CSI Limited

IBM Cloud Infrastructure as a service - Power Systems (AIX, IBM i, Linux & i series).

IBM Power Virtual Server (PVS) is an infrastructure as a service offering management up to the operating system OS by IBM. pay-as-you-use billing, provision server capacity on-demand, and customise your server type including OS images. (AIX, IBM i & Linux).

Features

• Hourly and monthly billing - Pay as you go
• Image choices include IBMi, AIX & Linux(SLES for SAP)
• Choose from a range of POWER processors and RAM options
• Choice of dedicated or shared cores
• Available in data centres worldwide inc UK and EU
• Run SAP workloads on high-performance, certified POWER10 servers
• Deploy Red Hat OpenShift (RHOS)
• Supports - ORACLE RDBMS
• Onboarding and Rehost of existing applications

Benefits

• On-demand provisioning of POWER capacity
• Easily archive, manage and serve large amounts of data
• Pay-as-you-go pricing
• Connect to On-Prem solutions to run as a Hybrid configuration
• Ability to leverage IBM Cloud Object Storage
• Include within a Hybrid Cloud configuration
• AIX,IBM i & Linux pay as you consume
• Set up Disaster Recovery
• Set up Test and development

£0.10 a unit an hour

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jennifer.billett@csiltd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

977955591033658

Contact

Jennifer Billett
08001088301
jennifer.billett@csiltd.co.uk

Service scope

• Service constraints: The platform is a 24x7 available service. Any planned maintenance will not impact availability. Access to the service is via RESTful API or the IBM Cloud Portal.
• System requirements: Internet access to reach IBM Cloud portal

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 Urgent - Response in 30 minutes, restoration in 4 hours; P2 - Significant - Response in 60 minutes, restoration in 8 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: CSI provide advanced monitoring, reporting and alerting, access to a first, second and third line service desk, through to a fully managed solutions. Most accounts will be allocated a Technical Account Manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The service is simple and easy to understand. However, CSI provide full support in helping our clients familiarise themselves and ensure successful roll-out of the service. Online training and documentation will also be provided
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: In the vast majority of cases, data remains within the customer's core infrastructure, and is only remotely managed. Where CSI are hosting data, we will work with the customer during the off-boarding process to facilitate extraction of the data.
• End-of-contract process: The principle of the suite of services is to provide insight, support or remote management of the customer's backup infrastructure. Therefore, at the end of the contract, we will disengage and hand responsibility back the customer as per our off-boarding process, which is included within the cost of the contract.

Using the service

• Web browser interface: Yes
• Using the web interface: The web interface allows users to raise questions, incidents and requests. It also gives access to knowledge, databases, forums and comprehensive reporting consoles.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: Interface doesn't comply with EN 301 549 9 as this specifies how much users can zoom, how colour is used, and the contrast of web pages.
• Web interface accessibility testing: Interface doesn't comply with EN 301 549 9 as this specifies how much users can zoom, how colour is used, and the contrast of web pages.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: The architecture of IBM cloud services maintains logical separation of client data. Internal rules and measures separate data processing, such as inserting, modifying, deleting, and transferring data, according to the contracted purposes.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
  • Other
• Other metrics:
  • Host ping and IPMI statistics
  • Automated reboot for monitoring failure
  • 25x7x365 NOC monitoring
  • LDAP response monitoring
  • DHCP response
  • Performance monitoring
  • DNS Response
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: IBM

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual machine images
  • Files and databases
• Backup controls: Standard services are available for backup via the softlayer.com website and the customer portal. Including R1-Soft and E-Vault.; Customers can also use their own backup tools within the IBM Cloud environment.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery: Users can recover backups themselves, for example through a web interface

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: CSI provide an SLA of greater than 98% backup success rate, with a 5% service credit if we are unable to meet this SLA.
• Approach to resilience: CSI have ensured their service delivery is resilient in terms of site loss and component failure.
• Outage reporting: Email Alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Each user can have policy-driven profiles applied to govern their level of access.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 27/03/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: NCC Group Security Services Ltd
• PCI DSS accreditation date: 01/04/2024
• What the PCI DSS doesn’t cover: N/A
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: CSI subscribe to and actively embrace ISO 27001. Our internal auditing process and the annual external audits ensure that the policies are being followed. Any breach of our information security policy is logged and escalated to the information security officer for a full and thorough review

