Roc Technologies Limited

Desktop as a Service

Roc’s Desktop as a Service is based on the deployment of Windows 365 cloud PC, Azure Virtual Desktop or Citrix Desktop as a Service and is designed to support On-premise, public cloud, hybrid and private cloud infrastructure environments. Roc are partners with both Microsoft and Citrix.

Features

• Fast, simple, and scalable service for delivering apps and desktops
• Reduction of technical footprint on site
• Secure access using industry standard technologies
• Provision of true Windows 11 desktop experience
• Cloud agnostic desktop deployment
• Secure deployment, protection, vulnerability management and compliance.
• Additional management layers through technologies such as Nerdio Management
• 24x7x365 operational services underpinned by Service Levels.
• Aligned to industry leading virtual desktop solutions from Microsoft/Citrix.
• Cloud and Technology Management, including full visibility and right-sizing.

Benefits

• To compliment and support a customers’ Cloud First strategy
• Simplify the consumption of Azure, AWS resources
• Provide short term solutions to capacity problems
• Industry leading management and control panes
• Integration with existing on premise hypervisor platforms
• Cloud Cost Optimisation
• Business value and outcomes based delivering Cloud success
• Adaptive solutions for user personas and application delivery
• Proactive management and monitoring services, delivered 24x7x365.
• Continuous visibility and vulnerability management.

£375.00 to £1,300.00 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@roctechnologies.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

890177269806854

Contact

Tim Elton
01635 581188
publicsector@roctechnologies.com

Service scope

• Service constraints: Windows 10/11 virtual desktops only; Solutions may require network connectivity to data centres; remote desktops can be deployed to Azure, AWS or on prem VMWare and Hyper-V only.
• System requirements:
  • Existing identity provider (e.g. AD or Azure AD)
  • Remote desktop client for access
  • Network connectivity to backend data

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All email and online support requests will receive an immediate automated response, The SLA associated with the specific contract will determine the actual response and resolution timescales, including and variation for weekend and bank holidays. This will typically range from30 minutes to 2 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Desktop as a Service (DaaS) support includes Technical Account Manager support ; engineers and a 24/7 Network Operation centre. ; Targeted response is based on the call priority and varies between 15 mins and up to 10 hours ; Roc’s Managed Services are offered based upon two standard hours of cover-; • Normal Business Hours: Monday to Friday, 08:00-18:00, excluding public holidays; • 24x7: 24 hours per day, 7 days per week, 365 days per year; ; Roc Compliments DaaS support by carrying out the assessment design and migration along with ongoing support for the cloud infrastructure.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: For each new service provision, a one-time on-boarding charge will apply. This fee is charged to cover transition activity such as process definition, systems configuration, system auditing, remote access configuration etc. This charged will be in line with Roc’s published SFIA Rate card and will vary based upon the nature and complexity of the environment to be on-boarded.; During the on-boarding process, Roc will review the configuration of each in-scope item. Where in-scope items have not been configured in-line with best practice, remedial actions may be required before the item can be on-boarded or covered by Roc’s SLA’s. Such remedial activity can be performed by the client or Roc. Where performed by Roc it can be funded via Roc’s published SFIA Rate card or the Additional Service Points purchased as part of the service
• Service documentation: No
• End-of-contract data extraction: The customer has complete autonomy of how data is stored and managed within the Desktop as a Service environment. Data can either be extracted fromthe VM if data is stored locally but thi is not a recommended scenario.; ; Roc would return all data and materials which cannot be deleted or exported by the client and would destroy all copies of data on written instruction.
• End-of-contract process: We will return all client data and materials which cannot be deleted or exported by them. We will return any prepaid sums for services not delivered. We will not penalise the client for early termination unless state in the Service Definition.; We will return all confidential information unless there is a legal requirement for ongoing retention.

Using the service

• Web browser interface: Yes
• Using the web interface: Access to full remote desktop using HTML5.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Remote desktop supports the accessibility features of the underlying Windows 10/11 operating system but may not be available for shared desktops.
• Web interface accessibility testing: None
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Each organisation would exist in its own tenancy on any public cloud platform. Resources are not shared with other tenants.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft and Citrix

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Dependent upon Public Cloud service provider.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Dependent on underlying SLA of Public Cloud service provider
• Approach to resilience: Dependent on public cloud service provider.
• Outage reporting: Roc can provide Protective Monitoring in line with GPG13. These services are delivered from a dedicated UK based SOC which operates independently from Roc’s Technical Operation Centre; Alerting can be via tergated email

