Crayon Limited

Empower iQ Office 365 Training and Adoption Service

Crayon's Empower iQ portal is a market leading service which drives Office 365 user adoption and encourages your employees to adopt the tools provided. This is an end-to-end service which not only drives initial adoption but provides a platform to support the ongoing learning and development of your employees productivity

Features

  • Office 365 live adoption training delivered by subject matter experts
  • Video Tutorials covering all services available in Office 365
  • Learning Pathways linked to individual roles
  • Reporting and tracking enabling business intelligence
  • People Change Management service to drive adoption
  • Gamification to engage users in the service

Benefits

  • Enabling users to adopt all features and functions of O365
  • Reduces the cost of training employees on Office 365 services
  • Flexibility to consume training at anytime and place
  • Enables users to track their training and overall progress
  • Enables management to track and report on employees training progress
  • Realise the overall investment in Office 365

Pricing

£2.50 per person per month

  • Education pricing available

Service documents

G-Cloud 10

327282393400240

Crayon Limited

Greig Valentine

01494 917833

greig.valentine@crayon.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No
System requirements Adoption portal is accessed via a browser over the internet

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Standard 4 Hour Response Monday - Friday 0.900 to 17.30
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Users can log requests for individual support via the “contact us” option in the portal. These requests are routed through to our service operations team.

For major incidents and where the Empower-IQ platform is not accessible support is contacted either via a specific email address or by telephone that is routed to our service operations team.

The targeted availability of the platform is 99.25% for each monthly period. SLA’s for recovery of the platform are:

• Major malfunction (complete interruption of service, impossible connections): recovery under 4 H in business hour : 8H 20H from Monday to Friday (CET).
• Critical malfunction (partial malfunction of the service, feature important impacted): recovery under 8 H in hour working day 8H 20H from Monday to Friday (CET).
• Minor malfunction (display problem, non-blocking malfunction): recovery within 24 hour working day 8H 20H from Monday to Friday (CET).
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The onboarding of users is split into phases as below. This approach is focused on enabling awareness of the users to the new service that is being introduced and subsequently driving them to understand the benefits to them as individuals and there teams. The detail of this process will be different per organisation as it is driven by the specific requirements and the organisations structure and processes.

Phase 1

Engage with the sponsor to identify the stakeholders across the organisation that will support the roll out of the new service.
Deliver a presentation to the stakeholders with the sponsor to inform them:
a. Why the new service has been selected
b. What are the benefits to the organisation, departments, teams and individual users
c. Demonstration of the portal
d. Timeline for roll out

Phase 2

Agree communication plan with Sponsor and Stakeholders to include elements of:
a. Pre-formatted email communications
b. Webinar to introduce the service that can also be recorded and made available
c. Postings on intranets and Yammer

The users are then imported into the portal and a welcome email will be sent to each individually.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Microsoft Word
  • Microsoft PowerPoint
End-of-contract data extraction Users cannot extract data by themselves. They would need to contact Crayon to anonymise or delete data after the end of the contract. End User's data is automatically anonymised after 5 years from the end of the contract period.
End-of-contract process The service is priced on a per user per month contract. The license for a user gives the right and the ability to access the adoption portal and all available content and courses.
There are no additional costs.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All content is available in both formats. On mobiles the structure of the portal is modified to fit the screen size.
Accessibility standards None or don’t know
Description of accessibility Our application is used in browsers. We recommend the usage of features in browsers and operating systems (as Windows10/accessibility parameters).
Accessibility testing No specific testing has been undertaken
API No
Customisation available Yes
Description of customisation Users can re-brand headline banner within the portal.

Scaling

Scaling
Independence of resources Our platform is based on a load balancers and multiple Virtual machines. This infrastructure is scallable and ensures that users are not affected by the increased requirements of other users on the platform. Our platform currently supports almost 500 000 users.

Analytics

Analytics
Service usage metrics Yes
Metrics types The service metrics on the platform are accessible in real-time through an admin account . This admin account gives access to:
• A general dashboard that will allow you to follow up the number of users registered into training sessions, the most viewed resources, and the activity in general.
• A detailed dashboard on the use of the platform, user per user (list of received communications, list of viewed videos, visited pages)
• A dashboard of the resources accessed (courses, tutorials, use case videos).
• A dashboard on the training sessions delivered through web conference.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Mandarine Academy

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach It is exported via a management interface in .csv (comma-separated values)format
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks Our platform is a SaaS platform on Azure datacentre that opens via internet connections. All access on the platform is through the SSL protocol (certificates bought at SSL247 provider)
We can provide an ipsec VPN in option to access to our platform with additional cost for access.
Data protection within supplier network
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Our platform is a SaaS platform on Azure datacentre that opens via internet connections. All access on the platform is through the SSL protocol (certificates bought at SSL247 provider)

Availability and resilience

Availability and resilience
Guaranteed availability The targeted availability of the platform is 99.25% for each monthly period. SLA’s for recovery of the platform are:

• Major malfunction (complete interruption of service, impossible connections): recovery under 4 H in business hours
• Critical malfunction (partial malfunction of the service, feature important impacted): recovery under 8 H in business hours
• Minor malfunction (display problem, non-blocking malfunction): recovery within 24 hour working day
Approach to resilience Infrastructure is based on multiple Azure Datacentres. For high availability, virtual machines support our front end in load balancing mode. Databases are replicated on virtual machines separated from the frontends virtual machines.
Outage reporting A maintenance page is activated when needed for patches / update of new features. Email alerts can be activated for administrators.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels The management interface is accessed via a different URL and rights are assigned to specified named users and there associated login credentials.
Access restriction testing frequency At least once a year
Management access authentication Identity federation with existing provider (for example Google Apps)

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Crayon develop and maintain written standards and procedures necessary to ensure implementation of and compliance with policy directives and provide appropriate support and guidance to assist employees to fulfill their responsibilities under this directive.
Information security policies and processes Crayon ensure that all appropriate personnel are aware of and comply with our security policy. We create appropriate performance standards, control practices, and procedures designed to provide reasonable assurance that all employees observe and adhere to the policy.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach During update, all components of the platform are tested (non regression test) in 2 languages (FR and EN). Security impact is tested for each new feature created from external bundles and new external component.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our vulnerability approached is based on security in Azure Datacenters and management of patches and fixes in our Linux environment (virtual machine) and symfony framework on PHP. Threats are accessed based on the patches,fixes and policy's for the Ubuntu release. Patches are deployed each week for current patches, or in 24 hours or less if major alert. Threat information is obtained from Ubunto Websites.
Protective monitoring type Supplier-defined controls
Protective monitoring approach The key element of identifying compromises is monitoring of normal usage for example increased levels of training sessions registration number of connections and number of video views. Potential compromises lead to the deactivation of the compromised account and notification to the customers administrator. All responded to and rectified within 24 hours.
Incident management type Supplier-defined controls
Incident management approach A maintenance page is activated from the portal when a need for patches or updates and new features are scheduled. Incident reports can also be distributed by email.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £2.50 per person per month
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