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: As a service provider,CSI have a mature change-management process, which includes risk analysis, roll-back plans, and approval and verification steps.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: CSI subscribe to multiple threat-alert channels through our security partners and vendors. Critical patching will be completed within 3 days. Routine patching is completed on either a monthly or quarterly cycle.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: CSI use regular vulnerability scans and penetration testing to identify potential compromises which will be addressed as soon as commercially reasonable.
• Incident management type: Undisclosed
• Incident management approach: Our incident management process is based on ITIL and has been refined over the many years of CSI being a service provider. Individual incidents are addressed and closed. Multiple incidents can trigger a problem management process. Major incidents will generate a incident report.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: VMware
• How shared infrastructure is kept separate: Virtualisation technology used to keep applications and users sharing the same infrastructure apart

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: CSI provide a TCO Tool which provides the output on cooling requirements to make sure that the energy requirements are optimised.

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Along with our customers and carefully selected partners, environmental responsibility is extremely important to CSI when making our own decisions on platform choices and system purchases – IT sustainability is also being factored into our choice of sustainable infrastructure for our clients to deliver to their own ESG ambitions. ; ; Data centre consumption of energy, greenhouse gas emissions and managing e-waste are all considerations. The CSI Power10 environment shows considerable reductions in energy consumption to over 50% from our old IBM Power8 estate. The IBM Power10 system have been designed to deliver high performance with a reduced environmental impact. Over 97% of IBM Power server components are reused or recycled at the end of life. ; ; CSI are ISO 14001 accredited. CSI are committed to a programme of management, continuous improvement and reporting of our direct/ indirect impacts, which mark our contribution to improving the world in which we live. ; ; We recognise that our business activities have direct and indirect impacts on the societies in which we operate. We endeavor to manage these in a responsible manner, believing that sound and demonstrable performance in relation to corporate social responsibility policies and practices is a fundamental part of business success. ; ; Examples of our activity in this area are: ; • Webcasts to deliver All Employee meetings to avoid excess travel ; • Turn off all lights and PC monitors at night ; • Corporate functions at venues that support sustainable environments ; • Double sided printing set as default ; • New marketing material produced on material sourced from sustainable sources ; • Support of remote/flexible working – enabled reduction in office space

  Covid-19 recovery

  We are also committed to making a sustainable positive impact on the communities in which we operate. We aim to make a distinctive contribution to inequality and social development through the establishment of effective partnerships and programmes that make the best use of the energies and skills of our employees.; We support our employees in fundraising for charities and voluntary work, recognising both the benefit to the community and to the employees themselves

  Equal opportunity

  CSI aim to provide equal opportunities and avoid discrimination in all aspects of employment and to ensure that the talent and skills of all individuals are maximised. Our approach applies to recruitment, terms and conditions of employment (including pay), appraisals, promotion, disciplinary and grievance procedures and training.; ; The policy applies to employees, officers, agency workers, casual workers, consultants and self-employed contractors.; ; Part-time and fixed-term staff shall be treated the same as comparable full-time or permanent staff and enjoy no less favourable terms and conditions (pro rata where appropriate), unless different treatment is justified.

  Wellbeing

  The Company proactively supports Remote workers who are affected by time management and social isolation issues by:; a) regular one-to-one meetings between remote workers and their line managers; b) regular meetings between remote workers and their co-workers; networking, training, etc.; c) regular visits to their designated office; d) providing access to secure Company resources, e.g. CRM, SharePoint, Concur and BambooHR; e) providing access to Company communication tools such as Microsoft Teams, Microsoft Outlook and Yammer ; f) providing access to helplines for support with software problems and equipment failures; g) providing online meetings or virtual discussion forums; h) including remote workers in social activities, along with company newsletters and updates

Pricing

• Price: £0.10 a unit an hour
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jennifer.billett@csiltd.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.