MTI Technology Ltd

MTI Dell Apex as a Service

MTI provide all Dell products and services under the APEX as a service brand. Including Servers and HCI, Storage, Cyber and Data Protection, Cloud Platforms- Azure, Red Hat, Broadcom/VMware, Red Hat OpenShift,
HPC solutions and custom deployments

Features

• Optimise your IT Infrastructure with a modern consumption model
• Equipment installed in your DC or Co-Lo
• Focus on outcomes not the underlying technology
• Solutions deployed within 30 days of purchase order
• Benefits of private cloud deployed where you need it
• Optional managed services to support Day 2 BAU tasks

Benefits

• Align IT budgets with actual use
• Eliminate the cost of over-provisioning, pay only for consumed.
• Guaranteed performance and availability with Service Level Agreements
• Minimise the burden of technical debt due to legacy infrastructure
• Accelerate time to value of technology initiatives
• Avoid time and risk involved in re-factoring workloads
• Align IT with cloud strategy simply and quickly

£40 to £50 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid@mti.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

986411372333930

Contact

Darren Moyes
01483520200
bid@mti.com

Service scope

• Service constraints: Pre-defined outcomes are available to meet the majority of customer requests. If these are not sufficient, then custom solutions can be created to meet any complex needs
• System requirements: Network connectivity to allow secure remote management

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response time SLA are as follows. The depend on chosen support level, eg 24x7 4hour or Next Business Day; Priority 1 Incidents:; Target response time: 0.5 Hour; Target resolution time: 4 Hour; KPI target: 90%; ; Priority 2 Incidents:; Response Time Target: 1 Hour; Resolution Time Target: 8 Hour; KPI Target: 90%; ; Priority 3 Incidents:; ; Response Time Target: 4 Hour; Resolution Time Target: 16 Hour; KPI Target: 90%; ; For information requests target is Next Business Day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Customers have access to a personalised portal where they can raise issue tickets, review existing issues, and ask for help directly through a web chat link.
• Web chat accessibility testing: None
• Onsite support: Onsite support
• Support levels: MTI offers a range of support options to suit our customers' risk and cost appetite.; Next Business Day is ideal for non-mission critical applications, DR sites, or solutions with highly available configurations where a highly available fault-resilient solution has been defined.; Support coverage can be 9-5 Mon-Fri or 24x7x365; Response times can be a 4-hour on site or less, depending on the solution location.; We can also offer a Support Plus level, which provides quarterly advanced reporting and optimization services.; We also offer a fully managed service where the solutions are patched, maintained, and configured according to best practices with continuous monitoring. This service includes regular service review meetings, which include recommendations for service improvement or enhancement. We also keep our customers abreast of new technologies relevant to their sector to ensure they can stay ahead of their competition.; A Technical Account Manager is part of the team available to support the Apex solution with our customers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The service can be across many varied technologies from storage to server virtualisation to backup and data protection solutions, MTI is able to provide any training the customer may need to fully use the features and functionality of the service.; This can be delivered on-site as an over-the-shoulder guide to operations or through the supply of training courses as required.; Typically customers also opt to take advantage of the MTI Managed Service option which allows the customer to focus on their business applications and let the experts manage the BAU tasks to support the environment.; Wweb based documentation is provided.; The Apex console includes intuitive on-line videos and help pages to allow new users to understand how to provision and manage their platforms.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data extraction capabilities will vary depending on the type of service chosen and will be detailed in any contract.; it is the customer's responsibility to remove any required data at the termination of the service agreement. ; This can be done in a number of ways, e.g., by setting up a new platform and performing local migration using standard techniques, including VMware storage vMotion, etc.; MTI will advise customers on their individual requirements to ensure data removal is timely and low-risk.
• End-of-contract process: An APEX solution configured to the customer's specification will be installed in their chosen data centre. ; Any required data migration services and configuration will be discussed and included during service definition.

