QNETIX LTD

S3 Object Storage - in partnership with Wasabi

A simple, fast, and affordable cloud object storage. There are no archival or warm storage tiers to deal with–it’s just one tier of highly secure, low-latency storage that’s as fast or faster than public cloud providers' most expensive frequent-access tiers with NO EGRESS FEES.

Features

• Cloud based S3 Object Storage
• Ability to make data immutable.
• Fixed price, per TB per month
• No Egress and No API call charges

Benefits

• NO Bill Shock. Fixed and predictable costs.

£5.03 a terabyte a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@Qnetix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

805522048735651

Contact

Qnetix - Your Trusted Technology Solutions Partner
+443333355673
gcloud@Qnetix.co.uk

Service scope

• Service constraints: None
• System requirements: N/A. Wasabi is cloud object storage IaaS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Wasabi offers a support matrix depending on the severity of the incoming ticket. Severity 1 incidents will be responded to within 15 minutes. Severity 2 within 30 minutes, severity 3 within 4 hours and severity 4 within 10 business days. All severities have a sliding scale of resolution times.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Wasabi offers Basic (free) & Premium (paid) support plans ; • Basic Support: Business day support via email only; • Premium Support hours = 7 x 24 x 365 via email & phone. ; Premium support is 7% of the purchase price for Reserved Capacity Storage customers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We pride ourselves on the fact that our services are easy to consume and simple to use. New customers provide a list of authorized contacts and their permission levels. We engage with those contacts, supply documentation, and provide information needed to access relevant portals. Wasabi additionally offers extensive online documentation on how to set and run the service. If extra onboarding support like project management or technical design is required, we may charge a pre-agreed rate.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We will work with you to create a plan for closing your account . Users can also directly download their data. Data will be available for 30 days post end of contract. Users will typically download / extract their data via the same application they used to push data to Wasabi.
• End-of-contract process: We do not charge for standard off-boarding, allowing organizations to exit our service without penalty. We will provide reasonable support for customer service exit, data exporting, and resource decommissioning. If extensive project management or large-scale support is necessary, We reserve the right to charge the client, contingent on advance agreement before termination.

Using the service

• Web browser interface: Yes
• Using the web interface: Users can create/edit/delete buckets, users, groups and policies using the Wasabi web console. Further information is available at: https://docs.wasabi.com/docs/wasabi-cloud-storage-console-1
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Wasabi Technologies is partially conformant with WCAG 2.0 level AA. (Some parts of the content do not fully conform to the accessibility standard.)
• Web interface accessibility testing: NA
• API: Yes
• What users can and can't do using the API: Wasabi provides 3 distinct APIs:; • Wasabi S3 API - Wasabi’s object storage service is built to be 100% bit-compatible with the Amazon Web Services’ Simple Storage Service (AWS S3) and Identity and Access Management (AWS IAM) APIs. https://docs.wasabi.com/docs/wasabi-api ; • Wasabi Account Control API - At a high level, WACA allows for the following functions:; a) Create a new sub-account that is linked to the Wasabi Control Account; b) Generate AWS key sets for sub-accounts; c) Manage sub-account trial parameters, such as extending the sub-account trial period and change subaccount trial quotas; d) Convert a sub-account trial period into a full (paying) account; e) Query utilization of sub-accounts both at the summary account level and bucket level; f) Query invoices of sub-accounts; g) Delete sub-accounts; h) Manage account “profile” information, such as email address; https://docs.wasabi.com/docs/account-control-api ; i) WACM Connect API - At a high level, the WACM Connect allows for the following functions:; j) Query utilization of sub-accounts at the account level and bucket level; k) Query invoices of sub-accounts; l) Query current utilization of control accounts; m) Filter the responses with a wide range of parameters; https://docs.wasabi.com/docs/wacm-connect-api
• API automation tools:
  • Ansible
  • Terraform
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: For detailed information, please refer to : Please refer to the following Wasabi Knowledge Base article(s): ; https://knowledgebase.wasabi.com/hc/en-us/articles/360031983432-How-does-Wasabi-protect-against-malicious-encryption- ; ; Customer data is encrypted on upload and can only be access by authorised customer users with valid access keys. Customers are responsible for creating and managing their users and access keys, as Wasabi is not able to access the customer account to configure these settings. Please refer to: https://docs.wasabi.com/docs/access-keys-1; https://docs.wasabi.com/docs/users-1
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Storage consumption (active and deleted)
  • API calls
  • Data utilisation
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Wasabi Hot Cloud Storage

