Lot 1 Service Specification MANAGED SECURITY SERVICES
|
|
- Bennett Bradley
- 8 years ago
- Views:
Transcription
1 Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013
2 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services across the private and public sectors. We bring real experience forged by over 40 years of delivering secure information services to a wide customer base including UK government departments and FTSE250 companies. Fujitsu provides essential security capabilities to its customers, supporting their drive to protect information assets in the face of emerging strategic and operational business challenges. We are a critical component of our customers approach to their regulatory and legislatory demands, assisting them in managing their information security risks flexibly and effectively. Fujitsu takes responsibility for the ongoing management of specific security capabilities on behalf of customers. We use market leading security products and expert professional services to support the assessment of risk, define requirements, provide technical and service design and architecture, as well as ensuring effective deployment and operation of the Managed Security Services (MSS). Our broad range of MSS can provide defence-in-depth solutions ranging from network protection technologies such as firewalls, web security and intrusion prevention systems, through to host encryption services and endpoint protection services (e.g. anti-malware and anti-spam). All our services give customers the 24x7 cover needed. DELIVERABLES The Managed Security Services that Fujitsu provide include: Boundary Protection Managed Firewall Services and Intrusion Detection / Prevention Systems (IDS/IPS) that provide protection against unauthorised access to critical information assets and monitor/block network traffic for malicious activity providing security alerts for analysis and remediation. Web and Security Protects against: Web-based threats and malicious code as well as enabling the filtering of web content Inbound and outbound threats including spam, malware, phishing etc. Security Information and Event Management (SIEM) Provides real-time visibility of risks, threats and critical operations issues that are otherwise undetectable in any practical way. This enables the customer to detect and swiftly respond to: Sophisticated intrusions Insider threats Fraud Compliance violations Disruptions to IT Services Many other critical events. SIEM underpins security compliance (including PCI DSS and CESG Good Practice Guide 13) as well as enabling retrospective analysis to support security investigations. Endpoint Protection and Encryption Ensures consistent endpoint protection across the enterprise to meet malware threats. The service can include: Anti-Virus and Anti-Spyware, application and device control, desktop firewalls, host intrusion prevention, network access control and endpoint encryption. Data Loss Prevention (DLP) Protects brand and reputation through the enforcement of defined policies to mitigate the risk of sensitive data loss and also to report on compliance requirements. Page 2 of 7 Fujitsu Services Limited, 2013
3 Vulnerability Management Scans the IT infrastructure to identify, prioritise and report any known vulnerabilities, which can then be used to drive the remediation activity and enhance the protection of critical information assets. ON-BOARDING AND OFF-BOARDING PROCESSES/SCOPE On Boarding Fujitsu s approach would be work with the G Cloud Customer to define the detailed requirements, which would then be used to derive a quotation and agreed scope and delivery approach. Fujitsu s on-boarding process has five overarching phases: Define the scope Discover: conduct a detailed analysis of the current estate Design the new infrastructure based on definition and discovery Develop the solution Deploy and release The approach is underpinned by the following key components: Project/programme management activities aligned to PRINCE2/Managing Successful Programmes (MSP) Robust change management Externally verified risk management processes Active security management Staged approach with formal entry and exit criteria controlling stage progression. Once transitioned into service, the Managed Security Services would be supported from our Security Operations Centre Off Boarding Fujitsu will work with the G Cloud Customer to define the scope and timescales required as part of the Off Boarding. The approach to off boarding will ensure an orderly transition of the transferring services to the replacement supplier. A key priority for Fujitsu in any service exit event is maintaining the contracted levels of service for the remaining period of the Term. As such, Fujitsu would look to work with the new incoming supplier to: Agree a strategy for exit arrangements that is cost effective and risk adverse to maintain the integrity of the service Agree the commercial terms of the exit of Fujitsu with the Customer Agree the new supplier s transition timescales, with the aim of ensuring a seamless transfer of services. Page 3 of 7 Fujitsu Services Limited, 2013
