Providing the safe and trusted platform for the UK Public Sector
For us, the security of our platform is our number one priority. We’ve always been committed to adhering to exacting standards, frameworks and best practice.
Everything we do is subject to regular independent validation by government accreditors, sector auditors, and management system assessors. To remain the trusted choice for the UK Public Sector, we understand the need to evidence our credentials so that you can be assured of the levels of protection in place for your data.
We have a long-standing heritage in Information Governance and risk management
Our invaluable knowledge and experience breeds trust
Technology is evolving, and so are we
We operate only in the UK, exclusively for the UK Public Sector
Our framework delivers a credible position in four strategic areas: quality, information security, IT service management and the environment. Our activities are led by our Director of Compliance and Information Assurance who has significant experience in successfully delivering certified management systems, and ensuring they encompass developing best practices.
Our established Quality Management System delivers robust, effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner. We are committed to understanding each client’s requirements, delivering their agreed solutions on time and to budget.
The IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management. Our team possesses a thorough understanding of our ITIL-aligned processes, ensuring that each client solution is being managed and operated in an effective and controlled manner.
Our Information Security Management System (ISMS) is based upon a framework of information security policies and procedures aligned with our Risk Assessment methodology. This methodology constantly assesses for a wide variety of threats and vulnerabilities that, if left unchecked, may compromise information assets.
This provides a more focused approach to managing the risks associated with the selection and use of cloud computing environments, from our perspective and yours. UKCloud was one of the first organisations to achieve external certification against the ISO27017 standard.
ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities and regulations relating to a customer’s right to access and delete personal data.
We were one of the first organisations to successfully achieve both Cyber Essentials and Cyber Essentials Plus. UKCloud has been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management.
Providing additional assurance of our GDPR compliance, we have successfully submitted all of our cloud services for certification against the CISPE (Cloud Infrastructure Service Providers in Europe) Code of Conduct.
CSA Star provides a set of security controls allowing customers to readily assess our capability as a cloud service provider. Our status can be validated within the CSA STAR Registry on their website.