The Curve Cloud Hosting

Service scope

Service constraints: Network Connection Dependency. To fully benefit from cloud computing services, your business or consumers must always have an internet connection.
System requirements: All system requirements are determined per Customer/project engagement

User support

Email or online ticketing support: Email or online ticketing
Support response times: Type of Response by Severity Level Time to first response Critical (Severity 1) - Immediate(when raised by phone) Major (Severity 2) - 4 business hours Minor (Severity 3) - 24 business hours Update frequency Critical - every hour Major - every 4 business hours Minor - every 24 business hours Root Cause determination (time starts after issue reproduction) Critical - 48 hours Major - 60 business hours Minor - 12 business days Contact Channels Critical - Phone (recommended), Email, Ticketing Major - Email, Ticketing Minor - Email, Ticketing
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
Web chat accessibility testing: We outsource our ticketing software so we've not done any direct testing ourselves.
Onsite support: Yes, at extra cost
Support levels: Bronze Support 8x5 (M-F 0900 - 1700) Email/Ticket Support only, 100 cases p.a. up to 2 named contacts, £10,000 p.a. Silver 24x5 (M-F 0001-2359) Email/Ticket/Phone Support, 500 cases p.a., up to 5 named contacts, £25000 p.a. Gold 24x7x365 Email/Ticket/Phone Support, Unlimited cases, up to 8 named contacts, £50000 p.a. Platinum 24x7x365 Email/Ticket/Phone Support, Unlimited cases, up to 10 named contacts, £75,000 p.a. 1 Named Support Engineer
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Entirely dependent on the customer, their requirements and their operating environment - we provide any/all user help methods: onsite training, online training and/or user documentation.
Service documentation: Yes
Documentation formats: HTML

ODF

PDF

Other
Other documentation formats: Google Docs
End-of-contract data extraction: As the data is protected and stored in the cloud, the customer is provided with full access to their data as required. There are a number of export mechanisms if the goal is to move away from the service and is situation-dependent.
End-of-contract process: The nature of our contracts are varied. This is something to be discussed and agreed with the Customer. We work closely with our partners as well to ensure smooth handover.

Using the service

Web browser interface: Yes
Using the web interface: We are a AWS, MS , IBM Cloud reseller and therefore fall under their service description offerings. The creation and inclusion of web interfaces vary from project to project and their functionality and attributes will be documented in the technical specification that accompanies each solution design.
Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
Web interface accessibility testing: 3
API: Yes
What users can and can't do using the API: We are a AWS, MSA , IBM Cloud reseller and therefore fall under their service description offerings. The creation and inclusion of API's vary from project to project and their functionality and attributes will be documented in the technical specification that accompanies each solution design.
API automation tools: Ansible

Chef

OpenStack

SaltStack

Terraform

Puppet

Other
API documentation: Yes
API documentation formats: HTML

PDF
Command line interface: Yes
Command line interface compatibility: Linux or Unix

Windows

MacOS
Using the command line interface: All Cloud providers (AWS, MS Azure, IBM Cloud) offer fully comprehensive CLI's applications that allow the management of any aspect of the service w/o limitations.

Scaling

Scaling available: Yes
Scaling type: Automatic
Independence of resources: Our resold Cloud Provider uses provisioned capacity guarantees that our customer's retrieval capacity for expedited retrievals will be available when needed. Each unit of capacity ensures that at least 3 expedited retrievals can be performed every 5 minutes and provides up to 150MB/s of retrieval throughput. Retrieval capacity can be provisioned if there are specific expedited retrieval rate requirements that need to be met. Without provisioned capacity, expedited retrieval requests will be accepted if capacity is available at the time the request is made.
Usage notifications: Yes
Usage reporting: API

Email

SMS

Analytics

Infrastructure or application metrics: Yes
Metrics types: CPU

Disk

HTTP request and response status

Memory

Network

Number of active instances
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Reseller providing extra features and support
Organisation whose services are being resold: Amazon Web Services, Microsoft Azure, IBM Cloud