Using the service

• Web browser interface: Yes
• Using the web interface: Discover:; Start with the Dell APEX Services catalog to find the technologies that meet your business needs across compute, storage and data protection.; Configure:; Choose service options based on the performance that best supports your desired outcomes.; Deploy and Provision:; You decide how much management you need. Integrate Dell APEX services with your existing tools and teams or let MTI handle more day-to-day operations.; Monitor:; The Console lets you track performance metrics to get a clear view of the health of your service. Reporting and analytics give you the visibility to scale your cloud and infrastructure capacity when you need it.; Optimise:; ​The Dell APEX Console gives you transparency for infrastructure expenses. You can closely align your IT costs to overall business spending to help with capacity planning for the future.; Grow:; Expand your capacity with a simple configuration of As-a-Service offerings across compute, and storage and data protection.; MTI will support the customer with data migrations and any custom requests you may have.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Our goal is for our digital properties to meet Level AA standards, WCAG’s recommended level of compliance.
• API: Yes
• What users can and can't do using the API: Dells API-first approach enables the data and functions across our entire portfolio to be brought together natively in the APEX Console. It also makes our platform open so you can programmatically access its capabilities from your own tools and applications, capitalising on existing investments.; Log into the APEX Console and you see a notification: system health score dipped below normal for an APEX Data Storage Services subscription. Instead of a ticket or Slack to your storage admin (isn’t she on holiday today?), you get a quick digest of what creates the score through the Metrics page in the Console. Need more detail? Click down into a comprehensive dashboard leveraging our monitoring innovations in CloudIQ to needle in on exactly the insights you’re looking for.; any function available through the web interface is accessible via the API.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: APEX storage systems, hybrid cloud HCI and servers are dedicated to a single customer, so there is no possible interaction from noisy neighbours.; ; APEX Backup system is a highly scalable platform delivered as SaaS from AWS, it has advanced auto-scaling capabilities that grow and shrink resources dynamically on demand.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS
  • Other
• Other usage reporting: Teams chat and phone call.; Typically, our customers will be able to see their capacity and performance trending through the provided APEX console, so they will be made aware of any trends that indicate a potential increase in their allocated systems.; During our regular service reviews, performance and capacity trends are analysed, and any recommendations can be made.; If this is trend is likely to continue, extra capacity can be ordered, shipped, and configured before any issues arise.

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Dell Technologies plus other complementary solutions

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • On-premise virtual machines - windows/linux vm etc
  • M365 Email, Teams, SharePoint
  • Google Workspace
  • SalesForce
  • End user devices including laptops and desktops
  • Cloud native workloads Azure vm's and AWS
  • NAS devices
• Backup controls: Fully configurable to the customer's requirements:-; Protect SaaS-based applications ; APEX Backup Services for SaaS apps delivers unified data protection, management and information governance, including automated compliance and legal hold. A single dashboard provides complete visibility across Microsoft 365, Google Workspace and Salesforce.; Through the simple user interface backups for vm's NAS, SQL, Oracle databases etc can be scheduled or performed ad-hoc.; Restores can be directed to be in place or to a new location as desired.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: While the Customer is receiving the Dell APEX Service, the Dell APEX Service will be operational and available to the Customer at least 99.99% of the time in any calendar month. The “Uptime Commitment” is measured as the extent to which the data within the Dell APEX Service is available for use.; Service administration tools are not included in the Uptime Commitment. Customers may be entitled to a Service Credit if Dell does not satisfy the Uptime Commitment. The customer is responsible for initiating any claim for a Service Credit within thirty (30) days from the distribution of the availability report and providing any documentation; reasonably requested by Dell to be eligible to earn a Service Credit. Service Credits shall be Customer’s exclusive remedy for not meeting the Uptime Commitment.
• Approach to resilience: This is available on request
• Outage reporting: Service incidents are viewable via the APEX Portal, and users can be emailed if they desire. Alerts can be configured within the console.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Dell and MTI implement appropriate access controls designed to protect against unauthorised access to the Dell and MTI Management Network. To reduce the risk of misuse, intentional or otherwise, access is controlled following the principles of “least privilege” and “need to know”. Access controls that we may utilise include access reviews, maintenance of service accounts and privileged access to the applications, system level settings for access, and the generation of access related reports.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NSAI
• ISO/IEC 27001 accreditation date: 05/01/2022
• What the ISO/IEC 27001 doesn’t cover: Undisclosed
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27001
  • ISO 9001
  • ISO 14001
  • ISO 45001
  • ISO 22301
  • ISO 20000-1

