Office 365 Services
OGEL IT provides licensing, management and support for Office 365 and Azure services. We are a Microsoft Gold partner and approved Microsoft Cloud Solution provider (CSP) with a wealth of experiences in designing and delivering solutions built upon Microsoft technology and services within the public sector.
Features
- File storage and sharing with 1TB storage/user
- Business class email, calendar and contacts with a 50GB inbox
- Office Applications including Outlook, Word, Excel, PowerPoint, Publisher and OneNote
- Online services including Planner, Flow, PowerBI and Teams
- Microsoft Teams/Skype for Business video conferencing, VoIP & instant messaging
- Online collaboration tools and services with OneDrive and SharePoint Online
- Self-service portal for licensing provisioning and removal
Benefits
- Flexible licensing options
- Enterprise solutions at an affordable price point
- Support from highly experienced staff
- Discounts for educational and charitable organisations
- Access to discounted consultancy resources
- Access from anywhere from multiple platforms and operating systems
- UK and European hosted services
- ISO27001 certified
- Microsoft Gold Partner
Pricing
£2.40 a licence a month
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
7 8 8 2 0 8 0 5 6 8 7 0 1 6 9
Contact
OGEL IT LTD
Sam Newman
Telephone: 01438 300335
Email: gcloud@ogelit.com
Service scope
- Service constraints
-
Adequate network bandwidth and connectivity to support online service access.
Client devices that meet the minimum requirements for Office 365 access, see https://products.office.com/en-gb/office-system-requirements.
The service is subject to an annual commitment of at least 25 seats - System requirements
-
- Internet connectivity with sufficient bandwidth
- Client devices that meet the minum requirements for access
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Inclusive support hours are 8am to 6pm Monday to Friday. Support can be provided out of hours at an additional cost.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
//Level 0 - Base license only (online portal access, priority 3 response time only)
//Level 1 - Base license plus 15% (online portal access, Priority response times apply but resolution times do not)
//Level 2 - Base license plus 25%
(Online portal access, phone access for priority 1 only, Priority response times apply resolution times for priority 3 only apply)
//Level 3 - Base license plus 45% (minimum of 200 seats)
(Online portal support, phone access for priority 1 and 2 only, Priority response times and resolution times apply to all)
//Incident Priority Definitions
Priority 1 - Response within 1 hour, resolution within 4 hours
Priority 2 - Response within 4 hours, resolution by end of next business day
Priority 3 - Response by end of next business day, resolution within 5 days. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Office 365 publications, user guidance documentation and videos are available online from Microsoft for end users.
Consultancy time is included and varies based on the minimum licenses commitment. Inclusive time starts at 0.5 days. - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Data extractions needs to be completed by the end user or contracting organisation before the expiry of online services. Consultancy and offboarding services can be provided on a rate card basis. Please note some services are integral to the Microsoft Office 365 platform and extraction of this data may not be possible.
- End-of-contract process
- The contracted price covers the provision of online services for the duration of the contract, termination of the contract or failure to make timely payments could result in the loss of access to or retention of data. All offboarding services are chargeable at the published day rates and offboarding commitments can be made at the before or during the contract term.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- Yes
- Scaling type
-
- Automatic
- Manual
- Independence of resources
-
Microsoft maintain high levels of performance within Office 365 services by Monitoring databases for Blocked processes, Packet loss, Queued processes and Query latency and adjusting the backend infrastructure based on demand.
Office 365 is accessed over the internet and therefore customers need to ensure their WAN bandwidth is appropriately scaled and configured based upon the number of users. - Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
- Other
- Other metrics
-
- Microsoft Workplace Analytics - Self service collaboration and meeting times
- Office 365 Reporting Tools - License allocation and utilisation
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Microsoft
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- Never
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- OneDrive - Recover previous files
- Outlook - Recover soft deleted items
- SharePoint - Version history
- Backup controls
- Retention and versioning of files can be configured within the platform to provide users with some self service recovery features. Service backups and not accessible to end users and are run and managed by the service provider (Microsoft) and are used solely at their discretion for the recovery of systems and services and not for customer retention purposes. Please see https://www.microsoft.com/en-us/download/details.aspx?id=53560 for further details.
