Fujitsu Services Limited

Hybrid Data Management

Enterprise class Backup and Archive. Pay as you go, per month, by the number of GB on customer servers, desktops or laptops. Fujitsu DataCentre hosted with choice of Private / Internet connectivity. Simple to budget and standard retention. Full compliance search capabilities across all data sets. Customisation options available.

Features

• Data Backup, Recovery, Archive and Compliance Search
• Hosted on always-on infrastructure in Fujitsu UK data centres
• The service is utility charged by the GB per month
• The service can complement or replace traditional on-site backup
• Enterprise class levels of performance, scalability and reporting
• Data residency locations are assured
• Supported technologies include Cloud IaaS, O365, and Kubernetes Containers

Benefits

• No minimum term contract commitment
• Charged purely on a Cost/GB/Month basis
• No minimum volume commitment
• No per user or per server charges
• No transaction charges
• Data management capabilities for on premise, cloud and edge clients
• Self-service option
• Compliance Search and Legal Hold capability
• Fully integrated suite of backup, archiving and compliance capabilities
• Proactive monitoring safeguards against ransomware and cyber-attacks

£0.04 a unit a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

798199448367676

Contact

Sam Skinner
07867829234
government.frameworks@fujitsu.com

Service scope

• Service constraints: None.
• System requirements:
  • Connectivity required.
  • All major client platforms supported.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Dependent upon the Tickets.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: 2nd and 3rd line support provided within the standard charges. Please see Service Definition document attached.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A start-up service available. User and Administration guidance material available.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data can optionally be exported to removable media or securely deleted.
• End-of-contract process: Data may be retained until expiry (charges continue). Data may be exported on request at additional cost.; ; Remaining data is securely erased.

Using the service

• Web browser interface: Yes
• Using the web interface: The service, including all features and functionality, are consumed using self-service interfaces.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: You can turn on the accessibility mode so that dashboards, charts, and other images use high-contrast colors and patterns that are accessible to more users.
• Web interface accessibility testing: To be confirmed as part of on-boarding engagement activity.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: The service is designed to expand and contract an is actively managed in terms of capacity and performance.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Disk
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up: Please see Service Definition.
• Backup controls: The option for Backup and Recovery is targeted at physical or virtual servers and desktop or laptop devices within a customer estate. Those devices may be conventionally hosted or reside within any of the Fujitsu Cloud services, in addition to 3rd party services. Client Groups, Scheduling and Backup Content is agreed and implemented by Fujitsu as part of the initial Onboarding process. However, customers can also be granted access to a self-service portal where they can modify schedules as required. Please see the Service Definition or more information.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99%. Please also see the Service Definition.
• Approach to resilience: This could be made available on request.
• Outage reporting: Email alerts.

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Role based access control defined and controlled by customer's directory service. 2 factor authentication employed.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bureau Veritas
• ISO/IEC 27001 accreditation date: 06/01/2022
• What the ISO/IEC 27001 doesn’t cover: The service is covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Ongoing review and 3rd party security assessments

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Managed in accordance with ITIL guidelines
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Central assessment. Regular patch deployment with ability for emergency adhoc deployment
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Operational Security Manager engaged
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Integrated with Standard Fujitsu service desk services

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: The Strategic Fujitsu Datacentres are registered “participants” in the EU Code of Conduct for datacentres, complying with their energy efficiency guidelines conforming to ISO50001 Energy Management. The Supplier’s infrastructure planners have used optimal layouts, as determined by the EU Code of Conduct to build the service within these datacentres.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Covid-19 recovery

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Tackling economic inequality

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Equal opportunity

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

  Wellbeing

  Fujitsu operates a Dual Delivery approach to Social Value (SV). Our Responsible Business Programme, developed on the principles of the Public Sector (SV Act 2013) delivers our corporate employee and community programme. Running parallel to the corporate programme, we deliver bespoke client-facing SV programmes within each call off contract. Programmes are fully aligned to the requirements of PPN06/20. Using our co-creation process, we undertake both local and national initiatives, jointly developed with clients and partners, that ensure Economic, Social and Environmental benefit to communities.

Pricing

• Price: £0.04 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at government.frameworks@fujitsu.com. Tell them what format you need. It will help if you say what assistive technology you use.