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Management and support access to the environment is controlled by a strict RBAC security model. All admin level access requires MFA. For public cloud access, Roc use vendor specific mult-tenant access controls as applicable.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation ISO Certification Limited
• ISO/IEC 27001 accreditation date: 26/4/2018
• What the ISO/IEC 27001 doesn’t cover: Individual cloud service providers and datacenters. We require them to hold their own accreditations.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO9001, ISO14001, SafeContractor
• Information security policies and processes: • Information Security Policy. • Clear Desk Policy. • Access Control Policy. • Information Classification Policy. • Data Protection Policy. • Network Access Control Policy. • Information Exchange Policy. • Password Policy. • Cryptographic Policy. • Acceptable Use Policy. • CCTV Policy. • Physical Security Policy.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Service Desk are responsible for overseeing the information gathering stage and identifying the type of change that will be undertaken, they will include a full test plan, outline of tasks and rollback plan. ; Details of any likely or potential impact will be documented in the change and then the Roc CAB will review and approve/decline changes. Changes are sent to the customer for approval. Changes are broken down into different categories with associated processes for creation, approval and implementation. The process includes appropriate timescales based on the priority and category of change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Desktop as a Service uses infrastructure and services provided by cloud services partners (i.e. Citrix, Microsoft and Azure). Vulnerability management and patching is controlled by the service partner.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Roc can provide Protective Monitoring in line with GPG13. These services are delivered from a dedicated UK based SOC which operates independently from Roc’s Technical Operation Centre; ; • Forensic log collection, storage, and management.; • Security event monitoring, analysis, reporting and alerting.; • Configuration audit.; • File integrity monitoring and system baseline change monitoring.; • Compliance monitoring.; • File based targeted threat assessment..
• Incident management type: Undisclosed
• Incident management approach: Incident Management is a core process for the Service Desk to ensure that any disruption to service is accurately recorded and managed through to service restoration. Incidents are prioritised and allocated by impact and urgency, Supervisors oversee the day-to-day management of all calls alongside a culture of best practice and ownership of tasks throughout the team. Roc Service Delivery Management team provides reporting on incident management, examples of the types of reporting Roc provides for incident management, and not limited to priority, category, channel, status, and SLA. Roc report on incident management weekly/monthly/quarterly/bi-monthly/6monthly/annually specific to the customer's requirement.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: Dependent upon Cloud service provider. Typically Azure or AWS.
• How shared infrastructure is kept separate: Customers will be separate tenants on public Cloud Services.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Microsoft Azure is a participant and an endorser of the EU code of conduct for data centre efficiency.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Roc is accredited to ISO14001, has a Carbon Reduction Plan and is committed to achieving Net Zero in Scope 1&2 by 2035 and Scope 3 by 2050. We have a comprehensive understanding of how to influence stakeholders to support environmental protection and improvement. Our approach involves engaging all relevant parties, raising awareness of environmental opportunities and encouraging participation in sustainable practices. ; To reconnect people with the environment and increase awareness of ways to protect and enhance it, we undertake these activities:; • Engagement: engaging with stakeholders to raise awareness of the benefits of environmental opportunities identified. Through workshops, seminars, and outreach programs, we highlight the importance of environmental conservation and encourage active participation in related initiatives.; • Co-design/creation: working collaboratively with stakeholders to devise and deliver solutions that support environmental objectives. Involving stakeholders in the design and implementation process ensures that initiatives are tailored to meet their needs and priorities while maximising environmental benefits.; • Training and education: providing training and education to influence behaviour and promote sustainable practices among staff, suppliers, Partners and other stakeholders. This may include workshops on waste reduction, energy efficiency, and sustainable resource management. Empowering individuals to make informed decisions that minimise their environmental footprint.; • Partnering/collaborating: partnering with community organisations and other stakeholders to engage the community in environmental initiatives related to contracts. Experienced in collaborating with local groups, we leverage expertise/eesources to support environmental objectives and foster community involvement in sustainability efforts.; • Volunteering opportunities: offering volunteering opportunities for contract workforce, enabling them to undertake activities that encourage direct positive impact on the environment. This may include tree planting, litter clean-up campaigns, or habitat restoration projects, providing hands-on opportunities for individuals to contribute to environmental improvement efforts.; Through this, we actively engage stakeholders in supporting environmental protection/improvement and fostering a collective sustainability commitment.

  Covid-19 recovery

  Roc is a people-based business and we have worked closely with our teams to co-create Covid recovery plans. Roc had significant revenue streams from the hospitality and aviation sector resulting in exposure and revenue reduction during the Pandemic. Following the Covid 19 Pandemic Roc created a Post Pandemic Recovery Programme. This programme is led by our employee forum with representatives from across the business. Initiative include:; ; Organisation-wide impact assessment re-baselining our business plan/strategy and to inform recovery plans; Strategy to minimise the impact whilst maximising the opportunities created by the Pandemic; A review of our financial structure and funding solutions; Moving legacy systems to SAS based Cloud solutions; Creating a business plan to mitigate the impact of a future Pandemic's; Investing in staff training and awareness to identify opportunities where Roc could support organisations with their post-Covid recovery plans ; Providing on-line desk booking solutions to encourage our staff to return safely to the office; Creating an apprenticeship programme across the business bringing on new talent; Building partnerships with local suppliers to support the local economy; Working with our investment partner BGF to identify opportunities for growth and investment, especially in STEM ; Partnering with Higher Education to improve student safety and student experience, encouraging students to return to Campus; Implementing space utilisation solutions to provide employees with real time visibility of office utilisation and space availability; Creating sustainability solutions that help clients with providing more environmentally friendly workplaces and working practices to support the post pandemic recovery; Investment in capabilities including our Network and Cyber Practices, aligning to high-growth areas underpinning our economic recovery.; Our planning means Roc is confident that it has a solid business foundation to mitigate the impact of any future Pandemics whilst taking advantage of Post Covid-19, focussing on relevant solutions/services for employees, partners and clients.

