Retained Content for a period of time following any termination, expiration or lapse of Customer’s subscription in connection with Unitrends’ making such Customer Content available to Customer should Customer later decide to purchase, renew or extend its subscription to the Unitrends Cloud Services.
• End-of-contract process: The Unitrends cloud provides long term retention/archiving services as well as DRaaS. Customers pay an agreed fee in 500GB increments for tailored retention periods - from 90 days, 1-7 years, or infinite retention. ; ; Customers can also purchase additional DRaaS services with guaranteed SLAs (typically 24 hours or 1 hour for critical workloads).; ; At the end of an agreed contract, customers can choose to continue using Unitrends services based on a new negotiated cost or choose to have their data removed based on point 5.4 in Unitrends cloud services EULA.; ; A link to the cloud service eula is listed below for reference. https://www.unitrends.com/legal-notices/cloud-services-eula

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Customers can customise; - the type of resource to be protected (physical or virtual); - protected capacity (priced per 500GB) or number CPU sockets ; - retention periods (from 90 days to infinite retention); ; Customers can also choose to use Unitrends own custom-built cloud for offsite retention & DR, or use an existing hyperscale provider of their choice.

Scaling

• Independence of resources: Unitrends DRaaS is a white glove service. Resources are agreed upon during the on-boarding process, meaning customers only pay for what they are contracted to use. Users cannot change the resource allocations themselves. The Unitrends cloud team manages the resources and ensure SLAs are met for each customer.; ; If customers require guaranteed SLAs (eg 24hr, 1hr etc) these can be purchased as separate services within the customer contract.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Unitrends & Unitrends Spanning

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: As a part the Unitrends Cloud Service, Unitrends can utilize physical seeding devices to expedite the transfer of protected customer data to the Unitrends Cloud. The process to seed (export) data from the local backup to Unitrends Cloud begins when the discovery documents are returned. The size of the data being seeded to the cloud is verified and the appropriate device is ordered for shipment to the location of the local appliance. Onboarding engagements involving seeding into datacenter locations inside the UK will be accomplished by utilizing a Drive with a USB or ESATA connection.
• Data export formats: Other
• Other data export formats:
  • Backup data using CTAR format v1
  • Backup data using CTAR format and SIS v2
  • Data can be downloaded in native format from the cloud
• Data import formats: Other
• Other data import formats:
  • Backup data using CTAR format in v1
  • Backup data using CTAR format and SIS in v2

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network:
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Unitrends uses OpenVPN to tunnel and encrypt data transfers between local customer site and Unitrends cloud.

Availability and resilience

• Guaranteed availability: Detailed information on SLA agreements can be reviewed on the Unitrends website under the legal section. ; ; This link provides quick access to the said information. https://www.unitrends.com/legal-notices/cloud-services-eula ; ; In summary: Unitrends will use commercially reasonable efforts to maintain reliable and redundant infrastructure to store Customer Content in the Unitrends Cloud and complete selected Replications via the Services within 72 hours subject to delays caused by Customer or its network or systems or by telecommunications failures, utility outages or the Internet. ; ; If the Services indicate that Customer Content has been successfully Replicated and it is determined that the Customer Content was not Replicated as a direct result of a defect or error with the Services or the Unitrends Cloud, as Customer’s sole and exclusive remedy, and Unitrends sole liability, Unitrends will refund to Customer the total fees paid by the Customer for the Unitrends Cloud Services for the immediately preceding thirty (30) days. Except for the foregoing sentence, Unitrends shall have no liability for any failure of the Customer Content to successfully Replicate to the Unitrends Cloud. Note customers should review section 3.2 specifically in the cloud EULA for more information.
• Approach to resilience: Available on request
• Outage reporting: Outage reporting is provided via the Unitrends portal, with automated alerts available to users.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: The management interfaces for cloud devices are out of band.; ; Only the Unitrends cloud team have access to cloud devices.; ; Customer access to cloud data is managed through their local backup.; ; Unitrends provides role based access to customers on the local backup which is able to restrict access to recovery points replicated to the Unitrends cloud.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AlcumUS
• ISO/IEC 27001 accreditation date: 25/8/2017
• What the ISO/IEC 27001 doesn’t cover: Unitrends Cloud is ISO 27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Elavon
• PCI DSS accreditation date: 12/01/2022
• What the PCI DSS doesn’t cover: We are fully Payment Card Industry Data Security Standard (PCI DSS) compliant until 12/01/2023.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC 2 Certification

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Health Insurance Portability and Accountability Act (HIPAA) with BAA available
• Information security policies and processes: Information security policies are based on NIST Cybersecurity Framework with ISO 27002 controls. Unitrends policies and controls also satisfy GDPR and the US standards HIPAA and CJIS.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes to software and services provided are tracked throughout the SDLC process. All CVEs are monitored on release by a dedicated member of the development team, and appropriate remediations are provided based on the severity of the CVE. All changes are tested by QA prior to release to the production team. All changes to production are controlled by the operations team who apply them after acceptance by QA and approval by business management
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Unitrends conducts vulnerability scans against its environments monthly and penetration tests annually or after major changes to the environment or applications. Unitrends monitors publication of all CVEs and a dedicated security member of the development team assesses their impact on the Unitrends software and service and provides remediation based on the severity of the CVE.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Unitrends conducts vulnerability scans monthly and penetration tests annually or after significant changes to the infrastructure or application. Vulnerabilities detected are referred to Unitrends Incident Response Procedures and are triaged, analyzed and remediated as appropriate. Incident response is based on the severity of the incident detected
• Incident management type: Supplier-defined controls
• Incident management approach: Unitrends has an regular Incident Response Procedure to be followed all levels of incidents. If the incident is detected by a user, they can call the security hotline or submit the incident via email to the security-incident email alias.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  .
• Covid-19 recovery:

  Covid-19 recovery

  .
• Tackling economic inequality:

  Tackling economic inequality

  .
• Equal opportunity:

  Equal opportunity

  .
• Wellbeing:

  Wellbeing

  .

Pricing

• Price: £0.78 to £1.33 a gigabyte a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Unitrends provides a free trial of the Unitrends Cloud service in the form of a POC. Trials are limited to 30 days. There are also trial versions available for other software products in the Unitrends portfolio, including specialist applications for Office 365 deployments.
• Link to free trial: https://pmd.unitrends.com

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew@pmddatasolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.