NEXER DIGITAL LTD

Intranet and Digital Workplace in Microsoft SharePoint 365

Nexer is a global Gold Partner to Microsoft. We help organisations make better use of Microsoft products, through user research, design, implementation and ongoing support. We have our own intranet product based on SharePoint, Core, that integrates with Teams, Viva and Microsoft 365. We also offer "out-of-the-box" SharePoint solutions.

Features

• Research, design and implementation of Intranet and Digital Workplace solutions
• Content migration, strategy and design
• Hosting setup and optimisation including Azure cloud
• Support, maintenance and optimisation services through our UK-based service desk
• Deep expertise in UX research, design and accessibility

Benefits

• Intranet and Digital Workplace solution on SharePoint Online and Azure
• A hub for productivity, communication and collaboration
• Resposive across desktop, tablet and mobile
• Easy access to your apps and tools
• Targeted news and events from across your organisation
• Allows users to subscribe to information based on personal interests
• Document management and collaboration
• Powerful search
• Integrates with Teams, Viva and the whole Microsoft 365
• Mature, stable and secure technology

£0.11 to £6.50 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at shaun.gomm@nexergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

391565558326290

Contact

Shaun Gomm
07878 712133
shaun.gomm@nexergroup.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: SharePoint, Microsoft 365 and Azure
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • SharePoint Online
  • Microsoft 365
  • Azure

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Standard support is normal UK office hours (09:00 to 17:00) Monday to Friday, excluding public holidays and the period between 26th December and 1st January. However, 24/7/365 support can be provided as an option. Standard response SLAs are: Priority One - 1 working hour, Priority Two - 2 working hours and Priority Three - 4 working hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide three levels of support:; ; 1) Baseline - This is our base support tier and provides access to our support service and JIRA for issue tracking. ; ; 2) Baseline plus hours - Most of our clients have Baseline support plus an agreed number of hours per month. This allows us to provide agreed SLAs and also includes monthly reporting.; ; 3) Retainer service - This tier is Baseline plus an agreed number of hours per month. This includes a dedicated team with a clear roadmap and backlog. It also includes comprehensive analytics set-up, goal-setting and optimisation strategy.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide full training and ongoing support, maintenance and optimisation for our Core product and for SharePoint based solutions that we deliver. To get started, we offer comprehensive training that can be tailored to different roles, for example authors, editors and administrators. Our training can be face-to-face or online and we can also provide documentation and videos, if required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We have a full offboarding process if you wish to stop using our product or support and maintenance. All data is stored in your SharePoint Online, Microsoft 365 and Azure environment(s). Therefore you retain full control of all data, including the archiving or deletion of data.
• End-of-contract process: At the end of our contract we will have a meeting to plan out offboarding activities and the level of support you require with this. All data is stored in your SharePoint Online, Microsoft 365 and Azure environment(s), therefore you should have access to everything you need.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our service is fully responsive and works across desktop, tablet and mobile devices. Core Connect can also be accessed on mobile or desktop using the native Microsoft Teams application.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Core consists of various features, some of which require the use of APIs to work. Customers can choose to opt out of these features however and still use the rest of Core without installing any additional APIs. Any API provided by Nexer will be installed and hosted in Azure, where the customer can configure and manage it themselves. End users cannot access or make changes to Core through the APIs as they are only used to provide data to the various features accessed through the user interface in SharePoint.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Our service is highly customisable, including the ability to influence the design/theme and functionality. We recommend all customisation is carried out in line with Microsoft SharePoint guidance.

Scaling

• Independence of resources: The service is hosted on a fully managed public or private (single tenant) cloud-based solution. It is fully scalable to increase on demand ensuring any spikes in traffic can be handled.

