Nimbus Digital Technology Innovations Ltd

Nimbus Cloud Software Services - Microsoft365

Nimbus is a specialist digital & technology company focused on providing services to help our customers benefit from using cloud technologies.

As a Microsoft Cloud Solution Provider (CSP), we can offer Microsoft365 software licenses at lower than market price.

Features

• Microsoft 365, Microsoft Office 365
• PowerPoint, Word, Excel, OneNote
• Access, Outlook, Exchange, Bookings, Teams
• SharePoint, Yammer, To Do
• OneDrive, Stream, Sway, Planner
• Power Apps, Power Automate, MyAnayltics, Power BI Pro
• IDAM, Security Management, Threat Protection
• Compliance

Benefits

• Certified Microsoft Cloud Solution Provider
• Flexibale pricing and contracts to suite your needs
• Reduce your operating costs only paying for capacity you use
• Enterprise SLAs with ITIL-aligned service management

£1 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adam.blair@nimbusdti.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

243137022117872

Contact

Adam Blair
07851321066
adam.blair@nimbusdti.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: None

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Standard Support; ; Service Hours: 08:00- 18:00 Monday to Friday excluding UK Public Holidays; ; Service Availability: 99.7%; ; SLA Targets; ; P1 – 8 hrs 24x7; P2 – 16 hrs; P3 – 24 hrs; P4 – 85% within 5 working days; ; Telephone Support: No; Email Support: Yes; Self-serve Portal Yes; ; Premium Support; ; Service Hours: 08:00- 18:00 Monday to Friday excluding UK Public Holidays; ; Service Availability: 99.9%; ; SLA Targets; ; P1 – 4 hrs 24x7; P2 – 8 hrs; P3 – 12 hrs; P4 – 85% within 5 working days; ; Telephone Support: Yes; Email Support: Yes; Self-serve Portal Yes
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: N/A
• Onsite support: Onsite support
• Support levels: Basic Support; ; Service Hours: 08:00- 18:00 Monday to Friday excluding UK Public Holidays; ; Service Availability: 99.5%; ; SLA Targets; ; P1 – 12 hrs; P2 – 24 hrs; P3 and P4 – 85% within 5 working days; ; Telephone Support: No; Email Support: No; Self-serve Portal Yes; ; Standard Support; ; Service Hours: 08:00- 18:00 Monday to Friday excluding UK Public Holidays; ; Service Availability: 99.7%; ; SLA Targets; ; P1 – 8 hrs 24x7; P2 – 16 hrs; P3 – 24 hrs; P4 – 85% within 5 working days; ; Telephone Support: No; Email Support: Yes; Self-serve Portal Yes; ; Premium Support; ; Service Hours: 08:00- 18:00 Monday to Friday excluding UK Public Holidays; ; Service Availability: 99.9%; ; SLA Targets; ; P1 – 4 hrs 24x7; P2 – 8 hrs; P3 – 12 hrs; P4 – 85% within 5 working days; ; Telephone Support: Yes; Email Support: Yes; Self-serve Portal Yes
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We tailor our on-boarding services in line with our customer requirements. This can be either provided using our standard predefined services or by providing custom services. Further information is available on request.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: We agree exit terms and processes at the time of contracting. The exact format turnaround and processes related to data extraction is determined at this point. Further information is available on request.
• End-of-contract process: End of contract scenarios are agreed in advance and either tailored to customer requirements or we can provide a standard, predefined solution, based on ITIL v3 processes and guidelines. Additional costs are determined on a case by case basis, dependent on size and complexities of activities. Further information is available on request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Customisable interface available
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: The API is used to enable integration with our customers ITIL Toolset. Further information is available on request.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: No

Scaling

• Independence of resources: We leverage online services which in turn utilises various cloud scale techniques and technologies, to ensure multi-tenant services are not affected in terms of peak usage. Further information is available on request.

