TECHNOLOGY TRANSFORMATION GROUP LTD

Microsoft 365 Services

Technology Transformation Group assesses your organisation's software needs to develop a tailored Microsoft 365 Service strategy, leveraging the full potential of your licenses. We analyse existing licensing agreements, identifying cost-saving opportunities and offer guidance on product features such as Word, Excel, and Teams for enhanced productivity, security and team empowerment.

Features

• Cloud Services
• Integration Capabilities
• Security Features
• Productivity Tools
• Scalability
• Flexibility
• Compliance Assistance
• Training Resources
• Regular Updates
• Support Services

Benefits

• Cost Savings
• Increased Efficiency
• Strategic Alignment
• Enhanced Collaboration
• Improved Security
• Reliability
• Competitive Advantage
• Global Accessibility
• Scalability
• Comprehensive Support

£5.10 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mehran.alborzpour@thettg.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

686547226025335

Contact

Mehran Alborzpour
07949775566
mehran.alborzpour@thettg.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Microsoft Licenses could have the following the constraints:; Requires annual subscription renewal;; Version compatibility restrictions
• System requirements:
  • Windows OS
  • MacOS
  • Linux
  • Internet Connectivity

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We provide support 365 days a year. Typical First Response: 0-2 hours Typical Resolution Time: 30 mins - 4 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), 7 days a week
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We've conducted web chat testing sessions with assistive technology users to ensure our platform is accessible to all.
• Onsite support: Yes, at extra cost
• Support levels: Generic Support:; This includes license activation, product registration, and general licensing questions.; Technical Support: ; This includes troubleshooting software installation problems, resolving license activation errors, and diagnosing compatibility issues; Account Management:; We will always provide a dedicated account manager; Training and Consultation Services:; We provide training and consultation services to help clients maximise the value of their Microsoft licenses. For example, this could be training sessions on software usage and best practices,; Escalation Support:; In the event of complications or issues, TTG will escalate the issue to specialised support teams or directly to Microsoft for resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide Onsite Training and Online Training: ; We can provide onsite training sessions tailored to client requirements onsite or online training resources, such as webinars, video tutorials, and self-paced courses; ; Account Management:; Our account managers work closely with our clients to understand their unique requirements, provide personalised guidance on license procurement and management, and offer ongoing support to ensure they derive maximum value from our services.; ; Customer Support:; We assist users with any inquiries or issues they may encounter while using our services.; ; User Documentation:; We provide comprehensive user documentation, including user guides, FAQs, and knowledge base articles, to help users navigate our licensing services effectively.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The client has full access to their data for extract, or they can ask us to extract the data for them.
• End-of-contract process: The contract will terminate at end-of-contract. No extra costs associated with the end of contract. Once the contract with the client terminates, their Microsoft licenses will also terminate.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The user interface varies to accommodate different screen sizes and interaction methods
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: There is a modern and accessible website.
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: We've conducted testing sessions with assistive technology users to ensure our platform is accessible to all.
• API: No
• Customisation available: Yes
• Description of customisation: The website allows the client to pick and choose the licenses that they require for their business. We can also provide white portals.

