Fergus Kennedy, head of compliance and information systems, Pulsant
The cloud industry was revolutionised in September this year with the announcement of the first independently audited cloud security certification. It is exactly what the industry needs – transparency and clarification for cloud users (and potential adopters).
The cloud space can be daunting and for those thinking of adopting cloud or using a different provider for their needs, there are a lot of issues that need to be addressed. At the top of that list is the million dollar question: Will my data be safe?
There are a number of great cloud providers in the industry many of whom offer very strong solutions, but what assurances do cloud users have in terms of security? The BSI security standard – ISO 27001 control set – is a good place to start. However, it doesn’t focus on specific cloud issues.
Enter STAR – the new certification that builds on both ISO 27001 and the CSA cloud control matrix. The certification was developed to help cloud users make sense of a cloud provider’s security capabilities and add a measure of assurance to the decision-making process.
We’re incredibly proud that we are one of the first companies to be awarded the STAR certification (only two cloud providers have achieved the certification so far). We worked with the CSA and BSI as part of the pilot programme and underwent the entire process – achieving Silver Status based on the maturity of our security controls.
For our customers this certification it is an additional assurance that we can provide the best, most appropriate and secure cloud product to suit their needs – our clients can be certain that we have the necessary measures in place to secure their business data. For the industry at large it inspires confidence as it gives cloud providers something tangible to hang their hats on and brings that added measure of transparency.
The certification has certainly come at the best time for the maturing cloud industry, and in the future we’ll see STAR and similar certifications in similar areas challenging providers to continually improve their offerings, strengthen their products, and elevate cloud standards to new heights.
As a technology company there’s always the danger of ignoring the human element. This is why we focus quite strongly on customer service, both before and after implementation to complement our cloud, colocation and managed networking services. Of course this could just be marketing speak – but it’s not. It’s a genuine commitment to getting things right, delivering the highest levels of support, and retaining our customers by meeting expectations and keeping them happy.
So what do we have in our arsenal to back up this approach? At the moment we have a 95% customer retention rate, and have been awarded the Royal Warrant in recognition of the continuous exceptional service that we deliver to the Royal Household.
Beyond that, in September 2013 we adopted a customer satisfaction metric to add a tangible element to our customer satisfaction drive. We’re using Net Promoter, an industry recognised metric that not only allows us to monitor our performance, but also gives us an indication of how we match up against other companies in our industry.
After each job is completed, customers are asked to complete a survey regarding their experience of us as a company and the products and services that we provide. In addition to giving us a numerical score, customers are asked to comment and provide specific feedback. We use this feedback to view how our clients perceive us and if there are any areas of improvement we can develop. For example, we are now making changes to the way in which customers view the status of live backups as a result of responses received.
Net Promoter is well regarded in the IT industry because it delivers true feedback. It’s quite difficult to score perfectly as customers are required to give precise feedback – no simple checking of boxes – we can use.
The cloud industry is very much still in its infancy but there have been some excellent advances in its maturity, namely an independently audited security certification for cloud providers. It is equally important to have a customer satisfaction standard, because it’s critical to evaluate our services in a holistic manner so that we achieve a balance between technical excellence and customer satisfaction.
It’s official – cloud security assurance is being taken to the next level. The recent announcement by the CSA (Cloud Security Alliance) and BSI (British Standards Institute) of the first independently audited cloud security certification is a tremendous leap forward in bringing transparency to the industry. The new STAR certification builds on the existing CSA self-certification and international security standard ISO27001 control set, adding specific cloud-focused controls.
Considering recent events highlighted in the media regarding the safety and privacy of data, customers and consumers of the cloud are becoming increasingly aware of what to look for and which questions to ask when selecting cloud services and providers
Pulsant has significant experience using accreditations in ISO 27001 and ISO 9001 which are internationally recognised and respected, and these do provide significant assurance to customers around processes and controls related to cloud deployment. However, these standards do not necessarily treat the unique security challenges faced when delivering cloud platforms in sufficient detail. Many providers like Pulsant deliver secure cloud products but to date the lack of appropriate assurance mechanisms has made this harder to convey in basic terms to customers.
