Nimbus Digital Technology Innovations Ltd

Cloud Software & Support Services

Nimbus can provide Cloud Software & Support Services to meet your needs. Using our Nimbus Cloud Automation Pipelines (NCAP), we can quickly provision your Enterprise Scale Microsoft 365 Tenant ready to support the migration of your existing workloads or provide new cloud-ready workloads using policy-driven Infrastructure as Code pipelines.

Features

• Microsoft Entra ID, Microsoft 365, Microsoft Office 365
• Word, Excel, PowerPoint, Access, OneNote, Visio, Project
• Exchange, Outlook, OWA
• OneDrive, Teams, SharePoint, Planner, To Do
• Yammer, Stream, Sway, Audio Conferencing
• Power Apps, Power Automate, MyAnalytics, Power BI
• IdAM, Security Management, Threat Protection
• Security Compliance Checks, IT Health Checks
• Infrastructure as Code Automation
• Operational and Security Monitoring and Reporting

Benefits

• Experienced Microsoft Cloud Service Provider (CSP)
• Flexible pricing and contracts to suit your needs
• Reduce operating costs; only pay for the capacity used
• Managed Usage Reporting: only pay for what you use
• Improved support with low costs, 24x7x365 UK-based support available
• Enterprise SLAs with ITIL-aligned service management
• Self-service (preferred), Web Chat, Email and Telephone Support
• Self-service access to our Service Desk for licenced users
• Self-service access to our Service Desk for licence requests
• Monthly Reporting and Governance

£2.20 to £46.11 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adam.blair@nimbusdti.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

104396116165977

Contact

Adam Blair
07851321066
adam.blair@nimbusdti.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Service Hours: 08:00- 18:00 Monday to Friday, excluding UK Public Holidays.; ; Service Availability: Standard 95.7%, Enhanced 99.7%, Premium 99.9%; ; SLA: Standard Response Target: P1–2 hrs, P2–4 hrs, P3–8 hrs, P4–1 b’day; ; SLA: Standard Resolution Target: P1–12 hrs, P2–24 hrs, P3–5 b’days, P4–10 b’days; ; SLA: Enhanced Response Target: P1–1 hrs, P2–2 hrs, P3–4 hrs, P4–1 b’day; ; SLA: Enhanced Resolution Target: P1–8 hrs, P2–16 hrs, P3–5 b’days, P4–10 b’days; ; SLA: Premium Response Target: P2 –1 hrs, P2–2 hrs, P3–4 hrs, P4–1 b’day; ; SLA: Premium Resolution Target: P1–4 hrs, P2–8 hrs, P3–5 b’days, P4–10 b’days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: Onsite support
• Support levels: Service Hours: 08:00- 18:00 Monday to Friday, excluding UK Public Holidays.; ; Service Availability: Standard 95.7%, Enhanced 99.7%, Premium 99.9%; ; SLA: Standard Response Target: P1–2 hrs, P2–4 hrs, P3–8 hrs, P4–1 b’day; ; SLA: Standard Resolution Target: P1–12 hrs, P2–24 hrs, P3–5 b’days, P4–10 b’days; ; SLA: Enhanced Response Target: P1–1 hrs, P2–2 hrs, P3–4 hrs, P4–1 b’day; ; SLA: Enhanced Resolution Target: P1–8 hrs, P2–16 hrs, P3–5 b’days, P4–10 b’days; ; SLA: Premium Response Target: P2 –1 hrs, P2–2 hrs, P3–4 hrs, P4–1 b’day; ; SLA: Premium Resolution Target: P1–4 hrs, P2–8 hrs, P3–5 b’days, P4–10 b’days
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We tailor our on-boarding services in line with our customer requirements. This can be either provided using our standard predefined services or by providing custom services. Further information is available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We agree exit terms and processes at the time of contracting. The exact format turnaround and processes related to data extraction is determined at this point. Further information is available on request.
• End-of-contract process: End of contract scenarios are agreed in advance and either tailored to customer requirements or we can provide a standard, predefined solution, based on ITIL v3 processes and guidelines. Additional costs are determined on a case by case basis, dependent on size and complexities of activities. Further information is available on request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Customisable interface available
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: The API is used to enable integration with our customers ITIL Toolset. ; ; API automation tools:; • Ansible; • Chef; • OpenStack; • SaltStack; • Terraform; • Puppet; • Other
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: We leverage online services, which in turn utilize various cloud-scale techniques and technologies to ensure multi-tenant services are not affected in terms of peak usage. Further information is available on request.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics types:; ; • CPU; • Disk; • HTTP request and response status; • Memory; • Network; • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be imported and exported using a variety of standard formats
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • XML
  • SQL
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Excel
  • XML
  • SQL

