PURIFY TECHNOLOGY LTD

‘Adopt’: Microsoft 365 Change Management App. Microsoft 365 Adoption App.

Adopt is a change management service and app providing Microsoft 365 adoption support. Via the Teams app, Adopt provides curated and customised Microsoft training content with a searchable library of on-demand training courses, webinars and workshops designed to offer your people relevant and targeted digital adoption support.

Features

• Microsoft adoption support delivered via Teams change management app
• Customised digital assets including interactive guides and interactive courses
• Device agnostic service: delivered as desktop solution and mobile solution
• Searchable content library. Targeted community content and original content.
• Real-time Microsoft training workshops. On demand Microsoft training webinars.
• Microsoft end-user adoption analytics and app usage data
• Responsive content: continuous content development delivering organisation relevant content.
• Create customised content. Deliver customised courses. Manage customised courses.
• Single sign on permission based access via Microsoft Teams
• Digital Champions hub for Change Champions and Microsoft Champions

Benefits

• Improve digital adoption and develop Microsoft capability across your organisation
• Improved return on investment. Optimise M365 licences. Optimise digital tools.
• 24/7 relevant Microsoft 365 support. 24/7 Microsoft 365 guidance.
• Outsource support. Increase support. Access Microsoft expertise on-demand.
• Public sector focused. Customised training - public sector M365 users.
• Increase collaborative working and share best organisational practice
• Saves users time: ready access to relevant Microsoft training content
• Effectively communicate and support target digital operating model
• Dashboard analytics facilitate continuous improvement and give visibility of ROI
• Resources aligned to organisational governance and ways of working.

£3.00 a licence a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@purify-tech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

418803837882777

Contact

Dave Prior-Jones
0203 795 5711
sales@purify-tech.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Adopt is delivered as an app in Microsoft Teams.
• Cloud deployment model: Private cloud
• Service constraints: The service is offered via a dedicated server. Any maintenance will be carried out outside of standard working hours (typically when fewer users are accessing system; these will be agreed with the client) . ; A full service desk platform is available during normal working hours (8.00 – 18:00), Monday to Friday, excluding bank holidays and national holidays. Tickets can be raised to this system via email, our helpdesk web portal or via a support telephone number. As support tickets are worked through, we provide customers with regular updates via the helpdesk system until the ticket is suitably resolved.
• System requirements:
  • Buyers should be users of M365
  • Azure AD Configuration to enable SSO

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: A full service desk platform is available during normal working hours (8.00 – 18:00), Monday to Friday, excluding bank holidays and national holidays. Tickets can be raised to this system via email, our helpdesk web portal or via a support telephone number. For high impact incidents, time to respond will be 1 hour, with a resolution time of 8 hours. Medium requests will receive a response within 2 hours, with a resolution time of 12 hours. Standard requests will receive a response within 4 hours, with a resolution time of 24 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Standard support is included as part of the Adopt licence. All tickets are dealt with by a cloud support engineer.; ; A full service desk platform is available during normal working hours (8.00 – 18:00), Monday to Friday, excluding bank holidays and national holidays. Tickets can be raised to this system via email, our helpdesk web portal or via a support telephone number. For high impact (P1) incidents, time to respond will be 1 hour, with a resolution time of 8 hours. Medium requests (P2) will receive a response within 2 hours, with a resolution time of 12 hours. Standard requests (P3) will receive a response within 4 hours, with a resolution time of 24 hours. ; Priority 1 cases are for severe impact issues, typically widespread failure, or issues significantly hampering normal operation for multiple users; Priority 2 cases are issues that require resolution in a timely manner and may consist of a single user. ; Priority 3 cases are for matters that, by their very nature, do not have an immediate impact on a customer, or where we expect - or have been informed - that responses from a customer will be delayed.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The dedicated Account Manager works with the client to define an appropriate programme for onboarding. Typically, we work with in-house communications teams to provide information about the launch of the app. In most instances we work with the organisation to ensure that a senior key stakeholder conveys key messages to users about the app's launch, objectives and intended outcomes. As it rolls out, we offer a programme of live webinars and in-app support to orientate users in the use of the app and to provide information about how they can contribute to its ongoing development. If we required, we can layer a DAP interface which provides a 'tour' of the app's features and functions.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We provide course completion, and usage data as .csv files. Any videos produced 'in-house' by the client are made available for download.
• End-of-contract process: We provide course completion, and usage data as .csv files. Any videos produced 'in-house' by the client are made available for download. There is no extra cost for this service.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/A
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The Adopt app is accessed via Microsoft Teams. Access to Adopt is provisioned via Single Sign On. Users are presented with content/resources which is relevant to them, the provisioning of which is determined by their user credentials. Users' progress through content is automatically saved, so that,on return to the app, they can continue to work through content at the point at which they last accessed it.
• Accessibility standards: WCAG 2.1 AAA
• Accessibility testing: We work with one of our key clients' Disability Action Group (DAG) to continuously check accessibility including interface testing with assistive technology. Specifically, we have tested: screen reader compatibility; keyboard navigation; colour contrast: alternative text for images: text resizing: accessible multimedia; and mobile accessibility.
• API: No
• Customisation available: Yes
• Description of customisation: The Adopt Teams app is delivered as a customised solution for each client. All content, pathways, menus and filters can be customised to ensure that the organisations' users are presented with resources which are targeted and relevant. We work with project team members to develop the customised version of the app. Throughout the lifecycle of the app, customised content can be created by us or by the users and can be uploaded. Certain users are provided with content upload/editing rights. We provide in-app and live support and guidance to help users create content which can be delivered via the app. Content can also be personalised with certain groups/individuals/roles presented with content which is relevant to them.