  Tackling economic inequality

  One of Roc’s key mantras is ‘to make a difference in the community of which we serve’. We are committed to tackling inequality at the root by creating new business and employment opportunities and by offering enhanced education and training.; Where possible Roc always partner with local suppliers as required in the delivery of our projects which creates employment and apprenticeship opportunities. Alongside this Roc promote prompt payment principles and we mirror this expectation across our supplier chain.; Roc is dedicated to enhancing the lives of disadvantaged children and young people across Roc and our customers local communities, this has been demonstrated through existing youth club sponsorships, and regular charitable donations.; Community investment: Greenham Common Trust ; Roc have recently moved into a new headquarters, leased by the Greenham Common Trust. The Trust’s sole aim is to promote charitable purposes for the benefit of the inhabitants of Newbury, where Roc is located, and its environs. ; Whilst mostly promoting social inclusion and community projects, the Trust also donate and contribute toward the local environment, such as restoration to the local Common, environmental improvements to local areas and construction of local wildlife ponds. ; By leasing our headquarters from such an organisation, this ensures Roc are ensuring that costs for this lease are being used to directly benefit the local environment. ; Roc have defined cultural values, one of which is to, “Make a Difference,” which underpins our support and involvement in community initiatives and charitable work. We do this in the form of sponsorship, donations to national and local charities, which may also be suggested by our staff, and the funding of community projects. Every suggestion is given consideration throughout Good Cause grant scheme, whereby our employees apply for funds to support local charities and initiatives which are important to them.

  Equal opportunity

  Roc is committed to promoting equal opportunity within our organisation and our supply chain through focus on Equality, Diversity and Inclusion.; Aiming to eliminate unlawful discrimination, harassment, and victimisation through:; • Educating all staff about the Act's provisions, emphasising the prohibition of discriminatory behaviour. ; • Regularly assessing policies, procedures, and decision-making processes, identifying/rectifying any discriminatory elements. ; • Establishing clear channels for reporting ensuring prompt investigation and appropriate action to ensure compliance.; We advance Equal Opportunity by: ; • Gathering data on protected characteristics to understand disparities. ; • Conducting equality impact assessments for new policies, services, and projects. Consider how they affect different groups, adjust accordingly. ; • Ensuring that reasonable adjustments are made to accommodate individuals with disabilities or other protected characteristics. ; Fostering good relations by promoting inclusion, engaging with the community, and celebrating diversity. ; We regularly share information demonstrating compliance with the Equality Duty and set measurable equality objectives. Roc is an equal opportunities employer, providing a service free from unfair and unlawful discrimination. ; Our commitment - We value people as individuals with diverse opinions, cultures, lifestyles, and circumstances. All employees are covered by our Equality, Inclusion & Diversity Policy individual differences are recognised/valued, and every employee is entitled to a dignified and respectful working environment. We offer training, development, and progression opportunities to all employees and review all our employment practices to ensure fairness. Over 50% of our leadership is female.; Our commitment as a Service Provider - We aim to fulfil roles from within the local regions and form partnerships with local organisations in service delivery. We aim to provide services to all clients regardless of their characteristics. We believe that equality in the workplace is good management practice and makes sound business sense. We seek to encourage applicants from diverse and underrepresented supported by flexible working policies.

  Wellbeing

  Roc is committed to provide a safe working environment that prioritises the physical and mental wellbeing of our staff. Roc has trained counsellors who are available to discuss any wellbeing concerns with colleagues. Our ESG forum is responsible for identifying and tackling any wellbeing related working issues.; Our family leave offering is to be improved for FY25, offering enhanced maternity, paternity, adoption and shared parental pay provisions. We will review the impact of this in our employee survey and continue to review our offering to ensure that we continually addressing the needs of working parents. ; We offer genuine flexibility over place of work for every role that isn’t subject to the conditions of a client contract (i.e. some roles are required by the client to be present at a particular location or for particular hours). All our roles are offered as either hybrid (with free choice of office days) or remote with flexible working hours considered where possible. Implementation of tax efficient nursery schemes to support working parents (salary sacrifice) – currently under consideration. Implementation of Roc Academy, utilising our apprenticeship levy. Targeting at least 40% spend at levels 2-4. Ensuring that a portion of our training budget is targeted at digital skills and levels 2-4. ; Our employees are our business, therefore Roc devotes a lot of resource to their wellbeing. These include access to a wide range of support materials on a multitude of topics ranging from mental health, to working from home to good nutrition, reducing stress and general good health; a 24hr mental and physical health hotline; Mental health first aiders; and Support groups – e.g. related to the menopause.; Roc provide an employee benefits scheme to all employees which also provides access to wellbeing advise with qualified counselling sessions if required.

Pricing

• Price: £375.00 to £1,300.00 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsector@roctechnologies.com. Tell them what format you need. It will help if you say what assistive technology you use.