Sota Solutions Ltd

Microsoft 365

As a Microsoft Gold Partner, Sota can provide and support your Office 365 and Microsoft 365 Apps to create, share, and collaborate from anywhere on any device with a cloud-based suite of productivity apps and services.

Features

• Teams, SharePoint, OneDrive and more
• Word, Excel, PowerPoint and more
• Entra identity and access management
• Intune device & app management
• Power BI & Power Apps for process efficiencies
• Advanced threat protection
• 24/7 UK based Service Desk

Benefits

• Full licence management by a Microsoft Gold Partner
• Proven track record in migrating customers to Cloud based model
• Proven track record helping customer achieve maximum benefit
• Proven track record in mapping business process to Cloud automation
• 24/7 UK based Service Desk liaising directly to Microsoft
• Advice on purchasing the most appropriate subscription

£0 a user

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@sota.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

676868626668406

Contact

Sales Enquiries
01795 413500
tenders@sota.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Governed by Microsoft's standard terms and conditions
• System requirements: Internet connectivity

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: User Support Essentials - Mon-Fri 08:00-18:00; High Priority Incident Response < 2 Hours; Standard Priority Incident Response < 4 Hours; User Support PRO - 24/7; High Priority Incident Response < 1 Hours; Standard Priority Incident Response < 2 Hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Sota provide four levels of user support, SotaSupport User Essentials, Essentials +, PRO and PRO +.; Essentials provides Monday to Friday 08:00 - 18:00 support and so is ideal for non-business critical service. PRO provides 24/7 support as well as customer 3rd party vendor collaboration and engineer managed patching. See SotaSupport User Matrix for full details of service levels and costs.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We will walk you through our tried and tested onboarding process. This starts with a detailed discovery step, followed by a Prince2 planning & implementation stage, User Acceptance Testing ending with Handover To Support. Proof of concept or evaluation stages can be made available depending on the nature of the requirement.; ; Requirements Discovery; Sota will work with you to obtain a detailed understand of your requirements and provide a comprehensive proposal for the required solution.; ; Implementation planning; We assign an experienced dedicated Project Manager to review the requirements and map the design brief to a formal project plan. All Risk, Issues, Assumptions & Dependencies are logged and tracked throughout the delivery of the project. As a minimum, weekly project progress meetings will be chaired by the PM with you, providing an update on progress and future deliverables.; ; Training; Any user training requirements will be identified as part of the Requirements Discovery stage. These can include How To documents, videos and both remote and onsite instructor lead training.; ; Proof of Concept & evaluation; We provide PoC and evaluations based on any 3rd party licence constraints. Set-up costs may apply depending on the scope of the PoC.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: As the customer's data is held within the Microsoft platform, at the end of the contract there will be no data migration/extraction required.; The new MSP will simply take control of the MS 365 environment.; Offboarding support is provided free of charge.
• End-of-contract process: We will assign and appropriate technical resource to act as a single point of contact for both the customer and new service provider. They will ensure that the required project deliverables are fulfilled to ensure a successful transfer.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Layout changes necessary to cater for differences in screen sizes and orientation
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: Microsoft Administration console
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: Microsoft product.
• API: No
• Customisation available: Yes
• Description of customisation: The pre-sales engagement will identify specific customer requirements and the service configured accordingly.

Scaling

• Independence of resources: As per Microsoft 365 platform

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly invoices provide a detailed breakdown of licences in use by the customer
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: As per Microsoft defined terms and conditions
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can download files and folders using inbuilt Microsoft tools. For organisation wide data exports, Sota's engineering will work with the customer to define and execute a project for the scope of works.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: All Microsoft application formats
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats: All Microsoft application formats

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As per Microsoft's standard terms and conditions.
• Approach to resilience: Microsoft 365 is built as an highly available and highly resilient service
• Outage reporting: The Sota NOC will issue updates on any Microsoft service issues.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: All accounts are dedicated to individual users, and username and password is a minimum requirement.
• Access restriction testing frequency: Never
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 12/10/2016
• What the ISO/IEC 27001 doesn’t cover: All aspects of the business are in scope
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: IASME Cyber Assurance Level 2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: All aspects of Sota's operations are governed by Sota's ISO27001 Information Security Management System.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Sota conforms to ITIL's Change Management along with our Information Security Management System change management processes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Sota will monitor all alerts issued by Microsoft relating to Microsoft 365 services and respond accordingly.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Conducted by Microsoft
• Incident management type: Supplier-defined controls
• Incident management approach: The Sota Service Desk processes are closely aligned to ITIL processes and procedures.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our datacentre is powered by 100% renewable energy. By using our services, customers do not have to replicate the same facilities and services and so reduce their carbon footprint in building, running and maintaining their own facilities.

  Tackling economic inequality

  Our services allow start-up businesses to purchase a single Cloud instance. The business can then scale up resources as it grows. This negates the need for the business to invest in hardware infrastructure, reducing the need for fund seeding for the start-up.

  Equal opportunity

  Our Cloud based services allow for people to work from any location. this approach supports people with mobility issues to function from home, so negating the need negotiate transport challenges to and from offices.

  Wellbeing

  Cloud services enable people to work from any location other than a traditional office environment. This provides people with the flexibility to work in an environment of their choosing. This enables people to perform their duties in a way that supports their needs, whether this is caring duties or dealing with mental health issues away from an office environment.

Pricing

• Price: £0 a user
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Microsoft offer trials of MS 365 services for a period of 1 month.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@sota.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.