Cloud 21 Limited

Endpoint Security Operations

Our Endpoint Security Services are designed around the complex requirements of the NHS. Delivered by our qualified cyber security engineers, the service comes with a dashboard providing full visibility into vulnerabilities across an IT estate and support for NHS security policies like CareCERTs and DSPT.

Features

• Active monitoring of your IT estate
• Vulnerability Scanning and Assessment
• Prioritisation, Patching and Remediation
• Vulnerability Programme Design and Management
• Managed security infrastructure services, Firewall, Web, Anti-Virus
• CareCERT and DSPT assistance, administration and management
• Customised dashboard that alerts/reports on all devices including clinical
• Cyber Essentials including Plus readiness
• Integrations with SIEM portals such as Graylog
• EDR Management including Microsoft Defender Endpoint and Sophos Central

Benefits

• Vendor agnostic, including SCCM/MECM, Qualys, Lansweeper, Tenable, ManageEngine
• Response and agile SLAs to suit all customers’ requirements
• Fully scalable, on demand access to cyber professionals
• Expert advice from a leading IT consultancy in healthcare
• Proactive monitoring of systems and network infrastructure
• Access to skilled crisis management experts during incidents
• Experience operating across NHS, healthcare, educational and public sector organisations
• Improved ability to detect, resist and respond to cyber-attacks
• ISO27001 and Cyber Essentials Plus accredited
• Hands-on Windows update management and patching remediation

£12 a device a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid-management@cloud21.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

859090644151908

Contact

Steve Gray
0845 838 8694
bid-management@cloud21.net

Planning

• Planning service: Yes
• How the planning service works: We work with our customers initially hosting scoping workshops to understand the full scope of the services which need to be delivered. This also allows us to fully understand the business, strategies, objectives and current position – and where the customer wants to get to. We can then align technically with the business strategies and deliver the right outcomes and value. Our consultants will ensure that the design and delivery of any of our Managed IT Security Service meets the needs of our customers.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: We can provide all manner of cyber security training both directly and through partners. The training offered includes online, instructor lead and on the job (skill transfer).; ; We can also work with clients’ marketing and communications team to create security awareness campaigns and help develop or update your on-boarding processes.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Cloud21 can provide implementation planning, risk assessments and impact analysis to support set-up and migration.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Programme Assurance and Quality Assurance Services play a key role in the successful delivery of services. We regularly performance test our services and invite our clients to regular reviews where we benchmark the services being delivered against predetermined KPIs. When organisations are seeking assurance on their large-scale cloud deployments, Cloud21 can offer experienced consultants from a wide range of skills sets: technical architecture, enterprise architecture, problem management, service management.; ; Cloud21 has extensive knowledge of implementing large programmes and transformations gathering from many years of lessons learned and best practices which can be utilised to provide assurance to our clients.

Security testing

• Security services: Yes
• Security services type:
  • Cyber security consultancy
  • Security incident management

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: We are accredited under ISO27001 and Cyber Essential+ and all our IT Security Services are operated in compliance with the ISO20000 framework.; The services offered are bespoke and documented into a service design which can also use various vendor specific products to help deliver the service. (in some cases, we can leverage existing vulnerability management and patching software components already in place). Cloud21 provides a service wrap for Qualys VMDR, Sophos Central, Graylog, Cylera and Microsoft Defender Endpoint.

Service scope

• Service constraints: We can provide services remotely or on site as required by the customer. We can work alongside the customer's existing IT team, or act autonomously to manage and resolve any aspects of the service that arise 24x365.; Not all software components are included as part of this service (buyer responsibility).

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 8 hours Mon - Fri (excluding Bank Holidays) between 8am and 5pm.; ; Within 72 hours on weekends unless out of hours support is specifically purchased.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support is available via Phone or email and this can be 24/7 if required. The cost of our support levels varies depending on the requirements and size of the customer and what is to be delivered. A technical account manager will always be supplied to work across all engagements and will make sure the appropriate resources are assigned as the customers’ as their requirements dictate.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Qualys, Graylog, Cylera, ManageEngine, Splunk

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 09/01/2024
• What the ISO/IEC 27001 doesn’t cover: Our certification covers the provision of professional IT services and IT support providing Consultancy, Product Development and Managed services including IT Service Desk, Cyber Security and SOC within the Healthcare, LocalAuthorities, Education and Professional Service Sectors. Any services outside of this are not covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 9001:2015

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Wellbeing

  Fighting climate change

  Cloud21’s quality and compliance team have been extremely busy over the last 24 months and have recently become ISO14001 certified demonstrating our commitment to reducing its environmental impact.; Ambitions for 2024/25; For this service we will: ; ; • Implement a reduce, reuse and recycle scheme (coffee pods, pens and batteries); • Eliminate single use plastic bottles from our office headquarters; • Promote rail travel over air travel for practical journeys; • Promote the ‘green leaf hotel’ scheme where practical to do so; • Accurately measure commutable mileage ; • Reduce paper use and printing at the our headquarters ; • Reduce emissions by 7.14% (19.23 tCO2e) from baseline ; ; We believe it is all about making small changes in order to make a big impact and promoting environmental sustainability. ; ; Cloud21 has implemented a carbon reduction plan in line with the NHS’s carbon reduction roadmap.

  Wellbeing

  We have a company-wide approach called VIBE (Valuing Inclusion, Belonging and Equity), which includes the provision of resources and support to improve physical, emotional and mental health and wellbeing which complements our company values. ; ; Our VIBE team promote social inclusion and wellbeing by running events that supporting charities, such as Samaritans and MIND.; ; We understand stress can impact a person’s mental health, this can result in absences and even resignations, but more importantly, it can impact people's lives fundamentally. Making sure that work is a safe place to discuss wellbeing and mental health by creating an inclusive and supportive environment will provide employees with the tools needed to manage mental health.; ; We look to reduce the pressure and stress involved in modernising systems and technology leveraging our past experience and sharing this with all stakeholders involved. ; ; Initiatives we are looking to run within the next 18 months:; • Run Health and wellbeing webinars and sharing resources to support our teams such as ‘NHS Every mind matters’ and the ‘6 ways to wellbeing’. ; • Continue to raise mental health awareness through running company lead events such as ‘fun-runs’ or ‘Movember’ to promote mental health awareness.; • Offer mentoring support from trained mental health first aiders to support our staff.; • Ensuring we continue to develop our Wellbeing policy.

Pricing

• Price: £12 a device a year
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid-management@cloud21.net. Tell them what format you need. It will help if you say what assistive technology you use.