Endeavour Information Solutions

Microsoft SharePoint Hosting Services

Based on Microsoft’s scalable cloud platform we have considerable experience in building and maintaining full SharePoint hosting solutions to offer portal and website solutions. Our team of Microsoft Certified SharePoint specialists can help your organisation implement and support your SharePoint in both hybrid and dedicated cloud environments.

Features

  • Virtual Machines with SharePoint 2013, 2016 & 2019 Farm Environments
  • Customisable configurations in terms of RAM, Processors & Storage
  • Geo-redundant failover options available
  • High performing fault tolerant and load balanced SharePoint Farms
  • SQL Server Hosting and Integration
  • Hybrid integration with on premise environments available
  • Integration with on premise Active Directory environment
  • Classic SharePoint Development
  • SharePoint Framework Development
  • Full SharePoint Branding & Customisation

Benefits

  • Flexible, expandable environment that scales as required
  • Consumption based billing
  • Allows for controlled adoption to cloud based environments
  • Based in Microsoft's G-Cloud OFFICIAL Accredited Data Centres
  • Provides automated backup, DR/BCP options to customers
  • Supplier with Public Sector project experience
  • Supplier experienced in designing solutions to RMADS standards
  • Technical Support & Helpdesk Services Available

Pricing

£80 per virtual machine per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 3 1 7 6 9 9 7 7 8 7 6 9 6 9

Contact

Endeavour Information Solutions

Lee Surgeoner

028 9031 1010

Solutions@endeavour-is.com

Service scope

Service constraints
All services are based on virtual machines by Microsoft Azure with relevant public sector pricing applicable.
System requirements
  • Servers running Microsoft Operating Systems
  • Microsoft SQL Server

User support

Email or online ticketing support
Email or online ticketing
Support response times
We offer 4-hour response, 8-hour resolution Monday to Friday. Specific weekend and out of hours support is provided on request.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We offer 2 levels of support the first is fixed price annual SLAs that offers guaranteed levels of response and resolution time (2 hour response and 4 hour fix) with financial penalty applied when not met. The second level is based on ad-hoc support of £75 per hour but does not require up front purchase or hold specific resolution targets.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
On-boarding can start within minutes of signing up to the service but is usually performed onsite after a requirements exercise is performed.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
We can provide direct access to data on request either via HTTPS or SFTP.
End-of-contract process
The contract provides all hosting, computer and storage services. Support is added either under SLA at an agreed price or an hourly rate charged per month end.

Using the service

Web browser interface
Yes
Using the web interface
The web interface is provided by Microsoft Azure once sign to the service is started. The interface allows the end user to create virtual networks, services, storage and DR/BCP elements.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The web interface allows you to provision and manage your hosting environment but does not offer automation. This can be setup but requires integration using command line and scripting tools such as PowerShell and SSH.
Web interface accessibility testing
As this is a Microsoft based product they perform all relevant interface testing with end users and make relevant changes to the interface in accordance to their own findings.
API
No
Command line interface
Yes
Command line interface compatibility
Windows
Using the command line interface
Users can connect to via PowerShell and HTTPS.

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
All instances are independently monitored for resource usage and demand and can be configured to either alert end users and support teams or autoscale as required.
Usage notifications
Yes
Usage reporting
Email

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
  • Virtual Machine
  • Files and Folders
  • Database
Backup controls
Backups can be setup and monitored by users from web portal application.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Services in Microsoft Azure can be configured as high availability to 99.9 under SLA conditions. This is provided as part of the Microsoft Azure subscription but needs to be specified by the customer.
Approach to resilience
All services commissioned within Microsoft Azure via our service will be backed up once a day for a rolling 30 day period (and can be extended at additional cost). Services running within Microsoft Azure can be configured to be highly available to both a local and geographic data centre level. For any specific information please contact us for more details.
Outage reporting
Service outages are provided by a dedicated app available on all mobile platforms. It is also available via email or private dashboard on request.

Identity and authentication

User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Each customer is segmented by subscription with an overall management account held securely in a secured extranet. Elements of the network can be separated and secured by network or individual elements such as virtual machines and storage. Support work is undertaken by named accounts so individual support actions are audited by named individual. Sometimes customers also want that level of access which can be setup and audited accordingly.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
28/11/2017
What the ISO/IEC 27001 doesn’t cover
Helpdesk & Change Control Services
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • SOC 2
  • SOC 3

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our information security structure includes an Information Security Manager who has overall responsibility for managing information security within our organisation. IS meetings are held monthly and reviews of policies are performed every 6 months. Active policies are held within an in house ISMS based intranet system that shows policies, records assets and operating procedures. The system also holds recorded incidents, the investigations undertaken, results and corrective actions taken and is reviewed each month by the Information Security Manager and technical leads.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All requests are made via telephone or email and reported back to the requester before work us undertaken with an security elements or downtime identified for approval. Once agreed work is performed and a job completion report is then delivered to the requestor reporting the actions taken and the result of work completed.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
As we are Microsoft Azure based we use Azure's own security management monitoring system which monitors the services and providers bother proactive and reactive feedback and recommendations based on real-time monitoring and escalates issues to our support desk accordingly.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
As we are Microsoft Azure based we use Azure's own security management monitoring system which monitors the services and providers bother proactive and reactive feedback and recommendations based on real-time monitoring and escalates issues to our support desk accordingly.
Incident management type
Supplier-defined controls
Incident management approach
We follow an ISO 27001 approach and have created an incident management system within our ISMS intranet. Users can report incidents to us by telephone or email and we provide reporting via email while investigations take place and conclusions/corrections are made.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
Microsoft controls the separation of customer networks in a number of different levels from a subscription/tenant at geographic data centre level down to individual VLANs where customers wants to operate elements of their infrastructure under the same subscription/tenant level but still require network separation.

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Microsoft has already implemented the majority of the EU Code’s best practices in its data centres in Europe and across the globe. The company is also exploring the innovative use of shipping containers as flexible and portable housing for servers which provide 10 times the density for data centres and drive dramatic savings in power usage. The new Microsoft data centre in Ireland already consumes approximately 50 percent less energy than a traditional data centre of similar size and level of activity. In the Dublin facility, Microsoft has applied all of the expected and most of the optional best practices under the EU Code and will only employ artificial cooling on a few days per year. The data centre is an officially recognized best practice by the European Commission meeting the requirements of the Sustainable Energy Europe Campaign (www.sustenergy.org) in contributing to the achievement of making a voluntary commitment to the EU energy policy goals in the field of energy efficiency.

Pricing

Price
£80 per virtual machine per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Specific trials can be arranged covering whatever the client requires on request for unto 30 days.

Service documents

Return to top ↑