Landscape

Cloud Services By Xeretec

A fully flexible Microsoft Office 365 service providing the full suite of products with pro rata charging. The service is enhanced with backup, email archive & continuity option. Full migration, training and licence management is available, all supported by a UK Service Desk.

Features

  • Microsoft Cloud Service Provider (CSP)
  • Microsoft Office Licencing Management
  • Full Office365 Application & Features Options
  • Office365 Migration Option
  • Office365 Files and Teams backup Options
  • Office365 Email Backup, Continuity and Archive Options
  • Office365 Training
  • Microsoft Office Applications

Benefits

  • Fully customisable Office365 offering
  • Office365 licence charging per day
  • Office365 Solution Enhancements available
  • UK Based Helpdesk
  • Inhouse Development Resources

Pricing

£3.80 to £37.64 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

748442836156783

Landscape

Kris Williams

02392 065455

kris.williams@laserjet.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Available applications and services dependent of plan purchased.
Any desktop applications available for installation are not available on Linux.
System requirements Internet Connectivity

User support

User support
Email or online ticketing support Email or online ticketing
Support response times SLA for Cloud Services is 1 Hour.
Weekends is available under separate contract.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels We can provide 24/7 telephone support and fixed SLA fix times.
Our Support models, and pricing, varies with each customer.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The onboarding process will be unique to each organisation. To facilitate this we have a number of services available to support this, including:
• Migration services
• Full licence assessment
• O365 MOT assessment
• O365 fine tuning
• End user experience assessment
• Security MOT assessment
• Onsite Trainers
• Online Training in 18 Microsoft Applications
• User documentation
Service documentation Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats Documentation can be provided in bespoke formats as required
End-of-contract data extraction Standard Microsoft data extraction tools are available to extract files, emails and metadata.
Users with the premium services will be able to automate the data extraction process.
End-of-contract process The customer requirements for off-boarding would be agreed as part of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There is a reduced feature set on the mobile applications compared to full desktop office application. Core functionality is retained for editing documents.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing Detailed information on Microsoft Accessibility can be found here:
https://www.microsoft.com/en-gb/Accessibility/office
API Yes
What users can and can't do using the API Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Office 365, Windows 10, and Enterprise Mobility + Security. Use the wealth of data in Microsoft Graph to build apps for organizations and consumers that interact with millions of users.
Microsoft Graph exposes REST APIs and client libraries to access data in Office365 and other Microsoft services.

It is available on the following Microsoft 365 services:
- Office 365 services: Delve, Excel, Microsoft Bookings, Microsoft Teams, OneDrive, OneNote, Outlook/Exchange, Planner, and SharePoint
- Enterprise Mobility and Security services: Advanced Threat Analytics, Advanced Threat Protection, Azure Active Directory, Identity Manager, and Intune
- Windows 10 services: activities, devices, notifications
- Dynamics 365 Business Central

Microsoft's PowerShell can also be utilised to carry out bulk actions on the tenant.

Requirements would be discussed as part of a bespoke service plan.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service is designed to be fully customisable to the organisation's requirements. This includes ensuring your a licenced for what you require along with premium options for backup and continuity.

Custom applications and integration can be created using Office 365 data either by the customer or by our development team to improve workflow and maximise investment.

Customisations available to individual users are the themes and layout of their Office365 web portal.

Scaling

Scaling
Independence of resources Microsoft have implemented multiple forms of protection to prevent the actions of one tenant adversely affecting the service of another tenant, including unauthorised access. This includes:
-Logical isolation of customer content through Azure Active Directory authorization and role-based access control.
-SharePoint Online provides data isolation mechanisms at the storage level.
-Rigorous physical security, background screening, and a multi-layered encryption strategy to protect the confidentiality and integrity of customer content.
-Office 365 uses service-side technologies that encrypt customer content at rest and in transit, including BitLocker, per-file encryption, Transport Layer Security (TLS) and Internet Protocol Security (IPsec).

Analytics

Analytics
Service usage metrics Yes
Metrics types Basic usage reports and dashboard are available from with Microsoft Office 365.
These metrics can be enhanced with the additional components and bespoke service that we can provide.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Reseller providing extra features and support
Organisation whose services are being resold Westcoast Ltd

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Standard Microsoft tools for available that enable users, either manually or automated routines:
- export emails to .pst files
- move/copy files to a central location
- extract user information metadata to csv files
Data export formats
  • CSV
  • Other
Other data export formats
  • .pst
  • Bespoke services available
Data import formats
  • CSV
  • Other
Other data import formats
  • Pst
  • Bespoke service enables import from on premises servers and desktops
  • Bespoke service enables import directly from other cloud service provders

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks Please note that Microsoft have deprecated legacy SSL and TLS 1.0 and TLS 1.1.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9%

