DATAQUEST (HEATHROW) LIMITED

Collaborative Working

Dataquest offer a simplified communication and collaboration toolset enabling organisations to rapidly deploy and leverage collaboration solutions which drive productivity, improving collaboration and communication, knowledge management efficiency and sharing knowledge, utilising Microsoft 365 productivity tools such as Office 365, SharePoint and MS Teams.

Features

• Microsoft 365 Productivity, Email, Teams and Collaboration Platform
• Enterprise Mobility, MDM and Cyber Security Solutions
• Advanced Threat Protection for Office 365 and Windows 10
• Archive, legal hold, data leakage protection (DLP)
• Advanced compliance tools, including rights management services and information protection
• MS Teams collaboration, online meetings, web-conferencing, cloud PBX
• SSO and MFA security
• Word, Excel, PowerPoint, OneNote, SharePoint, OneDrive, Yammer, Outlook
• Tools to support compliance, information protection, privacy and GDPR
• Corporate social networking, analytics, Power BI

Benefits

• Increase productivity
• Reduce meetings and wasted downtime
• Improved employee efficiency and collaboration
• Adoption of latest collaboration services
• Facilitates collaboration between disparate colleagues
• Single document source for team-based collaboration
• Productivity gains and rich communication
• Increased business transparency

£250 to £450 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

107403830230858

Contact

Michael Lyons
07799894781
gcloud@dqgroup.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Office 365, SharePoint, Microsoft Azure
• Cloud deployment model: Public cloud
• Service constraints: None - Dataquest will adhere to Microsoft Cloud best practice to deliver the service
• System requirements: Microsoft 365 license

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on the SLA the minimum time period for responding to questions will be within two hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Typically, 09:00-17:30 UK hours, Monday to Friday, excluding public holidays. Extended service to provide 24/7, 365 coverage, flexible, priced to your needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Dataquest have a defined adoption program driven through a Service contract.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The data can be easily migrated utilising common migration tools available in the market.
• End-of-contract process: The associated costs for end of life contracts will be determined between both parties depending on the level of technical expertise on the client side, these costs are not described in an initial deployment contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Dataquest design solutions that are scalable based on the projected business objectives and strategies.

Analytics

• Service usage metrics: Yes
• Metrics types: Out of the box tools and additional 3rd party tools when necessary.

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Reselling organisation’s services Microsoft Cloud Services

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Commonly available tools.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Please refer to the Microsoft Office 365 Trust Centre; ; https://products.office.com/en-gb/business/office-365-trust-center-operations
• Approach to resilience: The solutions are designed and based on Microsoft Cloud best practise technical architecture.
• Outage reporting: Email alerts are used to report on any outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management areas can be restricted utilising permissions based Information Architecture
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Standards Institution (BSI)
• ISO/IEC 27001 accreditation date: 19/05/2022
• What the ISO/IEC 27001 doesn’t cover: Covers whole organisation
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Microsoft have ISO/IEC-27001 certification by BSI
  • Microsoft have Level-1:CSA-STAR Self-Assessment
  • Microsoft have ENISA-IAF, EU-Model-Clauses, EU-U.S.-Privacy Shield, ISO-27018, SOC-1, SOC 2
  • Microsoft have FEDRAMP, FIPS-140-2, NIST-800-171, HIPAA/HITECH.ISB 1596, CCSL(IRAP)
  • Microsoft have Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Dataquest operates an Information Security Management System (ISMS) which complies with the requirements of ISO/IEC 27001:2013. Head of Compliance manages the company’s risk through security technologies, auditable work processes, and documented policies and procedures such as; Acceptable Use Policy (AUP), Access Control Policy (ACP), Change Management Policy, Information Security Policy, Incident Response (IR) Policy, Remote Access Policy, Email/Communication Policy, Disaster Recovery Policy, Business Continuity Plan (BCP). These policies are just some of the basic guidelines Dataquest use to build successful security programs.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes are scheduled into a roadmap that is reviewed and signed off by our MVP (Microsoft most valuable professional) whose intimate knowledge of Microsoft's technical direction and security best practice means that we minimise security exposure.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: In support of the Information Security Policy, Office 365 runs multiple layers of antivirus software to ensure protection from common malicious software. Servers within the Office 365 environment run anti-virus software that scans files uploaded and downloaded from the service for viruses or other malware. Additionally, all mails coming into the service run through the Exchange Online Protection engine, which uses multiple antivirus and antispam engines to capture known and new threats against the system. Microsoft has its own Security Response Center (MSRC) that also supplies information to all our customers covering the whole range Microsoft products.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Office 365 employs sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacenter edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause.; ; Proactive monitoring continuously measures the performance of key subsystems of the Office 365 services platform against the established boundaries for acceptable service performance and availability. When a threshold is reached or an irregular event occurs, the monitoring system generates warnings so that operations staff can address the threshold or event.
• Incident management type: Supplier-defined controls
• Incident management approach: Clients need to raise a ticket via our Service desk ticketing system by login or sending an email that automatically generates a ticket.; ; Incidents reports are based on monthly client time reports with an overview of all their time spent on support and we provide constant updates on tickets with technical feedback and coordination.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Dataquest operates an Environmental Management System (EMS) that has gained ISO 14001: 2015 certification. Our EMS is a continual cycle of planning, implementing, reviewing, and improving Dataquest’s processes and actions to meet environmental obligations and objectives.; ; Energy efficiency makes a significant contribution to environmental sustainability and helps us to reduce our operating costs. We monitor our use of key sources of energy (electricity, gas,) with the aim of reducing our carbon emissions.
• Covid-19 recovery:

  Covid-19 recovery

  Dataquest continues to follow and update our business continuity plan with a focus on protecting the health and well-being of our colleagues, while keeping the business running, supporting our partners and continuing to provide the best possible service levels. ; ; In line with our ISO 27001 Standard, we have a robust disaster recovery and business continuity plan in place. This includes significant investments in technology and infrastructure to ensure we can continue to operate the business in a variety of unforeseen scenarios. ; ; We have extensive online collaboration capabilities to help ensure business continuity and we’re working tirelessly to help everyone stay safe while at the same time continuing to serve our customers.
• Tackling economic inequality:

  Tackling economic inequality

  Dataquest is committed to tackling economic inequality at root, from creating new businesses and new employment opportunities, to improving education and training, Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.
• Equal opportunity:

  Equal opportunity

  Dataquest is an equal opportunities employer and in general would wish to go beyond the strict legal requirements as determined by statute in order to be seen to promote sound and fair management practices and procedures at all times. It is therefore the Company’s aim to provide equality of opportunities for all employees by providing a working environment free from unlawful discrimination, harassment, bullying or victimisation on the grounds of sex, marital status, sexuality, disability, age, race, colour, ethnic origin, nationality, religious or political beliefs. This principle will equally apply to recruitment, training, promotion, dismissal, transfer and all benefits, terms and conditions of employment. ; ; The Company will not tolerate acts which breach policy and all instances of such behaviour will be taken seriously, be thoroughly investigated and in proven cases, will be subject to the Company’s disciplinary procedures. Policies for recruitment, selection, training, development and promotion are designed to ensure that individuals are selected, promoted and otherwise treated solely on the basis of their relevant aptitudes, skills and abilities.
• Wellbeing:

  Wellbeing

  We encourage vitality, a healthy quality of life, and a positive working environment in which people thrive. Our priority is to be proactive, so employees can gain awareness, education, and support to successfully function at work and at home, free from factors which may negatively impact upon their health.

Pricing

• Price: £250 to £450 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.