NEXER DIGITAL LTD

Intranet and Digital Workplace in Microsoft SharePoint O365

Nexer is a global Gold Partner to Microsoft. We help organisations make better use of Microsoft products, through user research, design, implementation and ongoing support. We have our own intranet product based on SharePoint, Core Connect, that integrates with Teams, Viva and Microsoft 365. We also offer "out-of-the-box" SharePoint solutions.

Features

• Research, design and implementation of Intranet and Digital Workplace solutions
• Content migration, strategy and design
• Hosting setup and optimisation including Azure cloud
• Support, maintenance and optimisation services through our UK-based service desk
• Deep expertise in UX research, design and accessibility

Benefits

• Intranet and Digital Workplace solution on SharePoint Online and Azure
• A hub for productivity, communication and collaboration
• Resposive across desktop, tablet and mobile
• Easy access to your apps and tools
• Targeted news and events from across your organisation
• Allows users to subscribe to information based on personal interests
• Document management and collaboration
• Powerful search
• Integrates with Teams, Viva and the whole Microsoft 365
• Mature, stable and secure technology

£0.11 to £6.50 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at shaun.gomm@nexergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

508631132799730

Contact

Shaun Gomm
07878 712133
shaun.gomm@nexergroup.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: SharePoint, Microsoft 365 and Azure
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No
• System requirements:
  • SharePoint Online
  • Microsoft 365
  • Azure

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Standard support is normal UK office hours (09:00 to 17:00) Monday to Friday, excluding public holidays and the period between 26th December and 1st January. However, 24/7/365 support can be provided as an option. Standard response SLAs are: Priority One - 1 working hour, Priority Two - 2 working hours and Priority Three - 4 working hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide three levels of support:; ; 1) Baseline - This is our base support tier and provides access to our support service and JIRA for issue tracking. The cost for this is £1000 per month with any other work handled and charged separately from £100 per hour.; ; 2) Baseline plus hours - Most of our clients have Baseline support plus an agreed number of hours per month from £100 per hour, with a minimum commitment of 14 hours. This allows us to provide agreed SLAs and also includes monthly reporting.; ; 3) Retainer service - This tier is Baseline plus an agreed number of hours per month from £100 per hour, with a minimum commitment of 70 hours. This includes a dedicated team with a clear roadmap and backlog. It also includes comprehensive analytics set-up, goal-setting and optimisation strategy.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide full training and ongoing support, maintenance and optimisation for Core Connect. To get started, we offer comprehensive training that can be tailored to different roles, for example authors, editors and administrators. Our training can be face-to-face or online and we can also provide documentation and videos, if required.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We have a full offboarding process if you wish to stop using our product or support and maintenance. All data is stored in your SharePoint Online, Microsoft 365 and Azure environment(s). Therefore you retain full control of all data, including the archiving or deletion of data.
• End-of-contract process: At the end of our contract we will have a meeting to plan out offboarding activities and the level of support you require with this. All data is stored in your SharePoint Online, Microsoft 365 and Azure environment(s), therefore you should have access to everything you need.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Our service is fully responsive and works across desktop, tablet and mobile devices. Core Connect can also be accessed on mobile or desktop using the native Microsoft Teams application.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Core Connect consists of various features, some of which require the use of APIs to work. Customers can choose to opt out of these features however and still use the rest of Core Connect without installing any additional APIs. Any API provided by Nexer will be installed and hosted in Azure, where the customer can configure and manage it themselves. End users cannot access or make changes to Core Connect through the APIs as they are only used to provide data to the various features accessed through the user interface in SharePoint.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Our service is highly customisable, including the ability to influence the design/theme and functionality. We recommend all customisation is carried out in line with Microsoft SharePoint guidance.

Scaling

• Independence of resources: The service is hosted on a fully managed public or private (single tenant) cloud-based solution. It is fully scalable to increase on demand ensuring any spikes in traffic can be handled.