4 SERVICE LEVELS The response and target fix times provided for the Fujitsu Managed Security Services are outlined below. Term Technical Response Time Incident: Severity 1 30 minutes 4 hours Incident: Severity 2 1 hour 8 hours Target Fix Time Incident: Severity 3 4 hours 16 hours Incident: Severity 4 1 day 3 days SERVICE CREDITS N/A SERVICE MANAGEMENT The Fujitsu Managed Security Services are operated under an ITIL-aligned, ISO/IEC compliant service management framework. Fujitsu will implement and maintain the agreed policies for the MSS and any changes to the policies shall be managed through the Managed Service Change process. The MSS shall contain the following principal elements: Incident Management Problem Management Change Management Release Management Configuration Management Service Level Management Quality Management Availability and Capacity Management Service Continuity Management Continuous Improvement Third Party Management, where required. Fujitsu s SOC will react to security incidents using the following approach: Event Analysis Upon detection, events which impact on security shall be analysed to ascertain whether they need to be upgraded to a Security Incident for further action Security Incident Categorisation If the event is defined as a Security Incident, it shall be categorised considering the cause, priority, potential impact and the urgency of response Security Incident Response The security analysts, resolver groups and service management team, plus identified Customer stakeholders as defined within the overarching Service Design and communications plan, shall agree on the most appropriate course of action. When a course of action has been implemented, its effectiveness in resolving the incident shall be assessed so that if the chosen course of action is not effective, further course/s of action can be taken. The Security Incident shall be tracked to resolution Post Incident Analysis - After each Security Incident, post incident analysis shall be undertaken to: Ensure that the conduct of the investigation was appropriate Consider lessons identified, where conduct of the investigation could be improved Ensure that all mitigating actions have been taken Page 4 of 7 Fujitsu Services Limited, 2013
5 PRICING As an indicative cost for one of the Managed Security Services that Fujitsu could provide: There would a fixed charge of 15,673 for the provisioning activity for a new High Availability Security fully managed service including requirements definition, design, build, install and test (excluding hardware, licensing and vendor support, which will be defined and agreed as part of the requirements definition) for up to 10,000 users. Should any additional effort be required in order to complete work or carry out additional work which is out of the scope of this Service Definition then such additional effort and any applicable charges will be agreed by both parties in the form of a new statement of work. There would also be a charge of 28,743 per annum for the ongoing management of the service. (Indicative cost for typical service). These charges are exclusive of Value Added Tax (VAT) and any other applicable sales taxes. Customer agrees to pay amounts equal to any VAT or other levy. Detailed requirements would need to be defined and agreed prior to a formal quotation being provided to the Customer. ORDERING AND INVOICING PROCESS The Customer will be invoiced for the Charges on completion of the set up and provisioning of the Managed Security Service and then monthly in arrears for the ongoing management of the service. When remitting payment, the Customer will include the applicable Fujitsu invoice that the payment applies to. INFORMATION ASSURANCE Fujitsu s Managed Security Services are provided from an ITIL aligned ISO certified support organisation and Fujitsu provides Managed Security Services from its Security Operations Centre to a number of Public Sector customers up to and including IL4. LEVEL OF BACKUP/RESTORE AND DISASTER RECOVERY Fujitsu will retain configuration back-up to enable rebuild/restoration in the event of failure/fault. Fujitsu s standard environment platform backup processes shall be utilised and tested. DATA RESTORATION / SERVICE MIGRATION Fujitsu has extensive experience of transitioning services. Transition of services will include definition of the scope, detailed analysis of the current estate and the definition of the required activities as part of an overarching transition plan to ensure that services are assured during the transition phase. TRAINING N/A DETAILS OF ANY TRIAL SERVICE AVAILABLE N/A SERVICE CONSTRAINTS Each of the respective Managed Security Services has specific service constraints. These shall be provided as part of the process of producing a definition of requirements. MINIMUM AND MAXIMUM TERMS There is a minimum term of 12 months. TERMINATION TERMS The Customer or Fujitsu may terminate a Managed Security Service (MSS) by giving not less than ninety (90) days notice to the other party. Page 5 of 7 Fujitsu Services Limited, 2013
