G-Cloud 11 services are suspended on Digital Marketplace

If you have an ongoing procurement on G-Cloud 11, you must complete it by 18 December 2020. Existing contracts with Clerkswell are still valid.
Clerkswell

Digital workplace

EasyShare is the award-winning, market-leading intranet ‘in-a- box’ product for Microsoft Office 365. EasyShare brings together best of breed tools including Skype for Business, Outlook, Yammer, Teams, Groups, Delve and Stream into one easy solution – including social features in a mobile ready platform.

Features

  • Works with all the Office365 applications
  • Apply your brand, create the information architecture you need
  • Instant technical delivery rather than months of development time
  • Fully responsive mobile and tablet experience, always up to date
  • Scalable and multi-lingual, proven in multinational organisations
  • Any SharePoint developer can extend the product
  • Hybrid options available
  • Intuitive to use, minimal training requirements
  • Integrated into the Microsoft stack and roadmap
  • Can be accessed from any device from anywhere

Benefits

  • Intuitive for employees to use
  • Social features
  • Take advantage of Office 365 investment
  • Improve comms for non desk-based workers
  • Remove IT bottlenecks
  • Empower employees with devolved comms
  • Balance governance with collaboration objectives

Pricing

£0.25 to £3.50 a person a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@clerkswell.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 11

Service ID

9 9 5 0 2 8 4 0 5 5 8 5 2 8 8

Contact

Clerkswell Olivia Brookhouse
Telephone: 02076898800
Email: hello@clerkswell.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Microsoft SharePoint Online / Office 365
Cloud deployment model
Public cloud
Service constraints
Microsoft SharePoint is required - whether the implementation is cloud-only using SharePoint Online (Office365) or a hybrid configuration with SharePoint on-premise.
System requirements
Microsoft SharePoint

User support

Email or online ticketing support
Email or online ticketing
Support response times
• Urgent items- Immediate
• High items- 2 hours
• Medium- 16 hours
• Low – agreed on a case by case basis

• Support will be available from 9am – 6pm, Monday to Friday (excluding any UK public or bank holidays).
• Support can be provided for out of hours’ deployments. These must be pre-arranged.
• Any request for services on a 24/7 basis can be provided with prior agreement on level of emergency and will be covered at a specific rate outside of this SLA.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
EasyShare licenses cover Software Assurance, providing users with bug-fixes and new features over the lifetime of the agreement.
Clients receive access to Zendesk, through which they can report issues. If a client logs an issue ClerksWell ensures an initial response time of 1 hour. Following this acknowledgement, we will investigate to confirm if the issue is a core defect (being a material defect that we can reproduce and determines to be a bug in the object code), the severity of the bug and the target release date of a fix.
In the case of medium and low severity bugs, ClerksWell will use its reasonable endeavours to resolve the issue in the next major release unless the next major release is due less than four weeks from the date the issue is reported. Otherwise, ClerksWell will use its reasonable endeavours to resolve the issue in the next major release after that.
ClerksWell will use its reasonable endeavours to resolve high-severity bugs with a minor release of the current release.
We do not provide a technical account manager or cloud support engineer as part of the license agreement, though provisions may be made with clients outside of the license agreement.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide clients with the following:
• Onsite training
• Online training
• Access to the client extranet, where they can access documentation including user guides, install guides, prerequisite documents
• Access to the client community, through which clients can pool their experiences for each other’s mutual benefit
• Access to Zendesk, through which clients may directly request support
• Best practice guidance around:
o Design
o Information architecture
o Launch planning
o Content preparation
o Governance
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Training videos
  • Word
End-of-contract data extraction
EasyShare sits on the SharePoint online platform. This means all your data resides in SharePoint. Therefore when the contract ends your data remains in situ, in SharePoint, available to you.
End-of-contract process
The contract price provides you with the use of the EasyShare product, documentation and software assurance (ie support, bug fixes and updates) for the duration of the contract.
There is no additional cost to exit a contract or to get hold of the data in any way whatsoever. When the contract ends, the data remains in SharePoint online and available to the customer.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The differences are primarily in the page layout so the display is optimal for different form factors.

Our service allows the creation of rich text web content; this is more limited on mobile, though content can still be created.
Service interface
No
API
Yes
What users can and can't do using the API
EasyShare is built on the SharePoint online platform and all data is stored in SharePoint. SharePoint comes with an API and has a SharePoint Developer Framework which allows full manipulation of the environment (data and functionality).

