Akhter Computers PLC

Cloud Managed InTune

Akhter Computers can build a new Intune environment or take over an existing setup.
Akhter will scope the requirements, create policies and build the Intune framework. Deploying Intune to all users, adhering to your security policies.

Features

• Mobile device management (MDM)
• Mobile application management (MAM)
• PC, LT, Tablet management

Benefits

• Unparalleled management of Office mobile apps
• Enterprise integration
• No infrastructure required
• Flexible licensing
• Global presence with 24/7 support

£4.50 to £5 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsales@akhter.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

177978798992838

Contact

Latifa Hamdan
01279 821200
ccsales@akhter.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Multiple vendors across all major creators of ICT software products and services.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Our Service Descriptions are available at https://technet.microsoft.com/en-us/library/office-365-service-descriptions.aspx and https://docs.microsoft.com/en-gb/microsoft-365/enterprise/services-overview
• System requirements: See https://products.office.com/en-GB/office-system-requirements

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Depending on the service level specified in the contract this can be within the hour, 7 days per week.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Premier Support is available at further cost. https://www.microsoft.com/en-us/microsoftservices/support.aspx
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The FastTrack service from Microsoft includes scenarios which help users adopt new, more productive ways of working. See http://fasttrack.microsoft.com/
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: This is agreed prior to contract and usually depends upon what the user requirements are, it can be provided in many formats and via various routes depending for example on security needs, we can however provide advice if necessary on current good practice.
• End-of-contract process: We aim to ensure buyers only pay for what they need so we provide a fully flexible service to enable us to meet even the most complex and high security needs of our clients. Any additional costs that could be liable would be notified prior to contract for agreement with buyers. We provide a transparent service that enables us to have long term relationships with all our customers.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Depending on service selected.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Web interfaces are tailored to the users requirements. Changes can be made to most levels depending on the users requirements The limitations are only as set by the user and legal requirements (e.g. data protection).
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: This is service and user specific so if required by the users or buyer it will be carried out for the service selected.
• API: Yes
• What users can and can't do using the API: Full API details are available online at dev.office.com
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Please see https://technet.microsoft.com/en-us/office/dn788774.aspx

Scaling

• Independence of resources: Akhter Cloud services are guaranteed through an agreed SLA and depending on the level selected can operate on systems that ensure optimal availability and can scale and prioritise usage of processors, bandwidth, network and core services.

Analytics

• Service usage metrics: Yes
• Metrics types: This depends on the service selected and is designed to meet the user or buyer requirements and only limited by any specified hardware or software constraints. Examples include but are not limited by:; 1. Availability; 2. Reliability; 3. Response time; 4. Security; 5. Throughput; 6. Capacity; 7. Scalability; 8. Latency; 9. Service/Helpdesk usage; 10, Cost per user
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft + Akhter

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Akhter uses the safe data-export pattern using four basic techniques which combine to form an end-to-end export solution:; - Controlling the release of information; - Preventing hidden data in documents; - Defending attacks over the network; - Encrypting data for the recipient; The actual solution used may be OTS or require design, build and monitoring. Export can be in any buyer defined format, media or method depending on the service selected and will be defined in the contract.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Any - subject to buyer defined SW/HW/Network constraints
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Any - subject to buyer specified HW/SW/Network constraints

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability is provided as needed by buyers up to 99.999% but in some cases may be limited where a specific third party service is required by buyers or users. Refunds are at a mutually agreed level and in line with the service level selected in the contract. The risk/reward/penalty balance has an associated cost that is clearly set out to the buyer during initial discussions.
• Approach to resilience: We have various forms from Cyber to Power resilience. As publishing this information can highlight any residual unknown vulnerabilities we only provide this information to verified potential buyers.
• Outage reporting: This depends on the reason for an outage, an initial (usually automated) email will be sent, followed up by immediate phone contact to the nominated user contact. If for example there is a Local, Regional or National Power Outage that has caused the Service outage due to network connectivity issues then addition methods may be employed at our discretion. Should buyers require a specific tailored reporting method this can usually be arranged.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
• Access restrictions in management interfaces and support channels: A verification process is agreed with the buyer/user during the contracting process. This may be our standard verification process or one tailored to the buyers needs. Our ERP system enables our staff and system look-ups to verify identities and authority to engage with us on behalf of the buyer/user.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Bmtrada UKAS
• ISO/IEC 27001 accreditation date: 3 September 2012
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: X-List

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: As directed by our board, Akhter staff read and comply with policies and procedures such as JSP 604. We protect two main types of data, personal and business data. Our personal data protection policy is on our website (www.akhter.co.uk). Our buyer’s business data is protected in accordance with contract terms. Akhter policy protects business data through actively maintaining patching, up to date stable SW versions and complying asap with Pen Test advisory matters. Our security risk management approach includes data exchange using FTPS and access to sensitive information and services only to identified, authenticated and authorised users or systems. We encrypt Buyer business and personal data at rest, in all mobile devices, laptops that are taken off-site and removable media. We have the capability to remotely wipe and/or revoke device access. We currently use TLSv1.2 for email, Domain-based Message Authentication Reporting and Conformance (DMARC) enforcement, Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF) records, with spam and malware filtering. We use Open Web Application Security Project (OWASP) vulnerabilities list, in addition are registered and use NCSC's Web Check service. Akhter have a defined, planned and tested security incident response with clearly defined procedures, actions, roles and responsibilities.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Akhter's policy provides minimum access to sensitive information or services necessary for roles and access is removed when individuals leave. We reduce vulnerability to common cyber-attacks, through tested and validated configuration & patching, or other mitigations (such as logical separation). Changes to implementations and configurations can only be made by strongly authenticated and authorised administrators. We restrict and use buyer IP ranges where required. Outsourced services record where security related responsibilities lie. Akhter can provide or adopt a buyer defined, planned and tested response to security incidents, robust communication/continuity plan, compliance with legal obligations with a proportionate & defence-in-depth approach.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Akhter monitor bulletins & threat intelligence sources e.g. CISP, information notes, government policies, meet all relevant standing instructions & mandated technical standards. We manage and mitigate applicable threats, protect against, detect and have plans for dealing with malicious behaviour, our critical technology and services are resilient to disruption, We reduce vulnerability to common cyber-attacks, through tested and validated configuration & immediate patching on receipt or notification of updates, or other mitigations (such as logical separation). Changes to implementations & configurations can only be made by strongly authenticated & authorised administrators. We restrict & use buyer IP ranges where required.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Publishing our protective monitoring process in full could create a vulnerability in our business. At a high level we use a third party protective monitoring solution that actively monitors our systems and services for potential compromises. We have various levels of response depending on any potential compromise that includes the option of immediate full shut-down to enable forensic investigation of one or more systems or services.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Akhter have a defined, planned & tested security incident response & management plan with clearly defined procedures, actions, roles & responsibilities for our senior board members as well as the management team, including a communication plan for each buyer notifying for example the buyers press office, or the Information Commissioner’s Office (ICO). We have a cascade call-out & clear escalation process & plans to minimise response, down & restore times. Lessons inform updates & changes, drawing on internal or external expert advice where necessary. Incidents immediately logged to Akhter’s ERP system, the unique reference number is provided to the buyer.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Other
• Other public sector networks:
  • ModNet
  • HMCTS

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Moving to Cloud enables the reduction in raw materials being used, energy being spent to run equipment and transportation pollution of hardware. This helps our aims to achieve further net GHG reductions through innovation and efficiencies; acknowledge the role of renewable and bio-based energy sources and materials while minimising carbon emissions; encourage the recovery, reuse and recycle of materials for reduced emissions and include transparent monitoring, reporting and verification systems.

  Tackling economic inequality

  Moving to Cloud provides opportunities for businesses to leverage lower costs from shared hardware and more agile and flexible working. This will allow them to provide opportunities that they would not otherwise be able to offer.; From creating new businesses and new employment opportunities, to improving local nursery care, as well as education resulting in recognised qualifications, digital skills and training, Akhter is committed to tackling economic inequality at its roots within our diverse local community in which we play a very active part.

  Equal opportunity

  Moving to Cloud provides opportunities for businesses to leverage agile and flexible working. This will allow them to provide opportunities to those who would otherwise not be able to take advantage of opportunities they are offered.; We encourage equality, diversity and inclusion among our workforce, eliminating unlawful discrimination, aim to be truly representative of our local community with each employee feeling respected and able to give their best.

  Wellbeing

  Akhter take great pride in our workforce and actively support the physical and mental health and wellbeing of our staff. We all spend a long time in front of screens and amongst much else encourage staff to go outside and be active through a variety of schemes.; We do this both as being morally right and in accordance with; The Public Services (Social Value) Act 2012, The Procurement Reform (Scotland) Act 2014 and The Wellbeing of Future Generations (Wales) Act 2015. This policy is supported by our sustainability strategy and delivered in collaboration with our supply chain whilst continuously improving our standards, efficiency and effectiveness. We will communicate this policy to our employees, supply chain partners and relevant interested parties and we will review it on an annual basis.

Pricing

• Price: £4.50 to £5 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsales@akhter.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.