Etain Limited

Etain Microsoft Dynamics 365 Solution

The provision of custom solutions using Microsoft Dynamics 365 as a base platform and with integration to secure portal or SharePoint Online. Examples include integrated case and document management, records management, and tracking solutions. Solutions often incorporate real-time or batch integration with external data sources.


  • Full integration between SharePoint, Outlook and Kentico CMS
  • Business Intelligence, Dashboards and flexible reporting
  • Integration with Microsoft products through consistent menu ribbons
  • Advanced Personalisation allowing workplaces, links & preferences
  • Role-based Forms and Views control secure access to data
  • Configuration Capabilities such as communications & data audits
  • Customizing and Sharing allow customisations to be shared with others
  • Interactive Process Dialogs allow mapping of workflows and processes
  • Microsoft Dynamics Marketplace provides access to accelerator solutions
  • Deployment ensures same experience for on-premises and cloud deployment


  • Secure access to CRM master / transaction data and workflows
  • Ease of Use. Look/Feel is familiar to other Microsoft products
  • Flexibility, Microsoft Dynamics 365 allows customisation
  • Easy Access, Microsoft Dynamics 365 keeps data within one repository
  • Integration, Microsoft Dynamics 365 fully integrates with Outlook
  • Reliability, Dynamics 365 is a trusted solution with constant development
  • Affordable, one of the most cost-effective solutions available
  • Cost Effective, Microsoft Dynamics 365 is also an innovative product
  • Reporting, allows performance management & management of service issues


£495 to £975 per person per day

Service documents

G-Cloud 11


Etain Limited

Peter Shields

+44 (0)28 90872222

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints No
System requirements
  • Microsoft Dynamics 365 Licence / Subscription
  • Internet connection
  • Up to date Operating system and Web Broswer

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Target Response Time in Prime Service Hours Priority 1 = 1 Hour Priority 2 = 4 Hours Priority 3 = 6 Hours Priority 4 = 8 Hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Availability: Monday - Friday (9am - 5.30pm)

Severity Definitions:
* High: Urgent problem. Web site down or business
critical problem

* Medium: Crash or bug affecting multiple users.

* Low: Presentation issue or bug which is limited to
one user or can’t be replicated.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Etain provide tailored onsite training with accompanying user documentation designed to support all end-users as they learn to operate their custom solution. Where requested, other training materials such as PowerPoint presentations and how-to videos can also be commissioned.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Microsoft Dynamics 365 comes with a data extraction tools that allows export to CSV, Excel and other formats.
End-of-contract process Clients have the ability to extract data without support from Etain, alternatively at an additional cost, Etain can provide this service.
Again, at additional cost, Etain can archive the solution for future use or reference.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are no functional differences between the mobile and desktop application. Administration tasks not available via mobile.
Service interface Yes
Description of service interface The Web API implements the OData (Open Data Protocol), version 4.0, an OASIS standard for building and consuming RESTful APIs over rich data sources - because the Web API is built on open standards, specific assemblies are not required, instead it's possible to compose HTTP requests for specific operations or use third-party libraries to generate classes for whatever language or platform required.
In addition an Online Management API is provided to allow automated management of customer engagement instances in your Office 365 tenant if required.
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing Etain work with customers from project initiation to confirm accessibility requirements in order to define and include support for keyboard navigation, screen reader use and any high contrast requirements.
What users can and can't do using the API Given appropriate security credentials via the API, users can interact fully with the service. This includes the creation, read, update and deletion of records. Data can also be imported and exported from the service via the API.

More Information -
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Microsoft Dynamics 365 can be customised to connect and communicate with a variety of legacy systems. It can also integrated with Microsoft SharePoint to offer a full case tracking solution with direct and two-way access to document repositories.

Microsoft Dynamics 365 can be fully customised to provide bespoke outputs such as reports and marketing automations.

Microsoft Dynamics 365 can also be custom branded with a client's logo and inhouse terminology.


Independence of resources Microsoft Dynamics 365 is a multi-tenant platform that scales automatically to user numbers and demand.

