VE3 Microsoft Dynamics 365 (Official Sensitive)

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Our services are built upon Microsoft's Dynamics 365 platform.
Cloud deployment model: Private cloud
Service constraints: None
System requirements: Processor - 1.9GHz x86- or x64-bit dual core processor

Memory - 2-GB RAM

Display - Super VGA with a resolution of 1024x768

Bandwidth greater than 1Megabit per second (125 KBps/Kilobyte per second)

Latency under 150 ms

Windows 10 - Internet Explorer 11, Microsoft Edge

Windows 8.1 - Internet Explorer 11

Windows 8 - IE10, Windows7 -IE10, IE12

Support for Mozilla Firefox, Google Chrome and Apple Safari

Further information can be found here - https://technet.microsoft.com/en-us/library/hh699710.aspx

User support

Email or online ticketing support: Email or online ticketing
Support response times: VE3 offers four levels of support ranging from core working hours (9am to 5pm Monday to Friday excluding English public holidays) to full 24x7 support. Our Silver service response times depend on the severity of the incident and are as follows:
a) Severity Level 1 (Critical) - 1 hour to respond, 1 day to resolve.
b) Severity Level 2 (Severe) - 1 hour to respond, 3 days to resolve.
c) Severity Level 3 (Disruptive) - 2 hours to respond, reasonable 5 days to resolve.
d) Severity Level 4 (Minor) - 2 hours to respond, reasonable efforts to resolve.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: VE3 offers four levels of support with the following support hours:
1) Platinum: Full 24*7 support service suitable for the most business critical applications.
2) Gold: On-call 24*7 support service appropriate for public facing applications that are utilised 24*7.
3) Silver: 8am to 5:30pm Monday to Friday, excluding public holidays. This extended hours model is targeted at customers requiring cover for a flexible working day.
4) Bronze: 9am to 5pm Monday to Friday excluding public holidays.
The VE3 Digital Service Desk is contactable from 8am to 6pm on UK working days.
The Service Desk responds to questions depending on the Severity Level of the call as follows:
a) Severity Level 1 (Critical) - the reported problem causes a halt to the client’s core business processes and no workaround is available.
b) Severity Level 2 (Major) - the reported problem causes degradation of the client’s core business processes and no reasonable work-around exists.
c) Severity Level 3 (Intermediate) - the reported problem impacts the client’s operational environment, but does not affect core business processes. A work-around is available.
d) Severity Level 4 (Minor) - a non-critical problem is causing some disruption, but with little or no impact on the client operation.
Support available to third parties: No

