Resource4u Ltd

Business Solutions and Process Automation

Bespoke cloud software solutions for business processes and automation using efficient no-code or low-code building blocks in Microsoft 365, Azure, SharePoint, Power Platform, Power Automate with scope for integrations such as AI and Copilot.

Features

• Low-code tools for rapid app development.
• Pixel-perfect control over app design and navigation.
• Scalable solutions that grow with your business.
• Connected, secure data across Microsoft’s platforms.
• Custom code development for tailored business solutions.
• Enterprise-grade governance for data security and compliance.
• Custom GPTs and AI plugins with Copilot Studio.
• Cloud-native RPA with Power Automate for process automation.
• AI-powered development with Copilot in Power BI.
• Integration with Microsoft services like Office 365, Teams, SharePoint.

Benefits

• Streamlines processes, saving time and resources.
• Enhances productivity with familiar tools and workflows.
• Reduces manual efforts through automation.
• Improves data management and analytical capabilities.
• Facilitates real-time collaboration among team members.
• Lowers costs by reducing technical debt.
• Boosts operational efficiency with scalable apps.
• Promotes efficient data sharing within organisations.
• Supports digital transformation goals for businesses.
• Customisable to meet specific business needs.

£2,850 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@resource4u.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

365005508781500

Contact

Peter Smith
02030026340
info@resource4u.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft Cloud Services such as Microsoft 365
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Microsoft 365 Licensing
  • Azure AD for identity and access management

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical Incident: 1 hr response time, then regular updates till resolution. Medium Risk Incident: 3 hours response time, then regular updates till resolution General Support: Within 24 hours, Monday to Friday. Weekend service can be provided at additional cost on case by case basis
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Using Microsoft Team Instant Messages adhere assistive technology principles.
• Onsite support: Yes, at extra cost
• Support levels: 1st Line Support: Resolves requests, problems and educates users’ around non-complex requirements. This is where all incidents and requests begin. The issue is recorded, and the basic review or troubleshooting is performed. Support requests are acknowledged within 2 hours and aimed to be resolved within 4 hours during support hours. If the request cannot be resolved within the timeframe due to complexity, it is elevated to 2nd line support. 2nd to 4th Line Support: 2nd line support requests are elevated where 1st line support was unable to resolve the issue or offer satisfactory guidance on the request. 2nd, 3rd and 4th line support is performed with combination of on-site and remote assistance as complex support using specialist staff appropriately. Regular updates are communicated to the requester until resolution is provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: By offering diverse support options to aid users in getting started efficiently. Users access online training resources like videos and webinars, while detailed user documentation serves as a reference. Optional onsite training is available for personalized guidance. Our responsive support team assists promptly via email, phone, or chat.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Use built-in data export tools provided by the platform. Access data programmatically through APIs, suitable for complex or large
• End-of-contract process: Off Boarding scope via statement of works based on complexity and volumes.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Automatically adjust to fit Mobile Interfaces to best screen.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Via Internet Browser
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Internal user testing for color blindness carried out to support assistive technology check.
• API: Yes
• What users can and can't do using the API: Users can make use Microsoft Graph REST APIs to provision, administer and manage the platform and its services and content, as well as make changes to and interact with the data and dashboard content already available and published. The API is used through an Azure Active Directory (Azure AD) app registration and can be accessed using the Azure AD (v1.0; ADAL) or the Microsoft identity platform (v2.0; MSAL) endpoints.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Business solutions are developed as bespoke to end user requirement and can be customised by supplier and client.

Scaling

• Independence of resources: By Following Systematic Request Management via predefined escalation protocols.