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Basic Support: 99.5%. Standard Support 99.7%. Premium Support 99.9%.
• Approach to resilience: Microsoft Azure provides a number of features to ensure resilience. Further information is available on request.
• Outage reporting: Outages can be communicated by multiple methods including Dashboards, accessible via APIs, email alerts and via phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Our services implement role based access control, determined by the customer on a case by case basis.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We work to industry and specifically Microsoft standards for all security related standards. Our solutions leverage Microsoft Cloud Services which in term comply to ISO/IEC 27001 and CSA CCM v3.0.
• Information security policies and processes: We have an Information Security Policy which is available on request. We have rigorous induction and training methods which ensure policies are followed. Reporting Structure is also available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We align our configuration and change management processes, including component life cycle tracking and security impact assessments, according to the ITIL v3 Framework Guidelines.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Potential threats are monitored through multiple sources, including external repositories and vendor feeds proactively according to internally defined processes. Assessment of patches, hot fixes updates and associated deployment guidelines are dictated by severity, client requirements and/ or vendor recommendations.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use various tools, technologies and techniques in order to identify potential compromises and respond on a case by case basis, based on the nature, complexity and severity. We offer various levels of response times, depending on Service Level Agreements. Further information is available upon request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident reporting frequency and format is agreed with the customer on a case by case basis. Users can report incidents via multiple channels including telephone, dashboards and email. We have predefined processes for common events and leverage the guidelines defined by the ITIL v3 Framework.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We take pride in our effective stewardship of the environment and our contributions towards achieving the UK Government's 2050 mandate to become net zero. ; ; We measure our environmental impact by completing and publishing our annual Carbon Reduction Plan, which measures the business's emissions in line with The Greenhouse Gas Protocol guidance. Our latest published plan can be viewed on our website.; ; By publishing this plan, we are pleased that, as a business, we are beating the 2050 target and are now considering introducing a new target of 2035.; ; Within Nimbus, we champion environmental sustainability and have an internal "Green Champions Team" coordinating our sustainability strategy. They work with our management team, staff, and suppliers to reduce carbon emissions across our business operations by identifying areas of sustainability in which the business can improve. Examples of measures we have already implemented to reduce our environmental impact are:; ; •Changing working practices from an office-based working culture to a hybrid model.; •Car sharing when travelling to either our office or our customers' sites.; •Policies preferencing public transport over using our vehicles, and where this cannot be avoided, signing up for fuel apps that plan the most eco-friendly route and signing up to garage carbon offsetting schemes when re-fuelling. ; •The introduction of the Cycle to Work scheme.; •The Electric Car Lease scheme is introduced to encourage staff to move to electric vehicles.; •Introducing a Tree Planting scheme to enable staff to offset their carbon emissions.; •Switching to a renewable energy supplier for our offices.; ; We are constantly working to develop our sustainability reporting and performance measurements as we cement further our commitment to being a force for good in the world of work.

  Covid-19 recovery

  We continue to be committed to supporting people and communities to recover from the impacts of Covid-19. ; ; We have engaged with local charities to understand the issues people have in local communities recovering from the pandemic. Company donations of supplies, including stationery have been made to help people in need return to employment, as well as regular donations to the local food bank to support those affected by the pandemic.; ; We are constantly looking at implementing improvements in our work conditions. Post-pandemic, we have adapted our working model, moving to a hybrid model that allows staff more flexibility in how and where they work while still delivering the best service to our customers. We also offer flexitime working hours to staff where possible.; ; Due to the effect COVID-19 had on mental health and wellbeing, we have invested in our workforce's wellbeing and mental health. We have upgraded our Health Care Benefit for staff, which now allows instant access to wellbeing resources, materials, and counsellors, and we are looking to implement a staff benefits platform that champions wellbeing in the near future.; ; To increase return-to-work opportunities for those left unemployed by the pandemic, we have improved our recruitment processes, advertising job opportunities through accessible platforms and collaborating with local recruitment partners. We offer work experience and apprenticeship roles, and our HR team is developing a strategy to offer traineeships and placement opportunities to enhance our return-to-work opportunities further. ; ; Our management team meets regularly to review our strategy in relation to our COVID-19 recovery, providing a steady flow of innovative initiatives.

