We Care About Data

on gcloud 11

We have passed the checks that allow us to sell our cloud services (AntiPhish / Knowledge Lab) to UK government organisations via the digital marketplace. 


BS7858 Screening

5 or 10 Year Written Career History, Criminality Check, Credit Search, ID Verification and Right to Work Check, Character References, 5 Year Address Verification

Cyber Essentials +

We are cyber essentials plus certified, this means we have planned out a safe and secure network, one that prioritises keeping data properly - then a government approved company has tested this. 


Registered with ICO

We are registered with the Information Commissioners Office and take data protection seriously. We have implemented industry best practices to care for our data.

Image

Where We Keep Your Data

We don't settle for anything less than the best when it comes to protecting client data, we can work with OFFICIAL-SENSITIVE government data in UKCloud's secure government designed data centres. 

Compliance

Quality Management (ISO9001)
UKCloud’s established Quality Management System, certified to ISO9001, delivers robust and effective policies and processes, enabling all parts of the organisation to function efficiently and in a controlled manner. We are committed to understanding each client’s requirements, delivering their agreed solutions on time and to budget, and ensuring their expectations are exceeded such that UKCloud can report the highest levels of client satisfaction.

IT Service Management (ISO20000)
UKCloud acknowledges that the IT Infrastructure Library (ITIL) represents best practice in the field of IT Service Management, and its service management processes align with the ITIL v3 framework. Our clients can be assured that their contact with UKCloud will be with experienced individuals who have a thorough understanding of our ITIL aligned processes, ensuring that each client solution is being managed and operated in an effective and controlled manner. Alongside its formal ISO20000 certification, UKCloud is a corporate member of the itSMF (UK), and many of its employees are ITIL certified. Additionally, UKCloud participates in Forums and Special Interest Groups aimed at the continual development and adoption of ITSM best practice.

Information Security Management (ISO27001)
Of the utmost importance to UKCloud is the protection of the confidentiality, integrity and availability of data: both UKCloud’s own and that entrusted to UKCloud by its clients. UKCloud’s ISO27001 certified Information Security Management System (ISMS) is based upon a robust framework of information security policies and procedures, aligned with the UKCloud Risk Assessment Methodology. This methodology constantly assesses for a wide variety of threats and vulnerabilities that, if left unchecked, may compromise information assets or the supporting assets upon which they depend for their security.

Security Controls for Cloud Services (ISO27017)
Enhancing the framework of existing security controls provided by ISO27001, the ISO27017 standard provides a more focused approach to managing the risks associated with the selection and use of cloud computing environments, both from the perspective of the cloud service provider and also the cloud consumer. UKCloud was one of the first organisations to achieve external certification against the ISO27017 standard.

Personal Data in the Cloud Security (ISO27018)
Enhancing the framework of existing security controls provided by ISO27001, the ISO27018 standard provides a more focused approach to managing the risks associated with personal data within cloud environments. ISO27018-specific controls include the disclosure of the geographic location of personal data, processes for the notification of data disclosures and data breaches, requirements to disclose details of sub-contracted processing activities and regulations relating to a customer’s right to access and delete personal data. UKCloud was one of the first organisations to achieve external certification against the ISO27018 standard.

Cyber Essentials Scheme
UKCloud was one of the first organisations to have successfully achieved both Cyber Essentials and Cyber Essentials Plus, and has maintained these certifications. Launched by the UK Government in 2014 to reduce cyber risks across all types of organisation, this important initiative helps to safeguard the country’s growing digital economy. UKCloud has been assessed in five key control areas – boundary firewalls and internet gateways, secure configuration, access control, malware protection and patch management. The Plus level additionally requires thorough independent technical checks of UKCloud’s platforms and systems, and seeks to identify whether they could be compromised by a variety of different cyber-attack scenarios.

Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)
Developed by the Cloud Security Alliance, the Cloud Controls Matrix presents a set of security controls which allow customers to readily assess the capabilities of potential cloud service providers. With guidance across 16 core areas, including identity and access management, infrastructure and virtualization security, data centre operations and security incident management. UKCloud’s status can be validated within the CSA STAR Registry on their website.

CarbonNeutral Company
To maintain its certified CarbonNeutral® Company status, UKCloud works with Natural Capital Partners, a world-leading provider of carbon reductions solutions, to measure and reduce its carbon footprint to net zero. All the greenhouse gas emissions that are produced from energy consumption, waste disposal, business travel and staff commuting are quantified, and then reduced to net zero through combining internal reduction initiatives with the acquisition of validated carbon credits to offset the remaining unavoidable carbon emissions. This approach demonstrates UKCloud’s commitment to the pro-active management and effective control of the environmental impact of all its business activities.

CarbonNeutral Cloud Services
UKCloud has implemented an innovative carbon offsetting programme which benefits our cloud clients at no additional cost. Each month, clients receive a monthly carbon offset certificate for their cloud environment: this confirms that an independent greenhouse gas assessment has been conducted, and that the carbon emissions which have resulted from their consumption of cloud services have been reduced to net zero by us through verified, high-quality carbon credits, UKCloud meets all of the costs of this important environmental initiative.