Landscape

Cloud Services By Xeretec

A fully flexible Microsoft Office 365 service providing the full suite of products with pro rata charging. The service is enhanced with backup, email archive & continuity option. Full migration, training and licence management is available, all supported by a UK Service Desk.

Features

  • Microsoft Cloud Service Provider (CSP)
  • Microsoft Office Licencing Management
  • Full Office365 Application & Features Options
  • Office365 Migration Option
  • Office365 Files and Teams backup Options
  • Office365 Email Backup, Continuity and Archive Options
  • Office365 Training
  • Microsoft Office Applications

Benefits

  • Fully customisable Office365 offering
  • Office365 licence charging per day
  • Office365 Solution Enhancements available
  • UK Based Helpdesk
  • Inhouse Development Resources

Pricing

£3.80 to £37.64 per user per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 4 8 4 4 2 8 3 6 1 5 6 7 8 3

Contact

Landscape

Mike Lovett

07377395896

mike.lovett@xeretec.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Available applications and services dependent of plan purchased.
Any desktop applications available for installation are not available on Linux.
System requirements
Internet Connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA for Cloud Services is 1 Hour.
Weekends is available under separate contract.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We can provide 24/7 telephone support and fixed SLA fix times.
Our Support models, and pricing, varies with each customer.
Support available to third parties
No

Onboarding and offboarding

Getting started
The onboarding process will be unique to each organisation. To facilitate this we have a number of services available to support this, including:
• Migration services
• Full licence assessment
• O365 MOT assessment
• O365 fine tuning
• End user experience assessment
• Security MOT assessment
• Onsite Trainers
• Online Training in 18 Microsoft Applications
• User documentation
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
Documentation can be provided in bespoke formats as required
End-of-contract data extraction
Standard Microsoft data extraction tools are available to extract files, emails and metadata.
Users with the premium services will be able to automate the data extraction process.
End-of-contract process
The customer requirements for off-boarding would be agreed as part of the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There is a reduced feature set on the mobile applications compared to full desktop office application. Core functionality is retained for editing documents.
Service interface
Yes
Description of service interface
The service can be accessed via downloadable applications or used via a web browser
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Detailed information on Microsoft Accessibility can be found here:
https://www.microsoft.com/en-gb/Accessibility/office
API
Yes
What users can and can't do using the API
Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Office 365, Windows 10, and Enterprise Mobility + Security. Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.
Microsoft Graph exposes REST APIs and client libraries to access data in Office365 and other Microsoft services.

It is available on the following Microsoft 365 services:
- Office 365 services: Delve, Excel, Microsoft Bookings, Microsoft Teams, OneDrive, OneNote, Outlook/Exchange, Planner, and SharePoint
- Enterprise Mobility and Security services: Advanced Threat Analytics, Advanced Threat Protection, Azure Active Directory, Identity Manager, and Intune
- Windows 10 services: activities, devices, notifications
- Dynamics 365 Business Central

Microsoft's PowerShell can also be utilised to carry out bulk actions on the tenant.

Requirements would be discussed as part of a bespoke service plan.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The service is designed to be fully customisable to the organisation's requirements. This includes ensuring your a licenced for what you require along with premium options for backup and continuity.

Custom applications and integration can be created using Office 365 data either by the customer or by our development team to improve workflow and maximise investment.

Customisations available to individual users are the themes and layout of their Office365 web portal.

Scaling

Independence of resources
Microsoft have implemented multiple forms of protection to prevent the actions of one tenant adversely affecting the service of another tenant, including unauthorised access. This includes:
-Logical isolation of customer content through Azure Active Directory authorization and role-based access control.
-SharePoint Online provides data isolation mechanisms at the storage level.
-Rigorous physical security, background screening, and a multi-layered encryption strategy to protect the confidentiality and integrity of customer content.
-Office 365 uses service-side technologies that encrypt customer content at rest and in transit, including BitLocker, per-file encryption, Transport Layer Security (TLS) and Internet Protocol Security (IPsec).

Analytics

Service usage metrics
Yes
Metrics types
Basic usage reports and dashboard are available from with Microsoft Office 365.
These metrics can be enhanced with the additional components and bespoke service that we can provide.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Westcoast Ltd

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Standard Microsoft tools for available that enable users, either manually or automated routines:
- export emails to .pst files
- move/copy files to a central location
- extract user information metadata to csv files
Data export formats
  • CSV
  • Other
Other data export formats
  • .pst
  • Bespoke services available
Data import formats
  • CSV
  • Other
Other data import formats
  • Pst
  • Bespoke service enables import from on premises servers and desktops
  • Bespoke service enables import directly from other cloud service provders

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks
Please note that Microsoft have deprecated legacy SSL and TLS 1.0 and TLS 1.1.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
99.9%

