Insight

Insight - SADA Google Workspace

Google Workspace is a cloud-based suite of productivity and collaboration tools, including Gmail, Drive, Docs, Sheets, Slides, Meet, Calendar, and more. It empowers teams to communicate, store files, and work together seamlessly from anywhere.

Features

• Gmail: Professional email with custom domains and powerful spam filtering.
• Drive: Secure cloud storage for file sharing and collaboration.
• Docs: Real-time document collaboration with version history and suggestions.
• Sheets: Collaborative spreadsheets with advanced formulas and analysis tools.
• Slides: Create and present engaging presentations with ease.
• Meet: High-quality video meetings with screen sharing and breakout rooms.
• Calendar: Organise schedules, share calendars, and book meeting rooms.
• Chat: Instant messaging for individual and group conversations.
• Console: Centralised management of users, devices, and security settings.
• Vault: Data retention, archiving, and eDiscovery for compliance.

Benefits

• Seamless collaboration: Real-time editing and sharing across multiple devices.
• Enhanced communication: Integrated email, chat, and video conferencing tools.
• Increased productivity: Streamlined workflows and intuitive tools save time.
• Centralised data management: Secure and searchable cloud storage.
• Improved security: Robust protection against threats and data loss.
• Scalability: Flexible plans to grow alongside your business.
• Cost-effectiveness: Reduces IT overhead compared to on-premise solutions.
• Accessibility: Work from anywhere, on any device with internet.
• Innovation: Access to Google's latest features and updates.
• Compliance: Tools to meet industry-specific regulations and standards.

£100.80 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pstenderteam@insight.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

793100068075478

Contact

Public Sector Tender Team
0344 846 3333
pstenderteam@insight.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Internet access is required for full functionality
• System requirements:
  • Information of Google Workspace service specific
  • https://support.google.com/a/answer/9750297?hl=en

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our standard SLAs/SLOs are as follows:; Priority 1 - 15 minute response; Priority 2 - 2 business hours; Priority 3 - 4 business hours; Priority 4 - 8 business hours"
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Web chat can be utilized to communicate to our support teams, open cases. collaborate on cases as well as provide updates to their assigned/opened cases. Web chat cannot be used to make administrative or functional changes in your Google environment. That is transacted through your Google Console and will be managed through the assigned case for that request.; ; no testing
• Onsite support: Yes, at extra cost
• Support levels: Our services include the following offerings:; Basic support (Break/fix) - included at no cost with GCP consumption or Workspace Licensing subscription with SADA, including escalation support to Google support (subject to a consumption based surcharge levied by Google Cloud); Enhanced GCP Services - Additional cost based on GCP consumption or block of hours model; Enhanced Workspace Services- Additional cost based on license/user count; Our customers receive a Customer Success Manager and we have Service Delivery Managers. Our Enterprise Support Services team is staffed with Google Certified Cloud Support and Workspace support engineers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: At SADA, we understand that a smooth transition is key to your success with Google Workspace. We offer a multi-faceted approach to help your users get up and running quickly:; ; Comprehensive Training: We provide both onsite and online training options to fit your team's needs. Our engaging sessions cover the essentials of Google Workspace and any specialised features relevant to your implementation.; ; Custom User Documentation: We develop clear, tailored guides and resources specific to your organisation's workflows and processes. These materials serve as ongoing references for your team.; Dedicated Support: Our support team is readily available to answer questions, troubleshoot issues, and provide proactive guidance throughout the adoption process.; ; Change Management Expertise: We understand that successful technology adoption goes beyond training. We offer change management consulting to address potential user challenges and foster a positive mindset around the new tools.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: VIDEO
• End-of-contract data extraction: Data can be extracted using Google Takeout. More information here: https://support.google.com/a/answer/100458?hl=en
• End-of-contract process: At the end of the contract you are able to renew for an additional term, or use publicly available toolsets to transfer data to another platform

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Custom mobile applications are available both for iOS and Android which provide a bespoke user experience tailored to the operating system in question. For other mobile operating systems, web browser support is included which provides an equivalent experience to the desktop environment.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: More information on available APIs and capabilities can be found here: https://developers.google.com/workspace
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: What can be customised: Company branding (logos, colors), domain-specific email addresses, security settings (password strength, 2-factor authentication), user access and permissions, app integrations from the Google Workspace Marketplace, and automation workflows using Apps Script.; ; How users can customise: Users can personalise their Gmail inbox (themes, labels), Google Calendar views, notification settings, and create custom filters and templates within certain apps.; ; Who can customise: Administrators hold the most control with access to the Admin Console. They manage user accounts, security policies, app deployment, and configure organisation-wide settings. Individual users have a degree of customisation within their own accounts, as outlined above.

Scaling

• Independence of resources: Google guarantees Workspace users' performance with several strategies: massive, globally distributed data centers provide ample capacity. Resource isolation ensures your data and processes operate separately from other users. Sophisticated load balancing and traffic management techniques distribute demand dynamically across the infrastructure. Additionally, Google Workspace has service-level agreements (SLAs) that outline uptime guarantees to ensure a reliable experience for business users.