Onboarding and offboarding

Getting started: During initiation the VE3 Delivery Manager (DM) assesses what help, support and training users require to start using the service. The DM works closely with the customer to agree an on-boarding plan that ensures users are ready to start using the service, typically priced from the SFIA rate card. The on-boarding plan may incorporate the following:
Support Documentation – availability and access to online user support documentation and resources.
Cloud Induction Training for system administrators and online product help. Provides the skills to run cloud services.
Cloud Standard Training in the core system for system champions and end users. Covers system administration, security and cloud service monitoring/managing.
Cloud Specialist Training – advanced training for system champions. This may involve Accredited Courses from VE3 Cloud delivery partners including Google, Amazon Web Services and Microsoft.
Cloud Training Packages, tailored package of training for specific business requirements for system administrators, business managers, and end users.
The Delivery Manager also facilitates skills transfer throughout the project and provides access to VE3 Knowledge Sharing activities including supplier briefings, Webinars.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: Termination period depends on the payment model. When paying per user per month, customers may terminate their G-Cloud service with 30 days’ notice. When buying an enterprise licence, the minimum term is a year. Customers can terminate their service by contacting VE3 in writing.
Customers may request all associated data is extracted and provided securely to a destination of their choice (see pricing for charges associated with data extraction). If no data extraction is requested, then the associated data will be deleted within 5 working days of service termination. The three step off-boarding process is: 1. Termination Notification – one month termination notice sent; 2. Data Extraction – Optimal Data Extraction for Test Migration; 3. Service Termination – All Data Wiped.
End-of-contract process: For monthly contracts, VE3 require 60 days’ notice to terminate a G-Cloud service. When buying an enterprise annual licence, the minimum term is a year and 3 months’ written notice must be provided. At the end of the contract, the service will be turned off unless the customer decides to extract their data as per the extraction process detailed above. Customers will be credited for any amount that has been paid beyond the termination date once the service has been terminated subject to minimum terms.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: VE3 Services recognise that digital services are accessed “anytime, anywhere, any device”. Therefore, VE3 has utilised a responsive design approach to ensure a common user experience that is browser based and platform independent. The interface is optimised to run on either a mobile device or tablet depending on the size of the screen with certain elements, like menus, collapsing to take up minimal screen space as the available space reduces.
Service interface: Yes
User support accessibility: WCAG 2.1 AA or EN 301 549
Description of service interface: Full SDK is available from Microsoft.
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: Please contact VE3 for details.
API: Yes
What users can and can't do using the API: The Web API provides a development experience that can be used across a wide variety of programming languages, platforms, and devices. The Web API implements the OData (Open Data Protocol), version 4.0, an OASIS standard for building and consuming RESTful APIs over rich data sources. (Further details can be found here -https://msdn.microsoft.com/en-gb/library/mt593051.aspx). The web API is part of the Dynamics 365 Software Development Kit (SDK). The SDK contains a wealth of resources, including code samples, which are designed allow powerful vertical applications to be built using the Microsoft Dynamics 365 platform. It is a guide for developers writing solutions, server-side code, client applications and extensions, custom business logic, plug-ins, integration modules and custom workflow modules.

As a secure platform consideration will need to each and every integration with the system.
API documentation: Yes
API documentation formats: HTML
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: The services and solutions that we provide within Dynamics 365 provide our clients with significant flexibility for customisation and configuration. Dynamics 365 is one of the most extensible platforms available, enabling users with sufficient permissions the ability to have a bespoke customised experience across different sections of the tenancy. Configuration can easily be applied directly within Dynamics 365’s user interface. More involved customisation is typically undertaken via use of Dynamics 365’s APIs. This empowers users with the ability to introduce customisation that allow different types of content to be viewed, created, edited or even deleted. Permissions can be set to ensure that only required users have the ability to apply customisation.

Scaling

Independence of resources: The solution is designed to operate and optimum level and system performance is reviewed to ensure the correct allocation of resources are applied.

Analytics

Service usage metrics: Yes
Metrics types: Metrics are provided based on the active number of users, in addition auditing metrics are provided related to; last logon, account lockout, password resets.
Reporting types: Regular reports

Reports on request

Resellers

Supplier type: Reseller providing extra features and support
Organisation whose services are being resold: Microsoft

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: No
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: There are a large number of different export paths provided within Dynamics 365; these depend upon the nature of the data that users wish to export. There are also a large range of 3rd party tools which enable bulk import and export, which make the process of overseeing large-scale data export far simpler.
Data export formats: CSV

Other
Data import formats: CSV

Other

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: The Microsoft Dynamics CRM 365 IL3/Official Assured platform is delivered upon the UKCloud cloud platform. The guaranteed availability is 99.9% based on 24 x 7 availability. VE3's service desk is available 09:00am – 5:30pm UK Working Days. If you would like service levels to apply outside of normal service hours, then please contact us with your requirements. VE3 will act as the customer’s agent to liaise with UKCloud to resolve issues. UKCloud pay service credits directly if the cloud platform does not meet pre-defined service levels. VE3 will pass onto the customer any service credits received from UKCloud.
Approach to resilience: The service is deployed across a number of sites, regions and zones. Each zone is designed to eliminate single points of failure (such as power, network and hardware). The platform has been configured to make use of the available resiliency within the cloud platform.
Outage reporting: All outages will be reported via the Service Desk and e-mail alerts to designated technical contacts.

