IBM's solution for Social Housing provides a modern digital services and customer engagement platform based on Microsoft Dynamics 365 and the Microsoft Cloud. A powerful platform for Social Housing transformation and 'Digital by Default' programmes successfully deployed to a significant number of UK based Housing Associations.
- Built on Microsoft Dynamics 365 using the Microsoft Cloud
- End to end business process and workflow automation
- Integrated customer self-service and Omni-channel support
- Out of the box integration with other Microsoft technologies
- Knowledge management
- Integration to other Housing Association applications
- Robust security model
- Modern browser-based solution
- Inbuilt business intelligence, reporting and analytics
- Full Application Maintenance Support service available at extra cost
- 'Digital by Default' solution
- Enabler for business transformation
- Platform for application consolidation
- Social Housing functionality 'out of the box'
- Powerful real-time analytics
- Mobile-working as standard
- Single view of the customer
- Extensible and configurable platform, exploiting the full Microsoft Cloud
- Fully maintained to latest Microsoft releases
- Accelerate development of customer services
£5 per user per month
IBM United Kingdom Ltd
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Minimum Microsoft specified network and infrastructure requirements to consume Microsoft Cloud Services. Service is limited to Microsoft Dynamics 365. Service uses framework developed by IBM. Web browser required. Internet connection required. Separate Application Maintenance & Support available. IBM professional services may be required for deployment.|
|Email or online ticketing support||Yes, at extra cost|
|Support response times||IBM will acknowledge support questions within one hour of logging (based on standard UK office hours). The support issue will then be analysed and fixed based on support priorities. These priorities are detailed within the question 'Describe your support levels'.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.0 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Yes, at an extra cost|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||
Web chat is available via the LiveChat web chat solution accessible via the IBM support portal. Many users will already have experienced the use of web chat software while connected to a website and LiveChat uses an easy to use interface enabling instant communication with the help desk.
If the web chat is enabled then the user will see that they can initiate a conversation with the IBM helpdesk. Once the user submits a question they will be placed in a queue and their question will be responded to as swiftly as possible depending on the size of the current queue.
The activities performed within Live Chat are fully managed and recorded in the history of the IBM support system.
|Web chat accessibility testing||None|
|Onsite support||Yes, at extra cost|
Support levels are managed dependent on the severity of the issue with severity 1 being the most serious to 4 being the least serious. Details of these service levels are:
1 - High. Complete stoppage of work for all users and no other options or Workaround available for work to continue/a major function is not operational that impacts all users and no other options or Workaround available. Resolution aim within 1 to 8 hours.
2 - Medium. System is not operational for one or more users and no other options or Workaround available for work to continue/a major function is not operational that impacts some users and no other options or Workaround available. Resolution aim within 2 to 16 hours.
3 - Low. A minor function of the System is not operational for one or more users, but they can continue to use other application functions. Example being a user has questions about System functionality/a user needs administrative assistance. Resolution aim within 8 hours to 10 working days.
4 - Lowest. A minor issue with very low or no visibility that has no direct impact on the application, users or revenue. Resolution aim within 8 hours to 20 working days.
|Support available to third parties||Yes|
Onboarding and offboarding
Microsoft Dynamics 365 makes available comprehensive guidance, help, training and troubleshooting materials as part of the Microsoft Dynamics 365 Service. Within the Administration Portal, there are links to many of the resources available, including:
Help articles for users and administrators who need to manage Microsoft Dynamics 365.
Community forums/wikis where help articles and white papers are published
Service Health dashboard for information regarding outages/issues.
To help organisations to start using the service, IBM will provide the Solution consisting of the IBM Public Sector Solution for Microsoft Dynamics – Social Housing which includes a set of pre-built configuration and customizations built on Microsoft Dynamics. This provides:
a. Social Housing-ready data schema based on customising existing Microsoft Dynamics entities and adding new ones;
b. a range of Social Housing features and processes to simplify key activities;
c. a Solution Generator which speeds up the process of generating Social Housing services/processes together with the ongoing maintenance and release management between Microsoft Dynamics environments;
d. a set of pre-built configurations and customizations for the Microsoft portals for delivering integrated customer self-service.
|End-of-contract data extraction||Several data extract options are offered to support offboarding. An Advanced Find query can be configured with all data required for export and then exported to Excel / CSV etc. The Data Export service adds the ability to replicate Dynamics 365 data to a Microsoft Azure SQL Database store. The Software Development Kit (SDK) can also be used.|
No more than 180 days after expiration or termination of Customer’s use of an Online Service, Microsoft will disable the account and delete Customer Data from the account.
A termination will be effective at the end of the monthly Subscription cycle during which the buyer terminates the Subscription or reduces the number of User Licenses. The buyer must pay for the period prior to the termination effective date.
