Redinet Ltd

Microsoft365 licensing

To supply Microsoft365 Licensing across the modern workplace portfolio

Features

• Office Applications
• Storage and File Sharing
• Email and Calendar
• Collaboration tools including online meetings and chat
• Software packages to suit all requirements
• Data Security
• Annual commitment to remove price fluctuations
• Assistance with migration to Microsoft365

Benefits

• Accessibility and Collaboration
• Scalability and Flexibility
• Data Security and Compliance

£3.30 to £55.00 a licence a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mike.beeson@redinet.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

215820851752225

Contact

Mike Beeson
020 8249 7000
mike.beeson@redinet.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Azure; Telephony; Archiving
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Backed up separately, Microsoft are not responsible for this
  • Sufficient Bandwidth

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We target our service desk with a One-Hour valid first response. Our first response is based on an engineer responding with an action and not an automated response. Our support team are targeted on a number of Key Performance Indicators. We are committed to providing buyers with the highest level of support possible. Examples of these is, Telephone pickup KPI which is within 10 seconds and consistently averages at 93%, well above our target of 85%. First Response to Tickets within One-hour SLA averages at 97%, which is above our target of 94%. These are reviewed on a quarterly basis.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Redinet offer support to fit the needs of our clients. Standard Business Hours are, Monday to Friday, 8am to 6pm. We also provide support outside of these hours (up to 24/7) to fit the needs of all business and can be tailored as required. Our SLA for first response is 1-hour for a valid response from an engineer who has been assigned to the ticket. Support package costs can be discussed on a per customer basis dependant on required levels
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We have deployed Microsoft365 services out to lots of customers as a brand new tenant or migrating from another cloud vendor. We ensure that whenever we migrate businesses to the platform we do offer initial training to the customer on using the services available.
• Service documentation: No
• End-of-contract data extraction: There would be no need to extract data from the service. We would hand over the administrator status to a customer to avoid large costs of migrating away.; ; But if data extraction is required we can offer the solution needed as per customer requirements
• End-of-contract process: Redinet would provide administrator access to the customer to continue managing the service. This can be agreed at commencement of service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Minor differences between display of content
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: There is an online portal that can be used to access Microsoft services from a user or Admin perspective
• Accessibility standards: None or don’t know
• Description of accessibility: Via a web interface
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: There is documentation online in the Microsoft system on using the APIs to connect to other software.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: User accounts, conditional access, policies and security services.

Scaling

• Independence of resources: This is managed by Microsoft

Analytics

• Service usage metrics: Yes
• Metrics types: Data and user usage can be seen and configured as required by the customer
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: With Microsoft 365, your data is encrypted at rest and in transit, using several strong encryption protocols, and technologies that include Transport Layer Security/Secure Sockets Layer (TLS/SSL), Internet Protocol Security (IPSec), and Advanced Encryption Standard (AES).
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data imports are made as per the customer requirements
• Data export formats:
  • CSV
  • Other
• Other data export formats: .pst
• Data import formats:
  • CSV
  • Other
• Other data import formats: .pst

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As this is a third party service from Microsoft we would publish their SLA for uptime. These are published at https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1
• Approach to resilience: Microsoft have datacentres all over the world and we designate a region for data residency so infrastructure can move around between datacentres in this region.
• Outage reporting: Email alerts and Public pages

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: We can define the IP addresses that can access the web interface.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI Assurance UK Limited
• ISO/IEC 27001 accreditation date: 27/01/2023
• What the ISO/IEC 27001 doesn’t cover: We made the decision to cover everything we do under our certificate. We don't cover other businesses with our accreditation.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow ISO27001 policies and processes

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Formal change management process. If changes are requested to the infrastructure these would go through the project team to make sure that changes are thought about to avoid risk.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We suggest using third party vulnerability cloud services to detect out of date software or end of life software. If a support contract is in place we would carry out patching within 14 days or a patch being released.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have MDR & threat hunting services but these are a separate service. We respond within an hour to isolate and mitigate.
• Incident management type: Supplier-defined controls
• Incident management approach: If there is a support contract in place with us users would be able to respond to incidents via our service desk and have incident management processes as part of our ISO27001 accreditation.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As a business we have an environmental policy in place.

  Covid-19 recovery

  We are flexible with staff to ensure they can work from home as and when required. We support local business with sponsorships to help our community around us.

  Tackling economic inequality

  We have run apprentice programs for students doing IT and Security courses at College. We also have continual improvement programs to continue to upskill internal staff with our strategic Vendor partnerships.

  Equal opportunity

  At Redinet we have an inclusion policy to ensure that we give as many people the right opportunity as possible.

  Wellbeing

  We regularly run charitable events and team building in conjunction with mental health initiatives. We have employee healthcare services in place that incorporates mental health and wellbeing services to be used.

Pricing

• Price: £3.30 to £55.00 a licence a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We can offer trials of some Microsoft365 packages for 30 days

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mike.beeson@redinet.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.