- Datacentre setup
- Multiple datacentres with disaster recovery
- Scheduling backups
- Users schedule backups through a web interface
- Backup recovery
- Users can recover backups themselves, for example through a web interface
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Monthly Uptime Percentage < 99.9% Service Credit 25%,
Monthly Uptime Percentage < 99% Service Credit 50%,
Monthly Uptime Percentage < 95% Service Credit 100%,
See http://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=37 for full details - Approach to resilience
-
Microsoft Office 365 offerings are delivered by highly resilient systems that help to maintain peak service performance. Service continuity provisions are part of the Office 365 system design. These provisions enable Office 365 to recover quickly from unexpected events such as hardware or application failure, data corruption, or other incidents that affect users. These service continuity solutions also apply during catastrophic outages (for example, natural disasters or an incident within a Microsoft data center that renders the entire data center inoperable).
Note that after recovery from catastrophic outages, there may be a period of time before full data center redundancy is restored for the service. For example, if Data Center 1 fails, services are restored by resources in Data Center 2. However, there may be a period of time until services in Data Center 2 have service continuity support either by restored resources in Data Center 1, or new resources in Data Center 3. The Office 365 Service Level Agreement (SLA) applies during this time. - Outage reporting
-
//Office 365 Admin App - The Admin App for Office 365 tenant administrators gives you the ability to connect with your organization's Office 365 service status on the go. Office 365 tenant administrators will have the ability to view service health information and maintenance status updates from their mobile devices.
//Office 365 Management Pack for Microsoft System Center 2012 R2 - Microsoft System Center is an integrated management platform that helps you manage data center, client devices, and hybrid cloud IT environments. Office 365 administrators who use System Center now have the option to import the Office 365 Management Pack, which enables them to view all service communications within Operations Manager in System Center. Using this tool gives you access to the status of your subscribed services, active and resolved service incidents, and your Message Center communications.
//Office 365 Service Communications API - The Office 365 Service Communications API enables you to access Office 365 service communications the way you want. The Service Communications API enables you to monitor the following in your environment:
Real-time service health
Message Center communications
Planned maintenance notifications
Identity and authentication
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
- All management access is secured with two factor authentication limited to known regional source addresses.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
- Directly from any device which may also be used for normal business (for example web browsing or viewing external email)
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- Between 1 month and 6 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 1 month and 6 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Peers Quality Assurance Limited
- ISO/IEC 27001 accreditation date
- 26/04/2024
- What the ISO/IEC 27001 doesn’t cover
- OGEL IT ISO certification does not cover Microsoft Hosted Services, they hold their own certifications: ISO/IEC 27001 – Information Security Management System, ISO/IEC 27701 – Privacy Information Management System, ISO/IEC 27018 – Cloud Privacy
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- No
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- OGEL IT maintains data protection policy that outlines the operational policies and procedures for all staff as part of our ISMS implementation within ISO27001.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Changes to a customer tenant outside of the Microsoft change management process are scheduled with the customer using their internal change management process, attendance at this meeting is chargeable based upon the published rate card. In the absence of a customer change management process the scheduled changes will be emailed to the customer on a monthly basis with 5 working days notice. Changes are assessed internal using an independent technical and security resource from the originator.
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- OGEL IT are subscribed to external organisations and manufactures vulnerability alerts that are reviewed and actioned where appropriate.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Microsoft Office 365 security and compliance tools are utilised within the customers tenant based upon the licenses procured to identify potential compromises. This information is reviewed internally and customers notified immediately after internal review. Response to security incidents are based upon our standard response times, non service impacting but potentially critical incidents are treated as priority 2.
- Incident management type
- Undisclosed
- Incident management approach
- Users report incident via the online portal, email or telephone. If reported by email or telephone these will be added to the online portal by OGEL IT where they will be managed through to resolution and closure with the end user.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Third-party
- Third-party virtualisation provider
- Microsoft
- How shared infrastructure is kept separate
- SharePoint Online provides data isolation mechanisms at the storage level. Microsoft uses rigorous physical security, background screening, and a multi-layered encryption strategy to protect the confidentiality and integrity of customer content. All Office 365 datacenters have biometric access controls, with most requiring palm prints to gain physical access. In addition, all U.S.-based Microsoft employees are required to successfully complete a standard background check as part of the hiring process. Office 365 uses service-side technologies that encrypt customer content at rest and in transit, including BitLocker, per-file encryption, Transport Layer Security (TLS) and Internet Protocol Security (IPsec).
Energy efficiency
- Energy-efficient datacentres
- Yes
- Description of energy efficient datacentres
- Microsoft Corporation is a CoC DC Partner
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
With sustainability at the core of Microsoft’s business, Microsoft have extended their goals for environmental sustainability beyond just how they operate datacenters. They actively engaged in over 40 projects around the world to help make a local impact and improve environmental outcomes.
Pricing
- Price
- £2.40 a licence a month
- Discount for educational organisations
- Yes
- Free trial available
- No