Identity and authentication

User authentication needed: Yes
User authentication: Username or password
Access restrictions in management interfaces and support channels: Support is provided by bastion hosts. These are on dedicated VPNs connected to the environment at UKCloud. Certain individuals who have the appropriate security clearance have the physical access to the machines and are allocated a login to access the system. All support is performed from the UK.
Access restriction testing frequency: At least once a year
Management access authentication: Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: Between 1 month and 6 months
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: Between 1 month and 6 months
How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: EGAC
ISO/IEC 27001 accreditation date: 06/01/2024
What the ISO/IEC 27001 doesn’t cover: NA
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: ISO 22301

ISO 20000-1

ISO 14000-1

ISO 9000-1

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: VE3 is ISO27001 accredited. It has 15 years of experience in delivering highly-secure, business critical services for public sector clients, including the development and management of several national critical systems. All of VE3’s activities are carried out under its ISO27001-compliant Information Security Management System (ISMS) which defines the secure operating procedures for every single aspect of VE3’s operational processes, including its engagement with partners such as Microsoft. Microsoft are themselves ISO27001 accredited and VE3 has worked to ensure this service offers seamless operational security coverage. Ultimate responsibility for VE3’s security policies rests at board level; day-to-day operational responsibility is held by VE3’s Head of Security who manages a team of Security Administrators involved in supporting operations and technical owners. Operational security for this service is assured by the internal service owner, with the support of the security team.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: VE3 use a documented configuration and change management policy which is part of our ISO9001 and ISO27001 management systems. This is underpinned by the UKCloud documented configuration and change management policies and processes, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 standard. A robust, established process for the formal submission of change requests is mandated prior to review and approval of the daily Change Advisory Board, which is attended by a quorum of operational and technical management personnel.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: The service is built upon UKCloud's platform, UKCloud has a documented vulnerability management policy and process, which have been implemented, maintained and assessed in accordance with the guidance from ITIL v.3 and the current ISO20000 and ISO27001 standards. Where technically possible, real-time updates and status reports are identified and sourced from credible vendor sources, which cover a significant proportion of UKCloud’s asset population. For other systems and software, assigned personnel have responsibility for regularly reviewing technical forums and specialist groups to promptly identify and evaluate any emerging patches or updates which require our attention.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Following best practice from the National Cyber Security Centre, UKCloud protects both its Assured and Elevated platforms with enhanced protective monitoring services (SIEM), at the hypervisor level and below. Our approach to protective monitoring continues to align with the Protective Monitoring Controls (PMC 1-12) outlined in CESG document GPG13 (Protective Monitoring for HMG ICT Systems). It includes checks on time sources, cross-boundary traffic, suspicious activities at a boundary, network connections and the status of backups, amongst many others. All alerts are immediately notified to the UKCloud NOC for prompt investigation.
Incident management type: Supplier-defined controls
Incident management approach: VE3 will provide service desk support to a designated customer administrator or IT Help Desk. End users of the service experiencing service issues contact their designated administrator or help desk who will then raise an incident either by phone, e-mail or online ticket. The incident will be managed by the service desk team who will assign a priority depending on severity. The engineers will then work to resolve the incidents and any underlying problems if present. Work is overseen by the Service Delivery Manager who works with the customer and will produce monthly incident management reports.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: Yes
Connected networks: Public Services Network (PSN)

Social Value

Fighting climate change
Covid-19 recovery
Tackling economic inequality
Equal opportunity
Wellbeing

Fighting climate change

Our G-Cloud service provision is deeply committed to fighting climate change, recognizing the urgent need for collective action to address environmental challenges. Here's how our services deliver against this social value theme:

Environmental Sustainability in Operations:

We prioritize running efficient operations to reduce emissions and minimize environmental impacts. This includes implementing energy-efficient practices, optimizing resource usage, and adopting renewable energy sources wherever possible within our data centers and infrastructure.

