ITC Service Ltd

Azure Virtual Desktop

Azure Virtual Desktop (AVD), formerly known as Windows Virtual Desktop (WVD), is a Microsoft Azure-based system for virtualising Windows operating systems. It securely provides virtualised desktops and applications in the cloud, accessible over the Internet. Designed for enterprise customers offering a complete Windows experience, a flexible environment and efficient management

Features

• Proactive Monitoring & support
• Real-time reporting
• Remote access
• Rapid resolution
• Enhanced cyber security
• Auto-fixes
• Analysis & review
• Flexible environment
• Infrastructure simplified
• Individual ownership

Benefits

• Simplified management
• Cost-effective
• Easy to scale
• Optimisations for 365 applications
• FSLogix for user profiles
• RemoteApp
• Enhanced security
• Global accessibilty
• Seamless integration with 365
• Customisable user experience

£3,100.00 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at l.charlton@itcservice.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

856957238178693

Contact

Loren Charlton
01915946394
l.charlton@itcservice.co.uk

Service scope

• Service constraints: N/A
• System requirements: Windows- pro

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Priority; 1 Critical- 1 hour; 2 High- 1 hour; 3 Medium- 4 hours; 4 Low- 8 hours; 5 No priority 3 working days; ; What determines our priorities:; Step 1 – Assess Urgency; Step 2 – Assess Impact; ; High Urgency- The whole organisation or site is affected.; Medium Urgency- A large group of people are affected; Low Urgency- One person/small group are affected; ; High Impact- The issue is critical and one or more major business processes are stopped.; Medium-Operational efficiency is degraded, but there is either a reasonable workaround or other members of the team are unimpeded.; Low- an easy/effective workaround
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Access via www.itcservice.co.uk or customer portal (individual log in)
• Web chat accessibility testing: Options tested with users:; -Phone calls; -Emails; -Webchat; -Ticket raising- Via app/portal/automate
• Onsite support: Yes, at extra cost
• Support levels: During the onboarding process, a technical lead is assigned. ; Once onboarded we have: Partner care/Quick Fix, 1st/2nd/3rd line engineers, Dedicated account managers, proactive monitoring desk, workshop resource for device builds and repairs and specialist cyber/cloud experts available. ; Our SLAs depend on the agreed hours covered and the priority of the issue or request. We can provide bespoke SLAs to suit the customer’s needs. Later down the line, this may include extended hours of cover, but currently can include different speeds of response, priority, or cover for diverse types of equipment. ; Our SLA times also depend on the priority of the issue or request. When a ticket is raised, we make an assessment based on the information that has been given. Priority is based on severity and impact. ; ITC have a ticket level called P1. This is our highest response level to a critical outage. This is what we deem as a critical incident, causing a severe impact to the organisation- allocated to a Service Desk Specialist- response within 15 minutes. ; We offer 24-hour support for critical issues. A P1 ticket automatically skips quick fix and first line desks and is allocated to a senior specialist.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: ITC Service provides a wide range of resource options to support customers get started with our service stack. ; These include: comprehensive documentation (in multiple formats), introductory videos/calls, hands-on labs, online and in-person training, access to a large ecosystem of partners and support
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Mobile
• End-of-contract data extraction: Cloud based services- hand over of portal administrator credentials to new provider who would exclude access to us as a service provider
• End-of-contract process: Full handover process to new provider; Communication ; Service Details and admin credentials handed over

Using the service

• Web browser interface: Yes
• Using the web interface: -Ability to raise tickets/see progress; -Training video for new technology users; -Welcome call/training via our partner care team (can be remote or in person)
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Via individual user log in and our website.; Options to zoom/book phone call/remote log in/ticket progress reports
• Web interface accessibility testing: Training given to all new technology users- remote or face to face
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Services are constructed within the customer's cloud ecosystem without relying on our infrastructure externally. Central signatures and updates might be cached to remove the need for update servers.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • Other
• Other usage reporting: Via the Partner care team and online ITC Service Customer Portal alerts