Higher rates of availability for Email are available with the Email Continuity option.
Approach to resilience
Microsoft has designed Office 365 to withstand certain types of failures and yet remain fully-functional from the customers' perspective.
Detailed information on this can be found here: https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-data-resiliency-overview

In addition we are able to provide additional products that complement Office365 and provide:
- Email backup archive and continuity if the event of an Azure outage
- Back up of Onedrive/SharePoint files

Further information is available on request.
Outage reporting
Microsoft provide three key mechanisms for reporting service health.
- Office 365 Admin App/Portal
- Office 365 Management Pack for Microsoft System Center 2012 R2
- Office 365 Service Communications API

Office 365 Admin App/Portal
The Admin App and Portal for Office 365 tenant administrators has the ability to view service health information and maintenance status updates from their mobile devices or web browser.

Office 365 Management Pack for Microsoft System Center 2012 R2
Organisations using System Center now have the option to import the Office 365 Management Pack, which enables them to view all service communications within Operations Manager in System Center. Using this tool gives you access to the status of your subscribed services, active and resolved service incidents, and your Message Center communications.

Office 365 Service Communications API
The Office 365 Service Communications API enables you to create or connect your tools to Office 365 service communications, potentially simplifying how you monitor your environment. The Service Communications API enables you to monitor the following in your environment:
- Real-time service health
- Message Center communications
- Planned maintenance notifications

Detailed information on Microsoft Office365 Service Health is available here: https://docs.microsoft.com/en-gb/office365/servicedescriptions/office-365-platform-service-description/service-health-and-continuity

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Microsoft provides a number of options to do this and how it is implemented would be discussed as part of the contract discussion.

Options include
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3
ISO/IEC 27001 accreditation date
19/1/2019
What the ISO/IEC 27001 doesn’t cover
https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Landscape, as part of the Xeretec Group, is ISO 27001 accredited and the information systems and security within Landscape and the wider Xeretec Group are critical for the day-to-day performance of the company. Landscape have numerous internal processes in place to ensure that we adhere to national and international guidelines for information and security, we are also Cyber Essential Accredited and an HP Platinum Partner. A security issue within these systems could have serious consequences, not just for our customers, but also for Landscape if we are to consider material damages, loss of customers, reduced revenue and damaged reputation to Landscape.
A robust security policy is necessary to support continued growth and to ensure a reliable high-level service to customers, suppliers, employees and business partners. Our policy defines the minimum level of due care required by all staff and suppliers.
Our IT Team is responsible for implementing the instructions and processes for our information owners and Line Managers. Users also have a responsibility to follow all data security measures and requirements, as outlined in the policy and to report any suspicious activity and security incidents, as per the process.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our implementation process is proven and meticulous, as we pride ourselves on delivering an excellent service. Should Landscape become a preferred supplier, an experienced and dedicated Account Manager, will be allocated.
During the project phase, we will ensure that there are clear communication lines and a full understanding of implementation requirements between all parties from the start.
A full audit of provided components will be conducted and a change management process will be in place to ensure that all services and assets provided can be tracked and monitored for performance and security impacts.
Vulnerability management type
Undisclosed
Vulnerability management approach
Threat management strategy for Office 365 involves identifying a potential threat’s intent, capability, and probability of successful exploitation of a vulnerability. The controls used to safeguard against such exploitations are founded upon industry security standards and best practices. Office 365 provides robust email protection against spam, viruses, and malware with Exchange Online Protection. Office 365 also offers Advanced Threat Protection (ATP), an email filtering service that provides additional protection against specific types of advanced threats.
https://www.microsoft.com/en-us/trustcenter/security/office365-security#
Protective monitoring type
Undisclosed
Protective monitoring approach
Office 365 uses defense-in-depth security principles to protect against internal and external risks. The scale and global nature of the Microsoft footprint allows us to use strategies and techniques for defending against network attacks that few providers or customer organizations can match. The cornerstone of our strategy is using our global presence to engage with internet providers, public and private peering providers, and private corporations all over the world, giving us a significant internet presence. This enables Microsoft to detect and defend against attacks across a very large surface area
https://www.microsoft.com/en-us/trustcenter/security/office365-security#
Incident management type
Supplier-defined controls
Incident management approach
Based on NIST 800-61. For full information please link document.
https://www.microsoft.com/en-us/download/confirmation.aspx?id=54302

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£3.80 to £37.64 per user per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
The trial provides access to Microsoft's Office365 Enterprise E3 product for up to 25 users.This includes:
Current desktop applications on up to 5 PC or Macs
Mobile apps on up to 5 tablets and 5 phones (iOS/Android).
Online meetings and messaging.
Additional trial services available on request.

Service documents

Return to top ↑