Higher rates of availability for Email are available with the Email Continuity option.
Approach to resilience Microsoft has designed Office 365 to withstand certain types of failures and yet remain fully-functional from the customers' perspective.
Detailed information on this can be found here: https://docs.microsoft.com/en-us/office365/securitycompliance/office-365-data-resiliency-overview

In addition we are able to provide additional products that complement Office365 and provide:
- Email backup archive and continuity if the event of an Azure outage
- Back up of Onedrive/SharePoint files

Further information is available on request.
Outage reporting Microsoft provide three key mechanisms for reporting service health.
- Office 365 Admin App/Portal
- Office 365 Management Pack for Microsoft System Center 2012 R2
- Office 365 Service Communications API

Office 365 Admin App/Portal
The Admin App and Portal for Office 365 tenant administrators has the ability to view service health information and maintenance status updates from their mobile devices or web browser.

Office 365 Management Pack for Microsoft System Center 2012 R2
Organisations using System Center now have the option to import the Office 365 Management Pack, which enables them to view all service communications within Operations Manager in System Center. Using this tool gives you access to the status of your subscribed services, active and resolved service incidents, and your Message Center communications.

Office 365 Service Communications API
The Office 365 Service Communications API enables you to create or connect your tools to Office 365 service communications, potentially simplifying how you monitor your environment. The Service Communications API enables you to monitor the following in your environment:
- Real-time service health
- Message Center communications
- Planned maintenance notifications

Detailed information on Microsoft Office365 Service Health is available here: https://docs.microsoft.com/en-gb/office365/servicedescriptions/office-365-platform-service-description/service-health-and-continuity

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Microsoft provides a number of options to do this and how it is implemented would be discussed as part of the contract discussion.

Options include
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3
ISO/IEC 27001 accreditation date 19/1/2019
What the ISO/IEC 27001 doesn’t cover https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications https://servicetrust.microsoft.com/ViewPage/MSComplianceGuideV3

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Landscape, as part of the Xeretec Group, is ISO 27001 accredited and the information systems and security within Landscape and the wider Xeretec Group are critical for the day-to-day performance of the company. Landscape have numerous internal processes in place to ensure that we adhere to national and international guidelines for information and security, we are also Cyber Essential Accredited and an HP Platinum Partner. A security issue within these systems could have serious consequences, not just for our customers, but also for Landscape if we are to consider material damages, loss of customers, reduced revenue and damaged reputation to Landscape.
A robust security policy is necessary to support continued growth and to ensure a reliable high-level service to customers, suppliers, employees and business partners. Our policy defines the minimum level of due care required by all staff and suppliers.
Our IT Team is responsible for implementing the instructions and processes for our information owners and Line Managers. Users also have a responsibility to follow all data security measures and requirements, as outlined in the policy and to report any suspicious activity and security incidents, as per the process.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Our implementation process is proven and meticulous, as we pride ourselves on delivering an excellent service. Should Landscape become a preferred supplier, an experienced and dedicated Account Manager, will be allocated.
During the project phase, we will ensure that there are clear communication lines and a full understanding of implementation requirements between all parties from the start.
A full audit of provided components will be conducted and a change management process will be in place to ensure that all services and assets provided can be tracked and monitored for performance and security impacts.
Vulnerability management type Undisclosed
Vulnerability management approach Threat management strategy for Office 365 involves identifying a potential threat’s intent, capability, and probability of successful exploitation of a vulnerability. The controls used to safeguard against such exploitations are founded upon industry security standards and best practices. Office 365 provides robust email protection against spam, viruses, and malware with Exchange Online Protection. Office 365 also offers Advanced Threat Protection (ATP), an email filtering service that provides additional protection against specific types of advanced threats.
https://www.microsoft.com/en-us/trustcenter/security/office365-security#
Protective monitoring type Undisclosed
Protective monitoring approach Office 365 uses defense-in-depth security principles to protect against internal and external risks. The scale and global nature of the Microsoft footprint allows us to use strategies and techniques for defending against network attacks that few providers or customer organizations can match. The cornerstone of our strategy is using our global presence to engage with internet providers, public and private peering providers, and private corporations all over the world, giving us a significant internet presence. This enables Microsoft to detect and defend against attacks across a very large surface area
https://www.microsoft.com/en-us/trustcenter/security/office365-security#
Incident management type Supplier-defined controls
Incident management approach Based on NIST 800-61. For full information please link document.
https://www.microsoft.com/en-us/download/confirmation.aspx?id=54302

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £3.80 to £37.64 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial The trial provides access to Microsoft's Office365 Enterprise E3 product for up to 25 users.This includes:
Current desktop applications on up to 5 PC or Macs
Mobile apps on up to 5 tablets and 5 phones (iOS/Android).
Online meetings and messaging.
Additional trial services available on request.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