Scaling

• Independence of resources: We provide a dedicated, hosted server for each client.

Analytics

• Service usage metrics: Yes
• Metrics types: Visitor numbers and breakdown of users by: time period, access route and role.; Content interaction: no. of hits per content item; time spent on content; starts versus completion; course progression info ; Search terms analysis.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Course leaders can export course analytics as .csv files. As part of the off-boarding process, customised videos can be downloaded via a secure link.
• Data export formats:
  • CSV
  • Other
• Other data export formats: MP4
• Data import formats: Other
• Other data import formats:
  • HTML text
  • HTML images
  • HTML links

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Availability Target: The target availability for the service is set at 99% uptime, calculated on a monthly basis.; Measurement Period: Availability will be measured monthly, starting from the first day of each calendar month and ending on the last day of that month.; Downtime Calculation: Downtime is calculated as the total minutes of unscheduled service unavailability during the measurement period.; Exclusions: Scheduled maintenance windows, announced in advance, are excluded from the calculation of downtime.; Remedies for Breach: In the event that the service falls below the agreed-upon availability level:; If availability is between 99.0% and 99.9%, we will provide a service credit equal to 1% of the monthly service fee.; If availability is below 99.0%, we will provide a service credit equal to 2% of the monthly service fee. The service credits can be used for supplementary services.; Customer Responsibilities: Customers must promptly report any service unavailability to Purify to ensure accurate calculation of downtime.; Force Majeure: Downtime resulting from force majeure events, including but not limited to acts of nature, war, or government regulations, are excluded from this SLA.
• Approach to resilience: Available on request.
• Outage reporting: Users receive an email alert.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: We implement rule-based access control (RBAC) to grant access privileges based on job roles, responsibilities, and least privilege principles.; We work with the client to define roles/individuals with appropriate permissions for accessing management interfaces and support channels,
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Qualitas Veritas
• ISO/IEC 27001 accreditation date: 22/05/2023
• What the ISO/IEC 27001 doesn’t cover: Physical Security for Facilities:; We are a remote company without a dedicated physical office space.; ; Visitor Management:; As we operate entirely remotely with no physical office space, controls related to visitor management are excluded from the scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: We have an information security policy that reflects our commitment to information security.; We have implemented a risk assessment process to identify, assess and manage information security risks. ; We have defined and documented information security objectives which align with our business goals and the results of the risk assessment.; We follow a set of selected controls from Annex A of ISO 27001. ; We have policies addressing security aspects of employment, such as background checks, security training, and clearances.; We have procedures for reporting, assessing, and responding to information security incidents.; We have plans and processes to ensure the continuity of information security measures in the event of disruptions or disasters.; We have procedures for ensuring that we comply with relevant laws, regulations, and contractual obligations related to information security.; We have policies and processes to raise awareness and provide training to personnel regarding information security.; We have processes for monitoring and measuring the effectiveness of the overall Information Security Management Systems (ISMS).; We conduct regular internal audits to assess the compliance and effectiveness of the ISMS.; We have periodic reviews by management to ensure the continued suitability, adequacy, and effectiveness of the ISMS.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have clear and comprehensive policies and procedures for configuration and change management and a robust change approval process. We use version control systems to track changes, roll back to previous versions if necessary, and maintain an audit trail. Thorough testing and validation of changes occur in a controlled environment before deployment to production. We have developed an incident response plan specifically for handling security incidents related to configuration and change management. We have implemented continuous monitoring of configurations and changes to quickly detect and respond to any anomalies or security breaches.; We conduct regular security assessments and vulnerability scans.