Analytics

• Service usage metrics: Yes
• Metrics types: SharePoint and Microsoft 365 have built in analytics, including reporting. We can also add Azure Application Insights and/or Google Analytics to provide further usage metrics. We can also integrate other analytics services, on request.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: All customisation requirements for data export are agreed separately with customers in line with their requirements.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Microsoft Azure offers a 99.9% uptime guarantee. Refunds are returned as service credits.
• Approach to resilience: Please see: https://www.microsoft.com/en-us/cloud-platform/global-datacenters and https://www.microsoft.com/en-us/TrustCenter/.
• Outage reporting: The service status is available via a public dashboard: https://status.azure.com/en-gb/status. We also have separate uptime monitoring tools in place that will instantly alert us to any disruption in service so we can investigate and resolve.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: To access the management interface all users are required to be authenticated through Azure and have the appropriate admin and/or editor role assigned to them. We can also implement 2-factor authentication, IP restriction and other advanced configurations.; ; Access to our support service is also restricted to named individuals with secure login credentials and telephone or email requests are also verified.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Microsoft Azure has a well-established Information Security Management Program (ISMP) that includes compliance with CSA CCM: https://cloudsecurityalliance.org/star/registry/microsoft/ and ISO/IEC 27001: https://www.microsoft.com/en-us/TrustCenter/Compliance/ISO-IEC-27001. At Nexer, we have our own fully documented information security policies and processes, available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Details of project requirements are outlined in a Proposal document and/or Statement of Work prior to work commencing. Any change requests that deviate from the requirements require confirmation from both parties. All requested changes must be vetted by the Technical Lead on the project before being approved.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We frequently update any underlying framework versions to ensure we have the latest security patches in place. We also monitor any security vulnerabilities and have alerts set up from a number of sources, including directly from Microsoft. Any threats are assessed by our technical team. We give all vulnerabilities the highest priority, with critical vulnerabilities patched straight away and those less important still addressed in a timely manner.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Microsoft Azure provides sophisticated protective monitoring tools including Security Center that helps prevent, detect, and respond to threats. Security Center provides increased visibility into, and control over, the security of Azure resources. At Nexer, we also use 3rd party tools for advanced monitoring of our solutions. If a potential compromise is identified the client is notified and this is dealt with as a priority.
• Incident management type: Supplier-defined controls
• Incident management approach: Our clients can report incidents to us through our online ticketing system, or via email or telephone. We encourage clients to provide a priority level indicator with each support request. Higher priority requests take immediate precedence over any existing lower priorities. Clients can log into their dedicated space within our ticketing system (JIRA) to track the status of incidents and their investigation and resolution. We can also provide monthly reports summarising all incidents and their management, if required.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Nexer is committed to reducing the environmental impact of its business, and of the digital products and services we design and build with our customers. We have committed to reducing our carbon footprint by 50% by 2030, in line with the wider Nexer Group. ; We have taken a number of important steps to reduce our impact on the environment: ; • Brought in an acknowledged expert in digital carbon reduction, Gerry McGovern, to advise us on how to build more sustainable products and services. ; • Calculated the carbon output of our delivery squads and developed a model, which we share with our customers and include in our commercial proposals, for calculating and reducing the carbon footprint of the projects we deliver with them. ; • Placed carbon reduction measures at the heart of our strategy, for example in informing our technology choices, building longevity principles into our designs, and committing to energy and waste reduction in our internal ways of working. ; Much more detail of our carbon reduction policies and actions can be found in our Environmental and Sustainability Strategy on the Nexer Digital website.

  Tackling economic inequality

  We take the following steps to reduce economic inequality in our hiring and staffing model:; ; • We are a Disability Confident Employer and member of the Neurodiversity in Business community.; ; • We encourage applicants from under-represented groups through:; ; 1. Our support for agile bootcamps run by Diverse & Equal, bringing career switchers from under-represented backgrounds into our industry. We have fully funded, run and employed 8 people from a D&E design bootcamp in 2023.; 2. Our partnerships with Love Circular and the Responsible Tech Collective. We’re founder members of the Responsible Tech Collective alongside organisations such as the Coop and the Department for Education. ; 3. We run all our job adverts and role specifications through a gender decoder to ensure inclusivity, and we use the Team Tailor platform to anonymise the CV and application submission process.; ; • We continually review and respond to market conditions. We review pay annually aligned to our capability frameworks which are available to all, with salaries increasing every year for everyone.; • We’ve supported two apprenticeship programmes: Manchester Digital’s Software Developer Apprenticeship and Manchester Metropolitan University’s Software Engineering Degree Apprenticeship, providing multi-year sponsored employment programmes. We’re currently sponsoring two apprentices, studying part-time and working for us, and we’re committed to further apprenticeships in future.; • We’re a partner to HI Future, providing access to employment for people who’ve experienced homelessness.

  Equal opportunity

  We have an established policy which sets out our commitments to equal opportunities and diversity and outlines the positive actions we take to promote these principles in all of our work and with all of our team members. ; • 60% of our workforce identify as women. 18% identify as being part of the LGBTQ+ community. Nexer Digital was founded and is managed by a gay woman. ; • Our team includes people who are blind, deaf, neurodiverse and have physical and cognitive disabilities. We explicitly encourage applications for roles with Nexer from people from under-represented backgrounds. We monitor this through an anonymous census to capture information about protected characteristics. ; • We take active steps to ensure our hiring strategy has equality and diversity at its heart, focusing on inclusive recruitment models such as anonymised CVs and hiring channels such as Diverse & Equal, which enable us to more effectively recruit staff from underrepresented groups.

  Wellbeing

  Staff wellbeing is at the heart of Nexer’s philosophy, enabling us to have a staff retention rate of >95% over the last 3 years (2021-2024).; ; • We train our teams in Mental Health First Aid and line managers take active steps to recognise the signs of stress, burnout or mental health issues in their teams ; • We’ve developed capability frameworks as an open, structured way to guide progression. ; • We have a disability steering group, who assess our tools and communication channels for accessibility and inclusion. ; • We have well-embedded processes in place to ensure people can do their best work, including regular time off projects, reducing likelihood of burnout. ; • We provide paid volunteer days for all team members so they can spend time away from work focusing on social impact projects or issues that they care about.

Pricing

• Price: £0.11 to £6.50 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at shaun.gomm@nexergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.