DATAQUEST (HEATHROW) LIMITED

Collaborative Working

Dataquest offer a simplified communication and collaboration toolset that leverages collaboration solutions which drive productivity, improving collaboration and communication. By utilising Microsoft 365 / SharePoint teams, slack and Zoom and forgetting Google Workspace 365, project management software like Asana and Trello,

Features

• Microsoft 365 Productivity, Email, Teams and Collaboration Platform
• Enterprise Mobility, MDM and Cyber Security Solutions
• Advanced Threat Protection for Office 365 and Windows 10
• Archive, legal hold, data leakage protection (DLP)
• Advanced compliance tools, including rights management services and information protection
• MS Teams collaboration, online meetings, web-conferencing, cloud PBX
• SSO and MFA security
• Word, Excel, PowerPoint, OneNote, SharePoint, OneDrive, Yammer, Outlook
• Tools to support compliance, information protection, privacy and GDPR
• Corporate social networking, analytics, Power BI

Benefits

• Increase productivity
• Reduce meetings and wasted downtime
• Improved employee efficiency and collaboration
• Adoption of latest collaboration services
• Facilitates collaboration between disparate colleagues
• Single document source for team-based collaboration
• Productivity gains and rich communication
• Increased business transparency

£250 to £450 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

296160280077688

Contact

Michael Lyons
07799894781
gcloud@dqgroup.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Office 365, SharePoint, Microsoft Azure
• Cloud deployment model: Public cloud
• Service constraints: None - Dataquest will adhere to Microsoft Cloud best practice to deliver the service
• System requirements: Microsoft 365 license

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Depending on the SLA the minimum time period for responding to questions will be within two hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Typically, 09:00-17:30 UK hours, Monday to Friday, excluding public holidays. Extended service to provide 24/7, 365 coverage, flexible, priced to your needs.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Dataquest have a defined adoption program driven through a Service contract.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: The data can be easily migrated utilising common migration tools available in the market.
• End-of-contract process: The associated costs for end of life contracts will be determined between both parties depending on the level of technical expertise on the client side, these costs are not described in an initial deployment contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Dataquest design solutions that are scalable based on the projected business objectives and strategies.

Analytics

• Service usage metrics: Yes
• Metrics types: Out of the box tools and additional 3rd party tools when necessary.

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Reselling organisation’s services Microsoft Cloud Services

