Intersect Consulting Ltd

Hosting, Design & Transition for Azure/Private DC, SQL Server Management, Unit4 Hosting & Support

Cloud Hosting and Management in Azure or Private Data Centre. SQL Server Hosting, Managment, DBA and Support Services. Disaster Recovery as a Service. Agresso / Unit4 Hosting & Support.

Features

• Secured & Protected by (CCSP) Cloud Certified Security Professionals
• Risk Assessed by our Risk ISO 27005 Certified Professionals
• 24/7 Intrusion Detection Monitoring
• Cyber Resiliant Back Up Solution
• Yearly Penetration Testing by CREST & CHECK Certified Security Professionals
• Robust Disaster Recovery & Disaster Recovery Plannning
• Proactive Managment & Optimisation
• Full Project & Transition Management
• Flexible & Scalable
• Fast & Reliable

Benefits

• Enhanced Cloud Security
• Risk Averse - Annual Risk Assessment
• Optimised Performance
• Fast Deployment
• High Availability
• Fast & Reliable
• Cost Efficient
• Online & Telephone Support
• Personal Account Management

£4,500 a server

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sue.johnson@intersect.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

861786188490852

Contact

Susan Johnson
01942 366730
sue.johnson@intersect.co.uk

Service scope

• Service constraints: Support is tailored to the individual needs of our Clients i.e., some require 27/4 other require 9 - 5.; ; A monthly maintenence window is agreed with our Clients, this is always out of hours.
• System requirements: Internet Connection to the Data Centre

