Colt DIA

Service scope

Service constraints: None
System requirements: None

User support

Email or online ticketing support: Email or online ticketing
Support response times: The Colt service desk can be contacted 24-7-365 by telephone.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: We provide various support levels depending on customer request. More information can be found in our SLA.
Support available to third parties: No

Onboarding and offboarding

Getting started: We provide a handover document
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: At the end of the contract, the customer information is removed, and the connectivity is terminated.
End-of-contract process: The service will continue to operate out of contract. In case of an explicit cease by the customer, it will be de-commissioned, billing ends, a final invoice will be sent.

Using the service

Web browser interface: Yes
Using the web interface: Customer will access the web based Control Centre that is a free, secure, self-service portal
Features within this Portal :
* Manage your products and services
* Check order status
* View, analyse, and pay bills; manage paperless billing
* Review performance metrics for your Colt services
* Submit and manage repair tickets
* Create and manage alerts for billing, ticketing, scheduled maintenance
Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
Web interface accessibility testing: Admin: Create and manage secure profiles for your enterprise users; customize views for your users (by account, product, or function); manage accounts
Services: Access and manage your services, view order status, manage orders, request changes
Monitoring: Monitor the health of your network by using our robust reporting options; run usage reports for voice services
Billing: View invoices and CSR data online; sign up for paperless billing; run billing reports
Support: Create and monitor repair tickets, configuration requests, and other tickets; communicate with your technician through work log notes; request circuit tests; view scheduled maintenance events
API: No
Command line interface: No

Scaling

Scaling available: Yes
Scaling type: Manual
Independence of resources: The network is capacity managed, so capacity is increased if utilisation breaches the thresholds
Our users experience and quality of service is covered by our SLA.
Usage notifications: No

Analytics

Infrastructure or application metrics: No

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: Other locations
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402

Physical access control, complying with another standard
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: A third-party destruction service

Backup and recovery

Backup and recovery: No

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: TLS (version 1.2 or above)

Legacy SSL and TLS (under version 1.2)

Other
Other protection within supplier network: Colt will protect the customer data by using various mechanisms at different levels depending upon the complexity and protection levels, this includes but not limited to; physically and logically isolating the data with the environment, SAN zoning at the storage layer, Firewall policies and Access Control Lists (ACL) at the network layer, Multi-Factor Authentication, Physical Access controls, Change Control, etc.. Further details can be provided upon request.

Availability and resilience

Guaranteed availability: Colt offer a full and comprehensive SLA for all our services. Details of the SLA for Colt DIA can be found in the the attached "Lot 1 - Colt DIA - Terms & Conditions.doc" file.
Approach to resilience: Available on request
Outage reporting: Email alerts

Identity and authentication

User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Limited access network (for example PSN)

Dedicated link (for example VPN)

Username or password
Access restrictions in management interfaces and support channels: Not Applicable
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Limited access network (for example PSN)

Dedicated link (for example VPN)

Username or password
Devices users manage the service through: Dedicated device on a segregated network (providers own provision)

Dedicated device on a government network (for example PSN)

Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: Between 1 month and 6 months
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: Between 1 month and 6 months
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: Schellman
ISO/IEC 27001 accreditation date: 30/06/2017
What the ISO/IEC 27001 doesn’t cover: N/a
ISO 28000:2007 certification: No
CSA STAR certification: Yes
CSA STAR accreditation date: 29/06/2015
CSA STAR certification level: Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover: N/a
PCI certification: Yes
Who accredited the PCI DSS certification: Schellman
PCI DSS accreditation date: 25/10/2017
What the PCI DSS doesn’t cover: Specific customer environments – The certification is of Colt's vendor as a service provider. The ROS and AOC are available on request.
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: PSN Customer Certified

