Oakford Internet Services Limited

Private Cloud Hosting

Private Cloud Hosting is great for building your cloud infrastructure. You can spin up one instance or one hundred; deploy a single application or move your entire infrastructure to the cloud. Our platform has been designed to empower you with the scalability and control for a successful cloud deployment.

Features

• High availability
• Orchestration
• Real-time deployment
• Replication
• UK based
• Resilient
• Scalable
• Compliant
• Efficiency
• ISO27001 Certified

Benefits

• decreased downtime, simplified maintenance, flexibility, eliminating single point of failure
• reduction of errors, predictability, automation, consistency, elimination of human error
• faster delivery of features, increase stability of system, agility
• increased stability and reliability, better performance
• compliance with GDPR, data protection, security
• ability to rebuilt, removal of single point of failure, adaptation
• customisable infrastructure, ability to increase and decrease resources
• meet regulatory requirements, avoid fines, protection for organisations
• cost reduction, no upfront costs, lower investment in infrastructure
• compliance with business, improved confidence,

£999 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@oakfordis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

825617419454424

Contact

OCS Contact Team
03302 230 230
sales@oakfordis.com

Service scope

• Service constraints: Our platforms can support all major distributions of Linux as well as Windows 2016 or later based guest systems based on x86 and x64 architectures. ; ; Unplanned downtime is reduced by employing a strict change control process. Regular maintenance is performed in published slots with a regression plan always considered.
• System requirements:
  • Internet connection
  • MPLS

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times to tickets within 4 hours during business hours. ; ; Critical incidents prioritised but must be notified via telephone.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: A Technical Account Manager is provided to all Private Cloud customers. The TAM is responsible for all commercial, consultancy and escalation matters.; ; The service platform is proactively monitored 24/7.; ; The Oakford service desk is available for escalation support via email and telephone during business hours.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online training and user documentation are provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users have unrestricted access to their data and are always in full control allowing data extraction at any point during their contract.
• End-of-contract process: The off-boarding process is started when a de-provisioning request is received. This can be provided as a support request or directly to the account manager via email. ; ; The same platform support is available during the off-boarding process. Additional off-boarding service may be requested at an additional cost if users require a full decommissioning service, data extraction or migration as well as support for 3rd parties. OIS is also able to offer planning advice as part of the additional service.

Using the service

• Web browser interface: Yes
• Using the web interface: Ability to set up new instances and virtual networks via web interface.; ; Ability to allocate assigned resources. ; ; Ability to connect to console allowing to make any changes to own instances and networks.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Screen readers can process highlighted text within the portal.
• Web interface accessibility testing: Tested Edge and Chrome screen readers in lab.
• API: Yes
• What users can and can't do using the API: All functionalities available via the web console are also available via API.
• API automation tools:
  • Ansible
  • Chef
  • Puppet
  • Other
• Other API automation tools:
  • Cloud Monkey
  • Any REST compatible automation tool
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility: Linux or Unix
• Using the command line interface: All functionalities available via the web interface are available via the command line.

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Intelligent resource allocation is employed.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Files
  • Virtual Servers
  • Database
  • Agentless Office 365
  • Agentless Google Apps
• Backup controls: Through our web app or full app users can create multiple backup sets with options that include - backup scheduling, frequency, pre backup scripts and retention policies.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.8% in accordance with the service terms.
• Approach to resilience: Available on request
• Outage reporting: In an unlikely event of a service outage OIS will follow a defined process of handling such incidents. ; ; Service outages will be reported via a public dashboard and updated regularly. ; Other methods will also be employed as appropriate; these include email, SMS or telephone communication.

Identity and authentication

• User authentication:
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: User access control.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Username or password
  • Other
• Description of management access authentication: Limited access from within secure network.
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QAS International
• ISO/IEC 27001 accreditation date: 30/05/2017
• What the ISO/IEC 27001 doesn’t cover: All processes are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO27001 certified Information Security Management System is in place covering all cloud services offered.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All assets are tracked, risk assessed and managed. ; Documented change management processed is followed with all configuration items controlled by the process. Change Requests are raised and reviewed by Change Advisory Board (CAB) considering the systems affected, time of the change, its urgency as well as any regression plans required.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: An automated vulnerability scanning is performed according to a regular schedule on all elements of the core infrastructure. ; Results are classified and all critical vulnerabilities are removed by patching or other relevant means as soon as it is possible in accordance with maintenance and changes processes.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All systems are constantly monitored and regularly scanned using industry leading AlienVault systems. Results are reviewed and appropriate action taken as a priority. ; Response follows a documented process.
• Incident management type: Supplier-defined controls
• Incident management approach: OIS monitors all of its systems to proactively detect incidents as they arise. These are being evaluated using a priority matrix following ITIL methodology. Incidents can also be reported via email or telephone and undergo the same process. ; Oakford follows an agreed process for handling any Major Service incidents including customer communication and regular updates. ; Major incidents are always analysed with relevant actions taken as a result.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: KVM hypervisor
• How shared infrastructure is kept separate: Each organisation is assigned separate VLAN.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Data centres adhere to EU Code of Conduct.

Social Value

• Fighting climate change:

  Fighting climate change

  We are currently working towards ISO14001. We have already set out our policies and procedures in preparation for an audit later in 2022.

Pricing

• Price: £999 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free 30 day trial of our essentials package

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@oakfordis.com. Tell them what format you need. It will help if you say what assistive technology you use.