If the buyer terminates a one year Subscription within 30 days of the date on which the Subscription became effective or was renewed, the buyer must pay for the initial 30 days of the Subscription. No
payments will be due for the remainder of the Subscription.
Buyers wishing to offboard from the service should refer to the subscription cancellation section within the Microsoft Dynamics Customer Centre. Buyers offboarding from the service are able to extract their information beforehand; online guidance details how to export information into Excel format, and customers can also request a copy of the Microsoft Dynamics 365 Online SQL Database by referring to http://msdn.microsoft.com/en-us/library/hh127043.aspx.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||You can access Microsoft Dynamics 365 data from mobile devices by installing and using the apps for Windows, iOS, and Android mobile devices, or you can run the Dynamics 365 web app on the device’s preferred browser. The Dynamics 365 mobile apps can be downloaded from the appropriate app store at no charge and they support Windows / iOS & Android devices. The mobile app gives a rich user experience that allows users to access many of the same features they would use via the desktop browser, while also leveraging capabilities of the mobile device such as GPS & camera.|
|Accessibility standards||WCAG 2.0 AA or EN 301 549|
Microsoft are committed to making their products and services easier for everyone. Dynamics 365 includes a number of assistive technologies such as:
• Keyboard Shortcuts
• Built in browser accessibility
• Colour and contrast adjustment
Microsoft are continuously investing in accessible technologies via their Accessibility Development Centre. These include the use of screen readers and disability answer desk phone.
Microsoft also work closely with other assistive technology companies from a number of different perspectives including:
• Dexterity & Mobility
• Language & Communication.
Dynamics is an application and meets the published standards as an application. Microsoft accessibility statement on can be found on the Microsoft Accessibility website (http://microsoft.com/enable). Microsoft publishes Voluntary Product Accessibility Templates (VPAT).
|What users can and can't do using the API||
The web API provides a development experience that can be used across a wide variety of programming languages, platforms, and devices. The Web API implements the OData (Open Data Protocol), version 4.0, an OASIS standard for building and consuming RESTful APIs over rich data sources. (Further details can be found here -https://msdn.microsoft.com/en-gb/library/mt593051.aspx).
The web API is part of the Dynamics 365 Software Development Kit (SDK). The SDK contains a wealth of resources, including code samples, which are designed allow powerful vertical applications to be built using the Microsoft Dynamics 365 platform. It is a guide for developers writing solutions, server-side code, client applications and extensions, custom business logic, plug-ins, integration modules and custom workflow modules.
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||
Microsoft Dynamics 365 is a highly customisable and flexible business application. The bulk of the customisations can be carried out without requiring custom development. This includes amending and creating new entities, forms, view and workflow processes. For cases that do require custom development, Microsoft provides a software developer kit (SDK).
The IBM Social Housing solution is highly customisable via powerful and intuitive point and click interfaces. These include configurable workflow, business logic and customer service processes.
Business process can be quickly configured, mapped and managed via the solution. These business processes can be routed to the appropriate individual or team with associated service levels to ensure they can be managed in a controlled and consistent manner.
Forms & fields can also be added and amended to mirror the users organisation and ensure customer interaction can be dealt with as efficiently and effectively as possible.
Any documents or communication can also be customised to be generated (this can be done automatically) as part of a business process to ensure customers receive timely and effective communication.
|Independence of resources||Microsoft have invested heavily in cloud based data centres and therefore are able to provide a comprehensive service level agreement for your organisation. Microsoft provides a financially backed service level of 99.9% uptime for the solution. If this level drops then service credits will be issued by Microsoft. There is a built in elasticity within the data centre to ensure that customers will not be impacted based on others usage.|
|Service usage metrics||Yes|
|Metrics types||Dashboards & reports are a powerful feature in Microsoft Dynamics 365. Information can be assembled and presented from several places in Microsoft Dynamics 365 in a quickly-read format. Dashboards & reports are easy to create, and are easy to revise as your changing business needs require.|
|Reporting types||Real-time dashboards|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||Microsoft|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Other data at rest protection approach||AES 256bit Symmetric SQL Transparent Data Encryption (TDE).|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Several data extract options are offered, one is to select any system data (such as a set of contacts) and export to Excel as either a static or dynamic worksheet. The Data Export service adds the ability to replicate Dynamics 365 data to a Microsoft Azure SQL Database store. Another option is to use web service APIs documented in the Dynamics 365 SDK|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Other protection between networks||
Safeguards are applied on multiple fronts, including: securing the web application with SSL; custom-defined security roles which govern what users can access and the actions they can perform; field-level security; full business data auditing; and stringent physical security of Microsoft data centers, including building and system/database access. Additionally, the application itself uses standard security features of the Microsoft software infrastructure.