6 Should the Customer decide to terminate the service, termination fees shall apply, which will be detailed as part of the contract and will be dependent upon the specific MSS being subject to termination. Additionally, should the Customer terminate a MSS, the Customer shall be liable for any Software Licensing or Hardware support costs that arise as a result of the early termination. CONSUMER RESPONSIBILITIES Successful delivery of the Fujitsu Managed Security Service is subject to the following dependencies upon the Customer: The Customer shall maintain the applicable Customer Security Policy regarding the MSS Advise Fujitsu prior to any security testing The Customer shall notify Fujitsu of potential Security Incidents via the Service Desk using the agreed method of incident logging The Customer shall ensure that all Security Incidents are logged with all of the required details of the Security Incident The Customer shall use all reasonable endeavours to ensure that it does not report incidents under this agreement which relate to equipment and services that is not within the scope of the Support Services Software components deployed onto servers for log file collection (for example agents) may require certain prerequisite patches and applications to be installed The Customer will provide Fujitsu with access to the equipment for the purpose of undertaking its obligations as described herein The Customer shall utilise the Fujitsu-provided software in accordance with the prevailing licence terms. TECHNICAL REQUIREMENTS As part of the definition of the Managed Security Service (MSS) requirements with the G Cloud Customer, Fujitsu shall define the technical requirements, which will be dependent upon the specific MSS to be delivered, and document and agree them with the Customer. SERVICE CONSTRAINTS Fujitsu shall not be liable for Customer s take up, non-take up or other discretionary use of the information provided by Fujitsu or of any of the recommendations or options generated from the Service and activities under this Service Definition. Page 6 of 7 Fujitsu Services Limited, 2013
7 DEFINITIONS Any terms used in this Service Specification have the meaning assigned to it by the Fujitsu Cloud Service Agreement Terms and Conditions. Additional terms used have the meaning assigned by this paragraph. In the event of any conflict between the terms of this Service Specification and the other documents that comprise the Agreement, the provisions of this Service Specification shall prevail. Table 1: DEFINITIONS Definition CESG Good Practice Guide 13 IDS/IPS MSS PCI DSS Security Incident Service Design SOC Meaning HMG security guidance on Protective Monitoring Intrusion Detection Systems / Intrusion Prevention Systems Managed Security Service Payment Card Industry Data Security Standards The outcome of the analysis of security events which are not part of standard operation and/or may cause a breach of security policy. Defines how the Managed Security Service integrates with the wider service management framework. Security Operations Centre SERVICE EXCLUSIONS The following elements are not included or applicable as part of the offered Service and are therefore not included within this Service Definition: Hardware and software plus ongoing licensing and support. These would need to be defined as part of the initial requirements definition with the Customer. Page 7 of 7 Fujitsu Services Limited, 2013
Service Definition Document
Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)
More informationLot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES
Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Business Process Management
More informationSERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open
SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this
More informationAgilisys G-Cloud Service V
Agilisys G-Cloud Service V Service Definition Endpoint Management Lot 1 Infrastructure as a Service (IaaS) April 2014 At Agilisys we deliver success through innovation working with our clients to transform
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationMarval Software Limited. G Cloud iii Framework Service Definition
1 Marval Software Limited G Cloud iii Framework Service Definition Page 1 of 9 2 Contents An overview of the Marval Service Management (MSM) Software Solution... 3 Information assurance Impact Level (IL)
More informationAberdeen City Council IT Security (Network and perimeter)
Aberdeen City Council IT Security (Network and perimeter) Internal Audit Report 2014/2015 for Aberdeen City Council August 2014 Internal Audit KPIs Target Dates Actual Dates Red/Amber/Green Commentary
More informationSoftware as a Service (SaaS) Online HR
Software as a Service (SaaS) Online HR Contents Service Definition... 3 An overview of the G-Cloud Service... 3 Key Service Attributes... 4 Information assurance... 4 Details of the level of backup/restore
More informationPROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION
PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION 15 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Protective Monitoring...3 2.2 Service Description...4 2.3 Scenario: Basis for
More informationSecure Remote Backup (IL3) G-Cloud Lot3 IaaS
Secure Remote Backup (IL3) G-Cloud Lot3 IaaS Contents Service Definition... 3 An overview of the Remote Backup as a Service... 3 Key Service Attributes... 4 Information assurance... 5 Details of the level
More informationADVANCED THREAT DETECTION G-CLOUD SERVICE DEFINITION
ADVANCED THREAT DETECTION G-CLOUD SERVICE DEFINITION 14 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Advanced Threat Detection Service...3 2.2 Service Description...4 2.3 Scenario: Basis
More informationCASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES
CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES PROTECTIVE MONITORING SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something
More informationSolution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.
