NIGHTBALL TECHNOLOGIES LIMITED

Cyber Resilient Integrated Workspace (CRIW)

Pre-integrated secure environment, encompassing Cyber Resilient Desktop as a Service.

Features

• Secure remote access
• Citrix Cloud integration
• Managed service options
• Modern authentication and identity management
• Secure endpoint and authentication options with Becrypt and Yubico
• System architecture and design
• Cyber and business resilience
• Secure solution delivery
• Secure Private Cloud implementation using VMware VCF and NSX
• PKI Services with Thales and Yubico

Benefits

• Enables secure user access to Hybrid working
• Rapidly onboard/offboard users
• Flexible access to multi-cloud
• Bespoke requirements supported
• Rapidly deploy and scale services
• Allows a tailored transition to cloud access
• Reduces business risk and costs
• Ability to support enhanced workloads
• Reduce deployment times

£190.00 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@nightball.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

863355824351726

Contact

Polly O'Meara
-
commercial@nightball.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: CRIW is primarily built on Citrix Cloud, which is deployed and maintained on behalf of the client.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No specific service constraints. CRIW is underpinned by Citrix Cloud, which offers 99.9% SLA.
• System requirements:
  • An Active Directory domain (can be optionally provisioned)
  • Citrix Cloud Connectors (can be optionally provisioned)
  • An Authentication service (can be optionally provisioned)
  • Federated Authentication Servers (FAS) (can be optionally provisioned)
  • Public Key Infrastructure to support FAS (can be optionally provisioned)
  • Domain joined machines for hosting workload (can be optionally provisioned)
  • Operating system licences (can be optionally provisioned)
  • Client Access licences (can be optionally provisioned)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 4 Hours, 9am to 5pm, Monday to Friday (excluding Public Holidays).; ; Other support options may be available on request.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Standard Support Services are provided by Nightball Technologies Limited in the UK between 9am to 5pm, Monday to Friday (excluding Bank Holidays) via Email.; ; Additional Support options may be provided at an extra cost, based on client requirements.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Nightball Technologies Limited use virtual meetings (e.g. Microsoft Teams) to provide a 1 hour CRIW familiarisation session.; ; User onboarding guides are included as standard.; ; Further training assistance may be provided at an additional cost, depending on client requirements.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: CRIW is an access broker, no client data is held or stored.
• End-of-contract process: Client services will be de-provisioned on a pre-agreed date.; ; Any additional support or consultancy required will be subject to an additional charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Limited branding options available.

Scaling

• Independence of resources: The service is designed using Citrix scalable cloud technologies to ensure that other users demands do not affect the service.

Analytics

• Service usage metrics: Yes
• Metrics types: This will be defined in the contract.
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Citrix, Microsoft and Yubico

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: As a broker we do not hold data.; ; Any data export would be provided by the client.
• Data export formats: Other
• Data import formats: Other

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLAs are defined by Citrix Cloud. These are defined as 99.9%
• Approach to resilience: Dependant on requirement. At minimum multiple components are deployed as part of the onboarding process.
• Outage reporting: Email alerts and Citrix Cloud uptime monitor.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access is used to restrict administration functions.; ; Privileged access is also utilised where applicable.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: UKAS
• ISO/IEC 27001 accreditation date: 27/03/2024
• What the ISO/IEC 27001 doesn’t cover: Nothing, entire business is covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus; ISO9001
• Information security policies and processes: Available on request

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Available on request
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Available on request
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Available on request
• Incident management type: Supplier-defined controls
• Incident management approach: Available on request

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Signed the SME Climate Hub commitment to become Carbon Zero by 2040.; ; All company vehicles are electric.; ; Paperless office.

  Tackling economic inequality

  Member of prompt payment code and regularly advocate for other SMEs.

  Equal opportunity

  Bronze ERS and have signed the Army Covenant.; ; Female Managing Director.

Pricing

• Price: £190.00 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@nightball.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.