Specialist Computer Centres plc

SCC Cloud Consumption

Our Cloud Consumption service provides billing management for cloud-based infrastructure services provided from supported public cloud vendors, including Microsoft Azure and AWS.
SCC also offer customers the options of a full tooling suite and Managed Services, enabling customers to raise tickets with Cloud Vendors without purchasing a support-package from them.

Features

• Unified Billing Dashboard
• Assistance purchasing Reserved Instances
• Cost to date
• Projected monthly spend
• Budget Management
• Top Spenders
• 24/7 support from certified cloud engineers
• Manage spend through smart dashboards and alerting.

Benefits

• Flexible, Efficient Service for both Azure and AWS
• Eliminate Management Overheads and reduce hidden Management Costs
• Relevant and Effective billing advice from Azure certified experts
• Dashboard supports efficiency and management of cloud spend
• Best in Industry support for platform level issues

£0 to £2,000 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworksales@scc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

976079232807851

Contact

Warren Strain
01217667000
frameworksales@scc.com

Service scope

• Service constraints: As per Microsoft's and AWS's publically published service descriptions
• System requirements:
  • Turbonomics is provided access through a subscription account
  • SCC will configure this access
  • For AWS, in order to discover RI utilization
  • Turbonomics will need access to the S3 bucket that contains
  • The AWS Cost and Usage report.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: SCC can offer different service levels to match individual customer requirements
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: SCC can offer technical support via a service desk available 24/7
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of the onboarding of the service SCC will work with each customer to ensure the service meets their requirements
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Customers will be provided reports regularly during the service and can request that these reports are resent at any time. At the end of the contract SCC can provide the customer with the cost optimisation reports from across the term of the service upon request.
• End-of-contract process: At the end of the contract access to the service will be removed and related support services withdrawn.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Services in scope for cost and performance optimisation will run on the Azure and AWS hyper-scale public cloud services. Customer environments are logically segregated to prevent unauthorised access as per Microsoft and AWS's documentation.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics: Monetary Consumption Metrics
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: AWS, Azure

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: SCC providers services built using Microsoft Azure and AWS, therefore the data at rest is capabilities are as per their documented controls.
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Applications
  • Configurations
  • Files and folders
  • Machine Image
• Backup controls: Backup schedules are agreed as part of service design and may be provided using native backup functionality or 3rd party applications. Backup schedules and retention periods can be changed as part of standard change process.
• Datacentre setup: Single datacentre
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: We are presenting Azure and AWS hyper-scale public cloud services. Customer environments are logically segregated to prevent unauthorised access as per Microsoft and AWS's documentation. SCC can provide additional layers of network security between customers applications to meet additional security needs. SCC can additionally provide Wide Area Network (WAN) links from customer sites to hosted public cloud platforms.

Availability and resilience

• Guaranteed availability: Availability guarantees vary depending on platform (AWS or Azure) and between services on each platform. Please refer to the relevant Microsoft and AWS documentation for availability guarantees
• Approach to resilience: SCC works with its customers to understand availability and recovery time requirements (including disaster recovery requirements). As part of technical design phases we tailor hosted solutions to meet these defined needs.
• Outage reporting: SCC will provide reports to customers on a period basis for any SLA breaches, where a customer has procured Major incident Management then SCC will contact customers for any P1 outages as soon as possible.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: SCC has processes in place to authenticate named users from the customer to access its support channels. ; ; Both AWS and Azure provide identity and access management capabilities to enable you to manage access to their cloud portals. Using their solutions you can segregate duties and grant only the amount of access to users that they need to perform their jobs.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 06/07/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All our security policies are aligned to and certified to ISO 27001:2013. All policies are reviewed annually for relevance and accuracy and to ensure the policies are up to date with technology and current legislation and signed off by the SIRO.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Azure has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines including ISO 27001, SOC 1 / SOC 2, NIST 800-53, and others.; ; Changes to AWS services and features follow secure software development practices, including security risk reviews prior to launch. Developer access to production environments is via explicit access system requests, subject to owner review and authorisation.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Microsoft Azure employs sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacenter edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause.; ; AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage.
• Incident management type: Supplier-defined controls
• Incident management approach: Microsoft has developed robust processes to facilitate a coordinated response to incidents. ; • Identification; • Containment; • Eradication; • Recovery; • Lessons Learned; ; AWS adopts a three-phased approach to manage incidents:; 1-Activation and Notification Phase; 2-Recovery Phase ; 3-Reconstitution Phase

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: The service is built upon industry standard components and services ensuring segregation of customers.; ; Customer environments are logically segregated, preventing users and customers from accessing unassigned resources. Customers maintain full control over their data access. Services which provide virtualised operational environments to customers, ensure that customers are segregated and prevent cross-tenant privilege escalation and information disclosure via hypervisors and instance isolation.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: AWS is committed to running our business in the most environmentally friendly way possible. In addition to the environmental benefits inherently associated with running applications in the cloud, AWS has a long-term commitment to achieve 100% renewable energy usage for our global infrastructure footprint. Today, AWS offers customers five AWS Regions that are carbon-neutral: • US West (Oregon) • AWS GovCloud (US-West) • EU (Frankfurt) • EU (Ireland) • Canada (Central); ; For Microsoft: Please see https://www.microsoft.com/en-us/environment/energy

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Sustainability is central to SCC’s operations and embedded into our business. Our defined carbon reduction targets are externally reported in our Carbon Reduction plan via the Carbon Disclosure Project.

  Covid-19 recovery

  SCC’s products, services and solutions can help facilitate and implement new ways of working for our customers. Through our propositions, additional health, wellbeing and agile working benefits can be achieved.

  Tackling economic inequality

  SCC provides employment and training opportunities, are members of the Disability Confident Scheme and supporters of the Armed Forces Covenant. Working with our supply chain we promote collaboration and diversity.

  Equal opportunity

  SCC is an inclusive employer with various initiatives to support, engage and develop our employees. We promote supply chain diversity and have mechanisms in place to manage modern slavery risks.

  Wellbeing

  SCC has a range of health and wellbeing activities available for our employees to access. Our volunteering programme and charity partnerships help facilitate and deliver a range of community benefits.

Pricing

• Price: £0 to £2,000 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworksales@scc.com. Tell them what format you need. It will help if you say what assistive technology you use.