This can be accessed and used with any recognised javascript framework of your choice.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
All elements can be customised.

1) Our visual design can be customised using a purpose built interface that lets you control all aspects of the design, including images, colours, fonts, CSS and even javascript. This level of customisation can be achieved by a competent SharePoint administrator - no technical skills required.

2) Much functionality can be customised too and new features added in. This would require someone with frontend development skills and a good (developer level) knowledge of SharePoint. Customisations can be achieved in many ways, the most common would be as follows: If a customer requires a web part (i.e. a widget) or a template to behave differently, then they would clone the one provided, and make customisations to their version. This would avoid customisations being overwritten by product updates.

Scaling

Independence of resources
Our product is built on SharePoint online which runs on Office 365 on Azure, Microsoft's cloud service. This is a service on a global scale and is built to withstand peaks in demand; guarantees form part of any customer's service agreement with Microsoft to use Office 365.

Analytics

Service usage metrics
Yes
Metrics types
EasyShare Analytics powered by CardioLog will enable your organisation to gather a wealth of data including user reports, visitor reports, search phrases and much more.
CardioLog Analytics is the leading SharePoint & Office 365 analytics solution on the market.
Designed for SharePoint 2013, SharePoint 2016 and Office 365.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Our product sits on the SharePoint Online platform and all data is stored there. Therefore there are several ways of exporting data depending on the type of data.

* Export data stored in lists to excel, csv etc using SharePoint's data export features.

* Download documents very easily (and in bulk) as SharePoint document libraries can synched in File Explorer and manipulated there.

* A developer could write code to export all data using the SharePoint API

* Several tools could be used that allow users to export data, including page content data, from SharePoint e.g. Metalogix, Sharegate, AvePoint
Data export formats
  • CSV
  • Other
Other data export formats
  • Native file format
  • MS Excel
  • XML
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Our product is built on SharePoint online on the Azure platform, which provides the availability. Therefore the SLA is that that would exist between the customer and Microsoft for their Office 365 tenancy.
Approach to resilience
Our product is built on SharePoint online on the Azure platform, which provides the resilience. Information on how this is made resilient is available from Microsoft.
Outage reporting
Planned outages to the EasyAdmin component are pre-announced via email and via the EasyAdmin application which also maintains a status report during outages. Unplanned outages are reported via email and the service desk application.

Outages to the Office 365 component are announced by Microsoft via various channels.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels
EasyShare is built on SharePoint online which has a sophisticated permissions model. There are different levels of "Management interface" each of which can be controlled using Office 365 roles or SharePoint roles and permissions.

Our support staff only have access to a customer's intranet if a customer grants it, in which case the customer can control exactly what we can see and do.

Our support channel is separate. We use ZenDesk, which has it's own roles and permissions model allowing us to restrict access to any particular customer's support issues to that customer's named staff and our support staff.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Security risks are identified and discussed throughout and between business units, with all significant matters discussed at board level to align risk assessment with company strategy. Within that structure named individuals are responsible for researching and enforcing security and risk policies.
Information security policies and processes
Owners are designated for all critical components. These systems and assets are fully documented and have defined security requirements around change management. These include an audit trail and a reporting structure through each business unit to the board where risks are discussed before any production changes.
Employees are held accountable to breaches of these agreed procedures.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All code in development is held securely within a version controlled source control system (Visual Studio Team Services). All code goes through an internal review process before being released to a quality assurance environment. Once there is it subjected to further review and security testing before release to the production environment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The product is built on the Microsoft Office 365 and Azure platforms and we actively monitor official and unofficial channels for threats to those platforms and the protocols around them. When a threat is assessed that impacts EasyShare patches can be deployed as soon as a mitigation is available.
Protective monitoring type
Undisclosed
Protective monitoring approach
The EasyAdmin application component is monitored for tampering every fifteen minutes for cryptographic hash changes. When compromise is indicated the EasyAdmin component is disabled pending investigations.
Incident management type
Undisclosed
Incident management approach
Defined processes exist for responses to outages and compromises (real or suspected). These processes are rehearsed on a regular basis. Users report incidents via a helpdesk or direct communication with a named customer services representative depending on the severity of the problem. Customer incident reports are provided via the helpdesk.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0.25 to £3.50 a person a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
10 licences for 21 days

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@clerkswell.com. Tell them what format you need. It will help if you say what assistive technology you use.