Microsoft Dynamics 365 Services
RSM provide project governance, assurance, advisory for projects. Support capabilities from our in house support desk. System selection services.
Microsoft Dynamics 365 business applications:
Finance & Operations (F&O),
Finance,
Business Central,
Field Service,
Customer Engagement,
Sales,
Marketing,
Customer Service & Project
PowerPlatform:
PowerBI, Power Automate & Power Apps
Features
- Intelligent suite of business applications to run your organisation
- Range of applications that seamlessly work together
- Provide a 360-degree view of your organisation
- Real-time insights and reporting
- Modern applications designed for ease of use
- Unification with wider Microsoft ecosystem (Office365 & PowerPlatform)
- Future proved applications. Two feature rich updates a year
- Range of add-ons & connectors to market leading solutions
Benefits
- Project Governance for ongoing Dynamics 365 implementations
- Assurance and advise on Dynamics 365 implementations
- Support for the whole D365 application suite
- System selection services
- Technical knowledge to integrate into D365
- Knowledgeable team to help embed D365 into your organisation
- Fully integrated with Office 365, Outlook, SharePoint
- Data Analysis services to design data flow and reporting road-map
- Technical team to advise on IT, D365 & Office365 security
Pricing
£6 to £91.32 a person a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
6 2 5 9 6 8 8 1 4 0 7 3 6 3 2
Contact
RSM
Kathryn Styler
Telephone: 0121 214 3100
Email: bidteam@rsmuk.com
Service scope
- Software add-on or extension
- Yes
- What software services is the service an extension to
- Microsoft Dynamics 365
- Cloud deployment model
- Public cloud
- Service constraints
- The Microsoft Dynamics 365 pre-requisites must be met including recent versions of the common browsers.
- System requirements
-
- Office 365 Account (can be created as part of service)
- Browser including IE 10,11 Firefox, Chrome, Firefox, Safari
- Office 2016, 2019 or Office 365 for Office integration
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
-
Priority 1 - Critical system failure - response time is within 2 hours.
Priority 2 - Degraded service - response time is within 4 hours.
Priority 3 - Moderate issue - response time is within 8 hours.
Priority 4 - Low rated issue - response time is within 5 working days.
Out of hours including weekends can be provided with same or different response time subject to additional cost. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- Use Microsoft Teams which uses live captions for end users.
- Onsite support
- Yes, at extra cost
- Support levels
-
RSM's support Desk for Dynamics 365 covers break-fix, answering “how to” questions, and new product update release support.
Our Support services are available through an hourly consumption contract.
A Relationship Manager service to provides update reports and proactively works with you to maximise the use of the system & support team.
Support package includes:
Escalation point for ‘break/fix’ incidents – including liaising with Microsoft technical support engineers; Access to advice and problem resolution; Escalation point for ‘how to’ System/application questions; New product release notification (Microsoft release update cycle); Microsoft upgrades hand-holding; Escalation point to assist with environment management during update releases; System Administration of Dynamics 365 Users, Licence, Security and Environment Management; Wider access to experienced team of Technology, Reporting, Management Consulting and Dynamics professionals - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- A full range of services are provided by Microsoft and RSM for onboarding. From Microsoft there is a customer portal that provides access to extensive resources in a mix of media for setting up, training, administering and developing the Dynamics 365 solution. RSM will provide more specific and user role-oriented training and collateral suitable. Implementation of the Dynamics solution follows the recognised Microsoft Sure Step pathway through Analysis - Design - Development - Testing - Deployment.
- Service documentation
- Yes
- Documentation formats
-
- Other
- Other documentation formats
-
- DOCX
- XLSX
- CSV
- End-of-contract data extraction
- Data export facilities are provided for users to extract data at any time. Microsoft provide a grace period to allow access data after termination. RSM work with customers to create an agreed plan and approach to assist with obtaining data as required.
- End-of-contract process
- At the end of the contractual period the customer can continue to subscribe to Microsoft licences either directly with Microsoft or through another provider and retain use of the solution or extract their data and cease using the system altogether.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Users can access Dynamics 365 through their mobile / tablet browser or through the Dynamics mobile app. Form design renders to a pleasing mobile app UI for mobile user environments although data is still sourced from the single data service.
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- Microsoft Dynamics 365 Business Central supports two types of web services: SOAP and OData. Web services are a lightweight, industry-standard way to make application functionality available to a variety of external systems and users. Web services can expose pages, codeunits, or queries. Whereas SOAP web services expose a WSDL document, OData web services expose an EDMX document containing metadata for all published web services.
- API documentation
- Yes
- API documentation formats
-
- HTML
- ODF
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Users able to create and customise entities, forms, fields, views and layouts; create business and system processes.