Microsoft operate a global network of data centres including in the UK and capacity is maintained and benchmarked for Dynamics, Azure Services and Office.


Service usage metrics Yes
Metrics types Service usage metrics are typically determined for each implementation. They are defined with the customer during an initial scoping/analysis phase based on business and reporting requirements. Typical metrics could include: user activity, records created/deleted, record values, aggregate values. System metrics could include storage used, data table size and records counts.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Microsoft

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Etain work with the customer to implement an appropriate data export solution.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Service level is 99.9% uptime with a credit available of 25% if this falls below 99.9%, 50% if it falls below 99% and 100% if service availability falls below 95% relevant to that particular months subscription fee.
Approach to resilience Microsoft offerings are delivered by highly resilient systems that help to ensure high levels of service. Service continuity provisions are part of the Microsoft system design. These provisions enable Microsoft to recover quickly from unexpected events such as hardware or application failure, data corruption, or other incidents that affect users. These service continuity solutions also apply during catastrophic outages (for example, natural disasters or an incident within a Microsoft data centre that renders the entire data centre inoperable). The Microsoft Dynamics CRM Online service is designed to provide a high degree of security, continuity, and compliance.
Outage reporting System administrators are notified by email and the Microsoft portal updates a running notification, the Organisational Insights Dashboard will update and Yammer and social media may also be used.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Office 365 comes with a set of administrator roles that you can assign to users in your organization. Each admin role maps to common business functions, and gives those people permissions to do specific tasks the Office 365 admin centre.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 SGS
ISO/IEC 27001 accreditation date 13/03/2018
What the ISO/IEC 27001 doesn’t cover N/a
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes An ISMP has been established to enable Office 365 to maintain and improve its management system for information security. Through establishment of the ISMP, Office 365 plans for and manages protection of its assets to acceptable security levels based on defined risk management processes. In addition, Office 365 monitors the ISMS and the effectiveness of controls in maintaining the confidentiality, integrity and availability of assets to continuously improve information security.

The ISMS framework encompasses industry best-practices for information security and privacy. The ISMS has been documented and communicated in a customer-facing Information Security Policy, which can be made available upon request (customers and prospective customers must have a signed NDA or equivalent in place to receive a copy).

Office 365 performs annual ISMS reviews, the results of which are reviewed by management. This involves monitoring ongoing effectiveness and improvement of the ISMS control environment by reviewing security issues, audit results, and monitoring status, and by planning and tracking necessary corrective actions.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All development in Microsoft Dynamics 365 is carried out in the Security Development Lifecycle which helps developers address compliance requirements.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Dynamics 365 is hosted in Microsoft datacenters and uses their security measures and mechanisms to protect data. Microsoft blocks unauthorized traffic to and within datacenters using a variety of technologies. We constantly maintain, enhance, and verify the infrastructure, and employ regular penetration testing to continually validate the performance of security controls and processes.
Dynamics 365 is designed on the principles of the Security Development Lifecycle, a mandatory Microsoft process that embeds security requirements into every phase of development. The Dynamics 365 operations team also follows the rigorous standards set by Microsoft Operational Security Assurance to help protect customer data.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach To ensure that activities within the service are legitimate, and to detect breaches or attempted breaches, Dynamics 365 takes advantage of the cloud service infrastructure and security mechanisms. The Dynamics 365 environment deploys antimalware software that helps protect infrastructure against online threats. Microsoft also provides intrusion detection, distributed denial-of-service (DDoS) attack prevention, and regular penetration testing to help validate security controls.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Microsoft is responsible for the platform including services offered and provides a cloud service that can meet the security, privacy, and your compliance needs.
As a customer, you are responsible for the environment once the service has been provisioned. You must identify which controls apply to your business and understand how to implement and configure them to manage security and compliance with applicable regulatory requirements. Etain offers implementation guidance to help accomplish these tasks and better manage the risk. Any incident can be reported through the Microsoft portal.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £495 to £975 per person per day
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