Charterhouse Voice & Data

Pentesec Microsoft Defender as a Service (DaaS)

DaaS provides seamless protection across your endpoints, identities, Microsoft 365, email and SaaS apps. Our UK-based Security Operations Centre (SOC) leverages automation to rapidly identify and remediate threats, investigate and respond to sophisticated attacks, and deliver a proactive security service to ensure your cloud environment remains protected.

Features

• Threat Intelligence
• Rapid Threat Response
• Phishing Attack Simulations & Training
• Proactive Vulnerability Management & Reporting
• Complete XDR Solution for Endpoint, Identities, M365, Email and SaaS
• Ongoing security strategy advice and guidance
• Service governance and reporting
• Pro-Active Configuration Management
• Proactive Alerts on severe and critical vulnerabilities
• Regular advisory and review workshops

Benefits

• Lowers the likelihood of future attacks.
• Proactively blocks emerging threats
• Continually improves your security posture
• Periodic vulnerability and posture reviews
• Supports regulatory compliance including Cyber Essentials, ISO and CIS
• 24/7/365 Team based fully in the UK
• Increased value from Microsoft License Investments
• Access to in-depth Microsoft security expertise
• Build long term security strategies
• Test employee security awareness with simulated phishing attacks

£33 a device a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@cvdgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

885364201794363

Contact

Liz Holmes
02076137441
publicsector@cvdgroup.com

Planning

• Planning service: Yes
• How the planning service works: SECURITY ADVISORY AND GOVERNANCE WORKSHOPS; ; Stay informed and up to date on security best practise, thanks to: ; ; Regular in-depth reviews of MS security posture, threats and activity ; ; Expert advice to inform strategy, improve posture and adopt MS best practise ; ; Recommendations to drive value from existing licence investments • Insight into the latest product capabilities and enhancements
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with: Microsoft Services

Training

• Training service provided: Yes
• How the training service works: Pentesec offer skill sharing during projects, and operate a vendor accredited training centre that can offer official vendor training courses to customers.; ; ATTACK SIMULATION AND PHISHING AWARENESS TRAINING ; ; Empower employees to recognise and avoid common cyber threats: ; ; Test employee awareness with regular simulated phishing attacks; ; Target vulnerable users with extra training ; ; Report on campaign and training efficacy ; ; Identify repeat offenders for additional support
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: PRO-ACTIVE CONFIGURATION MANAGEMENT ; ; Ensure your environment is always configured according to best practice, with: ; ; Proactive maintenance and tuning ; ; The ability to request management for security policy updates ; ; The ability to amend Whitelists and Blacklists ; ; Optional call-off engineering days

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: No

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Our DaaS advisory services ensure you are making the most of your existing Microsoft License investments, adding value and reducing third party spend to maximise the potential of your available Microsoft security features.

Service scope

• Service constraints: If your requirements are considered 'unusual' and 'non standard' please reach out to us and we can review whether accommodations or recommendations can be made.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Alert response from SOC systems: ; ; P1: Multiple malicious non mitigated alerts - 30 Minutes; ; P2: Single Malicious non mitigated alert - 60 Minutes; ; P3: Suspicious non mitigated alerts 4 Hours between 8am-6pm; ; Incident created on ITSM ticket, customer informed immediately thereafter, whilst further investigation and analysis continues.; ; Ticket created on ITSM system. Customer informed if required.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: A Microsoft Teams instance will be arranged for you to use for communicating via web chat interface when needed.
• Web chat accessibility testing: Microsoft are responsible for this and have extensive accessibility and assistive solutions available direct.
• Support levels: 24/7 INCIDENT MANAGEMENT AND RESPONSE Leveraging Microsoft 365 Defender, our UK-based Security Operations Centre provides incident management across: ; ; • Endpoints • Identities • Microsoft 365 data and services • Email • Software as a Service applications; ; Additional reporting, hands on support, direct professional services and other skilled responses and services can be provided at additional cost and would be quoted by your account manager as required, or under a pre-paid retainer if preferred.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 06/11/2023
• What the ISO/IEC 27001 doesn’t cover: NA
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001
  • NHS Data Security and Protection Toolkit (DSPT)
  • CIS Controls (Global)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We have committed to achieving Carbon Net Neutrality and have in place a clear and achievable plan to get there. See section 5 for more details. We know our operations and delivering for customers has an impact on the environment. We have a carbon footprint and we have completed significant works to understand the extent of that impact on the environment. That allows us to adopt genuine and realistic targets to reduce our impact, as well as implement new ways of working to achieve those reductions. Throughout 2022-24+ we have worked with experts from Sustainable Advantage, a leading environmental consultancy, to complete a thorough ESG review, and to complete a full carbon baselining. Through this work we have adopted a bold and ambitious new Environmental Policy, which includes targets to achieve Carbon Net Zero. We also publish a Carbon Reduction Plan on our website which outlines how we plan to achieve Net Zero.

  Tackling economic inequality

  We support our staff with enhanced benefits, including additional holidays, employee assistance programs, health insurance, and other benefits. We pay our employees above the minimum wage in all our locations and invest in external benchmarking to objectively measure that we are paying fair rates for the work our people do. Our Cyber Security team, based in Peterborough, have established links with local secondary schools to support a school leaver program. We actively recruit school-leavers into appropriate roles in the business and invest in their learning. Where possible, we work with local companies to support us in our purchasing and delivery of goods and services. In addition to our supply chain, our colleagues travel across the UK to support our customers, and we spend money in the local communities we travel to.

  Equal opportunity

  We have an established D&I policy and are working hard to make the demographic profile as a business match those of the communities where our offices are based. We employ people from across the UK, and offer a hybrid working policy as standard. We also support fully remote working where the role permits, which ensures our many vacancies are open to everyone from John o’Groats to Land’s End. We publish a modern slavery statement on our website annually, which sets out how we ensure no modern slavery exists in our supply chains.

  Wellbeing

  We invest in well-being programmes, train mental health first aiders and support an employee assistance programme giving access to confidential help on any issue for any employee. Each year our employees nominate our chosen charities who we then support throughout the year as part of our charity initiatives. We ensure our chosen charities are local to our office locations. We encourage our employees to volunteer with their local communities and support them when they do through flexible working. We have colleagues who volunteer with sports clubs and charities, as well as share their expertise on committees and boards.

Pricing

• Price: £33 a device a year
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@cvdgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.