All aspects of UKCloud’s Assured Cloud platform, from security, to service management to sustainability, are underpinned and independently verified by a comprehensive set of globally accepted assurance certifications and accreditations.
With infrastructure located in secure UK data centres, our services are assessed against recognised international standards ISO9001, ISO20000 and ISO27001, and are subject to regular audits, assessments and inspections by certification bodies, regulators and accreditors.
Accreditation
UKCloud has achieved Pan Government Accreditation for all of its G-Cloud services, and continue to achieve UK Government accreditations, which confirms their suitability for supporting IL0-IL3 protectively marked data. The achievement of this accreditation requires demonstration of a robust risk management system, which meets the stringent requirements specified by CESG, and also for the complete infrastructure to successfully complete a comprehensive IT Security Health Check undertaken by an external assessment organisation. Our Pan Government Accredited status, the highest available to a G-Cloud Supplier, provides independent validation for the UK Public Sector, allowing them to take advantage of our range of high performance and scalable cloud services without any compromise to their data security requirements.
Compliance
UKCloud has developed a Compliance Programme which delivers a credible position in four strategic areas: Quality, Information Security, IT Service Management and the Environment. UKCloud’s compliance activities are led by our Head of Compliance and Information Assurance, who has significant experience in successfully delivering certified management systems, and ensuring that they encompass developing best practices.
Quality Management (ISO9001)
UKCloud’s established Quality Management System, certified to ISO9001, delivers robust and effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner. We are committed to understanding each client’s requirements, delivering their agreed solutions on time and to budget, and ensuring their expectations are exceeded such that UKCloud can report the highest levels of client satisfaction.
IT Service Management (ISO20000)
UKCloud acknowledges that the IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management, and its service management processes align with the ITIL v3 aligned process framework. Our clients can be assured that their contact with UKCloud will be with experienced individuals who have a thorough understanding of our ITIL aligned processes, ensuring that each client solution is being managed and operated in an effective and controlled manner. UKCloud is a corporate member of the itSMF (UK), and many of its employees are ITIL certified. Additionally, UKCloud participates in Forums and Special Interest Groups aimed at the continual development and adoption of ITSM best practice.
Information Security Management (ISO27001)
Of the utmost importance to UKCloud is the protection of the confidentiality, integrity and availability of data: both UKCloud’s own and that entrusted to UKCloud by its clients. UKCloud’s ISO27001 certified Information Security Management System (ISMS) is based upon a robust framework of information security policies and procedures, aligned with the UKCloud Risk Assessment Methodology (SRAM). This methodology constantly assesses for a wide variety of threats and vulnerabilities that, if left unchecked, may compromise information assets or the supporting assets upon which they depend for their security.
Cyber Essentials Scheme
UKCloud is one of the very first organisations to have successfully achieved both Cyber Essentials Basic and Cyber Essentials Plus certification. Launched by the UK Government in 2014 to reduce cyber risks across all types of organisation, this important initiative helps to safeguard the country’s growing digital economy. UKCloud has been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management. Having been one of the first to successfully achieve the Cyber Essentials Basic status, UKCloud has completed the more thorough independent technical checks which are required to achieve the Cyber Essentials Plus certification. This assessment was focussed on the management, configuration and use of UKCloud’s internal ICT systems, including assessment of end-user devices, and sought to identify whether they could be compromised by a variety of different cyber-attack scenarios. We are pleased to be supporting the Cyber Essentials Scheme, and will be working with our Partners to help promote its widespread adoption.
CarbonNeutral Company
To maintain its certified CarbonNeutral Company status, UKCloud works with The CarbonNeutral Company, a world-leading provider of carbon reductions solutions, to measure and reduce its carbon footprint to net zero. All the greenhouse gas emissions that it produced from energy consumption, waste disposal, business travel and staff commuting were quantified and then reduced to net zero through combining internal reduction initiatives with carbon credits to offset the remaining unavoidable carbon emissions. This demonstrates its commitment to the pro-active management and effective control of the environmental impact of all its business activities.