Analytics

• Service usage metrics: Yes
• Metrics types: Google Workspace offers a range of service metrics to help you monitor usage, collaboration, and adoption within your organisation. Available metrics include: active user counts, email and file storage usage, collaboration activity (files shared, comments), Google Meet participation, app and feature adoption rates, and security insights such as potential threats detected. You can access these metrics through the Admin console's Reports section.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: SADA

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be extracted using Google Takeout. More information here: https://support.google.com/a/answer/100458?hl=en
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF, MBOX, PST, DOC, XLS, PPT
• Data import formats:
  • CSV
  • Other
• Other data import formats: PDF, MBOX, PST, DOC, XLS, PPT

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: More information on the Google Workspace Service Level Agreement can be found here: https://workspace.google.com/terms/sla/
• Approach to resilience: Google Workspace incorporates several design strategies to ensure exceptional resilience for your business. Firstly, Google's global network of data centers provides redundancy and geographic distribution, minimising the impact of localised outages. Data replication across multiple zones and automatic failover mechanisms ensure that even if one data center experiences issues, your data and services remain accessible. Robust load balancing and traffic management intelligently distribute workloads, preventing service degradation caused by excessive demand. Google Workspace undergoes rigorous security testing and employs multiple layers of protection to safeguard your data from cyberthreats. Furthermore, enterprise-grade features like Google Vault enable data retention, backup, and eDiscovery, protecting your information in case of accidental deletion or legal investigations. These design principles, combined with Google's commitment to uptime, make Google Workspace a reliable platform to support your business's critical operations.
• Outage reporting: You can stay informed about Google Workspace outages in several ways. The primary resource is the Google Workspace Status Dashboard (https://www.google.com/appsstatus/dashboard/). This dashboard provides real-time updates on the status of core Google Workspace services, including Gmail, Drive, Calendar, and more. It displays current service disruptions, past incidents, and scheduled maintenance periods. You can subscribe to email or RSS feed notifications from the Status Dashboard to receive proactive alerts. Additionally, Google may communicate major outages through social media and support channels. For issues specifically impacting your organisation, contacting Google Workspace support directly is the best way to get personalised updates and troubleshooting assistance.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Management interfaces are disabled or only accessible to administrators using separate accounts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: MSECB
• ISO/IEC 27001 accreditation date: 06/24/2022
• What the ISO/IEC 27001 doesn’t cover: Backoffice functions, including finance and sales.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC 2 Type 2 Audit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The purpose of the Information Security Policy and Objectives document is to provide an executive level directive to the organisation to establish, maintain and continually improve the Information Security Management System. A fully functioning and effective Information Security Program enables SADA to innovate and build its business while simultaneously protecting critical assets. SADA’s Information Security Program reinforces the Trust and Good Will created with stakeholders including employees, contractors, partners, prospective and current customers, and the general public. The Information Security Program builds a framework for SADA to remain compliant with the various Privacy and Security Regulations affecting its operations as well as requirements included in Customer and Partner contracts.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Identification and Recording: Thorough identification and documentation of proposed changes.; Planning and Review: Comprehensive planning for the change and review by appropriate parties.; Impact Assessment: Meticulous evaluation of potential consequences on information security and any dependencies.; Authorisation: Formal approval of changes by designated personnel.; Testing: Rigorous testing of changes in a controlled environment before implementation.; Implementation: Careful and controlled implementation of the authorised change.; Documentation and Communication: Accurate logging and records of the change process, alongside clear communication with affected stakeholders.; Emergency Changes: Defined procedures for immediate changes necessitated by security incidents or urgent needs.; Review and Evaluation:
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Identifying vulnerabilities: In systems, software, applications, networks, and processes that could be exploited by threats.; Evaluating risk: Analyze the potential impact and likelihood of those vulnerabilities being exploited.; Mitigating vulnerabilities: Take actions to reduce the risk posed by vulnerabilities through remediation activities like patching, reconfigurations, or compensating controls.; Monitoring: Continuously observe systems for new or resurfacing vulnerabilities.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Vulnerability Management : scanning for technical vulnerabilities, up-to-date with vendor patches and assessing exploitability risks.; Threat Intelligence: Tracking emerging threats and attack patterns; Security Monitoring: Implementing SIEM to detect anomalous activity, intrusion attempts, or signs of exfiltration; Awareness and Reporting: Train employees to recognise suspicious behaviour, social engineering attempts, potential security compromises. ; Penetration Testing : Conduct periodic simulated attacks to identify vulnerabilities; Incident Response Plan : Develop and test escalation procedures, and communication protocols.; Incident Response : Define steps for containing breaches, collecting evidence, eradicating the threat, and recovering systems.; Forensics /analysis : conduct root cause analysis to identify vulnerabilities
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: This incident response plan describes the actions that SADA employees are to follow after a security incident. A security incident is any unauthorised computer, application, data access and/or use of such systems in violation of SADA’s acceptable use policy. A security incident may originate from, be directed towards, or transit SADA controlled computer or network resources. Examples of reportable security incidents include suspected virus or worm infections, local account compromise, application or computer performance degradation, presence of unexpected programs or files and/or unexpected application response. ; ; General questions can be submitted via email to ITSupport@sada.com