Service Solution Overview Online Backup per TB model Databarracks fully managed online backup solution uses the Asigra software to back up and protect both physical and virtual environments. Housed in
More informationGPG13 Protective Monitoring. Service Definition
GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights
More informationNOS for Network Support (903)
NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part of this
More informationBusiness Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:
Module Db Technical Solution Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Cost is reduced through greater economies of scale, removal of duplication
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationLet us take care of your protection so you can focus on your business.
Let us take care of your protection so you can focus on your business. An award-winning answer to protecting the critical parts of your business that won t break the bank... What s not to like? Cost effective
More informationCloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open
Cloud Enablement Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part
More informationPSN Protective Monitoring. Service Definition
PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationPCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
More informationWe are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review
We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business
More informationFirewall Administration and Management
Firewall Administration and Management Preventing unauthorised access and costly breaches G-Cloud 5 Service Definition CONTENTS Overview of Service... 2 Protects Systems and data... 2 Optimise firewall
More informationG-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)
G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) Service Definition 6th October 2015 TABLE OF CONTENTS VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) 3 SERVICE SUMMARY
More informationAmazon Relational Database Service (RDS)
Amazon Relational Database Service (RDS) G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationJOB DESCRIPTION CONTRACTUAL POSITION
Ref #: IT/P /01 JOB DESCRIPTION CONTRACTUAL POSITION JOB TITLE: INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) SECURITY SPECIALIST JOB SUMMARY: The incumbent is required to provide specialized technical
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 2.1, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating
More informationSecurity April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services
Security April 2015 Secure cloud solutions with guaranteed UK data sovereignty. Solving the data security challenge with our enhanced private and hybrid cloud services This paper enables discussion around
More informationService Management and ICT Monitoring and Reporting Advisory and Implementation Services
Service Management and ICT Monitoring and Reporting Advisory and Implementation Services G-Cloud Service 1 1. An overview of the G-Cloud Service Arcus can assist you with a review and advice on the effectiveness
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationProtective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open
Protective Monitoring as a Service Version: 1.0, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this
More informationREDCENTRIC MANAGED SERVER SERVICE DEFINITION
REDCENTRIC MANAGED SERVER SERVICE DEFINITION SD062 V1.4 Issue Date 01 July 2014 1) OVERVIEW The Managed Server service (MSS) provides access to Redcentric s 24x7 support capability, technical skills and
More informationXerox Remote Infrastructure Monitoring (XRIM)
Xerox Remote Infrastructure Monitoring (XRIM) Service Description G-Cloud : Lot 3 : Software as a Service (SaaS) April 2014 Version 1.0 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and
More informationG-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services
G-Cloud 7 Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to
More informationG-Cloud Service Definition. Atos SharePoint Development Service
G-Cloud Service Definition Atos SharePoint Development Service SharePoint Development Services SCS A comprehensive electronic document and records management, collaboration or web content management solution
More informationI.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure 2015 1
I.T. Security Specialists Cyber Security Solutions and Services Caretower Corporate Brochure 2015 1 about us As an independent IT security specialist, with over 17 years experience, we provide tailored
More informationUbertas Cloud Services: Service Definition
Ubertas Cloud Services: Service Definition February 2013 Innovation. Power. Trust. Contents 1. About Ubertas... 2 Our Company... 2 Our Approach to Service Delivery... 2 Our Partner Network & the UK Cloud
More informationCloudCheck Compliance Certification Program
CloudCheck Compliance Certification Program Ensure Your Cloud Computing Environment is Secure with CloudCheck Certification Organizations today are increasingly relying on a combination of private and/or
More informationSmartImpact MS Dynamics CRM. Support Service Definition
SmartImpact MS Dynamics CRM Support Service Definition Alliance House, 12 Caxton Road, London, SW1H 0QS United Kingdom Phone: +44 (0) 84 5544 2043 E-mail: info@smartimpact.co.uk http://www.smartimpact.co.uk/
More informationRemote Access Service (RAS)
Remote Access Service (RAS) Contents 1 Introduction to Remote Access Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Access Methods... 3 3 Differentiators...4 4 Commercials...5
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationG-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services
G-Cloud Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to support
More informationCurrent Vacancies. UK & South Africa. This document contains both Permanent & Contract roles.