Analytics

• Service usage metrics: Yes
• Metrics types: SharePoint and Microsoft 365 have built in analytics, including reporting. We can also add Azure Application Insights and/or Google Analytics to provide further usage metrics. We can also integrate other analytics services, on request.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: All customisation requirements for data export are agreed separately with customers in line with their requirements.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: Excel
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Microsoft Azure offers a 99.9% uptime guarantee. Refunds are returned as service credits.
• Approach to resilience: Please see: https://www.microsoft.com/en-us/cloud-platform/global-datacenters and https://www.microsoft.com/en-us/TrustCenter/.
• Outage reporting: The service status is available via a public dashboard: https://status.azure.com/en-gb/status. We also have separate uptime monitoring tools in place that will instantly alert us to any disruption in service so we can investigate and resolve.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: To access the management interface all users are required to be authenticated through Azure and have the appropriate admin and/or editor role assigned to them. We can also implement 2-factor authentication, IP restriction and other advanced configurations.; ; Access to our support service is also restricted to named individuals with secure login credentials and telephone or email requests are also verified.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: Microsoft Azure has a well-established Information Security Management Program (ISMP) that includes compliance with CSA CCM: https://cloudsecurityalliance.org/star/registry/microsoft/ and ISO/IEC 27001: https://www.microsoft.com/en-us/TrustCenter/Compliance/ISO-IEC-27001. At Nexer, we have our own fully documented information security policies and processes, available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Details of project requirements are outlined in a Proposal document and/or Statement of Work prior to work commencing. Any change requests that deviate from the requirements require confirmation from both parties. All requested changes must be vetted by the Technical Lead on the project before being approved.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We frequently update any underlying framework versions to ensure we have the latest security patches in place. We also monitor any security vulnerabilities and have alerts set up from a number of sources, including directly from Microsoft. Any threats are assessed by our technical team. We give all vulnerabilities the highest priority, with critical vulnerabilities patched straight away and those less important still addressed in a timely manner.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Microsoft Azure provides sophisticated protective monitoring tools including Security Center that helps prevent, detect, and respond to threats. Security Center provides increased visibility into, and control over, the security of Azure resources. At Nexer, we also use 3rd party tools for advanced monitoring of our solutions. If a potential compromise is identified the client is notified and this is dealt with as a priority.
• Incident management type: Supplier-defined controls
• Incident management approach: Our clients can report incidents to us through our online ticketing system, or via email or telephone. We encourage clients to provide a priority level indicator with each support request. Higher priority requests take immediate precedence over any existing lower priorities. Clients can log into their dedicated space within our ticketing system (JIRA) to track the status of incidents and their investigation and resolution. We can also provide monthly reports summarising all incidents and their management, if required.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Nexer has a strategic focus on sustainability. We launched a new sustainability initiative in 2022, which included a focused two-day event for employees, participation in Digital Clean Up Day 2022, a partnership for Tech Recycling and a dedicated internal collaboration channel for sustainable design. Nexer has an internal environmental policy and has committed to adopting sustainable practices across the business, which includes purchasing and services for our new office space in Cambridge, and practicing sustainability in planning and delivering company events. All purchasing is done locally where possible and the Nexer offices are fitted with adjustable, PIR lighting. ; Nexer also delivers sustainable technology projects to clients, including dedicated sustainability audits as well as adopting sustainable web development and design practices with all clients. ; Nexer has always been a hybrid working business, and actively encourages virtual meetings to avoid unnecessary travel. Nexer offers the Freedom to Cycle scheme as well as season ticket loans for public transport, and actively promotes these initiatives to staff.
• Covid-19 recovery:

  Covid-19 recovery

  As a business already operating a hybrid way of working, Nexer was able to adapt to working under Covid-19 restrictions quickly and effectively. Staff are asked to consider their colleagues when coming to the office and asked to work from home if showing any symptoms of Covid-19. Nexer’s Flexible Working policy allows decisions to be made by the individual on their working location and hours, rather than by the managers/company to encourage positive mental health and safe working conditions for all. Our main office space is open plan and so is suitable for social distancing where required. ; Meetings with clients, interviews with recruitment candidates and other engagements with external parties are always offered a virtual option, often as a first choice, to further support safe working.
• Tackling economic inequality:

  Tackling economic inequality

  Nexer has launched a number of partnerships in 2022 with external organisations who specialise in upskilling and training people from diverse backgrounds for roles in digital teams. In 2022 we have already employed two Junior Interaction Designers through these partnerships, and will launch a bootcamp in the autumn to expand this, with the aim of employing another 10-15 designers and technologists from under-represented backgrounds through this route. ; We have actively engaged with our other recruitment partners and discussed the importance of equality in recruitment. We have ended relationships with suppliers who did not share these values. ; Alongside this, we are supporting the Homeless Inclusion Futures initiative, which removes barriers to employment and coaches employers in inclusive hiring. We are also exploring a cultural exchange programme with the teams around the wider Nexer group, in Sweden, Poland and elsewhere.
• Equal opportunity:

  Equal opportunity

  Equal opportunity has always been at the heart of Nexer’s policies and we have an explicit policy on equal opportunity, diversity and inclusion in place. We are in the process of becoming a Disability Confident Employer (with certified status), aiming to achieve the highest level by 2023. We provide fully adaptive kit and software to suit user needs and have purchasing policies in place to support this.; We are currently in the process of writing and publishing our own inclusive language guidelines. ; Nexer has introduced a capability framework to make progression and development routes easier and clearer. Pay reviews happen at least twice a year, with a focus on equality in pay, opportunity and status for all. ; In addition to our equal opportunity and diversity policy, Nexer has a Modern Slavery policy and accompanying statement which is reviewed regularly, available to all staff and referenced across the business.
• Wellbeing:

  Wellbeing

  Nexer’s business strategy puts employee wellbeing at the heart of our approach. We have a healthy ratio of line managers to delivery staff (not more than 6 direct reports) ensuring that everyone receives a high degree of pastoral support and mentorship. ; Our induction documentation for both employees and contract staff highlight the internal routes for assistance with physical and mental wellbeing, including our Mental Health channel, resources, our internal Mental Health First Aiders (of which we have at least one for every 10 staff members) plus links to other policies. Nexer operates under a fully flexible working environment, and offers a full range of part time, full time, flexitime and sabbatical opportunities to suit all health and wellbeing challenges. ; We have recently employed an internal Service Manager, whose job it is to support the internal community and to focus specifically on better engagement with our workforce. We believe this will continue to improve communication, wellbeing and relationships. Part of this role will be to engage with our contractor workforce regularly and ensure they feel just as much part of the team as our permanent workforce.

Pricing

• Price: £0.11 to £6.50 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at shaun.gomm@nexergroup.com. Tell them what format you need. It will help if you say what assistive technology you use.