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Configuration
  • Database
  • Virtual Machines
• Backup controls: Users can take backup copies of the configuration & database via the Web Interface through manual or scheduled tasks via account managers and the partner care team
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Our SLA timers are contingent upon the user/business issue's priority, determined upon ticket submission. We evaluate provided information to assign a priority level but consider extenuating circumstances if users contest our assessment, such as impacts on customers or key project deadlines.; ; The final priority classification rests with our responding technician, recognising that not all situations fit predefined categories. Support requests outside business hours are exempt from our standard response time but will still be addressed promptly on a best-effort basis.; ; The response time denotes the maximum duration (within your cover hours) for us to confirm receipt of your ticket and allocate it accordingly. ; ; Priority 5 tickets encompass various scenarios:; ; -User, device, configuration, or network changes; -Issues raised contrary to specified methods or terms; -Hardware or software issues below our standards; -Unapproved software-related requests; -Problems due to disregarding our advice; -Modifications to hardware or software by you or third parties; -User-initiated virus or malware infections; -Hardware/software sourcing issues; -Items not under warranty or maintenance coverage.
• Approach to resilience: The resilience of our services is available upon request.
• Outage reporting: If there's an outage notifications are sent automatically to the ITC Service Partner Care Team. Depending on the severity of the outage, affected customers will be notified accordingly via phone and/or email, as well as through our customer portal's alerts section.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Administrators who access the Virtual Machine(s) are authenticated against the Username & Password set by the customer super administrator and a dedicated PIN is set via our new client portal which is individual to each user.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Currently working towards ISO27001; Aim to complete in 2024
• Information security policies and processes: Working towards both ISO 27001 information security standards and Cyber Essentials /Cyber Essentials Plus (May 2024). ; Though we are actively pursuing ISO27001 certification, our internal protocols already mirror its stringent standards, particularly in data security and information management. For instance, our data handling procedures include encryption protocols similar to those required by ISO27001. This ensures that sensitive client information remains protected both in transit and at rest, mitigating the risk of unauthorized access or data breaches. Our access control policies closely align with ISO27001 requirements, implementing role-based access controls and multi-factor authentication (MFA) to safeguard against unauthorised access to critical systems and resources. These measures demonstrate our commitment to upholding the highest standards of security and confidentiality for our client's data, even as we work towards formal certification. Our internal measures reference all of ITC Service policies and procedures including our IT policy, encryption systems and access control along with many other processes. This consists of our internal IT engineers who form part of our service desk team, reporting to the service desk manager and account managers. The service desk manager reports to the Technical Director and Managing director who have ultimate responsibility for Information Systems security, support and development.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Processes conform with ITIL processes and our ISO27001
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: ITC Service Continuously assesses software and firmware across the deployed services, either by evaluating vendor product and security release notes as appropriate or via our Patch Release Management Tool. The PRMT monitors firmware and software revisions to ensure they are at the latest release. The Release Manager uses the Configuration database as a source for the existing release levels, updated regularly. We evaluate the release, and our policy is to deploy security breaches and updates immediately. In contrast, all other releases are deployed if they are intended to resolve a known issue or following consultation with the customer.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our service management tools are designed to proactively oversee and monitor services and platforms. Upon receiving an alarm, the management tool will initiate resolution procedures either automatically by executing scripts targeting known issues within its knowledgebase or if automated resolution isn't feasible, it will alert the appropriate Service Desk with comprehensive issue details. Subsequently, the partner care team will generate a ticket, inform the customer's service desk, and assign the ticket to a resolution operative for evaluation and restoration. Responses will adhere to the designated priority level of the issue and the Service Level Agreement (SLA)
• Incident management type: Supplier-defined controls
• Incident management approach: Our operational Services Manual includes a documented Incident Management process, incorporating knowledge articles and templates regularly updated to address common issues. All Incidents are reported and logged via the ITC Partner Care Desk, either through automated tools or manually via phone, email, or the customer web portal. For Priority 1 and 2 tickets, phone reporting is preferred, while Priority 3 and 4 tickets can be submitted via email or through the portal if automated logging is not available. The Partner Care Manager and account managers provide Incident reports, Root Cause Analyses, and service reviews according to an agreed schedule.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: Vlans are used to segregate organisations; Using the same infrastructure to prevent data being accessible