PSN Supplier Certified

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001

Other
Other security governance standards: Colt maintains Cyber Essentials +
Information security policies and processes: Multiple policies and standards support the ISO27001 ISMS and available to employees and are referenced in the annual security awareness training process for all employees.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: The change management process requires that all assets are identified and aligned with the colt asset database along with ensuring that the criticality of assets are defined.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Colt maintains scanning for vulnerabilities of all of its different asset types and can deploy critical patches within 48 hours. Threat information is supplied commercial companies, vendors, government and regulatory agencies
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Systems (e.g., servers, applications, databases) maintain internal controls for auditing, tracking, and personal accountability. Security logs for high-risk systems are sent to the centralized log monitoring system or Security Incident and Event Management (SIEM) system for continuous systematic review of anomalous behaviour and compliance reporting. Response to critical incidents is progressed on a real time basis.
Incident management type: Supplier-defined controls
Incident management approach: Colt maintains an incident management process that takes logging events and various threat detection and prevention systems that are strategically placed within the corporation to inspect network traffic for malicious activity. These two methods combined provide the basis for the CIRT Program to gain visibility throughout the enterprise environment to detect cyber threats and respond accordingly.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

Energy-efficient datacentres: Yes
Description of energy efficient datacentres: Colt is committed to incorporating environmental sustainability principles and practices throughout our operations as we work to serve our customers and our communities. We demonstrate this commitment by establishing long-term greenhouse gas (GHG) emissions reductions targets, purchasing renewable energy to power our network and facilities in EMEA, operating certain facilities according to ISO 14001 certified Environmental Management Systems and/or ISO 50001 certified Energy Management Systems, implementing waste minimization, re-use and recycling initiatives, and by effectively managing our environmental compliance obligations globally. All the data centres managed under the ISO50001 EMS are also supported under the EU Code of Conduct Our global climate change mitigation efforts resulted in being listed on the Carbon Disclosure Project (CDP) “A-list” for the 2017 emissions year (former Level 3 Communications footprint only). Additionally, CenturyLink has achieved its current long-term (2024) carbon-intensity target, met 78% of our absolute emissions target, and met 66% of the GHG reductions associated with our 2025 SBTI-approved science-based target (SBT is for former Level 3 Communications footprint only).

Social Value

Fighting climate change
Covid-19 recovery
Tackling economic inequality
Equal opportunity
Wellbeing

Fighting climate change

Climate change is a key pillar of our corporate sustainability strategy. As a large company with worldwide activities, we want to lead by example when working with our suppliers, partners, customers and communities to reduce our impact on the environment. In 2023, Colt Group received approval from the SBTI for our updated near-term science-based target (SBT). These targets are now set on a baseline that includes Well-To-Tank (WTT) emissions for relevant Scope 3 categories and splits the emissions by two different entities: Colt and Colt DCS. We also submitted a long-term net-zero target for 2045, aligned to the new SBTi net-zero standard.

Colt Group's main initiatives to achieve our net-zero target include committing to procure renewable power and achieve 100% Scope 2 renewable electricity for all sites globally by 2030. We will reduce indirect emissions by finding alternatives to travel and encourage colleagues to choose better travel options for the environment. We are also decarbonising our in-house fleet through electrification and investing in green innovations such as Carbon Capture and Storage, as well as focusing on circularity initiatives to reduce waste within our network. We run a dedicated supplier programme covering a wide ESG agenda with a special focus on our top suppliers in terms of emissions. To achieve our Scope 3 target, we have committed to engage with 93% of our suppliers by emissions (covering purchased goods and services and capital goods) to set Scope 1 and 2 science-based targets approved by Science Based Target Initiative (SBTi) by 2025.

Colt Group's current targets do not include the Lumen EMEA assets acquired in 2023: The acquisition has been finalised and we are in the process of integrating teams and their data. The integration of data and subsequent resubmission of Science Based Targets is planned in 2024/25.

Covid-19 recovery

Colt was very proactive in supporting customers during the Covid-19 epidemic and has continued to support customers and employees during the subsequent recovery phase.