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Commonly available tools.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Please refer to the Microsoft Office 365 Trust Centre; ; https://products.office.com/en-gb/business/office-365-trust-center-operations
• Approach to resilience: The solutions are designed and based on Microsoft Cloud best practise technical architecture.
• Outage reporting: Email alerts are used to report on any outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management areas can be restricted utilising permissions based Information Architecture
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The British Standards Institution (BSI)
• ISO/IEC 27001 accreditation date: 29/09/2022
• What the ISO/IEC 27001 doesn’t cover: No software development on premise
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • Microsoft have ISO/IEC-27001 certification by BSI
  • Microsoft have Level-1:CSA-STAR Self-Assessment
  • Microsoft have ENISA-IAF, EU-Model-Clauses, EU-U.S.-Privacy Shield, ISO-27018, SOC-1, SOC 2
  • Microsoft have FEDRAMP, FIPS-140-2, NIST-800-171, HIPAA/HITECH.ISB 1596, CCSL(IRAP)
  • Microsoft have Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Dataquest operates an Information Security Management System (ISMS) which complies with the requirements of ISO/IEC 27001:2013. Head of Compliance manages the company’s risk through security technologies, auditable work processes, and documented policies and procedures such as; Acceptable Use Policy (AUP), Access Control Policy (ACP), Change Management Policy, Information Security Policy, Incident Response (IR) Policy, Remote Access Policy, Email/Communication Policy, Disaster Recovery Policy, Business Continuity Plan (BCP). These policies are just some of the basic guidelines Dataquest use to build successful security programs.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All changes are scheduled into a roadmap that is reviewed and signed off by our MVP (Microsoft most valuable professional) whose intimate knowledge of Microsoft's technical direction and security best practice means that we minimise security exposure.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: In support of the Information Security Policy, Office 365 runs multiple layers of antivirus software to ensure protection from common malicious software. Servers within the Office 365 environment run anti-virus software that scans files uploaded and downloaded from the service for viruses or other malware. Additionally, all mails coming into the service run through the Exchange Online Protection engine, which uses multiple antivirus and antispam engines to capture known and new threats against the system. Microsoft has its own Security Response Center (MSRC) that also supplies information to all our customers covering the whole range Microsoft products.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Office 365 employs sophisticated software-defined service instrumentation and monitoring that integrates at the component or server level, the datacenter edge, our network backbone, Internet exchange sites, and at the real or simulated user level, providing visibility when a service disruption is occurring and pinpointing its cause.; ; Proactive monitoring continuously measures the performance of key subsystems of the Office 365 services platform against the established boundaries for acceptable service performance and availability. When a threshold is reached or an irregular event occurs, the monitoring system generates warnings so that operations staff can address the threshold or event.
• Incident management type: Supplier-defined controls
• Incident management approach: Clients need to raise a ticket via our Service desk ticketing system by login or sending an email that automatically generates a ticket.; ; Incidents reports are based on monthly client time reports with an overview of all their time spent on support and we provide constant updates on tickets with technical feedback and coordination.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Dataquest recognises the importance of achieving global CO2 neutrality, we are taking proactive steps in becoming carbon neutral by 2050. We have also adopted a responsible approach by working with supply chain partners and third parties who share this commitment so together we can drive CO2 emission down to net zero. Through ISO 14001, Dataquest aims to achieve long-term sustainability goals, ensuring a greener and more environmentally responsible approach to business. As part of our commitment to society, our people and the environment, Dataquest completes a thorough assessment of its business sustainability practices every year through EcoVadis, the global standard for business sustainability ratings. The EcoVadis process validates our sustainability commitments, practices and performance, and offers a clear roadmap for continuous improvement.

  Covid-19 recovery

  Covid-19 caused significant and unprecedented impact across all global supply chains. Dataquest was able to respond favourably due to its robust systems and processes. In the wake of the pandemic, Dataquest continues to actively review and respond to risks and uncertainties that has affected the whole UK economy and the business environment from the pandemic. We are optimistic that Dataquest has come out of this stronger than ever, given that technology has potentially been the largest beneficiary of this crisis. We are seeing significant, undeniable changes in behaviour, and tech adoption across sectors at levels never seen before.

  Tackling economic inequality

  Dataquest is committed to tackling economic inequality at root, from creating new businesses and new employment opportunities, to improving education and training, Our overriding vision is to help lower the unequal distribution of income and opportunity between different groups in society.

  Equal opportunity

  Dataquest provide equality of opportunities for all employees by providing a working environment free from unlawful discrimination, harassment, bullying or victimisation on the grounds of sex, marital status, sexuality, disability, age, race, colour, ethnic origin, nationality, religious or political beliefs. This principle will equally apply to recruitment, training, promotion, dismissal, transfer and all benefits, terms and conditions of employment. Inclusion and Diversity (I&D) is a foundational principle at Dataquest. It is at the core of all we do and drives us to build and reinforce an inclusive culture. We recruit, develop, retain, and promote diverse talent. We continue to build partnerships with diverse organisations and develop resources to support diverse employees. Our leaders are held accountable to actively support I&D in words and actions.

  Wellbeing

  We’re committed to ensuring our teams maintain high levels of physical and mental wellbeing. There is a strong focus on ensuring work is enjoyable at Dataquest. We have various team-building activities and events, and we host staff parties and socials throughout the year. We know the importance of employee wellbeing and how this can affect not only our team but also business performance. Our priority is to be proactive, so employees can gain awareness, education, and support to successfully function at work and at home, free from factors which may negatively impact upon their health. We provide access to professional coaching which looks to optimise their professional and personal development.

Pricing

• Price: £250 to £450 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@dqgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.