Presenting customers with a cloud specific security certification will increase confidence in the security of a company’s cloud proposition and is increasingly important as the cloud market continues to expand. The customer wants to know the vendor is doing it ‘right’, and in a market where the number of vendors is increasing, customers need confidence they are selecting the best vendor for their needs. While accreditation cannot guarantee security, the CSA STAR will certainly make the market more transparent and holds infinitely more weight than existing self-assessment / self-certification models as it is administered by an independent body.
In the bigger picture, vendors with a STAR certification are more likely to inspire confidence in customers, and as the industry matures and the need for assurance increases, there just might be a greater demand for cloud providers with the appropriate credentials. As a cloud vendor we recognise this need and feel the progress by the CSA on the new standard is a very positive addition to the industry and will commit to pursuing this line of certification.
We have worked hard over the past few months to design and implement a replacement portal, taking into account what was available across the portals of the various companies we have acquired. As you would expect there was also a customer wish list of new features which we have incorporated. In the backend, this has required huge effort to collapse down all the data, so we could present all services and tickets through a single interface. The new portal will be available at https://portal.pulsant.com from Wednesday, 31st July 2013.
In addressing the most common features requested, we have provided a brief summary below:
The most requested feature was to have a field across every service that customers could use as a service identifier. We have internal names for all our services, as an example DED2625 is a webserver. With the addition of the friendly name field any text provided is appended and displayed in brackets. So across all systems this server could display as DED2625 (www.pulsant.com primary web server). This is clearly much more specific and should simplify any communications between customers and Pulsant engineers.
Rather than have all services at the same level under an account we have added solutions to allow grouping. A solution can be given a name and will contain a number of related services. Following the example above a good solution name could be “Pulsant website”, which contains the web servers, the database servers, the load balancing, the domain and a firewall. On a large account this allows an engineer to quickly identify closely related services. We have included filters allowing you to view only a specific type of service or only services within a specific solution.
We have added an emergency contact person and emergency contact notes field to the solution, which is presented at the top of every service page. The notes field should be used to concisely explain anything custom about the solution that would be useful in an emergency.
Many customers have asked to have more granular levels of permissions for the different people in their accounts. By grouping services into solutions, we can now provide these permissions at a solution level; a person having a type of permission to a specific solution. We have come up with 6 types of permission:
People on your account will only be able to see service details and tickets with a service assigned if they have suitable permissions to that solution. You can see below that Person 1 has greater permissions than Person 2.
Another frequent request especially where customers take many services is to see at a glance any services or tickets requiring attention. We have added a tickets panel to the home page, this lists any tickets marked as requiring an update from the customer. Similarly we have a panel specifically for managed devices, to show any that are not responding to our ping monitoring. We plan to extend this across more of the services over the coming months in order to give you a simple overview of your services.
The API has gained some traction and we had a number of users hitting it, so we have extended what it is capable of. There is thorough documentation of how it works within the portal, but should you require further help please raise a ticket or use the portal feedback form – or if you use the API please let us know what you achieve – it’s always great to hear of people doing tight integrations with their own systems.
Some examples of things (we are aware) the API has been used for:
In addition to the above, there are lots of little improvements – whether that be visual, speed or just general ease of use.
We hope you like this new portal, and put it to good use! As ever, we’re always interested in hearing your feedback – so let us know what you’d like to be able to do in the portal, and we’ll do our best to make it happen!
We are proud to announce our CEO, Mark Howling, has been named as a regional winner in the “Emerging Business” category in the Ernst & Young Entrepreneur of the Year programme. Mark was in competition with business leaders from 40 companies from across London and the South East.
This means Mark is now in consideration for the national title, to be announced in October, for what is regarded as being one of the world’s most prestigious business accolades! The overall UK winner will be chosen by a panel of judges based on criteria, such as entrepreneurial spirit, innovation, strategic direction, leading and building teams, financial performance, national and global impact, and the company’s approach to social responsibility.
Mark, a qualified civil engineer, has over 25 years of experience within the IT and telecoms industry, both locally and internationally. He has been at the helm of Pulsant since the company was formed in 2010, when Lumison, a connectivity, hosting and managed IT services provider was acquired by private equity group, Bridgepoint Development Capital. He has led the company to success, positioning it as one of the leading datacentre service providers in the UK, evident in the fact that the company released positive 2012 results which reported a 51% rise in revenue from £20,2m to £30,43m, a gross profit of £13,6m and an operating profit of £2,1m.