Tackling economic inequality

Colt’s Diversity, Equity & Inclusion (DEI) strategy is to build an innovative, great and inclusive place to work. We have four DEI pillars:

• Governance & Impact - Ensure we have the governance in place to deliver on our inclusion goals and we collaborate for wider impact that we develop our leaders as inclusive role models.
• Leadership & culture – develop our leaders as inclusive role models and drive an inclusive culture where we can harness diversity of thought for greater success.
• Diverse Representation - Improve the diversity of our workplace, ensuring we represent the communities that we serve.
• Equitable Business Practices - Employ equitable business practices that improve the employee experience and affect positive change in the wider world.

Our Global Diversity, Equity & Inclusion policy makes our approach clear and explains our governance structures and our commitment to equal opportunities. It also outlines our zero tolerance approach to discrimination, bullying and harassment. One of the ways we ensure equal opportunities is by building inclusion into our people processes from the beginning. We have worked to make our recruitment process more inclusive by introducing a tool to reduce bias in language used in job adverts. We’ve also introduced training for hiring managers and checklists to be used to mitigate bias when hiring. We also raise awareness of bias during other people process such as performance management and make clear how managers need to be aware and mitigate for bias by inviting diverse thoughts and positive challenge from their peers.
In addition, we have a five year strategy to improve accessibility within the company – both physical and digital accessibility. This also covers how we communicate and our employee and customer journeys. This is available publicly on our website

Equal opportunity

Colt’s Diversity, Equity & Inclusion (DEI) strategy is to build an innovative, great and inclusive place to work. We have four DEI pillars:

• Governance & Impact - Ensure we have the governance in place to deliver on our inclusion goals and we collaborate for wider impact that we develop our leaders as inclusive role models.
• Leadership & culture – develop our leaders as inclusive role models and drive an inclusive culture where we can harness diversity of thought for greater success.
• Diverse Representation - Improve the diversity of our workplace, ensuring we represent the communities that we serve.
• Equitable Business Practices - Employ equitable business practices that improve the employee experience and affect positive change in the wider world.

Our Global Diversity, Equity & Inclusion policy makes our approach clear and explains our governance structures and our commitment to equal opportunities. It also outlines our zero tolerance approach to discrimination, bullying and harassment. One of the ways we ensure equal opportunities is by building inclusion into our people processes from the beginning. We have worked to make our recruitment process more inclusive by introducing a tool to reduce bias in language used in job adverts. We’ve also introduced training for hiring managers and checklists to be used to mitigate bias when hiring. We also raise awareness of bias during other people process such as performance management and make clear how managers need to be aware and mitigate for bias by inviting diverse thoughts and positive challenge from their peers.
In addition, we have a five year strategy to improve accessibility within the company – both physical and digital accessibility. This also covers how we communicate and our employee and customer journeys. This is available publicly on our website

Wellbeing

At Colt we prioritise the wellbeing of our employees by offering a comprehensive range of initiatives and support systems. In every country where we operate, we provide an Employee Assistance Programme to ensure that our employees have access to confidential counseling and support services when needed. Additionally, we have established a global network of Mental Health First Aiders who are trained to provide initial support and assistance to colleagues facing mental health challenges. Moreover, our Health & Safety team works diligently to maintain safe working environments and provide essential training, including rolling out first aiders to all of our offices. Working in tandem with our Business Continuity team, we are committed to maintaining operational resilience and ensuring continuity of support even in challenging circumstances. Guided by a global wellbeing policy, our organisation fosters a culture of support and inclusivity, with resources, information, and educational materials available through our Wellbeing Academy and intranet page. We empower employee networks and global employee ambassadors to lead wellbeing-related events, sessions, and initiatives, fostering a culture of support and inclusivity within Colt. Furthermore, our CSR team is committed to giving back to the communities we operate in, ensuring that our impact extends beyond the workplace. Together, these initiatives demonstrate our commitment to creating a healthy, supportive, and socially responsible environment for all our employees.

Pricing

Price: £0.20 to £11 a megabyte a month
Discount for educational organisations: No
Free trial available: No

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Pricing

Service documents

Cookies on Digital Marketplace

Colt DIA

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Social Value

Pricing

Service documents