Content and Code Ltd

Communications Portal - Fresh

Using years of experience in SharePoint and Microsoft 365 projects, Content and Code created the Fresh Communications portal. Fresh offers a simplified communications and collaboration solution enabling organisations to cut through options, features, and user requirements and rapidly deploy and leverage the Microsoft 365 platform and its core tools.

Features

  • Home page and global navigation within the Fresh Communications portal
  • News and internal communications within the Fresh Communications portal
  • Document management and powerful search
  • Enterprise social networking
  • Team sites
  • Internal content publishing within the Fresh Communications portal
  • Office locations within the Fresh Communications portal
  • Platform: mobile responsive, M365 integrated
  • For more details please see https://freshintranet.com/

Benefits

  • Increased employee engagement
  • Easy access to tools, resources and company information
  • Mobile responsive solution allowing access anywhere
  • Easy to update and maintain content
  • Flexible templates able to be deployed for multi-use
  • Aligned to Microsoft product roadmap
  • Companion app for Microsoft 365
  • Ready-to-launch cloud-based solution
  • Flexibility to extend and integrate with other solutions
  • Access to upgrades and enhancements

Pricing

£30000 per licence per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

1 8 9 3 4 8 0 0 7 7 3 8 3 2 7

Contact

Content and Code Ltd

Andy Sayer

07720 262 320

bids@contentandcode.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Microsoft Office 365, SharePoint Online, SharePoint 2013, SharePoint 2016
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
Content and Code's Fresh digital workspace solution requires Office 365 or SharePoint licencing from Microsoft.
System requirements
  • Microsoft Office 365 license, or
  • SharePoint license

User support

Email or online ticketing support
Email or online ticketing
Support response times
Depends on the priority of the ticket. Initial responses are tied into our response SLAs, however response times for general questions are not targeted. Response times at weekends will depend on whether weekend support is taken up.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Content and Code have four tiers of support available for clients: Entry, Essential, Enhanced, and Elite. All levels of support include UK-based support desk with 8:00-18:00 M-F cover (excluding public holidays), extended hours are available as an option at an extra cost to the client; and technical support hours per month increasing from 8 (entry level) to unlimited (elite level). Essential, enhanced, and elite support additionally include service reporting, data analytics, and change management. Enhanced and elite levels have support for service and technical account management, proactive (event) management, and major incident management. Elite is the only level that includes operational run tasks (e.g. scheduled checks).
Support available to third parties
No

Onboarding and offboarding

Getting started
Fresh is accompanied by a full methodology that covers branding, language and taxonomy to rollout and training.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Content is stored in Microsoft's SharePoint tenant and not in our product. Content can be extracted from SharePoint/Office 365 using standard practices and/or 3rd party tools.
End-of-contract process
The client owns their solution from the outset and at the end of the contract the client no longer receives updates.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile services runs in browser and in responsive, rendering all pages in the solution appropriate to the device being used. Content is prioritised for typical mobile use cases, e.g. reading news over editing documents.
Service interface
Yes
Description of service interface
See the Service Description document for details.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
See the Service Description document for details.
API
Yes
What users can and can't do using the API
All services on Fresh can be accessed using the Office 365 API. Documented here: https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview
API documentation
Yes
API documentation formats
  • HTML
  • PDF
  • Other
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Fresh utilises standard SharePoint functionality and can be extended and customised in-line with best practice for modifying SharePoint. Apps hosted on third party platforms can also be integrated.

Scaling

Independence of resources
Use of client side rendering technologies pushes the UI processing to the client and reduces a user's impact on the server farm. The underlying Office 365 platform scales dynamically with the active user base and purchased licence count. Services which are designed to scale very well are used as a basis for end-user functionality including the Search service and Managed Metadata service.

Analytics

Service usage metrics
Yes
Metrics types
See Service Description document for detail.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Documents may be downloaded or synchronised locally, list/library data can be exported to Excel as an external data source.
Data export formats
  • CSV
  • ODF
  • Other
Data import formats
  • CSV
  • ODF
  • Other

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Approach to resilience
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Outage reporting
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication
Via Azure Active Directory using Oauth 2.0. Capabilities such as multi-factor authentication, mobile device management, Azure Rights Management, and Data Loss Protection can be enforced for all, or specific, user groups.
Access restrictions in management interfaces and support channels
User roles. A user may be an administrator a particular sub level of the solution or be a member of a group with these permissions.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
http://bit.ly/2pm1ENv
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/A
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Content and Code align all services with the principles and standards described in the ISO20000 accreditations.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£30000 per licence per year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