Cloud Services By Xeretec

A fully flexible Microsoft Office 365 service providing the full suite of products with pro rata charging. The service is enhanced with backup, email archive & continuity option. Full migration, training and licence management is available, all supported by a UK Service Desk.


  • Microsoft Cloud Service Provider (CSP)
  • Microsoft Office Licencing Management
  • Full Office365 Application & Features Options
  • Office365 Migration Option
  • Office365 Files and Teams backup Options
  • Office365 Email Backup, Continuity and Archive Options
  • Office365 Training
  • Microsoft Office Applications


  • Fully customisable Office365 offering
  • Office365 licence charging per day
  • Office365 Solution Enhancements available
  • UK Based Helpdesk
  • Inhouse Development Resources


£3.80 to £37.64 per user per month

  • Education pricing available
  • Free trial available

Service documents


G-Cloud 11

Service ID

7 4 8 4 4 2 8 3 6 1 5 6 7 8 3



Mike Lovett


Service scope

Software add-on or extension
Cloud deployment model
Public cloud
Service constraints
Available applications and services dependent of plan purchased.
Any desktop applications available for installation are not available on Linux.
System requirements
Internet Connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA for Cloud Services is 1 Hour.
Weekends is available under separate contract.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
We can provide 24/7 telephone support and fixed SLA fix times.
Our Support models, and pricing, varies with each customer.
Support available to third parties

Onboarding and offboarding

Getting started
The onboarding process will be unique to each organisation. To facilitate this we have a number of services available to support this, including:
• Migration services
• Full licence assessment
• O365 MOT assessment
• O365 fine tuning
• End user experience assessment
• Security MOT assessment
• Onsite Trainers
• Online Training in 18 Microsoft Applications
• User documentation
Service documentation
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
Documentation can be provided in bespoke formats as required
End-of-contract data extraction
Standard Microsoft data extraction tools are available to extract files, emails and metadata.
Users with the premium services will be able to automate the data extraction process.
End-of-contract process
The customer requirements for off-boarding would be agreed as part of the contract.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
There is a reduced feature set on the mobile applications compared to full desktop office application. Core functionality is retained for editing documents.
Service interface
Description of service interface
The service can be accessed via downloadable applications or used via a web browser
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Detailed information on Microsoft Accessibility can be found here:
What users can and can't do using the API
Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Office 365, Windows 10, and Enterprise Mobility + Security. Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.
Microsoft Graph exposes REST APIs and client libraries to access data in Office365 and other Microsoft services.

It is available on the following Microsoft 365 services:
- Office 365 services: Delve, Excel, Microsoft Bookings, Microsoft Teams, OneDrive, OneNote, Outlook/Exchange, Planner, and SharePoint
- Enterprise Mobility and Security services: Advanced Threat Analytics, Advanced Threat Protection, Azure Active Directory, Identity Manager, and Intune
- Windows 10 services: activities, devices, notifications
- Dynamics 365 Business Central

Microsoft's PowerShell can also be utilised to carry out bulk actions on the tenant.

Requirements would be discussed as part of a bespoke service plan.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
The service is designed to be fully customisable to the organisation's requirements. This includes ensuring your a licenced for what you require along with premium options for backup and continuity.

Custom applications and integration can be created using Office 365 data either by the customer or by our development team to improve workflow and maximise investment.

Customisations available to individual users are the themes and layout of their Office365 web portal.


Independence of resources
Microsoft have implemented multiple forms of protection to prevent the actions of one tenant adversely affecting the service of another tenant, including unauthorised access. This includes:
-Logical isolation of customer content through Azure Active Directory authorization and role-based access control.
-SharePoint Online provides data isolation mechanisms at the storage level.
-Rigorous physical security, background screening, and a multi-layered encryption strategy to protect the confidentiality and integrity of customer content.
-Office 365 uses service-side technologies that encrypt customer content at rest and in transit, including BitLocker, per-file encryption, Transport Layer Security (TLS) and Internet Protocol Security (IPsec).