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We conduct vulnerability scans quarterly and after significant changes. We use automated scanning tools to regularly scan systems for known vulnerabilities. We stay informed about emerging threats through threat intelligence feeds.; We assess the severity and potential impact of identified vulnerabilities and prioritise these based on risk. We have established a process for timely and effective remediation of identified vulnerabilities. This may involve applying patches, configuring security controls, or implementing compensating controls.; We have a robust patch management process to promptly apply security patches and updates. We ensure that critical patches are prioritised and deployed in a timely manner.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We respond to incidents as soon as we are alerted. We identify potential compromises through anomaly detection, continuous monitoring, threat intelligence integration and endpoint detection and response. If an incident arises, we contain the incident, gather information, determine the scope and impact, notify relevant stakeholders, conduct forensic analysis, eradicate the threat, restore systems, and review and update security controls. We then document the entire incident response process, including actions taken, findings, and recommendations.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We have a well-defined incident response plan, clear communication channels, and a trained team. Users can report incidents via phone, helpdesk, email and Teams. Our incident reports follow this structure: ; Incident Summary.; Incident Details.; Impact Assessment.; Timeline of Events.; Evidence and Artifact.; Affected Systems and Assets.; Root Cause Analysis.; Incident Response Actions.; Lessons Learned.; Recommendations for Improvement.; Documentation of Communication.; Legal and Compliance Considerations.; Executive Summary.; Appendices as required.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Since our inception, we have been committed to remote working for the reduction of carbon emissions and we have developed a structured approach to developing effective practices which support our remote workers and encourage and sustain the development of a positive work culture. Our remote-first approach means that we don’t have an office to resource; nor do our staff have to travel to work each day. Where feasible, our Client meetings are also conducted remotely and, if an in-person meeting is required, we encourage travel by public transport. ; We are committed to building on these foundations are working to develop a Carbon Reduction Plan with the outcome of a Net Zero goal.Our aims are to: ; ; Understand Current Emissions:; Conduct a thorough greenhouse gas (GHG) inventory to identify and quantify our current emissions.; Set Emission Reduction Targets:; Establish clear, measurable, and time-bound targets for reducing carbon emissions. ; Engage Stakeholders:; Involve key stakeholders, including employees, suppliers, and customers. Gather input and feedback to ensure a comprehensive understanding of our impact and potential solutions.; Conduct a Risk and Opportunity Assessment:; Identify climate-related risks and opportunities.; Develop an Action Plan:; Energy efficiency measures.; Transitioning to renewable energy sources.; Sustainable transportation initiatives.; Waste reduction and recycling programs.; Supply chain optimisation.; Employee engagement and awareness programs.; Measure and Monitor Progress:; Implement monitoring and reporting mechanisms to track progress toward our emission reduction targets. Regularly assess the effectiveness of implemented measures and adjust strategies as needed.; Communicate and Report:; Transparently communicate our carbon reduction efforts to stakeholders. Regularly report on progress, achievements, and challenges. This can enhance accountability and foster support.; Continuous Improvement:; Regularly review and update our carbon reduction plan to incorporate new technologies, best practices, and evolving sustainability goals.

  Covid-19 recovery

  We were in a position to expand and grow throughout the pandemic, and we have continued to recruit. Our recruitment practices and employment conditions are informed by five founding principles of the Good Work Plan: satisfaction; fair pay; participation and progression; wellbeing and security; and voice and autonomy. We use employee engagement tools to monitor staff wellbeing, satisfaction, and to garner feedback. All of our employees have a personalised development plan, and we invest in certified training for all of our people. Going forward, we are committed to these approaches.; In terms of our drive to support people and community recovery, when Clients procure an instance of our digital adoption app, they can nominate a third sector/educational organisation to receive a version of the app for free. The aim of this initiative is to support the development of digital capabilities within the wider community.