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: MTI and Dell APEX service follow comprehensive information security policies and processes to safeguard customer data and ensure the integrity, confidentiality, and availability of its services. While the specific details of these security policies and processes may not be publicly disclosed due to security reasons, here are some common practices and frameworks that we follow:-; ISO 27001 Certification; Data Encryption; Access Controls: APEX implements strict access controls to restrict access to its systems and customer data. Role-based access control (RBAC), multi-factor authentication (MFA), and least privilege principles are commonly used to ensure that only authorised personnel can access sensitive information.; Data Segregation: Depending on the solution defined APEX systems keep customer data logically and physically segregated to prevent unauthorised access or data leakage between different customers. This segregation helps maintain data privacy and confidentiality.; Compliance with Regulatory Standards: including GDPR, HIPAA, SOC 2 and others.; Employee Training and Awareness: MTI and Dell APEX teams provide regular security awareness training to their employees to educate them about security best practices, policies, and procedures. This helps mitigate the risk of insider threats and human error.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: MTI checks for security vulnerabilities through source code reviews, web application testing, network security management, input validation checks, Nessus scans, and penetration testing. We use a combination of automated tools and manual analysis to identify potential threats such as SQL injection, Cross-Site Scripting (XSS), and authentication flaws. We also examine the code for inadequate input validation, insecure dependencies, and sensitive data exposure. MTI's testing methodologies are based on industry standards such as the OWASP Top 10 Vulnerabilities. We use various tools and techniques to thoroughly test all areas of the application and ensure that systems are updated the latest patches.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: MTI has an integrated SIEM platform that we use to assess potential threats to the service.; Patches are deployed monthly unless their CVSS score indicates a high risk in which case an accelerated implementation (subject to change control) occurs.; The threat intelligence data comes from various sources, including open-source data feeds and tools such as the Open Threat Exchange (OTX) and VirusTotal, threat intelligence communities like NCSC's Cyber Security Information Sharing Partnership (CISP), commercial intelligence providers, internal MTI intelligence based on incidents detected and investigated across MTI's customer base, and additional commercial threat intelligence feeds.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: MTI identifies potential compromises through various methods, including conducting domain compromise assessments, performing vulnerability management processes, and leveraging threat intelligence feeds. ; If a potential compromise is discovered, we follow specific scopes of testing and provide remediation advice based on leading industry practices. Additionally, MTI collaborates with industry experts and continuously monitors and learns from incident response experience and emerging threats.; MTI SIEM service automatically monitors our systems and locks down user accounts if any unusual activity occurs. If this happens then it triggers activity to further evaluate any potential incident.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: MTI follows the ITIL framework for incident management. We have an incident management process in place to ensure that all incidents are managed consistently. The process includes investigating incidents with skilled resources and resolving them to the satisfaction of the user. The incident management team assists with escalations, correct assignment of incidents, acceptance into resolver queues, managing SLAs, resolving high priority incidents, managing failed SLAs, and assisting the service desk with incident updates and incident reports. MTI has a major incident management process for incidents that meet specific criteria, such as the loss of a business-critical system.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fighting climate change ; ; MTI publishes an annual Quality & Environmental (Q&E) Policy statement, which is aligned to its ISO 9001 & ISO 14001 accreditations and the annual EcoVadis CSR review and accreditation. MTI’s Corporate & Social Responsibility policies integrate our business values and operations to meet our strategic objectives and the expectations of our customers, employees, investors, suppliers, the community and the environment. By putting our CSR into practice, we are committed to conducting ourselves responsibly and in an ethical manner, creating a positive and supportive working environment, supporting local communities, improving service levels to customers, acting fairly and collaboratively with suppliers and other third parties, to deliver solutions that support our environmental objectives. Our Environmental Management System, recognised by independent ISO 14001 Environmental Management certification, incorporates our Environmental Policies and Procedures.Demonstrating our commitment to protecting the environment and sustainability. We undergo regular independent audits to demonstrate our commitment to improvement. Our management review programme and CSR and Environmental Reporting, evaluate and demonstrate our environmental achievements, through measurement of impacts as a result of all business activities, monitoring of reduction targets, achievements against objectives & results from our activities, initiatives and environmental commitments. Our FY2022 focus includes; Zero-Carbon Society: we will strive to achieve zero emissions from our own business activities and encourage carbon neutrality within our supply chain. Through comprehensive energy conservation activities and the use of renewable energy, we aim to reducing our carbon footprint and impact on the environment through reduction of contributions to greenhouse gases (GHGs) and annual CO2 emissions, and support supplier commitments; •Partnering with Tier-1 suppliers who are committed to carbon neutrality, evidenced through annual environmental and sustainability assessment •Commitment form partners/product vendors to commit to supplying packaging with a minimum of 50% recycled content (80% Cardboard) or be entirely derived from sustainable sources.

