The highest standards for the UK Public Sector.

Our Approach Explained

Providing the safe and trusted platform for the UK Public Sector

 

For us, the security of our platform is our number one priority. We’ve always been committed to adhering to exacting standards, frameworks and best practice.

Everything we do is subject to regular independent validation by government accreditors, sector auditors, and management system assessors. To remain the trusted choice for the UK Public Sector, we understand the need to evidence our credentials so that you can be assured of the levels of protection in place for your data.

Proactive Risk Management

We have a long-standing heritage in Information Governance and risk management

Proven Expertise

Our invaluable knowledge and experience breeds trust

Remaining Current

Technology is evolving, and so are we

Proudly Sovereign

We operate only in the UK, exclusively for the UK Public Sector

We’re certified

Every aspect of our platform and the services we provide are subject to independent verification against a comprehensive set of globally recognised validations, accreditations and certifications.

Our comprehensive compliance framework

Our framework delivers a credible position in four strategic areas: quality, information security, IT service management and the environment. Our activities are led by our Director of Compliance and Information Assurance who has significant experience in successfully delivering certified management systems, and ensuring they encompass developing best practices.

We are compliant with the following:

Quality Management (ISO9001)

Our established Quality Management System delivers robust, effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner. We are committed to understanding each client’s requirements, delivering their agreed solutions on time and to budget.

IT Service Management (ISO2000)

The IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management. Our team possesses a thorough understanding of our ITIL-aligned processes, ensuring that each client solution is being managed and operated in an effective and controlled manner.

Information Security Management (ISO27001)

Our Information Security Management System (ISMS) is based upon a framework of information security policies and procedures aligned with our Risk Assessment methodology. This methodology constantly assesses for a wide variety of threats and vulnerabilities that, if left unchecked, may compromise information assets.

Security Controls for Cloud Services (ISO27017)

This provides a more focused approach to managing the risks associated with the selection and use of cloud computing environments, from our perspective and yours. UKCloud was one of the first organisations to achieve external certification against the ISO27017 standard.

Personal Data in the Cloud Security (ISO27018)

ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities and regulations relating to a customer’s right to access and delete personal data.

Cyber Essentials Scheme

We were one of the first organisations to successfully achieve both Cyber Essentials and Cyber Essentials Plus. UKCloud has been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management.

CISPE Code of Conduct

Providing additional assurance of our GDPR compliance, we have successfully submitted all of our cloud services for certification against the CISPE (Cloud Infrastructure Service Providers in Europe) Code of Conduct.

CSA Cloud Security Alliance

CSA Star provides a set of security controls allowing customers to readily assess our capability as a cloud service provider. Our status can be validated within the CSA STAR Registry on their website.

Here to help you comply with policies and strategies that govern public sector IT

We were created to deliver a platform that enables public sector organisations to comply with the strategies, policies and frameworks that support digital transformation.  And because we’re 100% dedicated to the UK public sector, we’re committed to adapt as government policy and strategy evolves. Whether you’re looking for advice on procurement, risk management or multi-cloud technology solutions; our expertise is here to help you as you embrace digital transformation.

Blogs

Multi-cloud allows for a digital transformation

Digital Transformation has become commonplace across the UK public sector due to government policies such as Cloud First and the Government...
Blogs

Software to service: addressing the cloud skills gap

Hindering the public sector’s cloud adoption journey is the lack of digital skills—a concern voiced by 25% of central government organisations....
Press Releases

UKCloud Expands Support for Public Sector Clients and Partners with its Widest-Ever Range of Offering on G-Cloud 10

UKCloud offers a host of new and improved services on the G-Cloud framework, plus enhanced support for partners on its secure, UK-sovereign,...
Press Releases

UKCloud Health joins the Global Alliance for Genomics and Health (GA4GH)

Providing a secure, UK sovereign platform to help accelerate innovation and enhance collaboration between GA4GH members, UKCloud Health and its...