Castle Computer Services Ltd

Microsoft Dynamics 365 Business Central

Microsoft D365 Business Central uniquely delivers a comprehensive, end-to-end approach to business applications helping you unify data and relationships, build intelligence into your decision making
and accelerate business transformation.

Our service provides analysis, planning, design, deployment and support services for Microsoft D365 BC; Microsoft D365 BC Consultancy and licensing.


  • Application based enquiry to bank management.
  • Customer Relationship Management design, development and support.
  • Enterprise Resource Management (ERP) design, development and support
  • Field Service, Sales, Manufacturing and Marketing functions
  • Improve financial reporting
  • Connect your business and departments digitally with D365 BC
  • Streamline your supply chain
  • Role based user profiles providing access to the right data
  • Customisable workflow
  • Automated alerts, reminders and action quotes


  • Flexible delivery model designed around your requirements
  • Highly experienced and qualified D365 BC consultants and deployment team
  • Solution design and customisation to match your business requirements
  • Secure and scalable business applications environments
  • Fast access to rich and insightful customer data
  • Secure cloud based service with strong managment controls
  • Access to a global libary of plugin services
  • Monthly subscription based licencing model
  • Training and knowledge transfer to your internal support teams
  • Market-leading expertise from a MS D365 Gold Partner


£50 per user per month

  • Education pricing available

Service documents

G-Cloud 11


Castle Computer Services Ltd

Paul Sutherland

01698 844600

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints No
System requirements
  • Supported web browser, i.e Internet Explorer, Google Chrome
  • Office integration requires Office 365 to be inplace
  • Appropriate licensing needs to be procured
  • System requirements are dependent on the project scope.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The standard support SLA is one hour for responses.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Castle’s support model is based around ITIL (IT Infrastructure Library) best practice. ITIL is a best practice framework developed by the Office of Government Commerce and is rapidly becoming the worldwide de facto standard for the delivery of IT support to businesses.
Castle’s ITIL based Support methodology will then be used to ensure that the highest quality, proactive and responsive support service is provided to you.
We adhere carefully to IT industry best practice, and follow the ITIL standards (IT Infrastructure Library). Our support function is provided via our dedicated helpdesk in Strathclyde Business Park, Bellshill from where we provide high quality support to over 500 customers
We use a number of leading edge systems and software applications to help maximize our service to customers, such as:
• Cherwell service management call handling software
ITIL accredited software for handling, monitoring and reporting Castle’s service against agreed SLA’s
• Network streaming software
This allows us to take control (remote control) of any PC or server that can connect to our web site .
• And our innovative myCastle self service support portal
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Based on the customers requirements we tailor the project and on-boarding process. This is dependant on modules required, users roles and business process. A typical project would include:
Software customisation
User training
System testing
Knowledge transfer.
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction All customer data in relation to the services specified in the project remain the property of the customer. At the end of the contract all data will be extracted in the agreed format and within agreed timescales as detailed in the exit plan inssued at the start of the project.
End-of-contract process The end of contract process and costs are agreed with the customer on a case by case basis depending on the size and complexities of activities.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile app and desktop / browser solution offer the same functionality. The solution is responsive based on the device being used.
What users can and can't do using the API The API provides many extensiblity points allowing customisations including interface, data storage, reporting, workflow etc.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Customisation is provided through the many extensiblity points allowing customisations including the interface, data storage, reporting, workflow etc.


Independence of resources Our solution is based on the Microsoft Azure online services and therfore provides a highly scalable infustructure ensuring services are not impacted by high usage.


Service usage metrics Yes
Metrics types Service Metrics and reports are agreed as part of the project and can include.

User Logins
Data storage etc.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported in a number of standard formats including, CSV and full database back-ups. The ability to export data is security controlled based on the users permissions and role.
Data export formats
  • CSV
  • ODF
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We supply comprehensive SLA's with the customer at the start of the project, providing 99.99% avaialablity.
Approach to resilience The Datacenters implement various technologies to achieve high level resilence, detailed information is available on request from the customer.
Outage reporting Outages are reported to the customer, by phone, email and dashboards

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Other
Other user authentication User authentication will vary depending on the customer requirements and will be discussed at the project stage.
Access restrictions in management interfaces and support channels Access is restricted by security controls.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We follow industry standards and specifically Microsoft standards
Information security policies and processes Castle have detailed policies for IS with full senior management responsibility.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We use ITIL process with all changes requiring full documentation, risk and impact assessment and customer sign-off.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our approach is agreed with the customer at the project start, and covers vulnerability threats and possible sources. The deploying of patches are managed with the customer to ensure minimum impact on system activity.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We work with the customer to determine the best fit for monitoring the solution, our main tool for this is Solarwinds.
Incident management type Supplier-defined controls
Incident management approach We use the ITIL process to ensure all incidents are logged, prioritsed and tacked in line with the agreed SLAs.

Incidents can be reported by phone or email.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No


Price £50 per user per month
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