Scaling
- Independence of resources
- Microsoft operate a global network of data centres including in the UK and capacity is maintained and benchmarked for Dynamics, Azure Services and Office.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Metrics are available to show user logins, transactions and storage usage.
- Reporting types
-
- Real-time dashboards
- Regular reports
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft Dynamics 365
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Data can be exported to a number of document formats and can be edited and re-imported if required. Excel Add-ins are available to simplify the process.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- XLSX
- XML
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- XLSX
- XML
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Service level is 99.9% uptime with a credit available of 25% if this falls below 99.9%, 50% if it falls below 99% and 100% if service availability falls below 95% relevant to that particular months subscription fee.
- Approach to resilience
- A detailed examination of data services and application development lifecycle are available at Microsoft's Trust website www.microsoft.com/trustcenter. Microsoft build trusted cloud on the four principles of Security, privacy, compliance and transparency. This party audits include SOC1 Type 2 reports, ISO/IEC 27001 and 27018, security assessments for penetration testing.
- Outage reporting
- System administrators are notified by email and the 365 portal updates a running notification, the Organisational Insights Dashboard will update and Yammer and social media may also be used.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Other
- Other user authentication
-
Multi-Factor Authentication requires use of multiple methods to access the cloud. Providing strong authentication with a range of verification options, while accommodating a simple sign-in process. It provides user-friendly experience that works with Microsoft Azure Active Directory and Microsoft accounts and includes support for wearables/fingerprint-based approvals. Password enforcement increases security of traditional passwords by imposing length/complexity requirements, forced rotation and account lockout.
Token-based authentication enables authentication via Active Directory Federation Services (AD FS) or third-party secure token systems.
Role-based access control (RBAC) enables access based on the user’s role, making it easy to only give the amount of access required. - Access restrictions in management interfaces and support channels
- Role-based access control (RBAC) enables you to grant access based on the user’s assigned role, making it easy to give users only the amount of access they need to perform their job duties. You can customize RBAC per your organisation’s business model and risk tolerance.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- 09/01/2017
- What the ISO/IEC 27001 doesn’t cover
- There are no elements of the hosting solution not covered by this certification
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Dynamics 365 relies on Azure Active Directory to provide authentication for user access, helping to protect Dynamics 365 from unauthorized access. It simplifies the management of users and groups, and enables you to assign and revoke privileges easily.
Dynamics 365 uses the same identity platform as Office 365, so a user of both services has the same username and password. Customers can federate an on-premises Active Directory or other directory stores to enable using corporate credentials to authenticate. Dynamics 365 uses encryption to protect your data. Connections established between customers and Microsoft datacenters are encrypted, and all public endpoints are secured using industry-standard Transport Layer Security (TLS). TLS effectively establishes a security-enhanced browser-to-server connection to help ensure data confidentiality and integrity between desktops and datacenters.
We also provision you with your own logically isolated data repository to maximize the security and integrity of your data. And, when systems become outdated or are no longer operational, Microsoft operations personnel follow rigorous data-handling procedures and hardware disposal processes.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- All development in Microsoft Dynamics 365 is carried out in the Security Development Lifecycle which helps developers address compliance requirements.
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
Dynamics 365 is hosted in Microsoft datacenters and uses their security measures and mechanisms to protect data. Microsoft blocks unauthorized traffic to and within datacenters using a variety of technologies. We constantly maintain, enhance, and verify the infrastructure, and employ regular penetration testing to continually validate the performance of security controls and processes.
Dynamics 365 is designed on the principles of the Security Development Lifecycle, a mandatory Microsoft process that embeds security requirements into every phase of development. The Dynamics 365 operations team also follows the rigorous standards set by Microsoft Operational Security Assurance to help protect customer data. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- To ensure that activities within the service are legitimate, and to detect breaches or attempted breaches, Dynamics 365 takes advantage of the cloud service infrastructure and security mechanisms. The Dynamics 365 environment deploys antimalware software that helps protect infrastructure against online threats. Microsoft also provides intrusion detection, distributed denial-of-service (DDoS) attack prevention, and regular penetration testing to help validate security controls.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Microsoft employs a risk-management model of shared responsibility with the customer.
Microsoft is responsible for the platform including services offered and provides a cloud service that can meet the security, privacy, and your compliance needs.
As a customer, you are responsible for the environment once the service has been provisioned. You must identify which controls apply to your business and understand how to implement and configure them to manage security and compliance with applicable regulatory requirements. RSM offers implementation guidance to help accomplish these tasks and better manage the risk. Any incident can be reported through the 365 portal.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £6 to £91.32 a person a month
- Discount for educational organisations
- Yes
- Free trial available
- No