Lot 1 Service Specification MANAGED SECURITY SERVICES

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Lot 1 Service Specification MANAGED SECURITY SERVICES"

Transcription

1 Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013

2 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services across the private and public sectors. We bring real experience forged by over 40 years of delivering secure information services to a wide customer base including UK government departments and FTSE250 companies. Fujitsu provides essential security capabilities to its customers, supporting their drive to protect information assets in the face of emerging strategic and operational business challenges. We are a critical component of our customers approach to their regulatory and legislatory demands, assisting them in managing their information security risks flexibly and effectively. Fujitsu takes responsibility for the ongoing management of specific security capabilities on behalf of customers. We use market leading security products and expert professional services to support the assessment of risk, define requirements, provide technical and service design and architecture, as well as ensuring effective deployment and operation of the Managed Security Services (MSS). Our broad range of MSS can provide defence-in-depth solutions ranging from network protection technologies such as firewalls, web security and intrusion prevention systems, through to host encryption services and endpoint protection services (e.g. anti-malware and anti-spam). All our services give customers the 24x7 cover needed. DELIVERABLES The Managed Security Services that Fujitsu provide include: Boundary Protection Managed Firewall Services and Intrusion Detection / Prevention Systems (IDS/IPS) that provide protection against unauthorised access to critical information assets and monitor/block network traffic for malicious activity providing security alerts for analysis and remediation. Web and Security Protects against: Web-based threats and malicious code as well as enabling the filtering of web content Inbound and outbound threats including spam, malware, phishing etc. Security Information and Event Management (SIEM) Provides real-time visibility of risks, threats and critical operations issues that are otherwise undetectable in any practical way. This enables the customer to detect and swiftly respond to: Sophisticated intrusions Insider threats Fraud Compliance violations Disruptions to IT Services Many other critical events. SIEM underpins security compliance (including PCI DSS and CESG Good Practice Guide 13) as well as enabling retrospective analysis to support security investigations. Endpoint Protection and Encryption Ensures consistent endpoint protection across the enterprise to meet malware threats. The service can include: Anti-Virus and Anti-Spyware, application and device control, desktop firewalls, host intrusion prevention, network access control and endpoint encryption. Data Loss Prevention (DLP) Protects brand and reputation through the enforcement of defined policies to mitigate the risk of sensitive data loss and also to report on compliance requirements. Page 2 of 7 Fujitsu Services Limited, 2013

3 Vulnerability Management Scans the IT infrastructure to identify, prioritise and report any known vulnerabilities, which can then be used to drive the remediation activity and enhance the protection of critical information assets. ON-BOARDING AND OFF-BOARDING PROCESSES/SCOPE On Boarding Fujitsu s approach would be work with the G Cloud Customer to define the detailed requirements, which would then be used to derive a quotation and agreed scope and delivery approach. Fujitsu s on-boarding process has five overarching phases: Define the scope Discover: conduct a detailed analysis of the current estate Design the new infrastructure based on definition and discovery Develop the solution Deploy and release The approach is underpinned by the following key components: Project/programme management activities aligned to PRINCE2/Managing Successful Programmes (MSP) Robust change management Externally verified risk management processes Active security management Staged approach with formal entry and exit criteria controlling stage progression. Once transitioned into service, the Managed Security Services would be supported from our Security Operations Centre Off Boarding Fujitsu will work with the G Cloud Customer to define the scope and timescales required as part of the Off Boarding. The approach to off boarding will ensure an orderly transition of the transferring services to the replacement supplier. A key priority for Fujitsu in any service exit event is maintaining the contracted levels of service for the remaining period of the Term. As such, Fujitsu would look to work with the new incoming supplier to: Agree a strategy for exit arrangements that is cost effective and risk adverse to maintain the integrity of the service Agree the commercial terms of the exit of Fujitsu with the Customer Agree the new supplier s transition timescales, with the aim of ensuring a seamless transfer of services. Page 3 of 7 Fujitsu Services Limited, 2013

