Cantium Business Solutions

EIS (Cantium) Microsoft Licensing

EIS (the trading arm of Cantium) is a Microsoft Cloud Solution Provider partner with extensive experience in Microsoft technology and licensing, specialising in offering licensing solutions at competitive prices. These options enable organisations to access top-tier productivity applications, robust user authentication, efficient device management and advanced security through cloud subscriptions.

Features

• Customer-friendly portal
• Advisory services and consultancy
• Cost optimisations
• Flexible licensing, no minimum commitment

Benefits

• Improved ROI on your investment
• Increased speed of deployment
• Expert cloud support from certified staff
• Ability to vary license levels by the user

£0.01 a unit

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@eis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

128834378596347

Contact

EIS Bids
03301650000
bids@eis.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: The service can be used as extensions to multiple software, supported by Microsoft.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No
• System requirements:
  • Browser interface
  • Office integration requires Office 365

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 - Complete loss of service; Target Response 20 Minutes; Target Resolution 6 Hours.; P2 - Critical Support Incident, Service Affecting over 50% users down; Target Response 1 Hour; Target Resolution 10 Hours.; P3 - Urgent support incident, service affecting more than 1-50% of users; Target Response 1 Working Day; Target Resolution 3 Working Days.; P4 - Support incident, single user down; Target Response 1 Working Day; Target Resolution 4 Working Days; P5 - Non-service affecting fault; Target Response 2 Working Days; Target Resolution 5 Working Days
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Webchat is accessible via an online client embedded in our website. Existing customer need to log into their dedicated user area and can access the webchat feature via a dedicated link. This opens a new window within their browser and instigates a live webchat with the next available operative. Messaging is text based and supports the transfer of files and information via the secure channel. A full audit of the live chat history and transcript is available to the user in their dedicated user area for future reference.
• Web chat accessibility testing: Webchat testing with assistive technology users has not been undertaken to date.
• Onsite support: Onsite support
• Support levels: We provide a standard support service delivering to the following SLA: ; P1 - Complete loss of service Target Response - 20 Minutes Target Resolution - 6 Hours ; P2 - Critical Support Incident, Service Affecting over 50% users down Target Response - 1 Hour Target Resolution - 10 Hours ; P3 - Urgent support incident, service affecting more than 1-50% of users Target Response - 1 Working Day Target Resolution - 3 Working Days ; P4 Target Response - 1 Working Day Target Resolution - 4 Days Support incident, single user down ; P5 - Non-service affecting fault Target Response - 2 Working Days Target Resolution - 5 Working Days Onsite support may be required with response times varying depending on location and priority level.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Cantium prioritises establishing a clear and effective onboarding strategy with every new customer. We will ensure that every migration to a new application, software, or service is performed with the least possible disruption and highest possible satisfaction. From Cantium’s Onboarding Team, you will be appointed a dedicated Onboarding Officer. The onboarding process will begin with a Project Initiation Meeting, the launchpad for your MS Licensing service with Cantium. Following the initial meeting your Onboarding Officer will also set up regular project calls with you and any relevant members of the Cantium team to help keep the project on track, update stakeholders on progress and highlight any areas of concern.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Word
  • Hard Copy
• End-of-contract data extraction: This is provided in an agreed format at the end of the contract through our established off boarding process. The data is usually provided in excel format (CSV) as standard although other formats may be available upon request.
• End-of-contract process: System access is revoked on the contract end date unless otherwise agreed. In line with the contract, at the written direction of the Controller, unless a copy is specifically required to be retained by the Processor for audit or compliance purposes in performance of its obligations for up to six (6) years, the Processor will delete or return Personal Data (and any copies of it) to the Controller on termination of the Contract unless the Processor is required by Law to retain the Personal Data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: User experience will be device dependent.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Customisation is dependent on the license plan.