Service usage metrics
Metrics types
Basic usage reports and dashboard are available from with Microsoft Office 365.
These metrics can be enhanced with the additional components and bespoke service that we can provide.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Westcoast Ltd

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Standard Microsoft tools for available that enable users, either manually or automated routines:
- export emails to .pst files
- move/copy files to a central location
- extract user information metadata to csv files
Data export formats
  • CSV
  • Other
Other data export formats
  • .pst
  • Bespoke services available
Data import formats
  • CSV
  • Other
Other data import formats
  • Pst
  • Bespoke service enables import from on premises servers and desktops
  • Bespoke service enables import directly from other cloud service provders

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
Please note that Microsoft have deprecated legacy SSL and TLS 1.0 and TLS 1.1.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability

Higher rates of availability for Email are available with the Email Continuity option.
Approach to resilience
Microsoft has designed Office 365 to withstand certain types of failures and yet remain fully-functional from the customers' perspective.
Detailed information on this can be found here:

In addition we are able to provide additional products that complement Office365 and provide:
- Email backup archive and continuity if the event of an Azure outage
- Back up of Onedrive/SharePoint files

Further information is available on request.
Outage reporting
Microsoft provide three key mechanisms for reporting service health.
- Office 365 Admin App/Portal
- Office 365 Management Pack for Microsoft System Center 2012 R2
- Office 365 Service Communications API

Office 365 Admin App/Portal
The Admin App and Portal for Office 365 tenant administrators has the ability to view service health information and maintenance status updates from their mobile devices or web browser.

Office 365 Management Pack for Microsoft System Center 2012 R2
Organisations using System Center now have the option to import the Office 365 Management Pack, which enables them to view all service communications within Operations Manager in System Center. Using this tool gives you access to the status of your subscribed services, active and resolved service incidents, and your Message Center communications.

Office 365 Service Communications API
The Office 365 Service Communications API enables you to create or connect your tools to Office 365 service communications, potentially simplifying how you monitor your environment. The Service Communications API enables you to monitor the following in your environment:
- Real-time service health
- Message Center communications
- Planned maintenance notifications

Detailed information on Microsoft Office365 Service Health is available here:

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Microsoft provides a number of options to do this and how it is implemented would be discussed as part of the contract discussion.

Options include
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications
Any other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Landscape, as part of the Xeretec Group, is ISO 27001 accredited and the information systems and security within Landscape and the wider Xeretec Group are critical for the day-to-day performance of the company. Landscape have numerous internal processes in place to ensure that we adhere to national and international guidelines for information and security, we are also Cyber Essential Accredited and an HP Platinum Partner. A security issue within these systems could have serious consequences, not just for our customers, but also for Landscape if we are to consider material damages, loss of customers, reduced revenue and damaged reputation to Landscape.
A robust security policy is necessary to support continued growth and to ensure a reliable high-level service to customers, suppliers, employees and business partners. Our policy defines the minimum level of due care required by all staff and suppliers.
Our IT Team is responsible for implementing the instructions and processes for our information owners and Line Managers. Users also have a responsibility to follow all data security measures and requirements, as outlined in the policy and to report any suspicious activity and security incidents, as per the process.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our implementation process is proven and meticulous, as we pride ourselves on delivering an excellent service. Should Landscape become a preferred supplier, an experienced and dedicated Account Manager, will be allocated.
During the project phase, we will ensure that there are clear communication lines and a full understanding of implementation requirements between all parties from the start.
A full audit of provided components will be conducted and a change management process will be in place to ensure that all services and assets provided can be tracked and monitored for performance and security impacts.
Vulnerability management type
Vulnerability management approach
Threat management strategy for Office 365 involves identifying a potential threat’s intent, capability, and probability of successful exploitation of a vulnerability. The controls used to safeguard against such exploitations are founded upon industry security standards and best practices. Office 365 provides robust email protection against spam, viruses, and malware with Exchange Online Protection. Office 365 also offers Advanced Threat Protection (ATP), an email filtering service that provides additional protection against specific types of advanced threats.
Protective monitoring type
Protective monitoring approach
Office 365 uses defense-in-depth security principles to protect against internal and external risks. The scale and global nature of the Microsoft footprint allows us to use strategies and techniques for defending against network attacks that few providers or customer organizations can match. The cornerstone of our strategy is using our global presence to engage with internet providers, public and private peering providers, and private corporations all over the world, giving us a significant internet presence. This enables Microsoft to detect and defend against attacks across a very large surface area
Incident management type
Supplier-defined controls
Incident management approach
Based on NIST 800-61. For full information please link document.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£3.80 to £37.64 per user per month
Discount for educational organisations
Free trial available
Description of free trial
The trial provides access to Microsoft's Office365 Enterprise E3 product for up to 25 users.This includes:
Current desktop applications on up to 5 PC or Macs
Mobile apps on up to 5 tablets and 5 phones (iOS/Android).
Online meetings and messaging.
Additional trial services available on request.

Service documents

Return to top ↑