4 SERVICE LEVELS The response and target fix times provided for the Fujitsu Managed Security Services are outlined below. Term Technical Response Time Incident: Severity 1 30 minutes 4 hours Incident: Severity 2 1 hour 8 hours Target Fix Time Incident: Severity 3 4 hours 16 hours Incident: Severity 4 1 day 3 days SERVICE CREDITS N/A SERVICE MANAGEMENT The Fujitsu Managed Security Services are operated under an ITIL-aligned, ISO/IEC compliant service management framework. Fujitsu will implement and maintain the agreed policies for the MSS and any changes to the policies shall be managed through the Managed Service Change process. The MSS shall contain the following principal elements: Incident Management Problem Management Change Management Release Management Configuration Management Service Level Management Quality Management Availability and Capacity Management Service Continuity Management Continuous Improvement Third Party Management, where required. Fujitsu s SOC will react to security incidents using the following approach: Event Analysis Upon detection, events which impact on security shall be analysed to ascertain whether they need to be upgraded to a Security Incident for further action Security Incident Categorisation If the event is defined as a Security Incident, it shall be categorised considering the cause, priority, potential impact and the urgency of response Security Incident Response The security analysts, resolver groups and service management team, plus identified Customer stakeholders as defined within the overarching Service Design and communications plan, shall agree on the most appropriate course of action. When a course of action has been implemented, its effectiveness in resolving the incident shall be assessed so that if the chosen course of action is not effective, further course/s of action can be taken. The Security Incident shall be tracked to resolution Post Incident Analysis - After each Security Incident, post incident analysis shall be undertaken to: Ensure that the conduct of the investigation was appropriate Consider lessons identified, where conduct of the investigation could be improved Ensure that all mitigating actions have been taken Page 4 of 7 Fujitsu Services Limited, 2013

5 PRICING As an indicative cost for one of the Managed Security Services that Fujitsu could provide: There would a fixed charge of 15,673 for the provisioning activity for a new High Availability Security fully managed service including requirements definition, design, build, install and test (excluding hardware, licensing and vendor support, which will be defined and agreed as part of the requirements definition) for up to 10,000 users. Should any additional effort be required in order to complete work or carry out additional work which is out of the scope of this Service Definition then such additional effort and any applicable charges will be agreed by both parties in the form of a new statement of work. There would also be a charge of 28,743 per annum for the ongoing management of the service. (Indicative cost for typical service). These charges are exclusive of Value Added Tax (VAT) and any other applicable sales taxes. Customer agrees to pay amounts equal to any VAT or other levy. Detailed requirements would need to be defined and agreed prior to a formal quotation being provided to the Customer. ORDERING AND INVOICING PROCESS The Customer will be invoiced for the Charges on completion of the set up and provisioning of the Managed Security Service and then monthly in arrears for the ongoing management of the service. When remitting payment, the Customer will include the applicable Fujitsu invoice that the payment applies to. INFORMATION ASSURANCE Fujitsu s Managed Security Services are provided from an ITIL aligned ISO certified support organisation and Fujitsu provides Managed Security Services from its Security Operations Centre to a number of Public Sector customers up to and including IL4. LEVEL OF BACKUP/RESTORE AND DISASTER RECOVERY Fujitsu will retain configuration back-up to enable rebuild/restoration in the event of failure/fault. Fujitsu s standard environment platform backup processes shall be utilised and tested. DATA RESTORATION / SERVICE MIGRATION Fujitsu has extensive experience of transitioning services. Transition of services will include definition of the scope, detailed analysis of the current estate and the definition of the required activities as part of an overarching transition plan to ensure that services are assured during the transition phase. TRAINING N/A DETAILS OF ANY TRIAL SERVICE AVAILABLE N/A SERVICE CONSTRAINTS Each of the respective Managed Security Services has specific service constraints. These shall be provided as part of the process of producing a definition of requirements. MINIMUM AND MAXIMUM TERMS There is a minimum term of 12 months. TERMINATION TERMS The Customer or Fujitsu may terminate a Managed Security Service (MSS) by giving not less than ninety (90) days notice to the other party. Page 5 of 7 Fujitsu Services Limited, 2013