Scaling

• Independence of resources: Microsoft cloud is delivered at a global scale. Services and components that are correctly configured scale to meet business demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: All data is stored in our UK-based data centres. Data centre management is undertaken by an accredited third party who are ISO certified, PCI DSS compliant and data centres are secured to UK government IL4 standards, the solution is protected by exceptional levels of data security at all times. Cisco ASA Firewalls are used as standard.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be exported from the system in CSV or PDF format. Use of the system includes access to a bespoke report builder and a set of standard reports which cover key metrics, the data output can be saved locally in a CSV of PDF format. Four bulk upload functions exist on the system, each requires the completion of a template CSV file which allows for applications, users and Business Units to be uploaded in bulk to the system.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: FTPS, Use of client authentication certificates which utilise AES 256 symmetric encryption, Integrity key encryption
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9% service availability
• Approach to resilience: Information is available upon request.
• Outage reporting: Through our dedicated account management team we will notify users of service interruptions/outages via email.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Azure-AD can be used to designate separate administrators with different functions. Administrators have access to features in the Azure portal and, dependent on their role, will be able to create or edit users, assign administrative roles to others, reset user passwords, manage user-licenses, manage domains, and more. An admin user will have the same permissions across all of the cloud services subscribed by your organisation, regardless of whether you assign the role in the Office365 portal, the Azure classic-portal, or by using the Azure-AD module for Windows PowerShell.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 03/04/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Cantium employees undergo the required levels of vetting suitable for the role in which they undertake. All employees undergo a induction program which includes Information Governance training. All staff are also aware of the company’s data protection, information governance and GDPR policies which details all staffs responsibilities when handling information and must adhere to this at all times. E learning on Information governance and Data protection is available to all staff and is refreshed on an annual basis. Sub Contractor services are procured using procurement rules and require that sub-contractors adhere to at least the same standards of system and data management as Cantium requires of itself.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Change control is handled in line with recognised ITIL best practice. An internal change process exists and must be adhered to for any development amendment. This includes a full communications plan which provide suitable notice ahead of planned changes. All planned changes are undertaken outside of core working hours wherever possible.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Annual penetration testing is conducted by an accredited third party. The system undergoes regular IT Health checks (including assessment of potential attacks from SQL Injection from any device). The system is managed and maintained by both Cantium internal systems development teams and supported by our external service host UKFAST Ltd . Cantium monitors the performance of its service in conjunction with data provided by our hosting company and decides on an ad-hoc basis if and when patches/updates are required to the system.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Annual penetration testing is conducted by an accredited third party. The system undergoes regular IT Health checks (including assessment of potential attacks from SQL Injection from any device). The system is managed and maintained by both Cantium internal systems development teams and supported by our external service host UKFAST Ltd . Cantium monitors the performance of its service in conjunction with data provided by our hosting company and decides on an ad-hoc basis if and when patches/updates are required to the system.
• Incident management type: Supplier-defined controls
• Incident management approach: Cantium have a Information Security Incident Protocol with assisting flowcharts to advise staff of correct procedure. Cantium will manage any system incidents, recording and investigating them thoroughly before taking the required measures to resolve them.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Cantium is an ISO 14001 accredited, cloud-first technology provider. We have set a net zero target of being carbon neutral by 2030 within our Carbon Reduction Policy, in line with our corporate strategy.; ; We strive to purchase goods/services that have a minimal impact upon the environment. Factors taken into consideration include sustainability of resource production, transportation, full life energy/raw material consumption, waste production and recycling percentage. Our buildings have also been upgraded to reduce energy and water use, with LED lighting, motion sensors, draught proofing, heating controls, insulation, smart meters and controls. One of our sites was recently part of a project to install an additional 1,300 solar panels on 5 of their buildings, these panels now generate the equivalent of 423 kilowatt at peak. ; ; To improve sustainability and energy efficiency, we continually review the most up to date ways of working. This includes considering environmental impact and sustainability as part of solution design. We aim to repurpose hardware rather than buy new. Energy efficiency is a key selection criterion for any devices, working with suppliers committed to reducing carbon and ecological footprint. We have extended our kit lifecycle from 5 to 7 years or, where possible, extended support agreements to reduce replacement of items for WEEE. As part of our relationship with our partner SWEEEP Kuusakoski, we have recycled over 1,000 pieces of unusable IT hardware which would otherwise have been destined for landfill. Instead of redundant ICT equipment being condemned to landfill, we actively participate in reissuing equipment to local communities and schools (subject to applicable security requirements). This not only serves as an environmental benefit but a societal one too. ; ; We take a virtual first approach to business interactions wherever possible, encouraging employees to engage through online platforms in the first instance, to reduce unnecessary business travel.

