Essential Computing

Resource Central

Exchange and Outlook integrated booking system for the Hybrid Workplace. Book rooms, desks, workspaces and parking from within Outlook or mobile app. Manage catering, services and visitors. Automated workflow via email and web console for service providers. Works with Microsoft 365, Azure AD, Exchange, Active Directory. SaaS or on premises.

Features

• Book rooms, desks, parking or any other type of space
• Access via Outlook, mobile app, or QR code
• Full integration with M365 mailboxes and Microsoft Teams Rooms
• Place orders for catering and services alongside bookings
• Automated workflow to manage service requests
• PA features to assist with booking on behalf of others
• Comprehensive visitor management
• Web-based RBAC administration console
• Microsoft Power BI integration for advanced reporting
• Sensor integration

Benefits

• Enable staff to create and manage their bookings and visitors
• Outlook & Teams remain central hub for staff bookings
• Easy adoption with familiar Outlook & Teams processes
• Simple access to system via Entra ID credentials using SSO
• Grant RBAC admin access with automatic Entra ID Groups synchronization
• Fully automated workflow. Everybody sees latest up to date information
• Service provider hub to make task management simple
• See room & desk availability clearly with interactive devices
• Create, modify and delete Teams meetings seamlessly in one step
• Visitor approval process and clear views of expected visitors

£37 to £150 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@essential.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

231308957999204

Contact

Clare Knight
01275 343199
info@essential.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Outlook calendars
• Cloud deployment model: Public cloud
• Service constraints: Only supports Microsoft Outlook, Exchange and Office 365 (cloud only or hybrid).
• System requirements:
  • Exchange Online / Exchange Server
  • Azure AD / Active Directory
  • Windows Server 2016 or above (if customer hosted installation)
  • SQL Server 2017 or above (if customer hosted installation)
  • Exchange Online plan with EWS Support
  • IOS / Android

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Web based support- response within one hour Monday- Friday 9am-5.30-pm UK time.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our Support Service, which includes: email, phone and remote access support from our Bristol based offices is available Mon-Fri, 9-5.30pm . ; ; Support is provided by our trained technical support team. Installation services are carried out by our Technical Consultants, who hand over to the support and customer care team following planning, install and configuration to suit your organisations needs. ; ; Where subsequent on site support is needed this would be quoted as needed on a day rate basis. ; ; Your customer account manager will work closely with Support to help and advise following initial technical installation and set up. In addition, the vendor provides out of UK hours support via email Monday-Friday.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We take care to help plan, install, configure and support the 'go live' process through our experienced, dedicated technical consulting and support teams. Through a combination of remote and on site services (for workshops- always best face to face), we'll support your team in getting up and running as effectively as possible. We've learned a lot about what works in a room booking project, what doesn't, and are available to support and offer advice throughout the on boarding process.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: All of the calendar information about meeting bookings is retained and owned by the customer in their own Exchange/Office 365 resource mailboxes.; ; The SQL database containing information relating to things like catering orders, room layout images etc, can be output to CSV or other file types as needed.
• End-of-contract process: 12 weeks written notice is required to end the contract, at which time the service and support will end.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The mobile service allows staff to book calendar appointments on the fly, locating the right room or workspace, and adding resources to the booking.; The main difference between the mobile and desktop service is that the Order Form, which enables additional services- i.e. catering, room layout, cost codes etc, is only available from the desktop. ; ; Typically users would locate and book their meeting resources on the go- once the booking is sent, the organiser receives an email with a link to add other services when back at their desk.; ; No admin functionality available from mobile client.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: Within the subcomponent RealTime service, we have a private API that can be used to create/modify appointments.
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Most aspects of the user interface can be customised to some degree- including , configuration and layout of the workspaces, configuration of the solution around sites, floorplans, and set up.; ; The system can also be visually branded to meet each customer's branding requirements in line with corporate best practices and guidelines.; ; Typically customisation is initially carried out by the Essential Installation consultant following a planning exercise. Training given to allow admins/FM/managers to further make changes to the configuration of the system to meet changing business needs. ; ; Alternatively Essential's support service can assist.

