Managed Wordpress Hosting
X-net’s Managed WordPress Hosting service allows customers to post websites, that have been developed in WordPress format, on to the Internet. Websites are hosted on a dedicated virtual server,
Features
- Dedicated virtual server
- Managed service
- Single core, 2GB RAM, 50GB storage, 2IPv4 addresses
- Secure Managed hosting of Wordpress
Benefits
- Managed Service
- Assigned Support engineer
- Secure hosting from a ISO 27001 accredited service provider
Pricing
£74.80 to £74.80 a unit a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
9 4 0 6 3 3 2 1 6 5 7 9 5 0 3
Contact
X-Net Chambers LLP
Tim Harris
Telephone: +441202755312
Email: tim.harris@x-net.co.uk
Service scope
- Service constraints
- Scheduled maintenance will be carried out in agreement with the customer, of which notification will be given 14 days in advance. However, in the case of emergency maintenance, the customer will be informed as soon as the issue/problem has been detected.
- System requirements
- LAMP stack is standard, customer must specify anything that differs
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 4 hours
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
By assigning to the customer a specific, named support engineer, we are able to ensure that they build a deep knowledge of the service, as well as understanding how important each component of the service is to the success of the customer's business. These engineers work hard to ensure that they gain that knowledge.
Our engineers are intent on providing customers with what they need in an efficient manner. If the assigned engineer does not know the solution to a problem, they will ask a colleague who does. Our engineers do not pass the problem on to somebody else, and then assume that it has been resolved. The customer's nominated engineer remains involved throughout any restoration processes, thus acquiring relevant knowledge. This allows the engineer to becoming ever-increasingly able to help during the initial call, should the issue be seen again. Essential to our culture of a 'people-centric service', we insist that the engineer who started the support dialogue (by taking the call or picking up the email/SMS) maintains the position of sole contact with that customer. The dialogue will end when the customer is completely satisfied that the issue has been fully resolved - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
After initial contact, an order will be raised, fully detailing the service that will be provided. Upon agreement to the order the service will be provisioned. Our target time for the whole process is 2 working days. The standard minimum contract length is one year.
No formal training is offered for this particular service. However, X-net engineers are perfectly happy to answer customer queries via e-mail, telephone, or SMS, and guide customers through complex and difficult processes. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- If the customer wishes to terminate his service he will provide 1 month’s notice, after which further time the service will be suspended. The customer will be liable for any outstanding charges incurred over the term of the contract. There is no termination charge. However, experience has shown the value of prudence in this regard; we allow a 1-week period following the date of service termination during which the customer may request us to reactivate it. Only after this time will X-net purge and destroy all customer data related to the service.
- End-of-contract process
- Customers may terminate their service by giving 30 days’ notice after the initial contract term has elapsed. This initial term is always agreed with the customer before signing the order.
Using the service
- Web browser interface
- Yes
- Using the web interface
- In accordance with mutually agreed controls, access rights and privileges
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
- Via browser, dependent on mutually agreed permissions
- Web interface accessibility testing
- None
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
- Automatic
- Independence of resources
- By capacity management planning in advance
- Usage notifications
- Yes
- Usage reporting
-
- SMS
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- HTTP request and response status
- Memory
- Network
- Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Virtual Machines
- Databases
- Files
- Backup controls
- A veeam management agent has to be installed on the device to be backed up followed by the OS's version of the Veeam Agent, backup jobs and backup policies can be created for different schedules
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- X-net’s hosting facility meets the requirements of both the Uptime Institute’s ‘Tier 3’ band, and the Telecommunications Industry Association’s TIA 942 standard. When delivering services, X-net customarily contracts to provide an Availability level of 99.99%, measured on a monthly basis. The minimum percentage of availability that Datacenta contracts for is 99.982%, however, the typical level of availability that Datacenta provides is 100%. Support hours run 24/7/365.