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Other
Other data at rest protection approach: As a Cloud Provider Reseller, each service allows several options for encrypting data at rest, for additional layer of security, ranging from completely automated encryption solution to manual client-side options. Each solution is tailored to customer's stated requirements as part of the technical solution design.
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: In-house destruction process

Backup and recovery

Backup and recovery: Yes
What’s backed up: Databases

Virtual Machines

Disk Volumes, Hard Drives
Backup controls: A backup strategy is captured as a requirement as part of the technical solution design and will be agreed with the customer on a case by case basis. Customers can also control their backups via the web interfaces and API's as previously described. The backup options are flexible and support fine-grain control.
Datacentre setup: Multiple datacentres with disaster recovery
Scheduling backups: Supplier controls the whole backup schedule
Backup recovery: Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: As we are a Reseller, we use the SLA's offered by the Cloud Provider... links for AWS: https://aws.amazon.com/s3/sla/ MS Azure: https://azure.microsoft.com/en-us/support/legal/sla/ IBM CLoud: https://cloud.ibm.com/docs/overview?topic=overview-slas
Approach to resilience: Information about how our service is designed to be resilient is available on request.
Outage reporting: Service outages are reported directly to The Curve's Support Team for action via dashboard API, email and SMS alerts.

Identity and authentication

User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Dedicated link (for example VPN)

Username or password
Access restrictions in management interfaces and support channels: We have full identity and access management control. The Customer has the ability to define user's groups, controls, policies & permissions.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Dedicated link (for example VPN)

Username or password
Devices users manage the service through: Dedicated device over multiple services or networks

Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: Working towards ISO 27001, 9001

Resold providers fully compliant to several certs i.e. ISO, PCI

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: No
Security governance approach: We are in the process of pursuing ISO security standard accreditation. Currently, we have an internal information security policy best practice which adopts a risk-based approach, sets the direction of investment decisions, ensure conformance with internal and external requirements, fosters a security-positive environment for all stakeholders. We also review performance in relation to business outcomes.
Information security policies and processes: We have an information security policy and follow processes accordingly. This policy can be provided to customers upon request.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: We have an internal configuration and change management policy and follow processes accordingly. This policy can be provided to customers upon request.
Vulnerability management type: Undisclosed
Vulnerability management approach: We have an internal vulnerability management policy and follow processes accordingly. This policy can be provided to customers upon request.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: We have an internal protective monitoring policy and follow processes accordingly. This policy can be provided to customers upon request.
Incident management type: Supplier-defined controls
Incident management approach: We have an internal incident management policy and follow processes accordingly. This policy can be provided to customers upon request.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
Who implements virtualisation: Supplier
Virtualisation technologies used: KVM hypervisor
How shared infrastructure is kept separate: As a Reseller, our Cloud Provider deals with this. For example, AWS uses a simple key-based object store. When data is stored, a unique object key is assigned that can later be used to retrieve the data. Keys can be any string, and they can be constructed to mimic hierarchical attributes. Alternatively, S3 Object Tagging can be used to organize data across all of S3 buckets and/or prefixes.

Energy efficiency

Energy-efficient datacentres: Yes
Description of energy efficient datacentres: The resold cloud providers' datacentres are energy efficient. As a tenant of this environment, our energy draw is negligible therefore adherant to the EU Code of Conduct for Energy Efficient datacentres

Social Value

Fighting climate change
Covid-19 recovery
Equal opportunity
Wellbeing

Fighting climate change

Helping organisations transition to digital services and more efficient ways of working

Covid-19 recovery

Helping businesses that struggled during the pandemic redefine their processes to ensure less reliance on traditional methods

Equal opportunity

Allowing people to access information / data from remote locations, empowering people with different abilities, needs, and preferences

Wellbeing

providing ability for organisations to better manage workloads and therefore provide employees with better workplace environments

Pricing

Price: £0.02 a gigabyte
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: Dependent upon cloud provider. Free tier options are available - details provided upon request.

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Pricing

Service documents

Cookies on Digital Marketplace

The Curve Cloud Hosting

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Social Value

Pricing

Service documents