  Tackling economic inequality

  As an equal opportunity employer, we are committed to promoting equal career opportunities for all employees regardless of social identity.; ; Our ethos directly addresses the digital skills gap in the United Kingdom and the rest of the world. We are confident our policies and measured approach counteract inequality within our workforce and bridge the pay and skill gap within the industry, which is reflected in our operations.; ; We continue to tackle inequalities via our Equality, Diversity & Inclusion Policy and various company policies and initiatives. Examples of recently implemented initiatives are listed below:; •Locally targeted recruitment campaigns tailored to each customer ensure we provide employment opportunities to local communities.; •Improving our accessible and inclusive recruitment practices, proactively encouraging engagement with candidates from underrepresented groups.; •Offering work experience placements, apprenticeships, postgraduate employment, and full and part-time contracts, fully supporting people's development at all career and life stages.; •Creating an inclusive working culture, promoting career progression from within by developing individual career paths for staff. ; •We use the defence employer recognition scheme to support and inspire other organisations to recruit veterans into civilian roles within the ICT sector and have several veterans working for us across multiple public sector contracts.

  Equal opportunity

  We ensure that our current workforce and any future employees or associates are part of a fully inclusive and diverse enterprise that bridges the gender, race, and disability pay gap with equal pay based on merit, SFIA level or the individual's role.; ; As well as holding a tier 2 VISA sponsorship license for overseas workers, our recruitment processes have been tailored to support our ambition to have a diverse and inclusive workforce, including:; •Gender-neutral wording, considering all pronouns for role profiles and recruitment campaigns.; •Anonymised CV sifting for candidate interview selection.; •Structured, consistent, and accommodating interview processes allow individuals to demonstrate their best skills and experience for the roles.; •Skills assessments to measure competencies applied during the recruitment process.; •Recruitment campaigns are tailored and targeted to improve diversity.; •Offering work experience placements, apprenticeships, postgraduate employment, and full and part-time contracts, fully supporting people's development at all career and life stages.; ; Our Employment policies have been tailored to support diversity and inclusivity, including:; •Robust equality policies – including proportionately representing the diverse communities we operate in, equal pay with regular audits to ensure compliance & fairness and anonymised whistleblowing.; •Significantly above market average for paternity and maternity leave with a focus on retention.; •Supporting and promoting flexible, hybrid and remote working.; •Providing health care packages – including counselling and mental health support.; ; We provide annual diversity and inclusion training to ensure all staff members can actively support inclusivity and diversity and are aware of current trends and issues.

  Wellbeing

  We are proactively investing in the wellbeing of our workforce and beyond into our wider communities by applying a holistic and human approach to our endeavours.; ; We regularly benchmark our salary and benefits packages to ensure that our workforce is remunerated relatively and that our financial packages are aligned with industry standards. We couple this with an extensive benefits package, which includes access to a Company Pension Scheme, Private Healthcare, Death in Service Insurance, an Electric Car scheme, a Holiday Purchase Scheme, and a Flexi-time Scheme (customer dependent). ; ; In the past year, we have partnered with our Private Healthcare provider to upgrade our wellbeing offering, allowing employees instant access to confidential mental health advisors and counsellors.; ; Our managers undergo physical and mental health first aid training, allowing them to provide first-line support to our workforce. They are backed up by our trained HR Team, who are on-hand for any further support. ; ; Our wellbeing strategy is constantly being reviewed and updated. For example, in the following year, we plan to implement a staff benefits platform that includes fitness, nutrition, and other health initiatives to enhance our Wellbeing offering.

Pricing

• Price: £2.20 to £46.11 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adam.blair@nimbusdti.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.