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  ITC Service’s Solar Investment: Paving the Way to Net Zero; ; At ITC Service, sustainability isn’t just a buzzword—it’s our commitment. Our latest stride toward a greener future involves the installation of a 48kW solar array at our Hebburn headquarters. ; ; 113 Solar Panels, Limitless Energy:; Collaborating with AR Power one of our local clients/partners, we’ve equipped our HQ with 113 solar panels.; This substantial investment generates surplus electricity, powering not only our daily operations but also our fleet of electric vehicles.; ; Energy Autonomy and Cost Savings:; The solar array grants us control over energy costs.; Predictable expenses benefit us and our clients alike.; ; Reduced Carbon Footprint:; By reducing reliance on fossil fuels, we’re actively combatting climate change. Our net-zero goal by 2025 drives this commitment.; ; Driving EV Adoption:; Solar energy extends to our EV on-site charging stations.; Employees are incentivised to embrace eco-friendly transport through electric vehicle salary sacrifice.; x5 current Electric Vehicle fleet for use of engineers/staff ; ; Battery Storage 2024/25:; Implementing battery storage in ITC ensures uninterrupted power supply, enhancing service reliability and resilience during emergencies. This demonstrates environmental responsibility, reducing our carbon footprint and aligning with customers' eco-conscious values. Cost savings from optimised energy usage benefit both the company and customers through competitive pricing or improved services. Surplus energy stored in batteries can also be returned to the grid during peak demand, supporting grid stability and earning revenue. A stable power supply enables high-quality services, fostering customer satisfaction and loyalty. Investing in battery storage showcases innovation and differentiation, attracting tech-savvy customers and enhancing our reputation as a responsible service provider.; ; Core Values in Action:; Recycling equipment, being mindful of hardware purchasing options &our solar initiative embody integrity, trust, and communication.; We’re nurturing the environment while cutting costs, educating and supporting other local businesses.; ; Links to case studies:; https://investsouthtyneside.com/pledge-case-study/itc-services-sustainability-journey/; ; https://investsouthtyneside.com/pledge-case-study/laptop-donations-to-local-charity/

  Covid-19 recovery

  The pandemic underscored the vital role of community resilience. We actively contribute to local recovery by creating employment opportunities and supporting re-training initiatives like IT apprenticeships. To address cyber threats, we focus on cultivating job opportunities in cybersecurity. By nurturing talent in this field, we strengthen our operations and boost community and economic resilience. We collaborate with local training providers to offer work experience, prioritizing residents facing employment barriers, fostering economic growth in Hebburn and expanding remote work opportunities nationwide.; ; Net-Zero 2025 journey:; Our solar array provides cost predictability, empowering us to allocate resources efficiently, and benefiting our operations, partnerships, and clients.; Solar energy promotes a cleaner environment, indirectly relieving pressure on health services. We support staff health by offering counselling, healthcare benefits, weekly food shops, and feminine hygiene products. This holistic support ensures physical and mental well-being, tailored to individual preferences.; ; Our solar investment enables sustainable remote work and promotes employee health. We offer electric vehicle salary sacrifice schemes, aligning with sustainability goals and providing eco-friendly commuting options.; ; Local partnerships bolster business growth, providing vital support and resources.; ; Employee Comfort:; We've invested in ergonomic desks for staff comfort while working from a hybrid model suited to their lifestyle.; ; Training represents a large investment for our business, ensuring we stay at the forefront of IT infrastructure technology. ; ITC is a Modern Work Solutions Partner and has a Microsoft Certified Cyber Security Architect Expert on our team and experts across the business with regards to Business Continuity/Disaster Recovery and Security Architects. ; We are constantly adapting to changes in the Cyber Security space and an example of this would be the change in software security (TLS 1.0 and 1.1 to 1.2). The efforts we have made to make our clients safe have been monumental but a challenge we certainly embraced.