Dynamics 365 is deployed in Microsoft datacenters, protected by defense-in-depth security that includes perimeter-fencing, video cameras, security personnel, secure entrances, and real-time communications networks. The defense-in-depth security continues through every area of the facility and to each physical server unit.
|Data protection within supplier network||
|Other protection within supplier network||The networks within the Microsoft Dynamics 365 data centers are designed to create multiple separate network segments within each data center. This segmentation helps to provide physical separation of critical, back-end servers and storage devices from the public-facing interfaces.|
Availability and resilience
|Guaranteed availability||Microsoft Dynamics 365 is covered by a financially backed guarantee 99.9% monthly availability.|
|Approach to resilience||The service has multiple layers of monitoring in place. The infrastructure/platform layer is monitored for events related to provisioning, service failures, and threshold attainment (such as memory consumption). Each instance of a customer’s Microsoft Dynamics 365 data is written locally twice within the same primary datacenter as well an asynchronous sync to a secondary datacenter on the same continent for a total of four copies, in the event a failover is required. Microsoft Dynamics 365 operates in geographically distributed Microsoft facilities. Each facility is designed to run 24x7x365 and employs various measures to help protect operations from power failure, physical intrusion, and network outages. These datacenters comply with industry standards (such as ISO 27001) for physical security and availability.|
|Outage reporting||Service disruption notification emails go out to all Dynamics 365 Online System Administrators when there is downtime involved.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Identity federation with existing provider (for example Google Apps)|
|Access restrictions in management interfaces and support channels||Access to management interfaces and support channel is limited to Office 365 Global or Dynamics Administrators.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Identity federation with existing provider (for example Google Apps)|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||British Standards Institution (BSI)|
|ISO/IEC 27001 accreditation date||Original Registration Date 29/02/2012|
|What the ISO/IEC 27001 doesn’t cover||Microsoft Dynamics 365 is covered by ISO/IEC 27001|
|ISO 28000:2007 certification||No|
|CSA STAR certification||Yes|
|CSA STAR accreditation date||05/04/2012|
|CSA STAR certification level||Level 1: CSA STAR Self-Assessment|
|What the CSA STAR doesn’t cover||Self Assessment|
|Other security accreditations||Yes|
|Any other security accreditations||SSAE 16 SOC 1 Type II|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
IBM has an Information Technology (IT) Security policy that establishes the requirements for the protection of IBM's worldwide IT systems and the information assets they contain, including networks and computing devices such as servers, workstations, host computers, application programs, web services, and telephone systems within the IBM infrastructure. IBM’s IT Security policy is supplemented by standards and guidelines, such as the Security Standards for IBM's Infrastructure, the Security and Use Standards for IBM Employees and the Security Guidelines for Outsourced Business Services. Such are reviewed by a cross-company team led by the IT Risk organization every six months.
IBM has a dedicated Vice President of IT Security who leads a team responsible for IBM's own enterprise data security standards and practices. Responsibility and accountability for executing internal security programs is established through formal documented policies. IBM Services teams also have dedicated executives and teams who are responsible for information and physical security in the delivery of our client services.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Microsoft Dynamics 365 has developed formal standard operating procedures (SOPs) governing the change management process. These SOPs cover both software development and hardware change and release management, and are consistent with established regulatory guidelines.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Microsoft Dynamics 365 Online implements technologies to scan the environment for vulnerabilities. Identified vulnerabilities are tracked and verified for remediation. In addition, regular vulnerability/penetration assessments to identify vulnerabilities and determine whether key logical controls are operating effectively are performed.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Proactive monitoring continuously measures the performance of key subsystems of the Microsoft Dynamics 365 platform against the established boundaries for acceptable service performance and availability. When a threshold is reached or an irregular event occurs, the monitoring system generates warnings so that operations staff can address the threshold or event. System performance and capacity utilization is proactively planned to optimize the environment.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||An incident management framework has been established and communicated with defined processes, roles and responsibilities for the detection, escalation and response of incidents. Incident management teams perform 24x7 monitoring, including documentation, classification, escalation and coordination of incidents per documented procedures. Events, thresholds and metrics have been defined and configured to detect incidents and alert the appropriate Microsoft Dynamics 365 teams.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£5 per user per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Microsoft provide a free 30 day trial of the Dynamics 365 solution. Users are able to assess the functionality available within the solution including Customer Service, Field Service, Marketing and Analytics. The trial version is for the base Dynamics 365 application and does not include the additional IBM accelerator.|
|Link to free trial||https://www.microsoft.com/en-us/dynamics/free-crm-trial.aspx|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Terms and conditions document||View uploaded document|