  Tackling economic inequality

  Our flexible and remote working means we’re able to recruit from anywhere in the country. Purify has recruited 20% of its staff from areas of deprivation as identified in The English Indices of Deprivation 2019 (IoD2019) and we intend to continue to do so as we develop and expand. In terms of the development of skills, we invest time and resource into ensuring that our people all benefit from personalised progression plans; every member of the Purify team has a development plan which includes a blend of formal and informal training: qualifications which we have supported our staff to achieve include: ; MS100 - Microsoft 365 Identity and Services,; MS102 - Microsoft 365 Administrator,; MS700 - Microsoft 365 Teams Administrator Associate,; MS720 - Teams Voice Engineer Expert,; Microsoft Teams Rooms Technical Solutions Professional,; Anywhere 365 Technical Accreditation,; Microsoft Certified: Azure AI Fundamentals,; Microsoft Certified: Power Platform Fundamentals,; Microsoft 365 Certified: Fundamentals (MS-900),; CLD267x - Enabling Teamwork with Microsoft Teams,; QSYS Level 1,; QSYS Level 2,; QSYS Video 101,; QSYS Architect,; QSYS Enterprise Manager Technician,; Audinate Dante Level 1 ( 2nd Ed),; Biamp Tesira 101,; Kramer AV Specialist,; Yealink MS Certified Pre-Sales Professional,; Yealink Certified Microsoft Solution Engineer,; Operations Management Diploma,; Maths GCSE,; AAT Level 2 Certificate in Accounting,; ; All staff have formal and informal training and development targets in their personal plan, and this will continue. Going forward, as we grow, we intend to expand our peer-peer mentoring, so that every member of our team benefits from the collective knowledge and experience of their colleagues.

  Equal opportunity

  We are committed to doing all that we can now and in the future to tackle workforce inequality. ; We engage in inclusive and accessible recruitment practices to ensure that we encourage applications from a breadth of applicants. Our commitment to accessible and inclusive recruitment practices defines our approach to creating a fair and welcoming hiring environment. We prioritise inclusive language in job descriptions, maintain a flexible application process, and ensure our online platforms are accessible to all, especially individuals with disabilities. Diverse hiring panels, blind CV reviews, and standardised interviews are integral to mitigating biases, fostering an impartial assessment of candidates.; We transparently communicate our dedication to providing reasonable accommodations for candidates with disabilities, aiming to create an inclusive experience throughout the hiring process. Offering flexibility in interview formats, cultural competence training, and highlighting affinity groups underscore our commitment to diversity. We also promote flexible work arrangements, accommodating different schedules to create an inclusive culture.; Our communication channels are designed for accessibility, and ongoing training on diversity, equity, and inclusion ensures our hiring teams stay abreast of evolving best practices. Regular evaluations and feedback collection enable us to continuously refine our recruitment practices, contributing to an environment that attracts a diverse pool of candidates and promotes equity and inclusion within our organisation. We are committed to retention-focussed activities including garnering regular feedback from our people, actively building a positive and inclusive workplace culture, and monthly 1:1s for all staff. Our remote and flexible working conditions promote an inclusive working environment and promote retention and progression.; We offer a range of quality opportunities with routes of progression towards industry-recognised qualifications. We conduct regular equal pay audits. ; Our team is comprised of 40% women, which is well above sector average of circa 26%, 33% of our employees are Black, 10% are Asian.

  Wellbeing

  The wellbeing of our people is paramount and we supported the upskilling of a key member of our team to become a Mental Health First Aider and we undertake regular wellbeing drives and challenges and define a programme of initiatives each quarter. All of our 1:1s address staff satisfaction and wellbeing. All of our staff and their families are provided with private healthcare which includes private counselling sessions. ; To inculcate connections within our team, we have a drop-in every Friday to allow for remote co-working, and a monthly social event. Our team are also encouraged to share updates about their ‘real lives’ with the team: we firmly believe that wellbeing activities are an inherent part of doing business as usual, not a distraction. We get together in person as a team regularly too, with quarterly, two-day whole-staff meet ups and monthly team meets. ; We have an open-door culture and all staff are informed of who the Mental Health First Aid person is at induction and advised where to go for support.; We have signed up to the Mental Health at Work Commitment from Mental Health at Work, that provides six standards:; Prioritise mental health in the workplace by developing and delivering a systematic programme of activity.; Proactively ensure work design and organisational culture drive positive mental health outcomes.; Promote an open culture around mental health.; Increase organisational confidence and capability.; Provide mental health tools and support.; Increase transparency and accountability through internal and external reporting.; We are committed to continuing and building upon the initiatives outlined above.

Pricing

• Price: £3.00 a licence a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Users have access to a standard version of the app for one month
• Link to free trial: N/a

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@purify-tech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.