Microsoft 365 and Office 365
Microsoft 365 (and Office 365) subscriptions and solutions enhance business working. The Microsoft 365 and Office 365 plans enable your business to work more collaboratively, more productively and from anywhere. We enable organisations of all sizes to take advantage of Microsoft services by managing the licensing, support, provisioning and billing.
Features
- Full management of your Microsoft environment
- Easy access to Microsoft services from multiple devices and locations
- UK hosting within Microsoft UK data centres
- Expert user support from our UK based helpdesk
- Bespoke packages available
- Microsoft Silver Partner
- PRINCE2 practitioners
- Microsoft Certified Engineers and Professionals
Benefits
- One supplier for consultancy, design, implementation and support
- Improve productivity and business efficiencies with familiar Office 365 apps
- Support remote working with access to documents and applications anywhere
- Enhance communication and collaboration with Microsoft Teams
- Scalability - easily add users as your organisation grows
Pricing
£3.80 to £48.10 a user a month
- Education pricing available
Service documents
Framework
G-Cloud 12
Service ID
6 4 6 3 9 0 2 9 0 7 6 5 0 2 4
Contact
MDS Technologies Limited
Ben Grantham
Telephone: 01225 816280
Email: sales@mds.gb.net
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- No
- System requirements
-
- Customers will require appropriate network connectivity
- Customer responsible for data security over their connectivity method
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Tickets are responded to on a priority basis. We aim to respond to ALL initial questions within 15 minutes during normal business hours (7:30-17:30 Mon-Fri).
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- MDS' standard support includes Project Managers, Service Delivery Managers, Technical Account Managers, Support Engineers Monday-Friday between the hours of 7:30-17:30. We aim to respond to ALL incidents and requests within 15 minutes, with a priority on resolving P1 incidents.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Customers on-boarding the service with MDS Technologies will need a project which manages their entry or exit, the scope of which will depend on the entry/exit parameters. The price for this will be by application and use the SFIA day rates appropriate to the work being completed. As part of the on-boarding process customers will be provided with the following:
- information on the ordering and invoicing process:
- how to terminate your contract
- after sales support - Service documentation
- No
- End-of-contract data extraction
- Details of how to extract data from Office 365 can be found here https://products.office.com/en-us/business/office-365-online-data-portability
- End-of-contract process
- A termination plan will be produced and agreed with you. A generic termination plan is available, on request, and this will be tailored to reflect appropriate roles and responsibilities. Production of this tailored plan is included within the service price.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- MacOS
- Windows
- Windows Phone
- Other
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Minor interface differences to display content appropriately on each device.
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- Please see https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview for more information on the Office 365 API.
- API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Please see: https://docs.microsoft.com/en-us/Office365/ and https://products.office.com/en-gb/business/compare-more-office-365-for-business-plans for more information on Microsoft 365 and Office 365 options.
Scaling
- Independence of resources
- A detailed description of how Microsoft isolates individual customer tenancies can be found here https://www.microsoft.com/en-us/download/confirmation.aspx?id=54249
Analytics
- Service usage metrics
- Yes
- Metrics types
- Office 365 usage reports are available for your administrators in the Office 365 admin center. Please see https://support.office.com/en-us/article/activity-reports-in-the-office-365-admin-center-0d6dfb17-8582-4172-a9a9-aed798150263 for more information.
- Reporting types
- Real-time dashboards
Resellers
- Supplier type
- Reseller providing extra support
- Organisation whose services are being resold
- Microsoft
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Other
- Other data at rest protection approach
- Information on how Microsoft protects data within its enterprise services can be found here https://www.microsoft.com/en-us/download/details.aspx?id=55848
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Details of how to extract data from Office 365 can be found here https://products.office.com/en-us/business/office-365-online-data-portability
- Data export formats
-
- CSV
- ODF
- Data import formats
-
- CSV
- ODF
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- Information on how Microsoft protects data within its enterprise services can be found here https://www.microsoft.com/en-us/download/details.aspx?id=55848
Availability and resilience
- Guaranteed availability
- Details of the Office 365 service level agreement can be found here https://technet.microsoft.com/en-us/library/office-365-service-level-agreement.aspx
- Approach to resilience
- Details of how Microsoft ensures resiliency in the Office 365 service can be found here https://www.microsoft.com/en-us/download/details.aspx?id=53560
- Outage reporting
- Office 365 includes a service status portal for tracking any outages.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Office 365 allows for creation and management of administration roles, please see https://support.office.com/en-gb/article/office-365-admin-overview-c7228a3e-061f-4575-b1ef-adf1d1669870?ui=en-US&rs=en-GB&ad=GB for more information
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- Between 6 months and 12 months
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- Between 6 months and 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- LRQA
- ISO/IEC 27001 accreditation date
- 03/11/2017
- What the ISO/IEC 27001 doesn’t cover
- MDS' risk assessment process has highlighted that the following area of ISO27001 is out of scope: 14.2.7 Information Systems: Outsourced Development
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 28/10/2016
- CSA STAR certification level
- Level 1: CSA STAR Self-Assessment
- What the CSA STAR doesn’t cover
- Nothing
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials Plus
- PSN Connection Certificate
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
-
Cyber Essentials
Cyber Essentials Plus - Information security policies and processes
- We follow the policies and procedures laid down in ISO 27001:2013 standard. In particular, our Information Security Management System contains all of the policies that support our security management approach. Our Information Security Policy provides the highest level policy statements which is supported by a comprehensive Acceptable Use Policy which all staff must sign before being granted any system/Network access. Additional policies cover key areas including Security Incident Management, Management Review, Document Control, Data Protection, Access Control, Business Continuity, Encryption, Patch Management and Auditing. As part of our Service Implementation Process we carry out a pre-handover security audit to ensure that we have met the required MDS Security standards as well as any specific customer security requirements which have been agreed. All of the above is supported by an extensive internal and external (UKAS accredited) Audit programme which ensures that we maintain the high level of security standards laid down in our processes.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Operational security processes are confidential
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Operational security processes are confidential
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Operational security processes are confidential
- Incident management type
- Supplier-defined controls
- Incident management approach
- Operational security processes are confidential
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
-
- NHS Network (N3)
- Joint Academic Network (JANET)
- Health and Social Care Network (HSCN)
Pricing
- Price
- £3.80 to £48.10 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- No