Analytics

• Service usage metrics: Yes
• Metrics types: CPU; Disk; HTTP request and response status; Memory; Network; Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be imported and exported using a variety of standard formats
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • Excel
  • XML
  • SQL
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Excel
  • XML
  • SQL

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Basic Support: 99.5%. Standard Support 99.7%. Premium Support 99.9%.
• Approach to resilience: The online services we provide have a number of features to ensure resilience. Further information is available on request.
• Outage reporting: Outages can be communicated by multiple methods including Dashboards, accessible via APIs, email alerts and via phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Our services implement role based access control, determined by the customer on a case by case basis.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We work to industry and specifically Microsoft standards for all security related standards. Our solutions leverage Microsoft Cloud Services which in term comply to ISO/IEC 27001 and CSA CCM v3.0
• Information security policies and processes: We have an Information Security Policy which is available on request. We have rigorous induction and training methods which ensure policies are followed. Reporting Structure is also available on request.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We align our configuration and change management processes, including component life cycle tracking and security impact assessments, according to the ITIL v3 Framework Guidelines.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Potential threats are monitored through multiple sources, including external repositories and vendor feeds proactively according to internally defined processes. Assessment of patches, hot fixes updates and associated deployment guidelines are dictated by severity, client requirements and/ or vendor recommendations.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use various tools, technologies and techniques in order to identify potential compromises and respond on a case by case basis, based on the nature, complexity and severity. We offer various levels of response times, depending on Service Level Agreements. Further information is available upon request.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Incident reporting frequency and format is agreed with the customer on a case by case basis. Users can report incidents via multiple channels including telephone, dashboards and email. We have predefined processes for common events and leverage the guidelines defined by the ITIL v3 Framework.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Nimbus are committed to not just ensuring carbon neutrality but to be carbon positive. A full analysis will be performed as to Nimbus carbon impact due to work on any potential contract. Nimbus will utilise their tree planting and maintenance charity to ensure enough trees are planted so that an additional 1 tonne of carbon per month is mitigated above the level required for neutrality. ; ; In addition, Nimbus run a country wide cycle to work scheme.
• Covid-19 recovery:

  Covid-19 recovery

  We understand the challenges that COVID-19 has bought to employment within the UK, Nimbus aim to support in reducing unemployment. Nimbus are committed to growing and developing local talent; our business model is to provide jobs to individuals from local communities where we are providing services.; ; Nimbus are committed to ensuring that during this contract 75% of services will be provided by local talent. ; ; Additionally, Nimbus commit to 1 in 10 new roles created will be staffed by local graduates/apprentices, thus, helping upskilling individuals within the region. ; ; Nimbus are committed to providing a minimum of 10 days a year for work experience to residents, schools, or colleges, to help nurture local young talent and educate them about a career within IT. This summates to 2 full working weeks in a year.
• Tackling economic inequality:

  Tackling economic inequality

  Nimbus are committed to providing at least 1 role to unemployed members of the community within the first year. We are fully committed to providing a detailed technical training programme for those who are out of work and do not have technical skills. ; ; Equal Opportunity; ; We implement the following:; Recruitment ; • Blind CVs ; • Gender Neutral wording ; • Structured and consistent interviewing with accommodating interview process; • Campaigns to improve diversity; Employment ; • Robust equality polices – including diversity, equal pay and whistleblowing ; • Far above market average paternity and maternity ; • Tier 2 visa organisation; • Flexible working ; • Free private health care – including counselling and mental health support; Training ; • Annual diversity and inclusion training
• Equal opportunity:

  Equal opportunity

  We implement the following:; Recruitment ; • Blind CVs ; • Gender Neutral wording ; • Structured and consistent interviewing with accommodating interview process; • Campaigns to improve diversity; Employment ; • Robust equality polices – including diversity, equal pay and whistleblowing ; • Far above market average paternity and maternity ; • Tier 2 visa organisation; • Flexible working ; • Free private health care – including counselling and mental health support; Training ; • Annual diversity and inclusion training
• Wellbeing:

  Wellbeing

  Nimbus Culture ; • Bi-annual employee pulse surveys ; • 93% of colleagues feel valued ; • 93% of colleagues enjoy our company culture ; • Celebration of cultural events – Diwali, Eid, Christmas, Black History Month ; • Charity initiatives to support the community - sponsor for Myton Hospice ; • Monthly social events for colleagues to attend outside of working hours ; • Learning and development communities to share expertise and knowledge; • Free staff health care and mental health support provided; Supporting our values ; • Creating a safe, open and inclusive environment for colleagues and clients ; • IT, Green and Culture & Charity Champion groups with initiatives led by colleagues ; • Encouraging schemes such as cycle to work and reducing office waste; • Committed aim to achieve net 0 carbon by end of 2022; • Co-location project delivery with our clients or at our offices in Coventry

Pricing

• Price: £1 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adam.blair@nimbusdti.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.