  Covid-19 recovery

  In response to the COVID-19 pandemic, MTI has implemented thorough in-house technology solutions, allowing over 90% of our staff to be based at home, including the majority of our service delivery staff. This approach provides greater job opportunities across the region without the potential for geographical disadvantage and ensures we have skilled staff locally across the UK to deliver our core services. Where MTI delivers longer-term services to buyers, MTI is committed to sourcing and utilising local suppliers to provide relevant elements of the service and would support running local supplier days to publicise the delivery and give opportunities for local company involvement. MTI recognises that the COVID-19 pandemic presents challenges for graduate employment and is offering employment opportunities for graduates in order to support local students to progress from higher education into jobs utilising their skills and knowledge

  Tackling economic inequality

  MTI has invested significantly in developing in house skills and capabilities in order to provide high-class services across a wide range of technologies and disciplines, with an emphasis on providing a wide range of professional and managed services. Our Internal Development Programmes and individual development plans ensure that all employees are offered opportunities for learning and development and provide skills training for new and existing employees to prepare them for promotions, transfers or new responsibilities. Our development programmes help our employees stretch their capabilities and those of the organisation, upskilling employees through investments in a wide range of skills and product training and development for staff and managers to broaden opportunities. Building a diverse and inclusive workplace has become an imperative part of the all-round growth and development of MTI. Therefore, our HR team takes tangible steps to create a workplace that is committed to diversity and inclusion, including providing career opportunities to support disadvantaged people in the workplace. MTI is registered to the Disability Confident scheme and has agreed to the Disability Confident commitments to provide interventions to increase employment opportunities and retention for people with a long- term health condition or disability to support these people in employment

  Equal opportunity

  MTI recognises our obligations under the Equality Act 2010, Article 119 of the Treaty of Rome, The Race Relations Act, The Employment Equality (Sexual Orientation) Regulations 2003 and The Employment Equality (Religion or Beliefs) Regulations 2003, and The Codes of Practice published by the Equal Opportunities Commission, the Commission for Racial Equality and the European Commission; We are committed to the principle of equal opportunities in employment. We are opposed to any form of less favourable treatment or financial reward through direct or indirect discrimination, harassment, or victimisation of our staff members or job applicants on the grounds of race, religious beliefs, political opinions, creed, colour, ethnic origin, nationality, marital/parental status, sex, sexual orientation, offending past, disability, age, caring responsibilities or social class. We extend protection under this Policy to our suppliers, customers, contractors, and others who are on our premises and, in return, expect all suppliers, customers, contractors and others to behave in the same way towards our members of staff. This policy is intended to assist the organisation in putting this commitment into practice. Compliance with this policy should also ensure that employees do not commit unlawful acts of discrimination. Communicating this policy will be supported by appropriate training, and the effectiveness of this Policy will be monitored on an ongoing basis. No form of intimidation, bullying or harassment will be tolerated. Implementation of this policy will be carried out where necessary by invoking the Disciplinary Procedure. Every employee is required to assist the organisation in meeting its commitment to provide equal opportunities in employment and avoid unlawful discrimination.

  Wellbeing

  The organisation has developed an employee wellbeing policy to manage its obligations to maintain the mental health and wellbeing of all staff. It covers the organisation's commitment to employee health, the responsibilities of managers and others for maintaining psychological health, health promotion initiatives, communicating and training on health issues, the range of support available for the maintenance of mental health, and organisational commitment to handling individual issues.

Pricing

• Price: £40 to £50 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Service Dependant:-; For example, M365 APEX backup service can commence as a fully functional proof of concept to allow buyers to try it with their own data. ; Once you are satisfied that the service meets expectations, you can change the subscription from a free trial to a paid-for version.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid@mti.com. Tell them what format you need. It will help if you say what assistive technology you use.