6 Should the Customer decide to terminate the service, termination fees shall apply, which will be detailed as part of the contract and will be dependent upon the specific MSS being subject to termination. Additionally, should the Customer terminate a MSS, the Customer shall be liable for any Software Licensing or Hardware support costs that arise as a result of the early termination. CONSUMER RESPONSIBILITIES Successful delivery of the Fujitsu Managed Security Service is subject to the following dependencies upon the Customer: The Customer shall maintain the applicable Customer Security Policy regarding the MSS Advise Fujitsu prior to any security testing The Customer shall notify Fujitsu of potential Security Incidents via the Service Desk using the agreed method of incident logging The Customer shall ensure that all Security Incidents are logged with all of the required details of the Security Incident The Customer shall use all reasonable endeavours to ensure that it does not report incidents under this agreement which relate to equipment and services that is not within the scope of the Support Services Software components deployed onto servers for log file collection (for example agents) may require certain prerequisite patches and applications to be installed The Customer will provide Fujitsu with access to the equipment for the purpose of undertaking its obligations as described herein The Customer shall utilise the Fujitsu-provided software in accordance with the prevailing licence terms. TECHNICAL REQUIREMENTS As part of the definition of the Managed Security Service (MSS) requirements with the G Cloud Customer, Fujitsu shall define the technical requirements, which will be dependent upon the specific MSS to be delivered, and document and agree them with the Customer. SERVICE CONSTRAINTS Fujitsu shall not be liable for Customer s take up, non-take up or other discretionary use of the information provided by Fujitsu or of any of the recommendations or options generated from the Service and activities under this Service Definition. Page 6 of 7 Fujitsu Services Limited, 2013

7 DEFINITIONS Any terms used in this Service Specification have the meaning assigned to it by the Fujitsu Cloud Service Agreement Terms and Conditions. Additional terms used have the meaning assigned by this paragraph. In the event of any conflict between the terms of this Service Specification and the other documents that comprise the Agreement, the provisions of this Service Specification shall prevail. Table 1: DEFINITIONS Definition CESG Good Practice Guide 13 IDS/IPS MSS PCI DSS Security Incident Service Design SOC Meaning HMG security guidance on Protective Monitoring Intrusion Detection Systems / Intrusion Prevention Systems Managed Security Service Payment Card Industry Data Security Standards The outcome of the analysis of security events which are not part of standard operation and/or may cause a breach of security policy. Defines how the Managed Security Service integrates with the wider service management framework. Security Operations Centre SERVICE EXCLUSIONS The following elements are not included or applicable as part of the offered Service and are therefore not included within this Service Definition: Hardware and software plus ongoing licensing and support. These would need to be defined as part of the initial requirements definition with the Customer. Page 7 of 7 Fujitsu Services Limited, 2013

Service Definition Document

Service Definition Document Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)

More information

Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES

Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Lot 4 Service Specification BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF BUSINESS PROCESS MANAGEMENT (BPM) PROFESSIONAL SERVICES Business Process Management

More information

SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open

SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE. Classification: Open SERVICE DEFINITION G-CLOUD 7 SECURE FILE TRANSFER DIODE Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this

More information

Agilisys G-Cloud Service V

Agilisys G-Cloud Service V Agilisys G-Cloud Service V Service Definition Endpoint Management Lot 1 Infrastructure as a Service (IaaS) April 2014 At Agilisys we deliver success through innovation working with our clients to transform

More information

External Supplier Control Requirements

External Supplier Control Requirements External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must

More information

Marval Software Limited. G Cloud iii Framework Service Definition

Marval Software Limited. G Cloud iii Framework Service Definition 1 Marval Software Limited G Cloud iii Framework Service Definition Page 1 of 9 2 Contents An overview of the Marval Service Management (MSM) Software Solution... 3 Information assurance Impact Level (IL)

More information

Aberdeen City Council IT Security (Network and perimeter)

Aberdeen City Council IT Security (Network and perimeter) Aberdeen City Council IT Security (Network and perimeter) Internal Audit Report 2014/2015 for Aberdeen City Council August 2014 Internal Audit KPIs Target Dates Actual Dates Red/Amber/Green Commentary

More information

Software as a Service (SaaS) Online HR

Software as a Service (SaaS) Online HR Software as a Service (SaaS) Online HR Contents Service Definition... 3 An overview of the G-Cloud Service... 3 Key Service Attributes... 4 Information assurance... 4 Details of the level of backup/restore