Mark has been instrumental in overseeing Pulsant’s buy and build acquisition strategy in 2011 and 2012. This has seen the company integrate Lumison with Blue Square Data, DediPower and ScoLocate to create a network of 10 wholly owned data centres spanning the UK.
Under Mark, Pulsant continues to focus on its strategic customer priorities which include delivering scalable and flexible IT solutions, reducing cost and increasing efficiency, and delivering high quality, professional service to our customer base of over 3000 businesses.
We think Mark is highly deserving of this honour, which is a coup for him personally and for this company, and we look forward to hearing the results of the national final later in the year.
It may be a little controversial to say that we have a problem with the term ‘cloud’. It’s not just because we’re being overladen by the huge number of meteorological marketing puns written in virtually every industry article. The term is just somewhat vague, to say the least.
Let’s state the obvious and explain that ‘cloud’ came from the internet. So it’s a very mature concept. Then, thanks to both providers and business consumers, it became ‘Cloud-as-a-Service’ and the suffix ‘as-a-service’ has been attached to everything from ‘software’ to ‘platform’ and ‘infrastructure’. The key word here is not the beginning part of those well- known modern day phrases, but the most frequently used word – Service.
For providers this is often a big part of their differentiation from competitors. Yet there are lots of analysts who dismiss service as a differentiator because everybody uses it to describe their offerings and therefore no one actually manages it. We’re not going to beat about the bush here, we think this is utter rubbish. We have to be allowed to differentiate on features of our service otherwise what would separate one provider from another?
Marketeers would probably call it Service-as-a-Service. Everyone knows the cloud gives companies flexibility, saves capital by switching to an operational cost model and is generally considered to make things easier. However, the true value lies in engaging with a clued-up service provider. One who has a broad portfolio and willingness to integrate with external services and also provides the consumer with an actual human being to talk and plan with. The flexibility of cloud doesn’t negate the need for someone to think about how it all fits together.
When businesses start to look heavily at cloud, engaging with the right suppliers is as fundamental as hiring the right staff if you were to do it yourself. Get that wrong and you end up paying for both. In committing to cloud as a strategy, many companies don’t realise the significance of the step they are taking. ‘As-a-Service’ doesn’t mean you don’t have to worry about how something works. Instead, you have to worry about who’s on the other end of the line when it doesn’t.
It is simple to fix a problem when you connect to a local server that you own yourself. Not so straight forward though, when the CRM system is hosted somewhere on the internet, then it loses connection with your billing system which is hosted somewhere else, and the only contact details you have are email addresses.
You need a provider that understands your requirements, your systems and how they work together. A single point of contact to find out what’s wrong, when it will be fixed and advice on reducing the risk of it breaking again. We call it Hero-as-a-Service. We don’t like phrases which mean nothing. But when a potential IT disaster is turned into a victory that customer will be a hero in the eyes of their superiors. And the provider that offers the best service will be theirs’.
If you’re looking to learn more about how cloud computing can impact your business and are visiting the Cloud World Forum at National Hall Olympia 26 – 27th June 2013, drop by the Pulsant stand and we can explain a bit more about Hero-as-a-Service. We also have a whitepaper you can take away with you. If you can’t make it to the show and want to know more about any aspect of our business, you can ask our new LinkedIn hero at http://www.linkedin.com/company/pulsant-limited. Drop us a line, and remember no matter what problem you may face, every cloud has a…
As you may be aware, Pulsant were shortlisted for the award “IT Operator of the Year” at The Green IT Awards 2013. Pulsant were nominated by the readers of the Green IT Magazine and were in the running against 4D Data Centre, Interxion, Rackspace, PEER 1, TelecityGroup and Telehouse West.
The award ceremony was held last night at the Grand Connaught Rooms, Covent garden and a few of us from Pulsant had the pleasure of attending.
After a lovely evening including an act from the comedian Stephen Grant,the winners were announced.
I am pleased to announce that Pulsant WON IT Operator of the Year!
Thank you to everyone who voted for us. This is a great testament to what our customers think of us.
We are pleased to announce that Pulsant has been nominated for the “IT Operator of the year” award in the Green IT Awards 2013. Pulsant was nominated by readers of the Green IT Magazine, so many thanks to those who have nominated us.