Scaling

• Independence of resources: We do not control resource allocation for Microsoft 365, the platform's scalability ensures that high demand from other customers or users does not affect your service. Microsoft's cloud infrastructure is designed for scale, providing peace of mind through guaranteed uptime outlined in their Service Level Agreements (SLAs). Additionally, the inherent benefits of cloud technology, such as scalability and automatic resource allocation, are integral features of Microsoft 365, ensuring optimal performance and reliability for users. Through these measures, we prioritise delivering a seamless and uninterrupted experience to our customers, backed by the robust infrastructure and commitments of Microsoft's cloud platform.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide metrics on how many licenses are bought, when they were bought and are due to expire. There are also many other metrics related to Microsoft 365 usage
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Client users can go to the website portal and download reports on the licenses they have bought.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: While we can't directly guarantee uptime for Microsoft 365 services, Microsoft offers robust Service Level Agreements (SLAs) that outline their commitment to availability. These SLAs are publicly available on the Microsoft website and detail uptime targets exceeding 99.9% for core services like Exchange Online, SharePoint Online, and OneDrive. Should Microsoft fall below these thresholds, they're financially accountable, offering service credits or rebates. This provides a reliable cloud platform backed by strong performance guarantees.
• Approach to resilience: Our Microsoft 365 service goes beyond licensing to build resilience for our customers. We offer expert guidance to ensure clients have the right plan with features that best suit their needs, allowing them to adapt to unforeseen challenges. User training and adoption programs empower our clients to leverage built-in functionalities like offline access and data backup, minimising disruption during potential service interruptions. Proactive communication regarding updates and potential disruptions from Microsoft keeps our clients informed, allowing us to prepare your clients for any contingencies.
• Outage reporting: We will provide email alerts and a public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We restrict access by the following means:; Role-Based Access Control (RBAC); Least Privilege Principle; Multi-Factor Authentication (MFA) and Access Controls and Permissions.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 11/03/2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Risk Assessment and Management:; We regularly perform risk assessments to identify potential threats, vulnerabilities, and risks. ; ; Access Control and User Management:; We implement access control policies and processes to regulate access to systems, applications, and data based on the principle of least privilege. We utilise multi-factor authentication (MFA), and regularly review user access rights to ensure they align with business needs and security requirements.; ; Encryption and Data Protection: ; We protect data both at rest and in transit by encrypting sensitive data using strong encryption algorithms.; ; Supplier Risk Management:; We regularly assess the security of third-party suppliers and service providers, conducting due diligence assessments.; ; Security Awareness Training:; We conduct security awareness training and education programs to all employees, contractors, and third-party partners; ; Security Monitoring and Logging:; We employ security monitoring tools and solutions to continuously monitor network traffic, system activities, and user behaviour for signs of suspicious or malicious activity.; ; Continuous Improvement and Review:; We regularly review and update information security policies and processes to address emerging threats, technology advancements, and organisational changes.; ; Compliance to Regulatory Requirements:; We have developed policies and processes to ensure compliance with regulations such as GDPR.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We adhere to A.12.1.1 in ISO/IEC 27001.; We do this by:; Policy and Procedures: ; We document policies, procedures, and guidelines for managing changes to information systems, including hardware, software, networks, processes, and procedures.; ; Change Management Process: ; We have implemented a change management process that includes steps for requesting, assessing, authorising, implementing, and reviewing changes.; ; Change Authorisation: ; We have implemented mechanisms for authorising changes based on predefined criteria, such as risk assessments, impact analysis, and approval by designated authorities.; ; Change Review and Audits: ; We conduct reviews and audits of the change management process to assess its effectiveness and areas for improvement.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We adhere to A.12.1.1 in ISO/IEC 27001.; We do this by:; Risk Assessments: ; We conduct regular risk assessments to identify potential vulnerabilities in information systems, networks, and applications.; ; Vulnerability Identification:; We implement processes for identifying and cataloguing vulnerabilities within our IT infrastructure, including hardware, software, and configurations. ; ; Patch Management: ; We implement patch management processes to ensure that security patches and updates are promptly applied to vulnerable systems and software.; ; Security Configuration Management: ; We implement security configuration management practices to reduce the attack surface and minimise the likelihood of exploitation of vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We adhere to ISO/IEC 27001.; We do this by:; Monitoring Controls: ; We implement monitoring controls to detect security incidents, unauthorised activities, and anomalies in real-time or near real-time. ; ; Event Logging and Collection: ; We have configured systems, applications, and network devices to generate detailed logs and audit trails of security-relevant events and activities. ; ; Incident Detection and Response: ; We have developed procedures for detecting, analysing, and responding to security incidents identified through monitoring activities.; ; Periodic Review and Analysis: ; We conduct reviews and analysis of monitoring data to identify trends, patterns, and recurring security issues.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We adhere to ISO/IEC 27001.; We do this by:; Incident Logging, Recording, Classification and Prioritisation: ; We maintain detailed records of security incidents, including incident descriptions, timestamps, affected systems or assets, and initial assessment findings. We also classify and prioritise security incidents based on their severity, impact, and urgency.; ; Response Planning and Coordination:; We have developed incident response plans and procedures that outline roles, responsibilities, and actions to be taken in response to security incidents.; ; Root Cause Analysis: ; We conduct thorough investigations and root cause analysis to determine the underlying causes and contributing factors of security incidents.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We support environmental sustainability by promoting the use of digital solutions such as Microsoft's cloud services, which help reduce the carbon footprint associated with traditional on-premises infrastructure. This leads us to enabling organisations to optimise their IT resources, reduce energy consumption, and minimise the environmental impact of their operations.

  Covid-19 recovery

  Our service plays a vital role in supporting COVID-19 recovery efforts by providing access to essential technology solutions for remote working, collaboration, and digital transformation. Furthermore, we encourage companies to leverage Microsoft's cloud-based productivity tools, communication platforms and collaboration software to enable flexible work arrangements, maintain continuity of operations and deliver essential services

  Tackling economic inequality

  We contribute to tackling economic inequality by providing cost-effective licensing solutions that enable public sector organisations to access Microsoft's software at competitive prices.; Through the flexible licensing options and tailored pricing models, we ensure that organisations of all sizes and budgets, including those with limited resources, can benefit from the latest innovations and productivity tools offered by Microsoft.

  Equal opportunity

  We promote equal opportunity by giving the as much access to technology and digital skills training.

  Wellbeing

  We prioritise employee wellbeing by fostering a supportive and inclusive work environment and promoting work-life balance. Through our partnership with Microsoft, we advocate the use of technology solutions that promote employee wellbeing, such as collaboration tools, mental health apps and wellness programs.

Pricing

• Price: £5.10 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We provide various Microsoft licenses that are available for trial, catering to both Azure and Office 365 platforms.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mehran.alborzpour@thettg.com. Tell them what format you need. It will help if you say what assistive technology you use.