Content and Code Ltd

Office 365

Using years of experience in SharePoint and Microsoft Office 365 projects, Content and Code created Fresh Digital Workspace. Fresh offers a simplified communication and collaboration solution enabling organisations to cut through the O365 options, features and user requirements, to rapidly deploy and leverage the Office365 platform and its core tools.

Features

  • Home page and global navigation within Microsoft Office 365 Intranet
  • News and internal communications within Microsoft Office 365 Intranet
  • Document management within Microsoft Office 365
  • Enterprise social networking within Microsoft Office 365
  • Team sites within Microsoft Office 365
  • Internal content publishing within Microsoft Office 365 Intranet
  • Office locations within Microsoft Office 365 Intranet
  • For more see https://freshintranet.com/

Benefits

  • Increased employee engagement
  • Easy access to tools, resources and company information
  • Mobile responsive solution allowing access anywhere
  • Easy to update and maintain content
  • Flexible templates able to be deployed for multi-use
  • Aligned to Microsoft product roadmap
  • Companion app for Office 365
  • Provides a ready-to-launch cloud-based solution
  • Flexibility to extend and integrate with other solutions
  • Access to upgrades and enhancements

Pricing

£40000 per licence per year

  • Education pricing available

Service documents

G-Cloud 9

914409398317191

Content and Code Ltd

Les Janus

2071010930

info@contentandcode.com

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to Microsoft Office 365, SharePoint Online, SharePoint 2013, SharePoint 2016
Cloud deployment model Public cloud
Service constraints Content and Code's digital workspace solution requires Office 365 or SharePoint licencing from Microsoft.
System requirements
  • Microsoft Office 365 license, or
  • SharePoint license

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support service response time varies between 15 minutes and 4 hours, depending on priority of the case.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Content and Code have four tiers of support available for clients: Entry, Essential, Enhanced, and Elite. All levels of support include UK-based support desk with 8:00-18:00 M-F cover (excluding public holidays), extended hours are available as an option at an extra cost to the client; and technical support hours per month increasing from 8 (entry level) to unlimited (elite level). Essential, enhanced, and elite support additionally include service reporting, data analytics, and change management. Enhanced and elite levels have support for service and technical account management, proactive (event) management, and major incident management. Elite is the only level that includes operational run tasks (e.g. scheduled checks).
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Fresh is accompanied by a full methodology that covers branding, language and taxonomy to rollout and training.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Content is stored in SharePoint not in our product. Content can be extracted from SharePoint/Office 365 using standard practices and/or 3rd party tools.
End-of-contract process The client owns their solution from the outset and at the end of the contract the client no longer receives updates.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile services runs in browser and in responsive, rendering all pages in the solution appropriate to the device being used. Content is prioritised for typical mobile use cases, e.g. reading news over editing documents.
Accessibility standards WCAG 2.0 A
Accessibility testing Fresh intranet solution has been fully tested for interface design and user assistive technology. Fresh meets WCAG Level A standard for accessibility.
API Yes
What users can and can't do using the API All services on Fresh can be accessed using the Office 365 API. Documented here: https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available Yes
Description of customisation Fresh utilises standard SharePoint functionality and can be extended and customised in-line with best practice for modifying SharePoint. Apps hosted on third party platforms can also be integrated.

Scaling

Scaling
Independence of resources Use of client side rendering technologies pushes the UI processing to the client and reduces a user's impact on the server farm. The underlying Office 365 platform scales dynamically with the active user base and purchased licence count. Services which are designed to scale very well are used as a basis for end-user functionality including the Search service and Managed Metadata service.

Analytics

Analytics
Service usage metrics Yes
Metrics types See Service Description document for detail.
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Documents may be downloaded or synchronised locally, list/library data can be exported to Excel as an external data source.
Data export formats
  • CSV
  • ODF
  • Other
Data import formats
  • CSV
  • ODF
  • Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Approach to resilience As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Outage reporting As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Other user authentication Via Azure Active Directory using Oauth 2.0. Capabilities such as multi-factor authentication, mobile device management, Azure Rights Management, and Data Loss Protection can be enforced for all, or specific, user groups.
Access restrictions in management interfaces and support channels User roles. A user may be an administrator a particular sub level of the solution or be a member of a group with these permissions.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date http://bit.ly/2pm1ENv
CSA STAR certification level Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover N/A
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Content and Code align all services with the principles and standards described in the ISO20000 accreditations.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach As the solution is based on the Microsoft's Office 365 platform, please see https://www.microsoft.com/en-us/trustcenter for details.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £40000 per licence per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