Resource4u Ltd

Business Intelligence Dashboards (Microsoft PowerBI) Cloud 365 Hosting

A dedicated cloud-hosted Business Intelligence service with advanced analytics and data visualisation capabilities, enabling widespread distribution of content without individual licenses, ensuring consistent performance and dedicated hardware managed by Microsoft.

Features

• Dedicated cloud service and hardware.
• Advanced analytics capabilities.
• Widespread content distribution without individual licenses.
• Consistent performance.
• Auto-refresh data up to 48 times a day.
• Large datasets support above 10 GB.
• Deployment pipelines for development stages.
• Paginated reports.
• AI and ML integration.
• Advanced dataflow and storage options.

Benefits

• Accelerated decision-making processes.
• Enhanced collaboration and sharing capabilities.
• Ability to store and analyse large scale data.
• Simplified data management.
• More frequent data refreshes.
• Low-code data marts for self-service.
• Improved performance with dedicated resources.
• Unlocking big data potential.
• Simplified access to Microsoft Fabric workloads.
• Autoscale to handle overage spikes.

£60,750 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@resource4u.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

576729222110837

Contact

Peter Smith
02030026340
info@resource4u.co.uk

Service scope

• Service constraints: The success of the cloud-hosted Power BI solution will depend on data availability -- any obstacles to accessing data (such as traditional on-premise only databases) will impact the complexity and robustness of the overall solution.
• System requirements:
  • Power BI Premium Capacity Licensing
  • Azure AD for identity and access management
  • Cloud-connected Data Sources.
  • Development requires Windows 10 or higher OS.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Critical Incident: 1 hr response time, then regular updates till resolution. Medium Risk Incident: 3 hours response time, then regular updates till resolution General Support: Within 24 hours, Monday to Friday. Weekend service can be provided at additional cost on case by case basis
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 1st Line Support: Resolves requests, problems and educates users’ around non-complex requirements. This is where all incidents and requests begin. The issue is recorded, and the basic review or troubleshooting is performed. Support requests are acknowledged within 2 hours and aimed to be resolved within 4 hours during support hours. If the request cannot be resolved within the timeframe due to complexity, it is elevated to 2nd line support. 2nd to 4th Line Support: 2nd line support requests are elevated where 1st line support was unable to resolve the issue or offer satisfactory guidance on the request. 2nd, 3rd and 4th line support is performed with combination of on-site and remote assistance as complex support using specialist staff appropriately. Regular updates are communicated to the requester until resolution is provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: By offering diverse support options to aid users in getting started efficiently. Users access online training resources like videos and webinars, while detailed user documentation serves as a reference. Optional onsite training is available for personalized guidance. Our responsive support team assists promptly via email, phone, or chat.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Use built-in data export tools provided by the platform.; Access data programmatically through APIs, suitable for complex or large
• End-of-contract process: Off Boarding scope via statement of works based on complexity and volumes.

Using the service

• Web browser interface: Yes
• Using the web interface: The Power BI service is primarily cloud based with a secure web interface for almost all activities from managing the platform, to publishing and most importantly viewing and consuming content. Only the development of content has a specialised desktop application component which is almost required at the moment, but the web interface alternative for this is improving and likely to become equally capable in the future.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: Users can make use Microsoft Power BI REST APIs to provision, administer and manage the platform and its services and content, as well as make changes to and interact with the data and dashboard content already available and published.; ; The API is used through an Azure Active Directory (Azure AD) app registration and can be accessed using the Azure AD (v1.0; ADAL) or the Microsoft identity platform (v2.0; MSAL) endpoints.
• API automation tools:
  • Ansible
  • Other
• Other API automation tools: PowerShell
• API documentation: Yes
• API documentation formats: HTML
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: The Power BI PowerShell module can be used for administration, capacity management, data management as well as for managing profiles, reports and workspaces.; ; PowerShell can also be used to Power BI REST API calls.

