ICT Hosting contract with 3rd party providers-18130

< Back

A request for information about ICT Hosting contract with 3rd party providers-18130

Ref: FOI/18130

RE: FREEDOM OF INFORMATION ACT 2000 REQUEST

I am writing to confirm that the West Midlands Fire Service has now completed its search for the information you requested on 5th September 2018

Please find below a summary of our findings.

Request

I wish to submit a request to the organisation around their hosting contract(s) with 3rd party providers.

The type of contract I wish to see is below:

  1. Dedicated hosting- Managed environment
  2. Co-Location- hosting allows a business to still own their own server equipment; however, instead of storing it in their own data centre, they instead are able to store it in rented space in a colocation hosting centre.
  3. Cloud Hosting- Cloud hosting servicesprovide hosting for websites on virtual servers, which pull their computing resource from extensive underlying networks of physical web servers.

Not all of these will be applicable to the organisation.

For the different types of hosting services, can you provide me with the following information:

  1. Type of hosting – Dedicated, Co-Location, Cloud Hosting, Other?

Reply

As a major emergency service provider, you will appreciate that we must ensure that our systems are appropriately protected. Releasing detailed information about our IT systems and infrastructure in response to your request and other similar requests under Freedom of Information has wider implications that we must consider.  By this we mean that disclosing this information may prejudice our ability to maintain our own and national security. We believe that maintaining security and ensuring public safety in a national and local context takes precedence over this request.

We accept that this type of information is of interest to commercial companies and to researchers but believe that it is not in the greater public good to release detailed information.

We do not imply that release of this information alone would necessarily be immediately detrimental, but taken with other information we consider that it could have an adverse effect on our capability, effectiveness and security. Given the current security climate in the UK we recognise the necessity to take a precautionary approach. In this situation we have also taken account of whether the release of this information, could, if put together with other available information, cause damage. After consideration we concluded that this type of information cannot be divorced from its context and looked at in isolation. In some circumstances, releasing this information could give rise to prejudice that would not otherwise have existed, because, taken together with other information requested, it could disclose a composite of information which is more sensitive than its individual parts taken separately.

We are therefore refusing your request under several Freedom of Information exemptions, s24 National Security, s36 Effective conduct of public affairs, s44 Prohibition on Disclosure.

In taking this decision we have taken note of the Centre for Protecting the National Infrastructure Guidance on disclosure of sensitive information, which states

“…. that national security is paramount and should be considered carefully in any government or commercial decision to release or disseminate information to the public”.

This guidance continues to state that careful consideration must be given before disclosing ‘precise information which exposes an organisation’s information or process control systems to the threat of electronic attack’.

Some of these exemptions are subject to the public interest test. This means that we must consider whether the public interest in releasing the information outweighs the public interest in refusing to disclose. We have considered that it is in the interest of the majority of the public to protect our systems from potential harm, in order to support us to ensure public safety. We have also decided that the likelihood of damage to our systems need not be immediate as the impact would, in an emergency situation, be potentially serious.

We also considered whether release of this information is in the public interest in terms of explaining our decisions, ensuring accountability, or providing transparency into our handling of public finances. We have concluded that the detail of this information is not necessary to meet the public interest or reassure public concerns. As a result, we have decided that the public interest is better served by not disclosing this detailed information.”

Request

Who is the supplier of the contract? If possible can you also provide me with the name of vendor, if applicable?

Reply

Nutanix

VMware

Request

What is the annual contract value for each contract?

Reply

This information is exempt under section 21 of the Freedom of Information Act 2000 as this information is reasonably accessible to the requestor. Information concerning our annual contract value can be found on West Midlands Fire Service website at the following link:

https://www.wmfs.net/archive-transparency-reports/

Request

What type of cloud environment?

Private Cloud– a distinct and secure cloud based environment in which only the specified client can operate.

Public Cloud – where cloud services are provided in a virtualised environment, constructed using pooled shared physical resources, and accessible over a public network such as the internet.

Hybrid– integrated cloud service utilising both private and public clouds to perform distinct functions within the same organisation.

Reply

As a major emergency service provider, you will appreciate that we must ensure that our systems are appropriately protected. Releasing detailed information about our IT systems and infrastructure in response to your request and other similar requests under Freedom of Information has wider implications that we must consider.  By this we mean that disclosing this information may prejudice our ability to maintain our own and national security. We believe that maintaining security and ensuring public safety in a national and local context takes precedence over this request.

We accept that this type of information is of interest to commercial companies and to researchers but believe that it is not in the greater public good to release detailed information.