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts are setup for all Veeam instances notifying our engineers if the required data hasn't been backed up. Our engineers are present on site 24/7/365 and are able to respond to alerts as soon as they happen.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google apps)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Access is restricted in accordance with our system procedure SP-46 - Access Control by implementing: unique user identification and password, automatic log off, firewall use, separation of development, test and operational facilities, protection of information security controls, physical security of data, etc
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Devices users manage the service through
- Dedicated device on a segregated network (providers own provision)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Lloyds Register Quality Assurance
- ISO/IEC 27001 accreditation date
- 24/1/2013
- What the ISO/IEC 27001 doesn’t cover
- Protecting Application Service transactions - we do not perform application level transactions
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- The Security of X-net Services is managed by its Information Security Manager who chairs the regular meeting of the Information Security Management Forum, the body responsible for formulating, reviewing and updating security related principles, policies and processes as described in X-net's Statement of Applicability and as derived from the Information Security Risk Assessment
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
X-net manages the Configuration Management Database that contains all the relevant items of a service, the location, the type of server, the OS, Service Notes, Drive sizes etc.
Change Management - Changes are initiated in our support database, areas of impact and risk are assessed, change plan is developed and approved (including blackout plan), change is deployed and tested in the T&V environment and then if everything is working as expected is deployed in the live environment - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- We have subscribed to various vulnerability alert sources, from our third party providers. When a vulnerability is received, we browse through our Configuration Management Database and assess if any of our services are affected. If any of them are then a ticket is raised on our Database and a we assess the gravity of the vulnerability, and in collaboration with the customer we decide on the best course of action for patching to take place.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- X-net Engineers perform Log monitoring on a daily basis and are able to track any suspicious activity. Furthermore automatic monitoring systems notify us if any suspicious activity is detected. When a potential incident is detected an Incident support ticket is raised on our database and depending on the classification of the incident is dealt with immediately with an aim to resolve any Incidents within a maximum of 12 hours causing the least possible disruption to our customer services.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- X-net deals with incident as defined in the System Procedure SP-25 - Monitoring and Incident Management. Users can raise incidents by contacting X-net Support via email, message, or phone and our engineers will immediately raise an incident support ticket. Incident are then classified based on the impact they have on the customer's services and resolved in a maximum of 12 hours from when the incident is first reported. Incident reports are provided to the Customer upon request.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Other
- Other virtualisation technology used
- Docker
- How shared infrastructure is kept separate
- Different customers are separated logically using VLANs
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- X-net monitors and reports on it's Energy Efficiency which is currently at 95% as well as reporting annually on the Eu Code of Conduct Best Practices of which 95% are implemented in our datacentre.
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Assessing, and regularly re-assessing, the environmental effects of the Company’s activities or services - which shall then either be eliminated or effectively controlled. This will be carried out to meet or exceed all regulatory requirements relating to the environment. •Advocating employee involvement in all environmental matters, and providing suitable training and support to all employees with regards to the environmental policy. •Minimising waste to the lowest practical level, whilst ensuring its disposal in a diligent and responsible manner. •Reducing to a minimum all unnecessary use of materials, resources, and energy. •Promoting the use of recyclable and renewable materials. •Preventing pollution and continuously improving Environmental Management and performance. •Complying with all applicable legal requirements, and any other requirements relating to our engagement with the environment. •Conducting reviews in light of any new knowledge, change of legislation, or public concernTackling economic inequality
X-net is committed to tackle economic inequality by stimulating personal and professional development of our staff.Equal opportunity
X-net is committed to encouraging equality, diversity and inclusion among our workforce, and eliminating unlawful discrimination. Our aim is for our workforce to be truly representative of all sections of society and our customer and for each employee to feel respected and able to give their best.
Our commitments include training managers and other employees about their rights and responsibilities under the equality, diversity and inclusion policy. Responsibilities include staff conducting themselves to help the organisation provide equal opportunities in employment and prevent bullying, harassment, victimisation and unlawful discrimination.
Our Company is a certified Disability Confident Employer and we are making efforts to become a B Corp certified organisationWellbeing
It's the goal of X-net yo make each employee feel valued and appreciated in their job as the Company believes the best performance of staff is from happy and satisfied staff.
We have a number of employees development and social activities as well as maintaining a good work/life balance .
Pricing
- Price
- £74.80 to £74.80 a unit a month
- Discount for educational organisations
- No
- Free trial available
- No