Scaling

• Independence of resources: The application is hosted in a single instance for each customer within Microsoft Azure.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Add-On Technologies

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users should not need to export any data, as all meeting bookings would be retained in Exchange or Office 365 resource calendars.; ; In the event of moving to a non- Outlook based solution, existing Calendar appointments could be extracted as ICS files.
• Data export formats:
  • CSV
  • Other
• Other data export formats: .ICS
• Data import formats:
  • CSV
  • Other
• Other data import formats: .ICS

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The service provided is a hosted service, or a support service for the application hosted by the customer in their own cloud.
• Approach to resilience: This information is available on request.
• Outage reporting: Log file entries within the event viewer.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Role based access controls are in place to determine appropriate access according to role.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Access to the AOP Production Network is restricted by an explicit need-to-know basis, uses least privilege, its frequently audited and monitored, and is controlled by our team. Data is stored a secured password vault secured with 2fa. ; ; All Production Network systems, networked devices, and circuits are constantly monitored and logically administered by Add-On Products staff 24 / 5.; ; The internal framework includes: Staff education and training, company policy, regular review processes, Director ownership of policy and processes.
• Information security policies and processes: The ISO/IEC 27001 Code of Practice for Information Security Management as a framework for guiding the approach to managing security. Add-On Products (AOP) servers are all hosted in Microsoft Azure. ; ; All datacenters are ISO/IEC, CSA/CCM, ITAR, CJIS, HIPAA and IRS certified. ; ; Continually review the use of security measures so that we can improve the way in which we protect our business.; ; Information assets are protected and managed to enable meeting of contractual, legislative, privacy and ethical responsibilities.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The Change Management team utilise Jira change control systems and framework. The key objective is to protect the client production services from outage and disruption resulting from change.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Major application data flow ingress and egress points are monitored with Intrusion.; ; Detection Systems (IDS) or Intrusion Prevention Systems (IPS). The systems are configured to generate alerts when incidents and values exceed predetermined thresholds and uses regularly updated ; signatures based on new threats. ; ; Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems. ; ; Access to the Production Network is restricted by an explicit need-to-know basis, uses least privilege, and is frequently audited and monitored, and is controlled by our team. ; ; Data is stored a secured password vault secured with 2fa.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have defined our own protective monitoring processes in line with contract and customer requirements. All systems, networked devices, and circuits are constantly monitored and logically administered by Add-On Products staff 24 / 5.
• Incident management type: Supplier-defined controls
• Incident management approach: Any security or data breach event must be reported immediately to the CTO. ; ; Security Incident Response, in case of a system alert, events are escalated to our 24 / 5 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We are committed to reducing our environmental impact as part of how we operate as a digital business.; As a digital services provider, we enable our customers to realise sustainable hybrid workplaces for positive wellbeing and environmental impact through the technology solutions we provide, and through the way we collaborate to implement the solutions for long term success.; Our focus is on reducing energy and resource usage, reducing the need to travel where possible, and enabling team communications and education to support these objectives. We proactively support our customers, and vendors to do the same by delivering projects in a way which considers environmental factors at the planning stage. ; In recent years, we have reduced our office footprint to support hybrid working, minimising travel requirements for our teams. Our services are delivered fully remotely to customers, to pass on the same benefits.

  Equal opportunity

  We provide technology solutions which help level the playing field for people across the workforce. Accessibility is a key consideration, and we work with solutions which integrate with Microsoft’s advanced accessibility capabilities wherever possible.

  Wellbeing

  The solutions we provide are aimed at making day to day working life better for the people using it, by enabling them to achieve more from within their Microsoft365 applications, reducing digital friction.; Doing the right thing is a core value of our business. This starts with commitment to our team, to be a responsible, fair and supportive employer, by offering a safe and welcoming environment to do their best work and providing development pathways where possible.; Our belief is that if our people are supported well, they can do the best they can for our customers.; Underpinning all the above, is the choice to work with vendors with aligned values in terms of their positive impact on their people, teams, partners, and customers.

Pricing

• Price: £37 to £150 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@essential.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.