Promoting Sustainable Practices:

VE3 actively engages with our suppliers and clients to promote sustainable business practices. Through our services, we advocate for the adoption of environmentally friendly technologies, responsible sourcing, and waste reduction strategies, thereby reducing carbon footprints across the supply chain.

Responsible by Design Framework:

Our G-Cloud services adhere to a 'Responsible by Design' framework, ensuring that environmental considerations are integrated into the development and deployment of digital solutions. By prioritizing environmental protection and minimizing negative impacts, we strive to deliver sustainable outcomes for our clients.

Training and Education:

VE3 invests in training and education programs focused on environmental sustainability. Through initiatives like the Sustainability Quotient (SQ) training, we equip our teams with the knowledge and skills to adopt climate-smart behaviors and implement environmentally conscious practices in their work.

Community Engagement:

We actively engage with communities to support environmental objectives and promote climate action. By partnering with local organizations and stakeholders, we contribute to initiatives aimed at addressing climate change, such as tree planting programs, clean energy projects, and environmental education campaigns.

Covid-19 recovery

Our G-Cloud service provision plays a crucial role in supporting the COVID-19 recovery effort by facilitating resilience, adaptation, and innovation in the face of unprecedented challenges. Here's how our services contribute to the recovery process:

Remote Work Enablement:

VE3's digital solutions empower organizations to transition to remote work seamlessly. By providing secure and reliable cloud-based infrastructure, collaboration tools, and remote access solutions, we enable businesses to maintain productivity while ensuring the safety and well-being of their employees.

Business Continuity Planning:

We assist organizations in developing and implementing robust business continuity plans to mitigate disruptions caused by the pandemic. Our services include data backup and recovery solutions, disaster recovery planning, and resilience testing to ensure operational continuity in the face of unforeseen events.

Digital Transformation Acceleration:

VE3 accelerates digital transformation initiatives to help organizations adapt to the new normal. By modernizing legacy systems, implementing cloud-based technologies, and digitizing processes, we enable businesses to optimize efficiency, improve agility, and remain competitive in a rapidly evolving landscape.

Healthcare Support Solutions:

We provide specialized healthcare support solutions to assist frontline workers and healthcare organizations in responding to the COVID-19 crisis. This includes telemedicine platforms, patient management systems, and data analytics tools to enhance patient care, streamline operations, and support decision-making processes.

Economic Stimulus through Innovation:

VE3 fosters innovation and entrepreneurship to stimulate economic recovery in the aftermath of the pandemic. Through our G-Cloud services, we support startups, small businesses, and enterprises in developing and deploying innovative solutions that address emerging challenges, create new opportunities, and drive economic growth.

Tackling economic inequality

We recognize the importance of tackling economic inequality and are committed to leveraging our G-Cloud service provision to address this pressing social issue. Here's how our services contribute to tackling economic inequality:

Access to Affordable Technology:

We strive to make cutting-edge technology accessible and affordable to all, regardless of economic status. By offering scalable and cost-effective cloud-based solutions, we enable organizations, including small and medium-sized enterprises (SMEs) and underserved communities, to access the tools and resources they need to compete in the digital economy.

Skills Development and Training:

VE3 invests in skills development and training programs to empower individuals with the knowledge and expertise needed to thrive in the digital age. Through initiatives like online courses, certifications, and workshops, we equip people from diverse backgrounds with the skills required for high-demand roles in technology and innovation, thereby enhancing their employability and economic prospects.

Support for Minority-Owned Businesses:

We actively support minority-owned businesses and entrepreneurs by providing access to mentorship, networking opportunities, and resources to help them grow and succeed. Through initiatives like supplier diversity programs and partnerships with minority business organizations, we promote inclusion and diversity in the technology sector and contribute to creating more equitable economic opportunities.

Digital Inclusion Initiatives:

VE3 is committed to promoting digital inclusion and bridging the digital divide by ensuring that everyone has access to essential digital services and technologies. We collaborate with governments, nonprofits, and community organizations to implement initiatives such as digital literacy programs, affordable internet access schemes, and community technology centers, thereby empowering underserved populations and promoting economic equity.