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: When a user logs an incident, they will receive an automated response within 5 minutes to confirm a ticket has been created. Every new ticket is reviewed and prioritise within 30 minutes of being received and the User will receive an initial response from Intersect within 40 minutes unless this is a high priority call.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Intersect provides the same level of support to all our client. Our core support hours are 8am - 6pm Monday to Friday (BST). ; However, we do tailor support models to individaul client requirements, which are costed on an individaul basis, to ensure our clients get the best value and are not paying for services they do not use.; Account Managment is provided as standard and monthly reviews.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Intersect provides online user documentation normallay issued to a dedicated team on the initial proejct who will managed the distribution of the material interanlly. We have found that this approach works best, as some organisations want to tailor the documentation so it is inline with there internal processes and procedures.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: An encrypted backup of the data is provided to the client via a secure FTP client or if required this encryped backup of the data can be provided in other formats on request.
• End-of-contract process: A final backup of the data will take and this will be encrypted. This will be provided to the customer and once they have verified that they can restore it, any customer data that we posess will be encrypted before being removed from the server. The servers will also be securely deleted.; ; If the customer requires a grace period before the data is removed, then this will be provided.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Hosting provided is either private cloud which shares no resources with other customers, or if it is a multi-tenanted environment, such as shared Database Server, then customers will have their own memory, CPU and disk allocations.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual Machines
  • Full Database backups
  • Transaction Log Database backups
• Backup controls: Standard backup routines are put in place which follow best practice. Although if there are specific requirements which need to be followed all of the time or just for specific periods, then these can be put in place.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Intersect Generic SLA's Urgent - Critical incident – system down - 0 - 4 hours High - Major issue or performance is severely affecte - 0 - 8 hours Medium - Non-critical issues - 48 hours Low - Service or maintenance requests - 36 hours; For a single SLA breach in a single month, 15% credit for that months hosting cost is refunded.; ; For a two SLA breaches in a single month, 20% credit for that months hosting cost is refunded.; ; For a single SLA breachese in a single month, 25% credit for that months hosting cost is refunded.
• Approach to resilience: This is available on request
• Outage reporting: Email alerts are sent via a monitoring system. Customers are then notified accordingly as required.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access control is in use and only authorised individuals have access to management interfaces and support channels.; ; Access requests to management interfaces and support channels have to go through a change control procedure and authorised by a senior IT Director.; ; All access is monitored, recorded and approved under our ISO 27001 processse and procedures, this is an essential requirement of our ISO27001 accreditaion,
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through: Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Centre for Assessment Ltd
• ISO/IEC 27001 accreditation date: 12th Feb 2022
• What the ISO/IEC 27001 doesn’t cover: Outsource any core processes or services Operating from Customer sites Software Development
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our Information Security policies and processes are governed by our ISO27001 accrediation.; ; Our Director of Service & Information Security is responsible for all our Information Security policies, processes and procedures. ; Intersect has an audit schedule as part of our ISO 27001 accreditaiton.; ; Intersect has Monthly Security Meetings to ensure all policies and processes are being followed. These feed in to senior managements Quarterly ISO Security Meetings that take place to ensure policies, processess and prceedures are being adhered to. This is an essential requirment of our ISO accreditation and is audit externally on an annual basis.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management fall under our ISO27001 accreditation. Intersect has a formal Internal and External change control process and procedure. ; Internal Configuration Changes are logged in the Problem and Improvement register and will also require an internal Change Control Notices, which must be signed by a senior IT director; External Change Control will have a trail through Intersects Support Function. An external CCN has to be sign by an authorised person from the cusomters side and a senior IT director.; ; CCN's contain an impact and risk assessment with cost implications, so informed decsions can be made.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our systems are assessed for vulnerabilties on a monthly basis as part of our Monthly Security Meetings. Any identified threats are assessed for impact, and escalation to repsond is actioned should our systems be deemed vulnerable. As part of our ISO27001 Acredditation all vulnerabiltites & threats are recorded in our Risk Register with Impact assesment and mitigation identified. ; ; We would aim to deploy a patch same day, after dudiligence checks and following our Change Control Process.; ; We proactively monitor vulnerabilites and emerging threats through various sources i.e., NSCS, itpro/security, Barracuda, Microsoft... Forum engagement
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our systems have Intrusion Detection Monitoring in addtion power shell scripts monitor the systems for unauthorised logon attempts. These are monitored in real time, so responses are also in real time.; Intersect has a Repsond and Recovery Plan which has an identified process for potentail compromise threats.
• Incident management type: Supplier-defined controls
• Incident management approach: Intersect hold a knowledge base for repetative incidents.; Intersect operates an online support portal. A user can log an incident via email the support desk or by direclty loggiing in to the portal. When a user logs an incident, they will receive an automated response within 5 minutes to confirm a ticket has been created. Every new ticket is reviewed and prioritise within 30 minutes of being received and the User will receive an initial response from Intersect within 30 minutes. When a ticket is created it is prioritised according to severity. ; ; Incidents Reports are provided monthly basis.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: We tend to keep customers in their own Private Cloud solution and not to share underlying hardware. ; ; But for multi-tenanted solutions on the same underlying hardware, each customer would segregated at the network level, with no shared resources such as Domain Controllers, each VM would be private to each customer

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Using Microsoft Azure is up to 98 percent more carbon efficient than using a traditional enterprise datacentre. Join the growing community of industry leaders that are reducing energy use and transitioning to a more carbon-neutral grid with Azure.; ; Microsoft has been carbon neutral since 2012 and is committed to being carbon negative by 2030, with the commitment by 2050 to remove all the carbon it's directly emitted since its founding in 1975. Take advantage of the lessons learnt from Microsoft's own sustainability journey and help advance a low-carbon future—while you achieve your own sustainability goals.

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  Our G-Cloud service provision is committed to fostering equal opportunities within our operations. We ensure that our procurement and recruitment processes are inclusive and transparent, enabling fair access for all potential suppliers and employees, regardless of size, background, or location. By prioritising diversity and inclusion in our supplier and employee selection criteria, we contribute to the advancement of equal opportunities across the marketplace. Furthermore, our service offerings actively support initiatives aimed at empowering underrepresented groups, such as providing training and development opportunities to diverse groups. Through these efforts, we not only promote fairness and equality but also foster innovation and creativity.

Pricing

• Price: £4,500 a server
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sue.johnson@intersect.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.