AMDH Services Limited

Enterprise Office 365 Solution with Backup & AV

Our solution is based upon Microsoft 365 E3 and is targeted at large Enterprises with over 300 users. It provides the Office suite, desktop and mobile management, password management tool, antivirus and backup for Office 365

Features

  • Microsoft 365 Apps - Powerpoint, Word, Excel, OneNote, Access
  • Windows 10 Enterprise Uplift to Windows 10 Pro
  • Mobile Device Management (MDM) with Intune
  • Locally installed applications and cloud based apps
  • Email & Calendaring with Outlook and Exchange Online
  • Social & Internet with Sharepoint and Yammer
  • Files storage and sharing with Onedrive
  • Video Sharing with Stream, Storytelling with Sway
  • PowerBI, PowerApps, and PowerAutomate
  • Office 365 Backup, Antivirus, and Password Management

Benefits

  • Collaborate easily and effectively
  • Active Directory integration with Azure AD
  • Office365 is Cyber Essentials Plus and ISO27001:2013 certified
  • Office365 automatically updates itself when new versions are released
  • Install Office365 on upto 5 PCs per user
  • Install Office365 on upto 5 tablets or phones per user
  • Use Office365 Secure Score to provision securely
  • Work securely on any device from anywhere with internet
  • Powerful data management and governance tools for GDPR compliance
  • Personal Analytics into work patterns

Pricing

£115 to £115 a user a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.horler@amdhservicesltd.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

8 4 8 6 5 2 5 7 0 0 3 1 1 0 6

Contact

AMDH Services Limited Andrew Horler
Telephone: 01332322588
Email: andrew.horler@amdhservicesltd.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
###Office 365 will run on most supported modern Microsoft Windows operating systems - but some elements may require updates to the operating system to be installed or specific Active Directory forest levels to be in place.

###We also recommend that prior to migrating to Office 365 you have a number of checks run - specifically around your Exchange environment, Sharepoint environment, Active Directory environment, LAN and WAN infrastructures and internet access.
System requirements
  • Processor: 1.6GHz or faster.
  • Memory: Recommended minimum memory is 4GB
  • Hard Disk: Min 4GB (Windows) Min 10GB (Mac)
  • Display: DirectX 9 or later, WDDM 2.0 for Win10, 128MB
  • Windows OS: Windows 10 / 8.1, Windows Server 2019/2016
  • Mac OS: 3 latest versions
  • Browser: Microsoft Edge, IE, Safari, Chrome or Firefox
  • .NET: version 3.5 or 4.6 are required for some features.
  • See the Microsoft website for a full list.

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Response times depend on support package purchased and ticket type:
Critical Incidents
###
Bronze: Initial response in 4 hours, weekdays 9am-8pm
Silver / Gold: Initial response in 1 hours, 24/7

Urgent Incidents
###
Bronze: Initial response in 8 hours, weekdays 9am-8pm
Silver / Gold: Initial response in 2 hours, 24/7

Important Incidents
###
Bronze: Initial response in 12 hours, weekdays 9am-8pm
Silver / Gold: Initial response in 4 hours, 24/7
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Yes, at an extra cost
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Depends on our support package:
Bronze: Email support only
Silver / Gold: Chat supported through user logging into our support portal and accessing chat.
Web chat accessibility testing
None at this time.
Onsite support
Yes, at extra cost
Support levels
BRONZE SUPPORT
###
Email only, initial response 4 hours for critical incidents, support available weekdays 9am - 8pm only.

SILVER SUPPORT
###
Email, live chat, telephone and online ticketing tool. Initial response 1 hours for critical incidents, support available 24/7.

GOLD SUPPORT
###
Email, live chat, telephone and online ticketing tool. Initial response 1 hours for critical incidents, support available 24/7. Customizable.