Current Vacancies UK & South Africa This document contains both Permanent & Contract roles. To apply for any of the roles please email your CV and covering letter: Email: resourcing@ecs.co.uk Or call our
More informationG-Cloud Service Definition. Atos Information Security Wireless Scanning Service
G-Cloud Service Definition Atos Information Security Wireless Scanning Service Keeping your wireless networks secure Atos Information Security Wireless Scanning Service The Atos Wireless Scanning Service
More informationG-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS
G-Cloud Service Definition Atos infrastructure Vulnerability Scanning (Outpost24) SaaS Atos Infrastructure Vulnerability Scanning (Outpost24) SaaS Atos Infrastructure Vulnerability Scanning SaaS is powered
More informationInsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?
What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software
More informationService Integration &
This is a DRAFT document, being published for review & comment The content is therefore subject to change & revision This document is part of the XGOV Strategic SIAM reference set Service Integration &
More informationCALNET 3 Category 7 Network Based Management Security. Table of Contents
State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2
More informationCloud Infrastructure Security Management
www.netconsulting.co.uk Cloud Infrastructure Security Management Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationHow RSA has helped EMC to secure its Virtual Infrastructure
How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano
More informationTOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series
TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE ebook Series 2 Headlines have been written, fines have been issued and companies around the world have been challenged to find the resources, time and capital
More informationAssuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices
The Payment Card Industry (PCI) Data Security Standard (DSS) provides an actionable framework for developing a robust payment card data security process. The Payment Application Data Security Standard
More informationHow To Use A Cloud Service For Free
CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Service Components... 2 2.2 General... 2 3 Vendor Change... 3 4 Charges... 3 4.1 Charges payable by the... 3 4.2 Additional
More informationAmazon Compute - EC2 and Related Services
Amazon Compute - EC2 and Related Services G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon
More informationSITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA
SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...
More informationEmail Router and Vetting G-Cloud Service Definition
Email Router and Vetting G-Cloud Service Definition 2013 General Dynamics Information Technology. All rights reserved 1 In partnership with Government and industry-leading technology partners, General
More informationG-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS
G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS Capita Division / Supplier: Service Name: Capita Business Services Ltd SIMS OVERVIEW OF THE SERVICE The hosted service for SIMS
More informationIPL Service Definition - Data Recovery, Conversion and Migration
IPL Proposal IPL Service Definition - Data Recovery, Conversion and Migration Project: Date: 10 April 2014 Issue Number: V1 Customer: Crown Commercial Service Page 1 of 10 IPL Information Processing Limited
More informationUSER EXPERIENCE MONITORING Service Definition
About Littlefish Established in Nottingham in 2003, Littlefish (UK) Ltd has an innovative, stable and successful history in Managed IT Services and has grown continuously over the last ten years. Through
More informationSERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open
SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this material may
More informationExternal Supplier Control Requirements
External Supplier Control Requirements Cyber Security For Suppliers Categorised as High Cyber Risk Cyber Security Requirement Description Why this is important 1. Asset Protection and System Configuration
More informationHow To Run A Cloud Service For A Large Business
Lot: 4 Specialist Cloud Services Service 25: Digital Continuity - ediscovery Solutions An overview of the G-Cloud Service (functional, non functional) Discover Information based on content, metadata and
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationDBC 999 Incident Reporting Procedure
DBC 999 Incident Reporting Procedure Signed: Chief Executive Introduction This procedure is intended to identify the actions to be taken in the event of a security incident or breach, and the persons responsible
More informationG-Cloud Service Description. Atos: Cloud Professional Services: Requirements Specification
G-Cloud Service Description Atos: Cloud Professional Services: Requirements Specification Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and
More informationV1.4. Spambrella Email Continuity SaaS. August 2
V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable
More informationThales Service Definition for PSN Secure Email Gateway Service for Cloud Services
Thales Definition for PSN Secure Email Gateway Thales Definition for PSN Secure Email Gateway for Cloud s April 2014 Page 1 of 12 Thales Definition for PSN Secure Email Gateway CONTENT Page No. Introduction...