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: By Following Systematic Request Management via predefined escalation protocols.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email
  • Other
• Other usage reporting: Live Dashboards and Via Portals

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • SharePoint Files
  • Databases
  • Version Control
• Backup controls: Automated Backups as per solutions requirements defined under best practices with stakeholder's agreement.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Microsoft typically provides service level agreements (SLAs) for the availability of their various products and services, such as Microsoft Azure, Office 365, and other cloud-based offerings.; ; These SLAs often specify the level of uptime guaranteed for the service, typically expressed as a percentage over a given period (e.g., 99.9% uptime per month). If Microsoft fails to meet the guaranteed level of availability, they may offer service credits or refunds to affected customers as compensation, as outlined in their SLA terms and conditions.; ; The process for requesting refunds or service credits typically involves users submitting a claim to Microsoft, providing details of the outage or downtime experienced and demonstrating that the SLA was not met. Microsoft then evaluates the claim against the terms of the SLA and may issue refunds or credits accordingly.; ; For specific information on Microsoft's SLAs and refund processes, users should refer to the SLA documentation provided by Microsoft for the particular service they are using.
• Approach to resilience: Microsoft cloud hosting designs its services with robust resilience in mind. Strategies include redundancy at various levels, such as hardware, data centers, and networking components, to mitigate the impact of failures. Critical data and services are geo-replicated across multiple regions for continuity in the face of regional outages. Load balancing optimises performance by evenly distributing traffic, while automatic failover mechanisms seamlessly switch to backup systems during disruptions. Regular data backups ensure data integrity and facilitate recovery. Strong security measures, including encryption and continuous monitoring, safeguard against cyber threats. Comprehensive disaster recovery plans enable swift service restoration in emergencies. Through these measures, Microsoft ensures highly available, reliable, and secure services for its users.
• Outage reporting: Our service promptly reports outages through various channels:; ; Dashboard: We maintain dashboard showing real-time service status and ongoing incidents or outages. Users can visit to stay informed.; API Access: An API allows users to programmatically access outage information and status updates. This enables integration with third-party monitoring tools or custom applications for automated monitoring.; Email Alerts: Users can subscribe to email alerts for notifications about service outages, incidents, or maintenance. These updates provide timely information directly to their inbox.; These reporting mechanisms ensure transparency, keeping users informed about any incidents that may affect their usage.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Geo-Location restrictions, IP Ranges including Azure Identity authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through:
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: At our organisation, information security is paramount. We are dedicated to safeguarding the confidentiality, integrity, and availability of all data entrusted to us. To achieve this, we have implemented robust policies and processes:; ; "Data Confidentiality": We ensure that user interactions and data remain confidential, accessible only to authorised personnel.; ; "Data Integrity": We maintain the accuracy and completeness of data throughout its lifecycle, preventing unauthorised alterations.; Access Control: Access to sensitive information is strictly controlled, limiting it to authorised individuals or processes.; "Encryption": We employ encryption techniques to protect data during transmission and storage, safeguarding against unauthorised access.; "Vulnerability Management": Regular assessments and proactive measures are taken to identify and mitigate potential security vulnerabilities.; "Incident Response": We have established procedures to promptly detect, respond to, and recover from security incidents, minimising disruption and ensuring swift resolution.; "User Authentication": Strong authentication mechanisms verify the identity of users accessing our systems, enhancing security.; "Regulatory Compliance": We adhere to relevant data protection regulations and industry standards, ensuring legal compliance and maintaining trust.; This policy underscores our unwavering commitment to information security, ensuring a secure environment for our users and stakeholders.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Systematic configuration and change management processes with audit logs.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Systematic vulnerability management via automated alerts, escalation with regular patch management by engineering team.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Regular monitoring of solutions access, geo locations including Azure identity access controls. Incidents are responded as per SLA
• Incident management type: Supplier-defined controls
• Incident management approach: Users commonly report incidents through designated channels such as help desks, online portals, or dedicated reporting tools. Incident reports are provided through various means, including email notifications, online dashboards, or regular status updates, detailing incident details, actions taken, and resolutions achieved for transparency and accountability.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Hosted via Microsoft Cloud which adheres to Energy efficient code of conduct.

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  The company pledges to actively support pandemic recovery efforts through volunteering resources and expertise. Their commitment includes assisting vulnerable populations, supporting healthcare professionals, and participating in local initiatives to build a stronger society together.

  Equal opportunity

  We aim to promote equal opportunities, eliminate discrimination and eliminate harassment through the following: Opposing all forms of unlawful and unfair discrimination. All employees (whether part-time, full-time or temporary), volunteers, members, and beneficiaries will be treated fairly and with respect.

  Wellbeing

  Our company values prioritise the wellbeing of our employees, customers, and communities. We recognise that wellbeing encompasses physical, mental, and emotional health, as well as a sense of belonging and fulfillment. In our operations, we prioritise initiatives that support and promote wellbeing, whether through flexible work arrangements, mental health resources, or community engagement programs. By fostering a culture of wellbeing, we aim to enhance the quality of life for all those we touch, contributing to a healthier, happier, and more resilient society

Pricing

• Price: £60,750 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: PowerBI Desktop ahead of Cloud Hosting

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@resource4u.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.