PRICING
###
Pricing for the support options is based on the number of licenses / staff, anticipated number of tickets raised per month, complexity of the tickets, and the number of different products that are being supported. Once this information has been collated support will be provided based on the SFIA rate card staff requirements.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Upon receiving an order from a customer for Microsoft services we would arrange a kick off meeting with the customer to discuss what assistance they require around onboarding. At this meeting we would discuss:
1) Office 365 Strategy - including minimum viable product
2) Deployment Planning
3) Preparatory Checks of AD, Exchange, Sharepoint, and their Network
4) Remediation following checks
5) Status of customer devices - what OS are in use, what mobile devices etc
5) Data Migration Planning
6) User Migration Planning
7) Adoption Planning
8) Training Plan
8) Required ongoing support
Following this we would provide to the customer a quote for the associated professional services to deliver all the above items as required.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
1) Customers can remove their data from Office 365 when their contract ends should they desire to do so. Since the customer will own their tenancy/subscription rather than AMDH they can also shift management of their environment to another provider.
2) Some elements of Office 365 may not support data extraction so customers should make themselves aware of the features prior to consuming the service.
3) Ability to extract data maybe license dependent - for example SKUs that only provide online access to email may not provide an interface with which to complete a data extraction.
4) In general however it is possible to complete data extraction for Exchange Online, Sharepoint Online, and Onedrive.
5) Any assistance from AMDH for data extraction is a chargable activity.
End-of-contract process
*** Scenario 1: Customer stops paying for product and doesn't buy the licenses from another Microsoft reseller - in this case the subscription is moved into an expired state for 30 days, then into a disabled state for 120 days. After the 120 days the data is removed. Whilst in a disabled state only administrators can access the data for the purposes of backing up the data.
*** Scenario 2: Customer stops paying AMDH for product and begins buying from another Microsoft reseller - in this case the subscription and purchased services will continue unaffected with no loss of data.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Office 365 is a suite of applications - with online browser based versions, desktop installation versions and mobile versions. The mobile versions typically have a different form factor and user interface to take account of the touchscreen accessibility available on a mobile device that is not typically available on a desktop. Some features available on the web or desktop version are not available on the mobile versions. For full details of the differences see the Microsoft website.
Service interface
Yes
Description of service interface
Office 365 has a number of interfaces - the main one however is the portal.office.com website - this is a role based access portal that presents users a view based on the privileges they hold. For normal users it presents them the standard web applications - e.g. online versions on word, excel, etc - but for users with administrative privileges it presents them with a range of administrative applications - such as the Office 365 Security Center, Office 365 Compliance Center etc.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
AMDH have completed no testing of the interface - however Microsoft have used the U.S. Department of Homeland Services Trusted Tester Program to help verify that Office 365 conforms to accessibility standards.
API
Yes
What users can and can't do using the API
Office 365 supports the Microsoft Graph API. Full documentation for this RESTFUL API can be found on the Microsoft website.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
There are a variety of customisations that can be used with the Office 365 product set - these include changing the look and feel of the management interface, changing the look and feel of elements within it (e.g. sharepoint), changing how its managed, changing what is alerted upon etc.

We would anticipate discussing all options around this with any customer who wanted to buy the product through us.

Scaling

Independence of resources
Microsoft Office 365 has been designed with the assumption that all tenants are potentially hostile to all other tenants, and has been implemented with security measures to prevent the actions of one tenant from affecting the security or service of another tenant, or accessing the content of another tenant.
This has been achieved through i) Logical isolation of customer content within each tenant Office 365 environment through Azure AD authorization and RBAC ii) sharepoint online uses data isolation mechanisms at a storage level iii) rigorous physical security and background screening iv) encryption of data at rest and in transit.

Analytics

Service usage metrics
Yes
Metrics types
Monitoring reports are available through either the Admin Center Reports Dashboard or through PowerBI Pro depending on what information is required. Reporting can be further customized at additional cost.

Reports are available on Email activity, Mailbox usage, activations, active users, forms activity, Apps usage, Onedrive usage, Teams usage, sharepoint activity etc.

Through a PowerBI Pro template a executive dashboard is also available.