More information

ADVANCED THREAT DETECTION G-CLOUD SERVICE DEFINITION

ADVANCED THREAT DETECTION G-CLOUD SERVICE DEFINITION ADVANCED THREAT DETECTION G-CLOUD SERVICE DEFINITION 14 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Advanced Threat Detection Service...3 2.2 Service Description...4 2.3 Scenario: Basis

More information

PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION

PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION PROTECTIVE MONITORING SERVICE G-CLOUD SERVICE DEFINITION 15 Table of contents 1 Introduction...2 2 Service Overview...3 2.1 Protective Monitoring...3 2.2 Service Description...4 2.3 Scenario: Basis for

More information

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS

Secure Remote Backup (IL3) G-Cloud Lot3 IaaS Secure Remote Backup (IL3) G-Cloud Lot3 IaaS Contents Service Definition... 3 An overview of the Remote Backup as a Service... 3 Key Service Attributes... 4 Information assurance... 5 Details of the level

More information

CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES

CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES CASSIDIAN CYBERSECURITY SECURITY OPERATIONS CENTRE SERVICES PROTECTIVE MONITORING SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something

More information

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 2.0, Issue Date: 05/02/2014. Classification: Open Cloud Enablement Version: 2.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this Response, no part of this

More information

Solution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time.

Solution Overview. Our Solution employs two tiers of storage aligning costs of storage with the changing value of data over time. Service Solution Overview Online Backup per TB model Databarracks fully managed online backup solution uses the Asigra software to back up and protect both physical and virtual environments. Housed in

More information

GPG13 Protective Monitoring. Service Definition

GPG13 Protective Monitoring. Service Definition GPG13 Protective Monitoring Service Definition Issue Number V1.3 Document Date 27 November 2014 Author: D.M.Woodcock Classification UNCLASSIFIED Version G-Cloud 6 2014 Copyright Assuria Limited. All rights

More information

The Education Fellowship Finance Centralisation IT Security Strategy

The Education Fellowship Finance Centralisation IT Security Strategy The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and

More information

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open

Cloud Enablement. Lot 4 - Specialist Cloud Services. Version: 3.0, Issue Date: 05/02/2014. Classification: Open Cloud Enablement Version: 3.0, Issue Date: 05/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201415/12/2014. Other than for the sole purpose of evaluating this Response, no part

More information

Cyber Essentials Scheme

Cyber Essentials Scheme Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these

More information

Caretower s SIEM Managed Security Services

Caretower s SIEM Managed Security Services Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During

More information

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Module Db Technical Solution Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL: Cost is reduced through greater economies of scale, removal of duplication

More information

NOS for Network Support (903)

NOS for Network Support (903) NOS for Network Support (903) November 2014 V1.1 NOS Reference ESKITP903301 ESKITP903401 ESKITP903501 ESKITP903601 NOS Title Assist with Installation, Implementation and Handover of Network Infrastructure

More information

PSN Protective Monitoring. Service Definition

PSN Protective Monitoring. Service Definition PSN Protective Monitoring Service Definition Issue Number V3.0 Document Date 29 September 2015 Author: R.N. Connor Classification UNCLASSIFIED Version G-Cloud 7 2015 Copyright Tenian Limited. All rights

More information

Firewall Administration and Management

Firewall Administration and Management Firewall Administration and Management Preventing unauthorised access and costly breaches G-Cloud 5 Service Definition CONTENTS Overview of Service... 2 Protects Systems and data... 2 Optimise firewall

More information

Client Security Risk Assessment Questionnaire

Client Security Risk Assessment Questionnaire Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2

More information

PCI Compliance for Cloud Applications

PCI Compliance for Cloud Applications What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage

More information

Let us take care of your protection so you can focus on your business.

Let us take care of your protection so you can focus on your business. Let us take care of your protection so you can focus on your business. An award-winning answer to protecting the critical parts of your business that won t break the bank... What s not to like? Cost effective

More information

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary

More information

CareFirst: Service Definition

CareFirst: Service Definition CareFirst: Service Definition Page 1 of 11 Contents 1. Service Overview... 3 2. Information Assurance... 4 3. Details of the level of backup/restore and disaster recovery that will be provided... 4 4.

More information

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping

Larry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control

More information

G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)

G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) Service Definition 6th October 2015 TABLE OF CONTENTS VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS) 3 SERVICE SUMMARY

More information

Amazon Relational Database Service (RDS)

Amazon Relational Database Service (RDS) Amazon Relational Database Service (RDS) G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon

More information

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 2.1, Issue Date: 05/02/201405/02/2014. Classification: Open Protective Monitoring as a Service Version: 2.1, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 201416/12/2014. Other than for the sole purpose of evaluating

More information

SERVICE DEFINITION G-CLOUD 7 THALES PSN MAIL GATEWAY. Classification: Open

SERVICE DEFINITION G-CLOUD 7 THALES PSN MAIL GATEWAY. Classification: Open SERVICE DEFINITION G-CLOUD 7 THALES PSN MAIL GATEWAY Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this

More information

Service Management and ICT Monitoring and Reporting Advisory and Implementation Services

Service Management and ICT Monitoring and Reporting Advisory and Implementation Services Service Management and ICT Monitoring and Reporting Advisory and Implementation Services G-Cloud Service 1 1. An overview of the G-Cloud Service Arcus can assist you with a review and advice on the effectiveness

More information

Security April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services

Security April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services Security April 2015 Secure cloud solutions with guaranteed UK data sovereignty. Solving the data security challenge with our enhanced private and hybrid cloud services This paper enables discussion around

More information

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business

More information

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open

Protective Monitoring as a Service. Lot 4 - Specialist Cloud Services. Version: 1.0, Issue Date: 05/02/201405/02/2014. Classification: Open Protective Monitoring as a Service Version: 1.0, Issue Date: 05/02/201405/02/2014 Classification: Open Classification: Open ii MDS Technologies Ltd 2014. Other than for the sole purpose of evaluating this

More information

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA

SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...

More information

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services

G-Cloud 7 Service Definition. Atos Oracle Cloud ERP Implementation Services G-Cloud 7 Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to

More information

JOB DESCRIPTION CONTRACTUAL POSITION

JOB DESCRIPTION CONTRACTUAL POSITION Ref #: IT/P /01 JOB DESCRIPTION CONTRACTUAL POSITION JOB TITLE: INFORMATION AND COMMUNICATIONS TECHNOLOGY (ICT) SECURITY SPECIALIST JOB SUMMARY: The incumbent is required to provide specialized technical

More information

Security Annex for Content Filtering Additional Terms for Content Filtering Service

Security Annex for Content Filtering Additional Terms for Content Filtering Service CONTENTS 1 Glossary of Terms & Definitions... 2 2 Service Description... 2 2.1 Service Components... 2 2.2 General... 2 3 Vendor Change... 3 4 Charges... 3 4.1 Charges payable by the... 3 4.2 Additional

More information

Remote Access Service (RAS)

Remote Access Service (RAS) Remote Access Service (RAS) Contents 1 Introduction to Remote Access Service...2 2 Service Definition...3 2.1 Functionality & Features... 3 2.2 Access Methods... 3 3 Differentiators...4 4 Commercials...5

More information

Amazon Compute - EC2 and Related Services

Amazon Compute - EC2 and Related Services Amazon Compute - EC2 and Related Services G-Cloud Service 1 1.An overview of the G-Cloud Service Arcus Global are approved to sell to the UK Public Sector as official Amazon Web Services resellers. Amazon

More information

Ubertas Cloud Services: Service Definition

Ubertas Cloud Services: Service Definition Ubertas Cloud Services: Service Definition February 2013 Innovation. Power. Trust. Contents 1. About Ubertas... 2 Our Company... 2 Our Approach to Service Delivery... 2 Our Partner Network & the UK Cloud

More information

CloudCheck Compliance Certification Program

CloudCheck Compliance Certification Program CloudCheck Compliance Certification Program Ensure Your Cloud Computing Environment is Secure with CloudCheck Certification Organizations today are increasingly relying on a combination of private and/or

More information

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services

G-Cloud Service Definition. Atos Oracle Cloud ERP Implementation Services G-Cloud Service Definition Atos Oracle Cloud ERP Implementation Services Atos Oracle Cloud ERP Implementation Services Customers need adaptive and agile Enterprise Resource Planning (ERP) systems to support

