Content+Cloud Ltd

Microsoft 365 Digital Workplace

Using years of experience in SharePoint and Microsoft 365 projects, Content+Cloud created a Digital Workspace solution - Fresh. Fresh Digital Workspace offers simplified communication and collaboration, enabling organisations to cut through Microsoft 365 options and features, rapidly deploying a modern digital workspace and consuming all available Microsoft 365 services.

Features

  • Home page and global navigation
  • Microsoft 365 navigation
  • Microsoft 365 user adoption
  • News and internal communications
  • Document management
  • Internal content publishing
  • Enterprise social networking
  • Team sites
  • Collaboration tools and services
  • Office locations

Benefits

  • Increased employee engagement
  • Easy access to tools,resources and company information
  • Mobile responsive solution allowing access anywhere
  • Easy to update and maintain content
  • Flexible templates able to be deployed for multi-use
  • Aligned to Microsoft product roadmap
  • Microsoft Teams app
  • Turnkey intranet solution
  • Flexibility to extend and integrate with other solutions
  • Access to upgrades and enhancements

Pricing

£30,000 a licence a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@contentandcloud.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

2 1 2 6 8 8 8 3 6 7 7 8 6 4 5

Contact

Content+Cloud Ltd Jack Perschke
Telephone: 0333 241 7689
Email: bids@contentandcloud.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Microsoft 365, including SharePoint Online and Microsoft Teams
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • Microsoft 365
  • Appropriate Microsoft SharePoint licenses assigned to all required users.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Support service response time varies between 15 minutes and 4 hours, depending on priority of the case.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 A
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support includes access to our UK-based support desk with 8:00-18:00 M-F cover (excluding public holidays), technical support from 4 hours per month. Additionally, proactive services are included to ensure that customers are aware of forthcoming features and able to influence and refine our backlog items.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Fresh is accompanied by a full methodology that covers branding, language and taxonomy to rollout and training.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Content is stored in SharePoint not in our product. Content can be extracted from SharePoint / Microsoft 365 using standard practices and / or 3rd party tools.
End-of-contract process
The Fresh application is uninstalled from SharePoint online which leaves all content and data created accessible within the native SharePoint platform.

Using the service

Web browser interface
No
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile services runs in browser and in responsive, rendering all pages in the solution appropriate to the device being used. Content is prioritised for typical mobile use cases, e.g. reading news over editing documents.
Service interface
No
API
Yes
What users can and can't do using the API
All services on Fresh can be accessed using the Office 365 API. Documented here: https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Fresh utilises standard SharePoint functionality and can be extended and customised in-line with best practice for modifying SharePoint. Apps hosted on third party platforms can also be integrated.

Scaling

Independence of resources
The use of client-side rendering technologies pushes the UI processing to the client and reduces a user's impact on the server farm. The underlying Microsoft 365 platform scales dynamically with the active user base and purchased licence count. Services that are designed to scale very well are used as a basis for end-user functionality including the Search service and Managed Metadata service.

Analytics

Service usage metrics
Yes
Metrics types
A content analytics service is provided hosted either in Azure Application Insights or Google Analytics. Reporting is either via Excel or Power BI depending on licensing options.
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Documents may be downloaded or synchronised locally, list/library data can be exported to Excel as an external data source.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
Fresh is installed entirely in the buyers' Microsoft365 tenant, there is no connection between the buyers' network and ours. Data is encrypted and available only to authenticated users. This level of protection is provided by default for data stored in Microsoft365 services. Data is encrypted while it resides in the service and in transit between the service and client devices. For some organizations, this level of protection meets the minimum standard.
Capabilities such as multi-factor authentication (MFA), mobile device management, and Exchange Online Advanced Threat Protection increase protection and substantially raise the minimum standard for protecting devices, accounts, and data.
Data protection within supplier network
Other
Other protection within supplier network
No data is stored in our network

Availability and resilience

Guaranteed availability
Since the solution is based on the Microsoft 365 platform, Microsoft provide a financially-backed guarantee of 99.9% availability for their Microsoft 365 platform - with service credits for non-availability beyond this threshold. Please see SLA documents at https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=37 for details.
Approach to resilience
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
Outage reporting
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter

Identity and authentication

User authentication needed
Yes
User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
The Microsoft 365 platform provides a full RBAC model for access control authorisation, based on Azure Active Directory. A user may be an administrator of a particular sub-level of the solution, or be a member of a group with these permissions
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS
ISO/IEC 27001 accreditation date
N/AN/A
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
N/A
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
N/A
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Content and Code align all services with the principles and standards described in ISO/IEC 27001 and ISO/IEC 22301

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£30,000 a licence a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Access to a Microsoft 365 environment which hosts our solution for the purposes of evaluation and testing

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@contentandcloud.com. Tell them what format you need. It will help if you say what assistive technology you use.