Analytics

• Service usage metrics: Yes
• Metrics types: Real time Statistics of Business Solutions and Automation.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users export data through built-in options, download buttons/links, or API access.; Built-in options are commonly found in account or data management settings.; Download buttons or links may be provided in user interfaces.; API access enables programmatically retrieving data.; Third-party tools or integrations can offer additional export options.; Data requests may be necessary for sensitive data, complying with privacy laws
• Data export formats:
  • CSV
  • ODF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Microsoft typically provides service level agreements (SLAs) for the availability of their various products and services, such as Microsoft Azure, Office 365, and other cloud-based offerings. These SLAs often specify the level of uptime guaranteed for the service, typically expressed as a percentage over a given period (e.g., 99.9% uptime per month). If Microsoft fails to meet the guaranteed level of availability, they may offer service credits or refunds to affected customers as compensation, as outlined in their SLA terms and conditions. The process for requesting refunds or service credits typically involves users submitting a claim to Microsoft, providing details of the outage or downtime experienced and demonstrating that the SLA was not met. Microsoft then evaluates the claim against the terms of the SLA and may issue refunds or credits accordingly. For specific information on Microsoft's SLAs and refund processes, users should refer to the SLA documentation provided by Microsoft for the particular service they are using.
• Approach to resilience: Microsoft cloud hosting designs its services with robust resilience in mind. Strategies include redundancy at various levels, such as hardware, data centers, and networking components, to mitigate the impact of failures. Critical data and services are geo-replicated across multiple regions for continuity in the face of regional outages. Load balancing optimises performance by evenly distributing traffic, while automatic failover mechanisms seamlessly switch to backup systems during disruptions. Regular data backups ensure data integrity and facilitate recovery. Strong security measures, including encryption and continuous monitoring, safeguard against cyber threats. Comprehensive disaster recovery plans enable swift service restoration in emergencies. Through these measures, Microsoft ensures highly available, reliable, and secure services for its users.
• Outage reporting: Ur service promptly reports outages through various channels: Dashboard: We maintain dashboard showing real-time service status and ongoing incidents or outages. Users can visit to stay informed. API Access: An API allows users to programmatically access outage information and status updates. This enables integration with third-party monitoring tools or custom applications for automated monitoring. Email Alerts: Users can subscribe to email alerts for notifications about service outages, incidents, or maintenance. These updates provide timely information directly to their inbox. These reporting mechanisms ensure transparency, keeping users informed about any incidents that may affect their usage.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Geo-Location restrictions, IP Ranges including Azure Identity authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: At our organisation, information security is paramount. We are dedicated to safeguarding the confidentiality, integrity, and availability of all data entrusted to us. To achieve this, we have implemented robust policies and processes: "Data Confidentiality": We ensure that user interactions and data remain confidential, accessible only to authorised personnel. "Data Integrity": We maintain the accuracy and completeness of data throughout its lifecycle, preventing unauthorised alterations. Access Control: Access to sensitive information is strictly controlled, limiting it to authorised individuals or processes. "Encryption": We employ encryption techniques to protect data during transmission and storage, safeguarding against unauthorised access. "Vulnerability Management": Regular assessments and proactive measures are taken to identify and mitigate potential security vulnerabilities. "Incident Response": We have established procedures to promptly detect, respond to, and recover from security incidents, minimising disruption and ensuring swift resolution. "User Authentication": Strong authentication mechanisms verify the identity of users accessing our systems, enhancing security. "Regulatory Compliance": We adhere to relevant data protection regulations and industry standards, ensuring legal compliance and maintaining trust. This policy underscores our unwavering commitment to information security, ensuring a secure environment for our users and stakeholders.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Systematic configuration and change management processes with audit logs.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Systematic vulnerability management via automated alerts, escalation with regular patch management by engineering team.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Regular monitoring of solutions access, geo locations including Azure identity access controls. Incidents are responded as per SLA
• Incident management type: Supplier-defined controls
• Incident management approach: Users commonly report incidents through designated channels such as help desks, online portals, or dedicated reporting tools. Incident reports are provided through various means, including email notifications, online dashboards, or regular status updates, detailing incident details, actions taken, and resolutions achieved for transparency and accountability.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Health and Social Care Network (HSCN)
  • Other
• Other public sector networks:
  • Internet First
  • Project Gigabit

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  The company pledges to actively support pandemic recovery efforts through volunteering resources and expertise. Their commitment includes assisting vulnerable populations, supporting healthcare professionals, and participating in local initiatives to build a stronger society together.

  Equal opportunity

  We aim to promote equal opportunities, eliminate discrimination and eliminate harassment through the following: Opposing all forms of unlawful and unfair discrimination. All employees (whether part-time, full-time or temporary), volunteers, members, and beneficiaries will be treated fairly and with respect.

  Wellbeing

  Our company values prioritise the wellbeing of our employees, customers, and communities. We recognise that wellbeing encompasses physical, mental, and emotional health, as well as a sense of belonging and fulfillment. In our operations, we prioritise initiatives that support and promote wellbeing, whether through flexible work arrangements, mental health resources, or community engagement programs. By fostering a culture of wellbeing, we aim to enhance the quality of life for all those we touch, contributing to a healthier, happier, and more resilient society

Pricing

• Price: £2,850 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Indicative Demos or Mockups available.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@resource4u.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.