Fair and Transparent Procurement Practices:

We adhere to fair and transparent procurement practices to create opportunities for businesses of all sizes and backgrounds to participate in government contracts and procurement processes.

Equal opportunity

We recognize the importance of tackling economic inequality and are committed to leveraging our G-Cloud service provision to address this pressing social issue. Here's how our services contribute to tackling economic inequality:

Access to Affordable Technology:

We strive to make cutting-edge technology accessible and affordable to all, regardless of economic status. By offering scalable and cost-effective cloud-based solutions, we enable organizations, including small and medium-sized enterprises (SMEs) and underserved communities, to access the tools and resources they need to compete in the digital economy.

Skills Development and Training:

VE3 invests in skills development and training programs to empower individuals with the knowledge and expertise needed to thrive in the digital age. Through initiatives like online courses, certifications, and workshops, we equip people from diverse backgrounds with the skills required for high-demand roles in technology and innovation, thereby enhancing their employability and economic prospects.

Support for Minority-Owned Businesses:

We actively support minority-owned businesses and entrepreneurs by providing access to mentorship, networking opportunities, and resources to help them grow and succeed. Through initiatives like supplier diversity programs and partnerships with minority business organizations, we promote inclusion and diversity in the technology sector and contribute to creating more equitable economic opportunities.

Digital Inclusion Initiatives:

VE3 is committed to promoting digital inclusion and bridging the digital divide by ensuring that everyone has access to essential digital services and technologies. We collaborate with governments, nonprofits, and community organizations to implement initiatives such as digital literacy programs, affordable internet access schemes, and community technology centers, thereby empowering underserved populations and promoting economic equity.

Fair and Transparent Procurement Practices:

We adhere to fair and transparent procurement practices to create opportunities for businesses of all sizes and backgrounds to participate in government contracts and procurement processes.

Wellbeing

Environmental Sustainability: We are committed to environmental sustainability as a core component of wellbeing. By prioritizing eco-friendly practices, resource conservation, and carbon reduction efforts in our operations and services, we contribute to creating a healthier and more sustainable environment. We prioritize the wellbeing of individuals and communities in all aspects of our G-Cloud service provision. Here's how our services contribute to enhancing wellbeing: User-Centric Design: VE3 designs our G-Cloud services with a user-centric approach, prioritizing usability, accessibility, and intuitive design. By focusing on the needs and preferences of users, we create digital experiences that enhance overall wellbeing by reducing frustration, stress, and cognitive load. Health and Safety Protocols: We implement robust health and safety protocols to protect the wellbeing of employees, clients, and partners. This includes adherence to strict security standards, data privacy regulations, and compliance with industry best practices to ensure the safety and integrity of our digital infrastructure and services. Promotion of Work-Life Balance: VE3 recognizes the importance of work-life balance in maintaining overall wellbeing. Through our G-Cloud services, we enable remote work, flexible scheduling, and collaboration tools that empower individuals to achieve a healthy balance between their professional and personal lives, leading to greater job satisfaction and wellbeing. Mental Health Support: We prioritize mental health support for our employees and clients by offering resources, programs, and initiatives aimed at promoting mental wellbeing. This includes access to counseling services, mindfulness training, stress management workshops, and employee assistance programs designed to support individuals in times of need. Community Engagement and Social Impact: VE3 actively engages with communities to address social determinants of health and promote holistic wellbeing. Through partnerships, philanthropic initiatives, and volunteer efforts, we support local organizations and projects focused on improving access to healthcare, education, housing, and other essential services that contribute to overall community wellbeing.

Pricing

Price: £175 to £850 a unit
Discount for educational organisations: Yes
Free trial available: No

VE3 Microsoft Dynamics 365 (Official Sensitive)

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

VE3 Microsoft Dynamics 365 (Official Sensitive)

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents