Cisilion Limited

Microsoft 365 Cloud Support Services

Cisilion's Microsoft 365 24x7 Support Service provides access to our Microsoft Certified Professionals that help you to troubleshoot, run and operate your Microsoft Office 365, EM+S and Windows 10 & 11 deployments as well as providing expert advice and recommendations on how get the best from your Microsoft Cloud investment.

Features

• UK based 24/7/365 support availability
• Secure and customised portal to log, view and track incidents
• Access to Cisilion's Microsoft Certified Engineers
• Access to Microsoft Support via our escalation process
• Response Based SLA with P1 Response within 15 minutes
• Regular Service reports and service review meetings
• Monthly service updates to analyse call numbers and common issues
• Monitoring of your Microsoft tenant and associated services
• Support Contract option across your Microsoft EcoSystem Vendors
• Full Lifecycle management capability option

Benefits

• Pre-Defined and customisable SLAs to meet your business needs
• Secure online support portal to log, view and track tickets
• Compliments, extends or replaces your internal support team
• P1 call response within 15 minutes
• Access to Microsoft Certified Professionals
• Access to Microsoft Eco-System Experts
• Single Point of Ownership with Eco-System Vendor Escalation
• Cloud Adoption Analysis and Reporting

£0.01 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

179075944354388

Contact

Debbie Richardson
01372 201145
drichardson@cisilion.com

Service scope

• Service constraints: Microsoft is constantly developing and adding new services and features to their Cloud Services. Certain services may form part of the development roadmap and only be available in Customer Preview before the General Availability release date or only available in certain regions.
• System requirements:
  • Microsoft Cloud Services will be provided via CSP
  • Internet Connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 logged by Telephone responded to immediately
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support can be tailored to specific customer needs. Basic levels include business hours 9-5, 8-6 or 24/7. Dedicated Service Managers will provide specific support to the selected services.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite envisaging, planning and technical design workshops will be run to ensure the right set of services and licenses required to support your journey to Office 365. We also provide access to user adoption guides and videos for customers.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Microsoft Cloud services are provided on a subscription basis and follow the standard Microsoft Cloud subscription terms. Data can be extracted at any point while resources are provisioned through a valid subscription using the various tools provided by Microsoft. Neither Microsoft nor Cisilion own your data.
• End-of-contract process: Microsoft Cloud services and hardware support will be ended once the contract term has been fulfilled and subscriptions deleted. Customers are able to transfer management and licenses to other providers as required.

Using the service

• Web browser interface: Yes
• Using the web interface: Azure provides its own administrator portal
• Web interface accessibility standard: WCAG 2.1 AAA
• Web interface accessibility testing: Microsoft regularly test its interfaces for assistive technology users and aim to provide maximum compatibility where possible.; ; More information is available at microsoft.com
• API: Yes
• What users can and can't do using the API: Azure APIs are available for automation and monitoring activities
• API automation tools:
  • Chef
  • Puppet
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
• Using the command line interface: All Azure services can be provisioned and managed via Powershell or the Azure CLI

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: Microsoft 365 Services are provided as a shared service model which automatically scales on global service demand. Microsoft provide a number of SLAs as well as local and regional resiliency, load-balancing and geo availability services. ; ; Cisilion can also configure 3rd party services to provide additional resilience or failover services as and if required.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • SMS
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics:
  • Office 365 Service Availability
  • Office 365 Service Status
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Cloud based mailboxes, OneDrive and Sharepoint sites
  • User Accounts and other data as stored in Office 365
• Backup controls: Microsoft provides synchronised copies of all data contained within the Microsoft Cloud. Cisilion can provide additional on-premise or cloud based back-up services as required or can interface into existing backup services as required.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
  • Single datacentre
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: Microsoft provide a secure backbone for their Cloud Services. External connectivity can be secured through Microsoft ExpressRoute or Site-to-Site VPN connections. Consumer access to Microsoft Cloud services can be secured through RMS encryption, risk based conditional access and Multi-Factor Authentication services.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: SLAs for Microsoft Cloud Services are available from Microsoft depending on the cloud service selected and the level of availability chosen during configuration. Some variations exist across different regions.
• Approach to resilience: Microsoft Cloud Services can be configured across different regions (geo load-balancing) and can be established in defined primary locations. Microsoft have multiple Data Centres across each region for resilience.
• Outage reporting: Alerts are provided through the Office 365 and/or Azure Portal or via Microsoft Operations Management Suite

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is managed through RBAC controls, Multi Factor Authentication and Privileged Identity Management Services which are configurable by the customer.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Assessment Bureau
• ISO/IEC 27001 accreditation date: 19/08/2016
• What the ISO/IEC 27001 doesn’t cover: Cisilion is covered under the IT Certification of ISO27001
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 9001

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Cisilion internal policies are in place and available on request.; ; Customer security policies should be applied when configuring Microsoft Cloud services

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Customer defined
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Microsoft provide full testing and security audits. Please see the Microsoft Trust Centre for more information
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Available on request
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Details of our ITIL based service desk processes are available on request depending on the level of support selected

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Yes as per vendor

Social Value

• Fighting climate change:

  Fighting climate change

  Cisilion are committed to reducing our impact on the environment. We continually strive to reduce our carbon impact year on year, initiating additional projects and activities that will further reduce our impact locally and globally, and contribute towards global UN carbon offsetting initiatives. Our commitment to the environment extends to our customers, our communities, our employees, our suppliers and other countries in which we operate. Offering a sustainable working balance of office and remote working for all staff members, especially prevalent in the last few years, has also helped towards environmental benefits including lower gas emissions, reducing air pollution and lowering our per employee carbon footprint contribution. As a cloud-first organisation, we support digital transformation and innovation for our clients through the migration to and adoption of cloud services. The COVID-19 pandemic has changed workplace culture for good, accelerating hybrid and remote working. This has seen the biggest ever shift and up-take of cloud-based services, further helping to reduce the consumption of energy through the reduced use of traditional data centres across our customer base. We are currently reviewing 3 suppliers to assist us in calculating our emissions and thus enabling us to identify the areas to focus upon, to become Carbon Net Zero by 2050.
• Covid-19 recovery:

  Covid-19 recovery

  Cisilion recognise the long lasting mental health impact upon individuals who have been directly or indirectly affected by Covid-19 both personally and professionally.; Cisilion will ensure all workers on the G Cloud 13 framework will have access to our full and comprehensive mental and physical wellbeing support. In addition, Cisilion have already engaged with and will continue to engage with the ; Kickstart scheme to assist in employing 16 – 24 year olds on Universal Credit through our apprenticeship and graduate programmes covered below.; ; Our Graduate, Apprenticeship and Emerging Talent Programmes aim to attract individuals regardless of their knowledge, experience, or age, who are looking to achieve a degree (or other professional level skills) while working at the same time. Since 2020 we have leveraged digital technology in our field and successfully hired apprentices that have joined Cisilion remotely through the COVID-19 pandemic.
• Tackling economic inequality:

  Tackling economic inequality

  Cisilion recognise their responsibility in tackling economic inequality through the creation of new skills, jobs and entrepreneurship. Cisilion have been running apprenticeship and graduate schemes for the past 5 years and partner with 3 specialist recruitment and training providers who are experts in finding work for and training unemployed young people. Cisilion are a Microsoft and Cisco gold partner, who are keen supporters of assisting young people into work.Cisilion are also aware of and understand the current Kick Start government scheme of which we will be able to provide details and guidance to unemployed individuals. Cisilion will contribute a total of 16 hours per month towards improving employability of young people in the local vicinity through each bid. This will consist of a mixture of the HR, People and Recruitment team members alongside the Cisilion management team, will provide a mixture of 2-hour workshops and 1 hour long one to one sessions per month. Workshops will be run by our Recruitment team, covering topics such as interview best practice, CV formatting and job-hunting tools available. Individuals will be able to register for one-to-one advice with a member of our management team as a coaching session and more personal advice related to the unemployed persons experience so far. 35% of Cisilion workforce to be part of our apprenticeship, graduate or emerging talent programmes by 2025. Digital Skills: Help the UK prepare for the challenges of the Fourth Industrial Revolution Digital Skills programme. Review requirements in our selection criteria for early-in-career-roles or emerging-talent roles.
• Equal opportunity:

  Equal opportunity

  In 2022, Cisilion became a Disability Confident employer and attained Level 1 status. Cisilion recognise this is the first step in the journey and will ensure all activities across the business enable and support initiatives towards the next levels required. Cisilion conduct all learning and development via LearnAmp, our online Learning Management System. As part of our induction process, we include Diversity and Inclusion Training, along with enhanced Grievance procedure outlines and Anti-Harassment training. Employees are then required to complete refresher training every 6 months. This equates to 378 hours annually. The recruitment team form part of our People function at Cisilion and therefore liaise continuously to ensure proactive recruitment identifies a diverse set of candidates and supports those throughout the interview processes. While we understand that not all individuals feel comfortable in disclosing their identity, we continue to monitor and track our performance against self-created targets for LGBTQIA+, disability, gender and ethnicity within the recruitment processes and within our workforce, where at all possible. Cisilion have identified an inclusion council to go further in identifying diversity and inclusion objectives and practices across the organisation. Our current projects include diversity amongst our Service Centre graduate scheme, improving our benefits package to ensure our private medical insurance is trans-inclusive and developing our grievance procedure to explicitly support individuals from underrepresented groups. We ensure a member of the Leadership team sponsors such initiatives, as Diversity and Inclusion is a key topic at each quarterly Executive Leadership meeting. Cisilion engage with current employees from underrepresented groups, who feel comfortable in doing so, to address any other areas of suggested improvement, and to include their voice in future initiatives.
• Wellbeing:

  Wellbeing

  Cisilion operate a robust health and wellbeing programme, partnering with Vitality Health and Medicash. On an annual basis, all 90 employees on our scheme conduct an Online Health Review, giving employees an understanding of specific areas of health that they need to improve upon, i.e. cholesterol, blood pressure, alcohol intake, physical activity levels and blood glucose level. If employees do not know the figures for these key areas, they have the ability to take a free health assessment to provide them with this data. Vitality Health offer their Member Zone to all members, giving access to videos, tips and our monthly Vitality calendar covering a range of topics from women’s health to mental health and nutrition. Cisilion work with Vitality on a monthly basis, and run programmes based on the outcomes of our health reviews. For example, at the beginning of the year, we ran a Nutrition workshop based on a high number of employees whose reviews flagged a poor diet. Physical health is incredibly important to the whole team and company to boost proactivity levels. For this reason, we have discounted membership rates at many gyms. In addition, on an annual basis, we run a Health and Wellbeing Week, giving the Company access to free cycle and running classes, as well as running yoga and meditation workshops. Cisilion have adopted a hybrid working model, requiring employees to balance their working weeks between their home or remote office and the Cisilion office. This has proven extremely successful in supporting employees work life balance. Many of our employees are parents who need to take time to spend with their children, either by extending their working day to reduce the number of days worked per week or to adjust their working hours.

Pricing

• Price: £0.01 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trial subscriptions are available from Microsoft
• Link to free trial: https://products.office.com/en-gb/try

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at drichardson@cisilion.com. Tell them what format you need. It will help if you say what assistive technology you use.