More information

Email Router and Vetting G-Cloud Service Definition

Email Router and Vetting G-Cloud Service Definition Email Router and Vetting G-Cloud Service Definition 2013 General Dynamics Information Technology. All rights reserved 1 In partnership with Government and industry-leading technology partners, General

More information

Service 25: Digital Continuity - ediscovery Solutions

Service 25: Digital Continuity - ediscovery Solutions Lot: 4 Specialist Cloud Services Service 25: Digital Continuity - ediscovery Solutions An overview of the G-Cloud Service (functional, non functional) Discover Information based on content, metadata and

More information

Current Vacancies. UK & South Africa. This document contains both Permanent & Contract roles.

Current Vacancies. UK & South Africa. This document contains both Permanent & Contract roles. Current Vacancies UK & South Africa This document contains both Permanent & Contract roles. To apply for any of the roles please email your CV and covering letter: Email: resourcing@ecs.co.uk Or call our

More information

A Decision Maker s Guide to Securing an IT Infrastructure

A Decision Maker s Guide to Securing an IT Infrastructure A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

More information

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices The Payment Card Industry (PCI) Data Security Standard (DSS) provides an actionable framework for developing a robust payment card data security process. The Payment Application Data Security Standard

More information

Cloud Infrastructure Security Management

Cloud Infrastructure Security Management www.netconsulting.co.uk Cloud Infrastructure Security Management Visualise your cloud network, identify security gaps and reduce the risks of cyber attacks. Being able to see, understand and control your

More information

Managing internet security

Managing internet security Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further

More information

IPL Service Definition - Data Recovery, Conversion and Migration

IPL Service Definition - Data Recovery, Conversion and Migration IPL Proposal IPL Service Definition - Data Recovery, Conversion and Migration Project: Date: 10 April 2014 Issue Number: V1 Customer: Crown Commercial Service Page 1 of 10 IPL Information Processing Limited

More information

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security

More information

Bring Your Own Device Assessment

Bring Your Own Device Assessment Lot 4 Service Specification Bring Your Own Device Assessment OVERVIEW Bring Your Own Device (BYOD) is the fastest growing mega trend in the IT industry. CIOs are under pressure as employees demand to use

More information

Introduction to Centerprise International Limited

Introduction to Centerprise International Limited RM1557vi Introduction to Centerprise International Limited Centerprise International Limited was established in 1983 as an engineering and manufacturing company, specialising in designing and building

More information

USER EXPERIENCE MONITORING Service Definition

USER EXPERIENCE MONITORING Service Definition About Littlefish Established in Nottingham in 2003, Littlefish (UK) Ltd has an innovative, stable and successful history in Managed IT Services and has grown continuously over the last ten years. Through

More information

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure 2015 1

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure 2015 1 I.T. Security Specialists Cyber Security Solutions and Services Caretower Corporate Brochure 2015 1 about us As an independent IT security specialist, with over 17 years experience, we provide tailored

More information

Xerox Remote Infrastructure Monitoring (XRIM)

Xerox Remote Infrastructure Monitoring (XRIM) Xerox Remote Infrastructure Monitoring (XRIM) Service Description G-Cloud : Lot 3 : Software as a Service (SaaS) April 2014 Version 1.0 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and

More information

G-Cloud Service Definition. Atos SharePoint Development Service

G-Cloud Service Definition. Atos SharePoint Development Service G-Cloud Service Definition Atos SharePoint Development Service SharePoint Development Services SCS A comprehensive electronic document and records management, collaboration or web content management solution

More information

SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open

SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP. Classification: Open SERVICE DEFINITION G-CLOUD 7 CLOUD BACKUP Classification: Open Classification: Open ii MDS Technologies Ltd 2015. Other than for the sole purpose of evaluating this Response, no part of this material may

More information

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed

More information

A Rackspace White Paper Spring 2010

A Rackspace White Paper Spring 2010 Achieving PCI DSS Compliance with A White Paper Spring 2010 Summary The Payment Card Industry Data Security Standard (PCI DSS) is a global information security standard defined by the Payment Card Industry

More information

Thales Service Definition for NOC Services for Cloud

Thales Service Definition for NOC Services for Cloud Thales Service Definition for UK NOC Services Thales Service Definition for NOC Services for Cloud April 2014 Page 1 of 13 Thales Service Definition for UK NOC Services CONTENT Page No. Introduction...