Information can also be obtained through the Microsoft Graph API.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Microsoft, NetApp, Lastpass

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
Never
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Office 365 Email - an export tool can be used or the data can be extracted manually by users.
Office 365 Sharepoint - an export tool can be used or the data can be extracted manually by users.
Office 365 Teams - - an export tool can be used or the data can be extracted manually by users.
The export tool would be an "at additional cost" option for the customer.
Data export formats
Other
Other data export formats
Depends on the data source e.g.email as *.pst
Data import formats
Other
Other data import formats
Depends on data source e.g.email as *.pst

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
In general the SLA Microsoft offer against Office 365 is:
Monthly Uptime Percentage: <99.9% - 25% service credit
Monthly Uptime Percentage: <99% - 50% service credit
Monthly Uptime Percentage: <95% - 100% service credit

For specific details of how this applies and how the service credits are paid please read the full details in the Online Services Consolidated SLA document available through the Microsoft website.

This only applies to the subscription service not to any support package offered by AMDH.
Approach to resilience
Office 365 is designed with the following principles:
1) Active/Active design - Microsoft is driving to have all services architected and operating in an active/active design. This means there are always multiple instances of a service running out of geographically dispersed data centres. All user traffic enters the Office 365 environment through Microsoft Front Door which is a georedundant load balancer.

2) Reduction in Incident Scope through use of i) service partitioning ii) updates applied using rings of validation to prevent an update affecting multiple instances of a service simultaneously iii) increasing the use of automation in monitoring to pick up on problems rapidly.

3) Fault isolation - code for Office 365 is developed in such a manner that problems in one part of Office 365 introduced through a code change should not propagate to another part of Office 365.

However - AMDH recommend that potential customers do not treat Office 365 as though it has built in resiliency to the point where no backup is required. Customers should purchase a backup solution for Office 365 in addition to setting appropriate retention policies and security policies.
Outage reporting
Office 365 has a Service health status dashboard in addition to a service status API and alerts can be configured too.

We would look to cover Outage reporting as part of any onboarding completed with our customers.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Office 365 uses Azure AD as its identity provider. Azure AD / Office 365 supports role based access control and access to the management interfaces is controlled through Azure AD. Further control can be applied using Azure AD Conditional Access and Privileged Identity Manager (PIM) in order to ensure users only access management features when authorized.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials
Information security policies and processes
Security Incident Reporting can escalate to our Managing Director & CTO.

We have the following policy documents:
- BYOD Policy
- Data Breach Policy
- Devices Policy
- Password Policy
- User accounts policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
**AMDH: Configuration and change management is managed through our change management processes, procedures and policy.

**Microsoft: Configuration and change management is managed through their change management processes, procedures and policy.

**Office365: The configuration and change management of a customer Office 365 subscription will depend upon whether the customer manages it themselves or whether it follows a mixed management process with the customer and AMDH joinly manage the environment. We would anticipate discussing this with the customer in detail prior to commencing the service.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
AMDH: We follow the procedures we have defined around our Cyber Essentials certification.

Microsoft: Microsoft follow the procedures required by the certification requirements of Cyber Essentials Plus and ISO27001:2013 for Office 365.

Office 365 Provider Vulnerability Management: Managed by Microsoft.

Office 365 Consumer Vulnerability Management: Managed by the customer based upon the features they purchase and processes and procedures they put into place. For example enhanced features will be available if the customer uses Office 365 E5, Microsoft 365 E5, Microsoft 365 Business Premium, EMS E3, or EMS E5.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
At present AMDH does not offer any services that require protective monitoring.

Office 365 is monitored by Microsoft for data breaches - this is detailed on the Microsoft website:
https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-breach-office365

Customers can choose to purchase enhanced monitoring using the Advanced Threat Protection (ATP) license options available - but should be aware that they need staff to monitor the outputs of this tool.
Incident management type
Supplier-defined controls
Incident management approach
AMDH: Incidents are either automatically detected or reported by users. Once reported to our service desk they will be managed according to our Incident Management Procedures.

Office 365: Incidents are managed following the Microsoft procedures. These are available on the Microsoft website.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£115 to £115 a user a month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
There is a 1 month limited free trial for up to 20 users but in order to participate in the free trial the user would require setup which isn't free.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.horler@amdhservicesltd.com. Tell them what format you need. It will help if you say what assistive technology you use.