More informationValidating Enterprise Systems: A Practical Guide
Table of Contents Validating Enterprise Systems: A Practical Guide Foreword 1 Introduction The Need for Guidance on Compliant Enterprise Systems What is an Enterprise System The Need to Validate Enterprise
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationIntroduction to Centerprise International Limited
RM1557vi Introduction to Centerprise International Limited Centerprise International Limited was established in 1983 as an engineering and manufacturing company, specialising in designing and building
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More informationIntegrated windows authentication for customers based on Probation GSI network
Product Overview Victims Tracker (VT) is a software application, which was developed by London Probation Trust (LPT) to effectively manage the engagement / contact with victims of crime and the management
More informationService Definition - HR and Payroll Solutions
Service Definition - HR and Payroll Solutions Central Government RM1557 Date issued: 19/12/11 HR & EMPLOYEE SERVICES CASE MANAGEMENT EDRM & DOCUMENT MANAGEMENT FINANCE & ACCOUNTS PARTNERSHIP THROUGH INSIGHT,
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationCASSIDIAN CYBERSECURITY
CASSIDIAN CYBERSECURITY ADVANCED PERSISTENT THREAT (APT) SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something no organisation can afford
More informationVodafone secure mail services
Vodafone secure mail services Overview The G-Cloud Mail service is a business-class email system based on Microsoft Exchange. It provides a secure and robust email service, and includes an inbox, calendar,
More informationHosted Desktop as a Service
Hosted Desktop as a Service Contents 1 Introduction to Hosted Desktop Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Administration... 4 2.3 Access Methods... 4 2.4 Service
More informationPCI DSS Reporting WHITEPAPER
WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts
More informationThales Service Definition for NOC Services for Cloud
Thales Service Definition for UK NOC Services Thales Service Definition for NOC Services for Cloud April 2014 Page 1 of 13 Thales Service Definition for UK NOC Services CONTENT Page No. Introduction...
More informationVodafone Private Cloud
Vodafone Private Cloud Overview Vodafone Private Cloud is our dedicated public sector cloud service that connects you to your own private IL2/IL3 network and / or core government networks, including the
More informationXerox Print Monitoring Service (XPMS)
Xerox Print Monitoring Service (XPMS) Service Description G-Cloud : Lot 3 : Software as a Service (SaaS) April 2014 Version 1.0 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are
More informationData Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex
More informationSECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our
ENDNOTE ONLINE SECURITY OVERVIEW FOR MY.ENDNOTE.COM In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our servers from attacks and other attempts
More informationUniversity of Central Florida Class Specification Administrative and Professional. Information Security Officer
Information Security Officer Job Code: 2534 Serve as the information security officer for the University. Develop and computer security system standards, policies, and procedures. Serve as technical team
More informationCloud-based Infrastructure and Application Support Service Definition
+44 (0) 20 3603 7830 hello@equalexperts.com www.equalexperts.com 30 Brock Street London, NW1 3FG Cloud-based Infrastructure and Application Support Service Definition Overview We provide 24/7 support to
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationCloud Vendor Evaluation
Cloud Vendor Evaluation Checklist Life Sciences in the Cloud Cloud Vendor Evaluation Checklist What to evaluate when choosing a cloud vendor in Life Sciences Cloud computing is radically changing business
More informationInformation security controls. Briefing for clients on Experian information security controls
Information security controls Briefing for clients on Experian information security controls Introduction Security sits at the core of Experian s operations. The vast majority of modern organisations face
More informationHow to Set Up Your Virtual Server infrastructure
Connect Internet Solutions Ltd 4th Floor, New Barratt House, 47 North John Street, Liverpool, L2 6SG Tel: 0151 282 4321 Fax: 0151 282 4322 Email: gcloud@connectinternetsolutions.com Web: www.connectinternetsolutions.com
More informationINNOVATE. MSP Services Overview SVEN RADEMACHER THROUGH MOTIVATION
INNOVATE THROUGH MOTIVATION MSP Services Overview SVEN RADEMACHER Agenda About us IT Challenges Our Approach Our Services Next Steps About Us SEAFAIR IT SOLUTIONS Pre-eminent Managed Service Provider Provide
More information1. Perimeter Security Dealing with firewall, gateways and VPNs and technical entry points. Physical Access to your premises can also be reviewed.
Service Definition Technical Security Review Overview of Service Considering the increasing importance of security, the number of organisations that allow for contingency in their Information Security
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More information