More information

G-Cloud Service Description. Atos: Cloud Professional Services: Requirements Specification

G-Cloud Service Description. Atos: Cloud Professional Services: Requirements Specification G-Cloud Service Description Atos: Cloud Professional Services: Requirements Specification Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and

More information

REDCENTRIC MANAGED SERVER SERVICE DEFINITION

REDCENTRIC MANAGED SERVER SERVICE DEFINITION REDCENTRIC MANAGED SERVER SERVICE DEFINITION SD062 V1.4 Issue Date 01 July 2014 1) OVERVIEW The Managed Server service (MSS) provides access to Redcentric s 24x7 support capability, technical skills and

More information

SmartImpact MS Dynamics CRM. Support Service Definition

SmartImpact MS Dynamics CRM. Support Service Definition SmartImpact MS Dynamics CRM Support Service Definition Alliance House, 12 Caxton Road, London, SW1H 0QS United Kingdom Phone: +44 (0) 84 5544 2043 E-mail: info@smartimpact.co.uk http://www.smartimpact.co.uk/

More information

Nine Steps to Smart Security for Small Businesses

Nine Steps to Smart Security for Small Businesses Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS

G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS G-CLOUD IIII FRAMEWORK SERVICE DEFINITION: SCHOOLS HOSTED SERVICE FOR SIMS Capita Division / Supplier: Service Name: Capita Business Services Ltd SIMS OVERVIEW OF THE SERVICE The hosted service for SIMS

More information

Integrated windows authentication for customers based on Probation GSI network

Integrated windows authentication for customers based on Probation GSI network Product Overview Victims Tracker (VT) is a software application, which was developed by London Probation Trust (LPT) to effectively manage the engagement / contact with victims of crime and the management

More information

Thales Service Definition for PSN Secure Email Gateway Service for Cloud Services

Thales Service Definition for PSN Secure Email Gateway Service for Cloud Services Thales Definition for PSN Secure Email Gateway Thales Definition for PSN Secure Email Gateway for Cloud s April 2014 Page 1 of 12 Thales Definition for PSN Secure Email Gateway CONTENT Page No. Introduction...

More information

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE ebook Series 2 Headlines have been written, fines have been issued and companies around the world have been challenged to find the resources, time and capital

More information

Vodafone secure mail services

Vodafone secure mail services Vodafone secure mail services Overview The G-Cloud Mail service is a business-class email system based on Microsoft Exchange. It provides a secure and robust email service, and includes an inbox, calendar,

More information

CASSIDIAN CYBERSECURITY

CASSIDIAN CYBERSECURITY CASSIDIAN CYBERSECURITY ADVANCED PERSISTENT THREAT (APT) SERVICE In a world where cyber threats are emerging daily, often from unknown sources, information security is something no organisation can afford

More information

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS? What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software

More information

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS

G-Cloud Service Definition. Atos infrastructure Vulnerability Scanning (Outpost24) SaaS G-Cloud Service Definition Atos infrastructure Vulnerability Scanning (Outpost24) SaaS Atos Infrastructure Vulnerability Scanning (Outpost24) SaaS Atos Infrastructure Vulnerability Scanning SaaS is powered

More information

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service

G-Cloud Service Definition. Atos Information Security Wireless Scanning Service G-Cloud Service Definition Atos Information Security Wireless Scanning Service Keeping your wireless networks secure Atos Information Security Wireless Scanning Service The Atos Wireless Scanning Service

More information

CALNET 3 Category 7 Network Based Management Security. Table of Contents

CALNET 3 Category 7 Network Based Management Security. Table of Contents State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2

More information

Service Integration &

Service Integration & This is a DRAFT document, being published for review & comment The content is therefore subject to change & revision This document is part of the XGOV Strategic SIAM reference set Service Integration &

More information

How RSA has helped EMC to secure its Virtual Infrastructure

How RSA has helped EMC to secure its Virtual Infrastructure How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano

More information

Customers select from a variety of performance and sizing options to create a tailor made server solution.

