Your Data. Protected.

All aspects of the UKCloudX platform — from security and service management to sustainability — are underpinned by a comprehensive compliance framework that governs our people, processes, premises and technology.

Let's Talk

Purpose-built for secure and sensitive systems

UKCloudX is the first High Assurance cloud for systems classified as above OFFICIAL. Working with the National Cyber Security Centre (NCSC), our platform has achieved Pan Government Accreditation to IL3 (IL4 by aggregation) and is capable of securely connecting MoD networks such as the RLI

Housed within our military-grade data centres, we can ensure that your data never leaves the UK and is protected by the highest standards and regulations, including but not limited to JSP604.

Defence Cloud Governance

Approved MOD Procurement Frameworks

Since its inception, we’ve been an approved supplier on the G-Cloud Framework. Regularly updating our terms and conditions to be wholly compliant with public sector procurement guidelines.

Throughout this period, we’ve also gained approval to provide our services via a number of other public sector procurement frameworks including; Technology Services 2, Digital Outcomes & Specialists 4, Data & Application Solutions, Scottish Government Cloud Services Framework, YPO Data Centres & Cloud Hosting Framework, YPO Technology Hardware & Software and NHS SBS Cloud Solutions Framework. We’ve done everything we can to smooth the procurement process for defence organisations.

UKCloud is a Crown Commercial Supplier for the UK Public Sector

Speak with one of our cleared and vetted multi-cloud experts

Whether you’re looking to rehost legacy systems in the cloud, or deploy new, emerging technologies on our government-grade infrastructure - our security-cleared staff will ensure your next mission is a success.

Contact us

Information Security & Governance

We take information security seriously and ensure our people, processes, premises and technologies are governed for compliance

  • Information Security Management (ISO27001)
  • Security Controls for Cloud Services (ISO27017)
  • Personal Data in the Cloud Security (ISO27018)
  • Cyber Essentials Plus
  • Home Office Police Assured Secure Facility (PASF)

    • Information Security Management (ISO27001)

    Protecting the confidentiality, integrity and availability of your data is of the utmost importance to us.

    Our ISO27001-certified Information Security Management System (ISMS) is based on a robust framework of information security policies and procedures, aligned with the our Risk Assessment Methodology.

    This methodology constantly assesses a wide variety of threats and vulnerabilities which may compromise information assets or the supporting assets on which they depend for their security.

    Security Controls for Cloud Services (ISO27017)

    ISO27017 builds on ISO27001 by providing a more focused approach to managing the risks associated with the selection and use of cloud computing environments, from the perspective of both the cloud provider and the cloud consumer.

    We were one of the first organisations to achieve external certification against the ISO27017 standard.

    Personal Data in the Cloud Security (ISO27018)

    The ISO27018 standard provides a more focused approach to managing the risks associated with personal data within cloud environments.

    ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities and regulations relating to a customer’s right to access and delete personal data.

    We were one of the first organisations to achieve external certification against the ISO27018 standard.

    Cyber Essentials Plus

    UKCloud was one of the first organisations to have successfully achieved both Cyber Essentials and Cyber Essentials Plus.

    Launched by the UK Government in 2014 to reduce cyber risks across all types of organisation, this important initiative helps to safeguard the country’s growing digital economy.

    We have been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management.

    The Plus level additionally requires thorough independent technical checks of UKCloud’s platforms and systems, and seeks to identify whether they could be compromised by a variety of different cyber-attack scenarios.

    Home Office Police Assured Secure Facility (PASF)

    Through the National Policing Information Risk Management Policy, the National Policing Information Risk Management Team (NPIRMT) of the UK Home Office sets the central standards and controls for law enforcement agencies across the UK. The policy requires that all national police services perform a physical inspection of the data centres where their data will be stored.

    UKCloud has worked with NPRIRMT to undertake a Police Assured Secure Facility (PASF) inspection of the UKCloudX platform which supports each police service in their due-diligence.

    General Data Protection Regulation (GDPR)

    Our approach to GDPR compliance builds on our mature and proven approach to risk management and compliance. All our services are regularly risk assessed and we’ve completed detailed Data Protection Impact Assessments (DPIA) as required by Article 35 of GDPR. We’ve long had our own formally certified Data Protection Officer who is responsible for maintaining our status as a demonstrably compliant Service Provider – including overseeing our regular independent IT Security Health Checks in line with GDPR Article 25.

    Arial shot of Ark data centres

    Does Defence Cloud Exist?

    Read More

    Sustainable cloud services

    Our services are CarbonNeutral® certified. To achieve this status, we work with Natural Capital Partners, a world-leading provider of carbon reduction solutions, to measure and reduce our carbon footprint to net zero.

    UKCloudX customers receive monthly carbon offset certificates which confirms that an independent greenhouse gas assessment has been conducted, and that the carbon emissions which resulted from their consumption of UKCloudX services have been reduced to net zero. All at no extra cost to the customer.

    Social Value Overview
    Overhead shot of forest

    Read our Greening IT Whitepaper

    Get your copy

    Quality Management (ISO9001)

    Our established Quality Management System, certified to ISO9001, delivers robust, effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner.

    We are committed to understanding each customer’s requirements, delivering their agreed solutions on time and to budget, and ensuring their expectations are exceeded, so that we can report the highest levels of customer satisfaction (as regularly measured by our Net Promotor Score).

    IT Service Management (ISO20000)

    We believe that the IT Infrastructure Library (ITIL) represents best practices in the field of IT Service Management, and have aligned our service management processes with the ITIL v3 process framework.

    Our customers can be assured that their contact will be with experienced individuals who have a thorough understanding of our ITIL-aligned processes. Many of our employees are ITIL certified to either Practitioner or Expert level.

    JOSCAR: Joint Supply Chain Accreditation Register

    JOSCAR helps the defence industry meet the growing and diverse nature of regulatory requirements when it comes to managing third party risk in the supply chain.

    As a registered supplier, UKCloudX provides data for JOSCAR to be the single repository for pre-qualification and compliance information – reducing the time and effort needed for procurement.

    Defence Solutions

    Let’s talk. No matter your digital maturity, we have a dedicated team of security-cleared experts that can help you deliver new or legacy systems in the cloud.

    Plan your journey