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Please refer to https://wasabi.com/legal/sla/
• Approach to resilience: Wasabi provides 11 9's of data durability. Other information can be made available on request.
• Outage reporting: A real-time dashboard is available at: https://status.wasabi.com. Email alerting (via subscription) is also possible

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Wasabi facilitates the process of setting up security processes through MFA, SSO, Access keys and Password requirements in addition to users, groups, and policies, which Customers control and manage.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: Yes, see https://wasabi.com/compliance

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Wasabi has a security policy available on request
• Information security policies and processes: Wasabi has a security policy available on request

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Wasabi Operations track the status, location, and configuration of service component's throughout their lifetime. More information is available on request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Wasabi conducts weekly vulnerability scanning of all servers and proactively takes measure to keep its platform secure. Detailed processes and overviews are available on request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Wasabi utilises Carbon Black as its EDR/AV, which is continuously monitored and action is taken when there is an update. Furthermore, Wasabi has implemented a process where upon stakeholders are notified via, text, email or Slack in the event of unauthorized access. At which point action is taken to block said IP from unauthorized access.
• Incident management type: Supplier-defined controls
• Incident management approach: Wasabi have detailed processes that are available on request (as pdf file and hence the limitation to adding these here)

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Wasabi is collocated in Equinix facilities in Europe. Equinix is committed to leading the way regarding the EU Code of Conduct for Energy Efficient datacentres. More info can be found here: https://www.equinix.co.uk/data-centers/design/standards-compliance

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  While Qnetix is not a manufacturer of hardware or software, we are committed to minimizing any activities that could harm the environment. To achieve this goal, we will: /1/ Assess and seek to reduce the environmental impact of our current and future operations. /2/ Continuously improve our environmental performance and reduce waste by promoting recycling and reuse. /3 / Purchase environmentally responsible goods and services whenever possible. /4/ Train employees on environmental matters and make information available as needed. /5/ Expect similar environmental standards from our suppliers and contractors. /6 / Assist customers in using our products and services in environmentally sensitive ways. /7/ Participate in discussions about environmental issues as necessary. /8/ Comply with all legal and regulatory environmental requirements. /9/ Review this policy annually and update as needed. We share the industry's concern about the environmental impact of obsolete IT equipment that is not recycled. We believe no computer should go to waste. We work with suppliers to enable materials to be reused or recycled, helping conserve natural resources. We have a strong commitment to keeping environmentally sensitive IT materials out of landfills.

  Covid-19 recovery

  Qnetix remain committed to supporting our teams and community in the recovery of the affects of Covid 19. To achieve this goal, we will: /1/ Continue to offer training and education support for ; those left unemployed by COVID-19. /2 / Support people and communities to manage and recover from the impacts ; of COVID-19. /3/ Support organisations and businesses to manage and recover from the impacts of COVID-19. /4/ Support the physical and mental health of people affected by COVID-19. /5/ Improve workplace conditions that support the COVID-19 recovery effort ; including effective social distancing, remote working, and sustainable travel solutions.

  Tackling economic inequality

  Qnetix is committed to addressing economic inequality at its core by creating new businesses and employment opportunities, as well as improving education and training. Our overriding vision is to help reduce the unequal distribution of income and opportunity between different groups in society.

  Equal opportunity

  Qnetix aims to promote equal opportunities and fair management practices beyond legal requirements. Qnetix provides a work environment free from unlawful discrimination, harassment, bullying, or victimization based on sex, marital status, sexuality, disability, age, race, color, ethnicity, nationality, religion, or political beliefs. This principle applies equally to recruitment, training, promotion, dismissal, transfer, benefits, and all terms and conditions of employment. Qnetix does not tolerate breaches of this policy. All such instances will be thoroughly investigated and proven cases subject to disciplinary procedures. Policies for recruitment, selection, training, development, and promotion ensure individuals are treated solely based on relevant aptitudes, skills, and abilities.

Pricing

• Price: £5.03 a terabyte a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trials are available. Resource limits and timeframe are agreed on a case basis.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@Qnetix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.