Customers select from a variety of performance and sizing options to create a tailor made server solution. Connect Internet Solutions Ltd 4th Floor, New Barratt House, 47 North John Street, Liverpool, L2 6SG Tel: 0151 282 4321 Fax: 0151 282 4322 Email: gcloud@connectinternetsolutions.com Web: www.connectinternetsolutions.com

More information

Telstra Service Management Framework. Your assurance of first-class network support

Telstra Service Management Framework. Your assurance of first-class network support Telstra Service Framework Your assurance of first-class network support The Service Framework delivers comprehensive, integrated support Service Frame work SERVICE IMPROVEMENT & REPORTING Performance &

More information

G-Cloud 6 Service Definition DCG Enterprise Backup Reporting Service

G-Cloud 6 Service Definition DCG Enterprise Backup Reporting Service G-Cloud 6 Service Definition DCG Enterprise Backup Reporting Service G-Cloud 6, Service Description, DCG Enterprise Backup Reporting Service Page 1 of 16 CONTACT INFORMATION Guy Silver T: +44(0) 7990 690087

More information

Italy. EY s Global Information Security Survey 2013

Italy. EY s Global Information Security Survey 2013 Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information

More information

Vodafone Private Cloud

Vodafone Private Cloud Vodafone Private Cloud Overview Vodafone Private Cloud is our dedicated public sector cloud service that connects you to your own private IL2/IL3 network and / or core government networks, including the

More information

Service Definition - HR and Payroll Solutions

Service Definition - HR and Payroll Solutions Service Definition - HR and Payroll Solutions Central Government RM1557 Date issued: 19/12/11 HR & EMPLOYEE SERVICES CASE MANAGEMENT EDRM & DOCUMENT MANAGEMENT FINANCE & ACCOUNTS PARTNERSHIP THROUGH INSIGHT,

More information

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.

More information

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture

More information

Cloud Vendor Evaluation

Cloud Vendor Evaluation Cloud Vendor Evaluation Checklist Life Sciences in the Cloud Cloud Vendor Evaluation Checklist What to evaluate when choosing a cloud vendor in Life Sciences Cloud computing is radically changing business

More information

STL Microsoft Dynamics CRM Consulting and Support Services

STL Microsoft Dynamics CRM Consulting and Support Services STL Microsoft Dynamics CRM Consulting and Support Services STL Technologies Equis House Eastern Way Bury St Edmunds Suffolk IP32 7AB Service Description and Pricing Specialist Cloud Services www.stl.co.uk

More information

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices

TASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security

More information

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical

More information

V1.4. Spambrella Email Continuity SaaS. August 2

V1.4. Spambrella Email Continuity SaaS. August 2 V1.4 August 2 Spambrella Email Continuity SaaS Easy to implement, manage and use, Message Continuity is a scalable, reliable and secure service with no set-up fees. Built on a highly reliable and scalable

More information

Our consultancy team will provide guidance throughout the process helping you to produce the necessary documentation and raise staff awareness.

Our consultancy team will provide guidance throughout the process helping you to produce the necessary documentation and raise staff awareness. Service Definition Business Continuity Plan Overview of Service Sapphire provides a bespoke service, working with your organisation to develop a comprehensive Business Continuity Plan (BCP) designed to

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

DBC 999 Incident Reporting Procedure

DBC 999 Incident Reporting Procedure DBC 999 Incident Reporting Procedure Signed: Chief Executive Introduction This procedure is intended to identify the actions to be taken in the event of a security incident or breach, and the persons responsible

More information

1. Perimeter Security Dealing with firewall, gateways and VPNs and technical entry points. Physical Access to your premises can also be reviewed.

1. Perimeter Security Dealing with firewall, gateways and VPNs and technical entry points. Physical Access to your premises can also be reviewed. Service Definition Technical Security Review Overview of Service Considering the increasing importance of security, the number of organisations that allow for contingency in their Information Security

More information

CESG Certification of Cyber Security Training Courses

CESG Certification of Cyber Security Training Courses CESG Certification of Cyber Security Training Courses Supporting Assessment Criteria for the CESG Certified Training (CCT) Scheme Portions of this work are copyright The Institute of Information Security

More information