We do not imply that release of this information alone would necessarily be immediately detrimental, but taken with other information we consider that it could have an adverse effect on our capability, effectiveness and security. Given the current security climate in the UK we recognise the necessity to take a precautionary approach. In this situation we have also taken account of whether the release of this information, could, if put together with other available information, cause damage. After consideration we concluded that this type of information cannot be divorced from its context and looked at in isolation. In some circumstances, releasing this information could give rise to prejudice that would not otherwise have existed, because, taken together with other information requested, it could disclose a composite of information which is more sensitive than its individual parts taken separately.

We are therefore refusing your request under several Freedom of Information exemptions, s24 National Security, s36 Effective conduct of public affairs, s44 Prohibition on Disclosure.

In taking this decision we have taken note of the Centre for Protecting the National Infrastructure Guidance on disclosure of sensitive information, which states

“…. that national security is paramount and should be considered carefully in any government or commercial decision to release or disseminate information to the public”.

This guidance continues to state that careful consideration must be given before disclosing ‘precise information which exposes an organisation’s information or process control systems to the threat of electronic attack’.

Some of these exemptions are subject to the public interest test. This means that we must consider whether the public interest in releasing the information outweighs the public interest in refusing to disclose. We have considered that it is in the interest of the majority of the public to protect our systems from potential harm, in order to support us to ensure public safety. We have also decided that the likelihood of damage to our systems need not be immediate as the impact would, in an emergency situation, be potentially serious.

We also considered whether release of this information is in the public interest in terms of explaining our decisions, ensuring accountability, or providing transparency into our handling of public finances. We have concluded that the detail of this information is not necessary to meet the public interest or reassure public concerns. As a result, we have decided that the public interest is better served by not disclosing this detailed information.”

Request

What is the original start date of the contract agreement? If there are more than one contract please provide me with the start date for each contract.

Reply

Nutanix – 07/07/2018

vCenter  – 01/09/2017

Request

What is the actual expiry date of the contract agreement? If there are more than one contract please provide me with the expiry date for each contract.

Reply

Nutanix –  07/07/2024

vCentre  – 01/12/2018

Request

When will the organisation plan to review this contract? If there are more than one contract please provide me with the review date for each contract.

Reply

Nutanix – 07/01/2024

vCentre  – 01/09/2019

Request

What is the contract period in years? Please include whether the agreement has any extension periods?

Reply

Nutanix – as shown above

vCentre – as shown above

Request

What services are provided under the contract? Please do not put hosting, information such as web hosting, file storage, hosted application. The more information the better.

Reply

Nutanix – Basic Support

vCentre  – Basic Support

Request

Can you please provide me with the contract officer responsible for this contract

Reply

With regards for the contact details of ICT Manager, WMFS ICT Department operates a single point of contact policy and callers are directed to the ICT Service Desk via HQ Reception on 0121 380 6067. The call will be directed to the ICT Service Desk and allocated to the ICT specialist with responsibility for the specific service. There is a direct email address for suppliers making sales enquires email: procurement.enquires@wmfs.net. Furthermore, guidance from the Information Commissioner’s Office is as follows:

* The presumption is in favour of protecting privacy, so the release of personal information will only be fair if there is a genuine reason to disclose. This involves a three-stage test. A public authority will generally have to satisfy itself that:

* There is a legitimate interest in disclosure;

* The legitimate interest can only be met, or fully met, by the disclosure of information which identifies individuals (i.e. the disclosure is necessary to that purpose); and, the disclosure would not involve unwarranted detriment to the individual’s privacy or other rights and legitimate interests.

* You can find out more about FOI exemptions from the Information Commissioner’s Office. This will explain which one or more of the FOI exemptions applies, and tell you how to appeal if you disagree with our decision.

If you have any queries about this email, please contact me.  Please remember to quote the reference number above in any future communications. If you are unhappy with the service you have received in relation to your request and wish to make a complaint or request a review of our decision please write to The Public Relations Department, West Midlands Fire Service, 99 Vauxhall Road, Birmingham, B7 4HW

Further information concerning Freedom of Information requests can be found on the Information Commissioner website at either the following link: https://ico.org.uk/ or at Wycliffe House, Water Lane, Wilmslow, SK9 5AF

Customer Service Form

General enquiry


A safe and well visit for you..

A safe and well visit for someone else...

Safeside enquiry form


Quick poll

How often do you test your smoke alarm?

We've running a quick poll to find out how often people test their smoke alarms

Accessibility