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  SADA uses Saas technologies in the cloud to reduce the need for hardware and energy dependent servers. This cuts down on energy use throughout the company and reduces our carbon footprint.; As an Insight company, we are committed to reducing its impact on the environment. We strive to lessen our environmental impact over time and to initiate projects and activities that will reduce our impacts on the environment.; Insight supports the UN’s 17 Sustainable Development Goals (SDGs). Since its inception in 2015, governments and international and local organisations have taken innovative steps to support the SDG charter, which recognises “that ending poverty and other deprivations must go hand-in-hand with strategies that improve health and education, reduce inequality and spur economic growth — all while tackling climate change and working to preserve our oceans and forests.” We strive to implement our own good practices with how we establish greater harmony within our workplace, along with our collaboration with our partners and clients.

  Covid-19 recovery

  SADA transitioned to a remote workforce during the pandemic and have continued this practice as an effective means to hire global talent. SADA is a SaaS company and has increased our productivity or customer outcomes by offering flexible scheduling and work/life balance to meet employee and customer needs. The software and collaboration tools used by all SADAians which increases communication and working productively in all regions.

  Tackling economic inequality

  SADA invests in education and skills development by offering training to support employees on personal & professional development. We further offer learning opportunities on DEI throughout the year including Understanding Unconscious Bias, Building Resilience, Inclusive Leadership, and #IamRemarkable (a Google initiative). SADA also provides LinkedIn Learning to all employees so they can deepen their knowledge and explore any other personal or professional topics of interest.; ; Diversity and inclusion play a key role in SADA’s company culture-we strive for a workplace where SADAians can bring their whole self to work and employees feel represented and heard. DEI is not a one time thing or a check off on a checklist-- it is a systematic effort that we are committed to enacting at every stage of the company from talent acquisition to onboarding processes to career pathing to internal communications, benefits, and more. There are countless efforts we have put forth to continue to foster this culture, including partnerships with job boards or conferences focused on supporting historically underrepresented groups, bringing in speakers for seminars and training around bias and inclusion, and empowering our own Employee Resource Groups such as SADA Sexuality and Gender Alliance, Women of SADA, and SPONK (SADA Parents of Neurodiverse Kids).

  Equal opportunity

  SADA is an equal opportunity employer and accept our responsibility to make employment decisions without regard to an individual's age (40 and over); ancestry; national origin; citizenship; race; color; marital or parental status; political affiliation; pregnancy and perceived pregnancy (including breastfeeding or medical conditions related to breastfeeding); religion (including religious dress practices and religious grooming practices); sex; sexual orientation; gender (including perceived sex / gender, gender identity and gender expression; LGBTQ+); an individual's reproductive health decisions which includes, but isn't limited to, a decision to use or access a particular drug, device, product, or medical service for reproductive health; military or veterans' status; registered domestic partner status; genetic information or characteristics (with respect to the applicant, team member, or a family member); physical or mental disability (including intellectual disabilities); medical condition unrelated to the person's ability to perform the job, or the perception that a person is associated with a person who has or is perceived to have any of these characteristics; or any other basis protected by law, ordinance, or regulation. ; ; SADA is committed to developing a rich culture, a diverse workforce and a healthy work environment in which every employee is treated fairly, is respected and has the opportunity to contribute to the success of the company, while having the opportunity to achieve their full potential as individuals.

  Wellbeing

  At SADA, we truly value our people and recognise that the wellbeing of an individual speaks to the lasting health and success of the company as a whole. As such, we take special care to maintain a culture that speaks directly to employees’ needs-- promoting connectedness and community, stressing the importance of physical and mental health, and creating a safe, inclusive workplace. We began sending out monthly surveys to gauge the pulse of our employees- some of whom had never worked remotely before. We tracked and reviewed the results, using data directly from employees to innovate our virtual team events, write blogs on solutions to common issues, and provide requests like standing desks for new home offices. To counteract these issues, SADA has implemented multiple initiatives to keep the community engaged, connected, and most importantly-- healthy.; SADAian Employee Assistance Program (EAP) - The SADAian Employee Assistance Program provides support & guidance for matters that range from personal issues you might be facing to providing information on everyday topics that affect your life. Support topics range from general mental health counseling, education, dependent care & caregiving, legal & financial, work life balance, and lifestyle & fitness management. SADAians have unlimited access to phone counseling and a free initial 30 minute phone consultation for legal and financial matters.

Pricing

• Price: £100.80 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Full functionality of Business Plus licensing for 14 days
• Link to free trial: https://workspace.google.com/lp/business/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pstenderteam@insight.com. Tell them what format you need. It will help if you say what assistive technology you use.