UKCloud Limited (“UKC”) and Virtual Infrastructure Group Limited (“VIG”) (together “the Companies”) – in Compulsory Liquidation

On 25 October 2022, the Companies were placed into Liquidation with the Official Receiver appointed as Liquidator and J Robinson and A M Hudson simultaneously appointed as Special Managers to manage the liquidation process on behalf of the Official Receiver.

Further information regarding the Liquidations can be found here: https://www.gov.uk/government/news/virtual-infrastructure-group-limited-and-ukcloud-limited-information-for-creditors-and-interested-parties

Contact details:
For any general queries relating to the Liquidations please email ukcloud@uk.ey.com
For customer related queries please email ukcloudcustomers@uk.ey.com
For supplier related queries please email ukcloudsuppliers@uk.ey.com

Governance

Our comprehensive compliance framework delivers a credible position in four strategic areas: quality, information security, IT service management and the environment.

Security Roles and Responsibilities

We understand it is important to use the right cloud platform with the right security principles and controls in place to protect your workloads and data. To help, we have the PDFs available in the section above to explain how the platform is designed for your needs, and also have the following resources available to you:

More information about the specific accreditations that are available within our government-grade platform is available below.

Data Governance in the UK Public Sector

UKCloud is helping the UK Public Sector and our ecosystem of expert technology partners to embrace technical innovation and best practice, and improve their organisation’s security posture.

Data Governance in the Healthcare Sector

We have developed and implemented a comprehensive information security and data protection framework which provides our healthcare customers and partners with credible assurance material.

Data Governance in Defence

UKCloud supports a growing portfolio of defence related activities which are helping our Armed Forces to protect the UK and its interests, by delivering secure, connected services quickly and efficiently.

Data Governance in Police and Justice

For Police Forces, the confidentiality, integrity and availability of their sensitive datasets is essential. UKCloud helps to protect the UK population with essential and time-critical activities.

Quality Management (ISO9001)

UKCloud’s established Quality Management System, certified to ISO9001, delivers robust and effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner. We are committed to understanding each client’s requirements, delivering their agreed solutions on time and to budget, and ensuring their expectations are exceeded such that UKCloud can report the highest levels of client satisfaction.

> View Certificate

IT Service Management (ISO20000)

UKCloud acknowledges that the IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management, and its service management processes align with the latest ITIL framework. Our clients can be assured that their contact with UKCloud will be with experienced individuals who have a thorough understanding of our ITIL aligned processes, ensuring that each client solution is being managed and operated in an effective and controlled manner. Alongside its formal ISO20000 certification, many of its employees are individually ITIL certified. Additionally, UKCloud participates in Forums and Special Interest Groups aimed at the continual development and adoption of ITSM best practice.

> View Certificate

Information Security Management (ISO27001)

Of the utmost importance to UKCloud is the protection of the confidentiality, integrity and availability of data: both UKCloud’s own and that entrusted to UKCloud by its clients. UKCloud’s ISO27001 certified Information Security Management System (ISMS) is based upon a robust framework of information security policies and procedures, aligned with the UKCloud Risk Assessment Methodology. This methodology constantly assesses for a wide variety of threats and vulnerabilities that, if left unchecked, may compromise information assets or the supporting assets upon which they depend for their security.

> View Certificate

Security Controls for Cloud Services (ISO27017)

Enhancing the framework of existing security controls provided by ISO27001, the ISO27017 standard provides a more focused approach to managing the risks associated with the selection and use of cloud computing environments, both from the perspective of the cloud service provider and also the cloud consumer. UKCloud was one of the first organisations to achieve external certification against the ISO27017 standard.

> View Certificate

Personal Data in the Cloud Security (ISO27018)

Enhancing the framework of existing security controls provided by ISO27001, the ISO27018 standard provides a more focused approach to managing the risks associated with personal data within cloud environments. ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities and regulations relating to a customer’s right to access and delete personal data. UKCloud was one of the first organisations to achieve external certification against the ISO27018 standard.

> View Certificate

Cyber Essentials Scheme

UKCloud was one of the first organisations to have successfully achieved both Cyber Essentials and Cyber Essentials Plus. Launched by the UK Government in 2014 to reduce cyber risks across all types of organisation, this important initiative helps to safeguard the country’s growing digital economy. UKCloud has been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management. The Plus level additionally requires thorough independent technical checks of UKCloud’s platforms and systems, and seeks to identify whether they could be compromised by a variety of different cyber-attack scenarios.

> View Certificate

CSA Cloud Security Alliance

Developed by the Cloud Security Alliance, the Cloud Controls Matrix presents a set of security controls which allow customers to readily assess the capabilities of potential cloud service providers. With guidance across 16 core areas, including identity and access management, infrastructure and virtualization security, data centre operations and security incident management. UKCloud’s status can be validated within the CSA STAR Registry on their website.

JOSCAR

JOSCAR (the Joint Supply Chain Accreditation Register) is a collaborative tool used by the aerospace, defence and security industry to act as a single repository for pre-qualification and compliance information. Using JOSCAR can determine if a supplier is “fit for business”. UKCloud’s registration on JOSCAR can be validated through Hellios, the managing organisation of JOSCAR.

> View Certificate

Data Protection / GDPR

Our Data Protection Officer and data protection policies ensure we meet the highest standards of data protection, including GDPR. The UK Data Protection Act 2018 (incorporating the requirements of the EU General Data Protection Regulation 2016/679 “GDPR”) replaced the previous Data Protection Act 1998. This new legislative framework represents a significantly more comprehensive approach to the protection of personal data.

HIPAA Compliant

Our cloud hosting services are compliant with HIPAA (the Health Insurance Portability and Accountability Act of 1996). HIPAA safeguards Protected Health Information (PHI), including any type of individually identifiable health information which is transmitted or maintained in any form or medium. An established piece of legislation in the US, HIPAA is not a requirement for UK providers unless they deliver services to US healthcare bodies. UKCloud Health now enables its partner community to offer their services to the US market by utilising one compliant cloud platform.

CarbonNeutral® Company

We’re a verified Carbon Neutral® Company. We’ve worked to identify and measure the carbon footprint associated with all forms of CO2 emissions across our business, and we’ve implemented a variety of initiatives to reduce energy use and emissions as far as possible.

Additionally, all UKCloud services are validated as being CarbonNeutral® Cloud Services. Our public sector customers benefit from this important status free of charge, being provided with verifiable evidence of carbon reduction and offsetting activities to support their own environmental submissions.

Police Assured Secure Facilities (PASF)

The National Policing Information Risk Management Team (NPIRMT) from the Home Office regularly reviews our cloud platforms, services, operational processes, and facilities, and has confirmed that they are PASF compliant. This provides comprehensive assurance to our blue light customers that UKCloud can safely process and store their most sensitive datasets.

We're Certified Carbon Neutral

Our Green Credentials

Cloud Security Principles

 

In order to demonstrate how UKCloud, its platform, and services align to the Cloud security principles for the UK public sector, Health and Defence, UKCloud have produced the following three guides. Our experience in these sectors means that we understand your requirements and are happy to discuss how we can create the right solution to meet your regulatory needs.