Dear Durham University,

Under the Freedom of Information Act 2000, I write to obtain the following information about the organisation’s information technology infrastructure:

1. What is your annual IT Budget for 2021, 2022 & 2023?

2. Storage:
a. What storage vendor(s) and models do you currently use?
b. What is the capacity of the storage data in TB & How much of this is utilised?
c. What were the installation dates of the above storage vendor(s)? (Month/Year)
d. When is your planned (or estimated) storage refresh date? (Month/Year)?
e. Do you have any extended warranties, if so, with which supplier?
f. What is your estimated budget for the storage refresh?

3. Server/Compute:
a. What server vendor(s) and models do you currently use?
b. What were the installation dates of the above server vendor(s)? (Month/Year)
c. When is your planned (or estimated) server refresh date? (Month/Year)
d. What is your estimated budget for the server refresh?
e. Do you have any extended warranties, if so, with which supplier?
f. Which operating systems are used?

4. Backup, DR and BC:
a. What device/system do you use for your daily backups (e.g tape or disk)
b. What backup software do you use?
c. How much data do you backup, in TB?
d. Do you use a third party to provide a Business Continuity service (e.g. office workplace recovery or infrastructure ship-to-site solutions)?
e. Does your current recovery solution meet your stakeholder’s RTO/RPO expectations?
f. Do you already backup into the cloud?
g. Do you have a documented disaster recovery & business continuity plan in place?

5. Number of Physical servers?
6. Number of virtualised servers? & Which Virtualisation platform do you use?

7. Security:
a. What security solutions are being utilised?
b. Do you have a SIEM?
c. Do you have a SOC? If so, is it in house or outsourced?
d. Is it 24/7?
e. Name and role for IT Manager(s) / Officer(s) primarily responsible for cybersecurity
f. Names of all cyber security vendor(s) you us
g. Cost, duration and end date for the above contract(s)/license(s)

8. How far are you in your cloud strategy?
A. Not considering Cloud for the foreseeable future
B. Interested in Cloud, but have not started looking into it
C. Research Stage
D. Meeting with Suppliers
E. Consultancy
F. Started to integrate
G. Fully integrated

9. Which public cloud provider do you use?
10. Which IT services do you outsource? When do the contracts end?
11. Please also name all of the IT re-sellers that you work with and buy from, as well as the frameworks utilised.
12. Are you actively moving any applications/infrastructure into a cloud environment? If so who is responsible for this?
13. Do you normally purchase equipment and services as a capital investment (Cap-Ex) or ongoing operational charges (Opex)?

Yours faithfully,

Emily Blundell

ACCESS I., Durham University

Thank you for your email.

 

If you have submitted a Freedom of Information Request or Subject Access
Request, please accept this as acknowledgement of your request. 

 

All other enquiries will be responded to in due course.

 

Yours sincerely

 

 

 

Information Governance Unit

University Secretary’s Office

The Palatine Centre
Stockton Road
Durham
DH1 3LE

t: +44 (0) 191 33 46103 / 46246

w: [1]https://www.dur.ac.uk/university.secreta...

 

dangos adrannau a ddyfynnir

ACCESS I., Durham University



Thank you for your email.

 

If you have submitted a Freedom of Information Request or Subject Access
Request, please accept this as acknowledgement of your request. 

 

All other enquiries will be responded to in due course.

 

Yours sincerely

 

 

 

Information Governance Unit

University Secretary’s Office

The Palatine Centre
Stockton Road
Durham
DH1 3LE

 

w: [1]https://www.dur.ac.uk/university.secreta...

 

CONFIDENTIALITY NOTICE:
This message is intended solely for the addressee(s) in the first instance
and may contain confidential information. If you are not the intended
recipient, please notify the sender, delete the message from your system
immediately and do not disclose the contents to any other party.

 

 

 

 

References

Visible links
1. https://www.dur.ac.uk/university.secreta...

ACCESS I., Durham University

Dear Emily Blundell

 

Thank you for your request for information from Durham University. 
Colleagues have provided the information below in response to your
questions.