  Covid-19 recovery

  We are committed to helping the communities we serve recover from the impacts of the COVID-19 pandemic. Our CSR Policy sets out our future strategic vision; ‘increasing opportunities, improving outcomes’, including, investing more time in volunteering within our local communities to engage with groups at a local level, expanding mentoring programmes and outreach work within the community.; ; Cantium currently pledge our support through:; • Encouraging our staff to play an active role in their communities, supporting and recognising the value of employee volunteering through one paid day’s leave every year for each employee to volunteer with a project of their choice.; • Selecting and promoting a ‘charity of the year’.; • Partnering with the Payroll Giving Scheme to allow employees to make donations to local or national charities directly from their gross pay.; • Organising two annual charity days to support i) national and ii) local charities, such as football tournaments, fun runs or bake sales. ; • Inviting staff to nominate charities of personal significance to them for review by a Cantium panel with a commitment to match the amount staff raise up to an agreed amount. ; • Our support for local charities and not-for-profit organisations also extends to sponsorship of events and equipment.; ; To promote local investment and growth, we also procure locally wherever possible, sourcing from SMEs (small to medium-sized enterprises) whenever feasible.; ; We appreciate the challenging economic times we are all still facing and ensure our employees are fully supported through financial advice, guidance and support to enable them to create a suitable work/ life balance. Our counselling service, Support Line, offers confidential advice to all Cantium staff on topics such as: stress at work, loss or bereavement, depression or anxiety, substance issues and worries concerning money or debt.

  Tackling economic inequality

  As a technology supplier in a constantly evolving digital world, we understand the importance of supporting society to improve digital skills shortages and tackle economic inequality.; ; Cantium is a socially inclusive business and we place great emphasis on equal economic opportunities for all, which is why we participate in apprenticeship schemes such as the DWP Kickstart Scheme, designed to create high-quality 6-month apprenticeship placements across the country for young people aged 16-24 on Universal Credit. As part of each placement, apprentices are provided with hands-on experience with a dedicated mentor to guide and support them through their learning and development. Our primary goal is to encourage skills development, with a view to offering permanent positions within the business to successful placements.; ; During the last iteration of the Kickstart scheme, 9 candidates were interviewed, resulting in 3 Kickstart placements. We are delighted that following these 3 placements, they have now taken permanent positions of employment with Cantium. ; ; To support further within the communities we serve, we have partnered with schools to deliver workshop sessions as part of a Digital Inclusion project within Kent and are open to extending further projects to customers through this framework. We also actively engage with higher education providers to offer placements and employment opportunities to graduate leavers.

  Equal opportunity

  As an ethical organisation, we promote inclusion, equality and diversity across every area of our business. Every new employee joining the company must complete mandatory diversity training, which is regularly refreshed every 2 years to ensure continued awareness.; ; Our staff are our greatest asset. Therefore, we take care to ensure we are recruiting and maintaining the best candidates, regardless of race, gender or disability.; ; Our detailed Inclusion and Diversity Policy sets out our standards which all employees must uphold. The principles of this policy are embedded in our People Strategy and all policies and procedures are regularly monitored and reviewed.; ; To accommodate the needs of our employees and tackle inequality in the workforce, flexible working is an embedded culture within our organisation. This ensures business needs are met and encourages more diversity in the workplace with our ethos that ‘work is not a place’.; ; We have affirmed our commitment to be disability aware throughout our organisation by becoming a Level 1 Disability Confident Committed Employer and working towards the Level 2 status which highlights how our processes, from recruitment through to ongoing support in the workplace, engage and embrace people with disabilities to help them reach their full potential. We have also pledged our support through the Armed Forces Covenant, which seeks to support ex-military personnel through access to training and work placements.

  Wellbeing

  Improving wellbeing, both internally for our employees and externally, through community engagement, is a core focus for Cantium. In a digitally-driven world, it is vital that we ensure people are supported, both from a physical and mental health perspective.; ; Promoting wellbeing to our customers and within the community starts with first ensuring our employees are supported and cared for. Our company culture is to nurture and support each other, creating an inclusive environment where each team member’s wellbeing is important. These values are embedded into our Wellbeing Policy and Wellbeing Action Plan, which are monitored and updated on a regular basis. To promote and uphold the vision within the policy, we have a network of nominated Wellbeing Champions and Mental Health First Aiders across every area of our business, committed to supporting other staff members and advocating wellbeing for all. Through our corporate intranet, Candoo, our employees have an extensive range of supportive tools and advisors within the wellbeing hub, home to information and ideas to engage, empower and enable staff to prioritise their wellbeing, to take care of themselves and encourage others to do the same.; ; For any staff seeking advise but wishing to remain anonymous, we have a dedicated employee assistance programme and support line to listen and provide guidance for those in need.; ; To ensure regular engagement, we run wellbeing campaigns throughout the year and arrange bi-annual staff surveys to monitor employee contentment. We also have a dedicated Mental Health Awareness week, where workshops and webinars are run across the week and employees are encouraged to take time to reflect on their own wellbeing.

Pricing

• Price: £0.01 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@eis.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.