  Tackling economic inequality

  As a Managed Service Provider (MSP) deeply rooted in the UK, ITC Service recognises the urgency of addressing economic inequality. Our multifaceted approach focuses on creating a positive impact and fostering a fairer, more inclusive economy. ; We support local training providers such as PRS Inclusion Services and Charities (NUFC Foundation and SmartWorksNewcastle) voluntarily to support their service users who face multiple barriers, are the hardest to reach and are from deprived backgrounds, have disabilities, young carers, LAC & ex-offenders with information, advice and guidance, Mock interview sessions, work experience placements which hopefully lead to a paid apprenticeship with ITC Service. We attend the North East LEP school events to raise awareness around the ever-growing cyber security sector with the emphasis on "Getting Girls into Cyber"; We have a voluntary work perk for staff to support a local charity of choice.; ; ITC Service are apart of numerous local Networking groups which boast an innovative and diverse network of strategic partnerships across a multitude of sectors and specialisms. Our commitment to these Networks is to educate and contribute to business start-ups and local up-and-coming entrepreneurs. We collaborate within our sector and work alongside other MSPs to support the local and business community.; ; We specialise in leveraging technology and extensive research to tailor solutions to our clients' needs. Our expertise spans IT infrastructure, software, and digital transformation, enabling us to implement innovative strategies that enhance operational efficiency and ensure future adaptability. We offer educational webinars on cybersecurity and Microsoft products, free for our clients and network to attend.; ; We've implemented key initiatives/policies:; ; Menopause: Individuals receive comprehensive support and accommodations to navigate comfortably.; Transitioning at Work: Embracing and supporting individuals transitioning, providing them with a nurturing environment throughout their journey.; Trans Equality: Prioritising inclusivity, regardless of gender identity, cultivating an acceptance culture and understanding.

  Equal opportunity

  ITC Service is dedicated to promoting equal opportunities across all facets of our operations. Our unwavering commitment extends beyond compliance—it’s about fostering a diverse and inclusive environment where everyone has a fair chance to thrive.; ; We firmly believe in meritocracy. Our human resource approach ensures that talent and potential drive career progression, regardless of background.; ; Diversity enriches our workforce. We actively seek individuals from varied ethnicities, genders, abilities, and socio-economic backgrounds.; ; Our recruitment processes are transparent and accessible.; We make reasonable adjustments to accommodate the needs of disabled job applicants, ensuring equal access.; ; Equal opportunities extend to training and development.; We invest in upskilling our employees, providing pathways for growth regardless of their starting point.; ; We regularly review pay structures to ensure equity.; Fair treatment is non-negotiable—we address any disparities promptly.; ; Our workplace culture celebrates differences.; We actively combat bias, promote allyship, and encourage open dialogue.; ; Beyond our walls, we engage with local communities.; Mentorship programs and outreach initiatives create pathways for underrepresented groups.; ; Empowering an awesome company culture to consistently deliver client success, through the power of technology.; At ITC Service, equal opportunities aren’t just policies—they’re our ethos.

  Wellbeing

  We recognise that well-being extends beyond physical health—it encompasses mental, emotional, and social aspects. Our commitment to employee and community well-being is woven into our organisational fabric.; ; Employee Well-Being:; We prioritise our team’s mental and physical health.; Regular well-being check-ins, flexible work arrangements, and access to counselling services foster a supportive environment via an employee assistance programme. ; ; Work-Life Balance:; We advocate for work-life harmony.; Encouraging breaks, promoting hobbies, and respecting personal time contribute to overall well-being.; ; Health Initiatives:; Our workplace promotes healthy habits.; From ergonomic workstations to wellness challenges, we invest in preventive health measures.; ; Well-being extends beyond our walls.; We engage with local communities through mentorship programs, volunteering, and well-being workshops.; ; Our solar array aligns with environmental justice.; Clean energy benefits both our community and the planet.; ; Open dialogue fosters well-being.; We actively listen, address concerns, and celebrate achievements.; We prioritise well-being, it's not just a buzzword; it’s our ethos; ; ITC Service offers monthly staff wellbeing initiatives that cater to the abilities of our entire team, celebrating and supporting any disabilities by raising awareness of associated charities. Our team is currently participating in a walking challenge to raise funds for a colleague's chosen charity. This initiative integrates fitness into our workweek while showing solidarity and support for our teammate's cause.; ; Our presence in the North East, particularly in the South Tyneside area, is robust, bolstered by our support for the Invest South Tyneside Pledge. This initiative encourages local organisations to prioritise community-centric actions like local procurement and recruitment, fostering the growth of South Tyneside. Through our participation, we've partnered with local businesses, suppliers, and community organisations in the tech sector, providing them with valuable support and guidance. In addition, we host educational webinars and cyber awareness events, further contributing to the development and resilience of the local community.

Pricing

• Price: £3,100.00 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 30 day free trial for Azure
• Link to free trial: https://azure.microsoft.com/en-gb/products/virtual-machines/#pricing

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at l.charlton@itcservice.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.