 

 1. What is your annual IT Budget for 2021, 2022 & 2023?

 

 2. Storage:

 a. What storage vendor(s) and models do you currently use?
 b. What is the capacity of the storage data in TB & How much of this is
utilised?
 c. What were the installation dates of the above storage vendor(s)?
(Month/Year)
 d. When is your planned (or estimated) storage refresh date?
(Month/Year)?
 e. Do you have any extended warranties, if so, with which supplier?
 f. What is your estimated budget for the storage refresh?

 

 3. Server/Compute:

 a. What server vendor(s) and models do you currently use?
 b. What were the installation dates of the above server vendor(s)?
(Month/Year)
 c. When is your planned (or estimated) server refresh date? (Month/Year)
 d. What is your estimated budget for the server refresh?
 e. Do you have any extended warranties, if so, with which supplier?
 f. Which operating systems are used?

 

 4. Backup, DR and BC:

 a. What device/system do you use for your daily backups (e.g tape or
disk)
 b. What backup software do you use?
 c. How much data do you backup, in TB?
 d. Do you use a third party to provide a Business Continuity service
(e.g. office workplace recovery or infrastructure ship-to-site
solutions)?
 e. Does your current recovery solution meet your stakeholder’s RTO/RPO
expectations?
 f. Do you already backup into the cloud?
 g. Do you have a documented disaster recovery & business continuity plan
in place?

 

 5. Number of Physical servers?

 

 6. Number of virtualised servers? & Which Virtualisation platform do you
use?

 

 7. Security:

 a. What security solutions are being utilised?
 b. Do you have a SIEM?
 c. Do you have a SOC? If so, is it in house or outsourced?
 d. Is it 24/7?
 e. Name and role for IT Manager(s) / Officer(s) primarily responsible for
cybersecurity
 f. Names of all cyber security vendor(s) you us
 g. Cost, duration and end date for the above contract(s)/license(s)

 

 8. How far are you in your cloud strategy?

 a. Not considering Cloud for the foreseeable future
 b. Interested in Cloud, but have not started looking into it
 c. Research Stage
 d. Meeting with Suppliers
 e. Consultancy
 f. Started to integrate
 g. Fully integrated

 

 9. Which public cloud provider do you use?

 

10. Which IT services do you outsource? When do the contracts end?

 

11. Please also name all of the IT re-sellers that you work with and buy
from, as well as the frameworks utilised.

 

12. Are you actively moving any applications/infrastructure into a cloud
environment? If so who is responsible for this?

 

13. Do you normally purchase equipment and services as a capital
investment (Cap-Ex) or ongoing operational charges (Opex)?

 

Your request for information does not appear to have any clear public
interest purpose. Your request seems to be a commercial request seeking
details in order to sell goods or services. Without clear public interest
the University considers commercial requests vexatious in line with the
Upper Tribunal ruling recently upheld by the Court of Appeal -
[1]http://www.bailii.org/uk/cases/UKUT/AAC/...

 

The Judge indicates in paragraphs 35 and 38 that improper use of FoIA
(such as no public interest) is a valid consideration to make when
considering if a request is vexatious. Using FOI to gain a commercial
advantage or opportunity over another can be included within this
definition.

 

If you are dissatisfied with the University’s response to your freedom of
information request, you can ask us to internally review our handling of
your request, including the application of any exemptions applied.  To do
this, please email [2][Durham University request email] or write to:

 

Information Governance Unit 

The Palatine Centre 

Stockton Road 

Durham 

DH1 3LE

 

Please state the grounds on which you wish the decision to be reviewed and
enclose any other information that may be useful in considering the matter
further.  We aim to inform you of our decision within 20 working days from
the date your request for internal review is received. 

 

If you are not satisfied with the results of the internal review you may
apply to the Information Commissioner's Office for an independent review. 

 

Information Commissioner's Office 

Wycliffe House 

Water Lane  

Wilmslow 

Cheshire 

SK9 5AF 

[3]www.ico.org.uk  

 

Yours sincerely

 

Information Governance Unit

Durham University

--------------------------------------------------------------------------

Information Governance Unit, University Secretary’s Office

e: [4][Durham University request email]

dangos adrannau a ddyfynnir