ADVANIA UK LIMITED

Microsoft 365 Intranet

M365 Intranet - Communicate, Collaborate and Create with Fresh Intranet. Fresh is an intranet solution for Microsoft 365 providing your organisation with a turnkey intranet that grows, scales and flexes as your organisation changes. A great way to combine intranet functionality with access to Microsoft 365 apps like Microsoft Teams.

Features

• Home page and global navigation
• Microsoft 365 navigation
• Microsoft 365 user adoption
• News and internal communications
• Document management
• Internal content publishing
• Enterprise social networking
• Team sites
• Collaboration tools and services
• Office locations

Benefits

• Increased employee engagement
• Easy access to tools,resources and company information
• Mobile responsive solution allowing access anywhere
• Easy to update and maintain content
• Flexible templates able to be deployed for multi-use
• Aligned to Microsoft product roadmap
• Microsoft Teams app
• Turnkey intranet solution
• Flexibility to extend and integrate with other solutions
• Access to upgrades and enhancements

£3,600 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@advania.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

837690420444704

Contact

Will Tuson
+44 203 835 7332
bids@advania.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft 365, including SharePoint Online and Microsoft Teams
• Cloud deployment model: Public cloud
• Service constraints: No
• System requirements:
  • Microsoft 365
  • Appropriate Microsoft SharePoint licenses assigned to all required users.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support service response time varies between 15 minutes and 4 hours, depending on priority of the case.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support includes access to our UK-based support desk with 8:00-18:00 M-F cover (excluding public holidays), technical support from 4 hours per month. Additionally, proactive services are included to ensure that customers are aware of forthcoming features and able to influence and refine our backlog items.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Fresh is accompanied by a full methodology that covers branding, language and taxonomy to rollout and training.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Content is stored in SharePoint not in our product. Content can be extracted from SharePoint / Microsoft 365 using standard practices and / or 3rd party tools.
• End-of-contract process: The Fresh application is uninstalled from SharePoint online which leaves all content and data created accessible within the native SharePoint platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile services runs in browser and in responsive, rendering all pages in the solution appropriate to the device being used. Content is prioritised for typical mobile use cases, e.g. reading news over editing documents.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: All services on Fresh can be accessed using the Office 365 API. Documented here: https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Fresh utilises standard SharePoint functionality and can be extended and customised in-line with best practice for modifying SharePoint. Apps hosted on third party platforms can also be integrated.

Scaling

• Independence of resources: The use of client-side rendering technologies pushes the UI processing to the client and reduces a user's impact on the server farm. The underlying Microsoft 365 platform scales dynamically with the active user base and purchased licence count. Services that are designed to scale very well are used as a basis for end-user functionality including the Search service and Managed Metadata service.

Analytics

• Service usage metrics: Yes
• Metrics types: A content analytics service is provided hosted either in Azure Application Insights or Google Analytics. Reporting is either via Excel or Power BI depending on licensing options.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Documents may be downloaded or synchronised locally, list/library data can be exported to Excel as an external data source.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Fresh is installed entirely in the buyer's Microsoft365 tenant, there is no connection between the buyers' network and ours. Data is encrypted and available only to authenticated users. This level of protection is provided by default for data stored in Microsoft365 services. Data is encrypted while it resides in the service and in transit between the service and client devices. For some organizations, this level of protection meets the minimum standard.; Capabilities such as multi-factor authentication (MFA), mobile device management, and Exchange Online Advanced Threat Protection increase protection and substantially raise the minimum standard for protecting devices, accounts, and data.
• Data protection within supplier network: Other
• Other protection within supplier network: No data is stored in our network

Availability and resilience

• Guaranteed availability: Since the solution is based on the Microsoft 365 platform, Microsoft provide a financially-backed guarantee of 99.9% availability for their Microsoft 365 platform - with service credits for non-availability beyond this threshold. Please see SLA documents at https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=37 for details.
• Approach to resilience: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
• Outage reporting: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: The Microsoft 365 platform provides a full RBAC model for access control authorisation, based on Azure Active Directory. A user may be an administrator of a particular sub-level of the solution, or be a member of a group with these permissions
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 13/01/2021
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Content+Cloud align all services with the principles and standards described in ISO/IEC 27001 and ISO/IEC 22301

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Since the solution is based on the Microsoft 365 platform, full relevant details are at https://www.microsoft.com/en-us/trustcenter

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Fighting climate change; We recognise that digitalisation has an important role to play in the transition to a climate-smart society, while IT companies such as Advania have a responsibility to help minimise the negative climate impact that the use of IT entails.; ; We focus on taking responsibility for our own operations as well as influencing Buyers on all call-off contracts under the framework to make more sustainable choices, for example moving away from the linear IT Hardware model of produce, use and dispose to a more circular approach including responsible reuse-and-recycle procedures at the end of the hardware lifecycle.; ; Carbon Emissions: We are committed to continuous reduction of our carbon footprint. Our Environmental Policy includes provisions around minimising our emissions by a smart approach to travel and printing, lowering the use of electricity, water, heating, and promoting climate change and sustainability charity/community work. We are aiming to reduce this by 5% over the next year and are committed to achieving Net Zero emissions by 2050.; ; Hybrid Working: We have implemented 80% working from home policy for all employees. Where needed/agreed with the Buyers, Advania resources will be working onsite.; ; Travel: We encourage staff to use technology wherever possible. Where travel to the client site is required, we will require all staff to consider alternative transport options and optimise car sharing.; ; Reducing IT waste: Our Equipment Recycling Policy ensures hardware devices like laptops and desktops are managed throughout their lifecycle. When devices are replaced, they are either transferred to our recycling centre or donated to local charities post data sanitisation.; ; Sustainability Training: Our proactive approach towards environmental stewardship incorporates training on sustainable practices at all operational levels. We actively raise staff awareness through online training on environmental impacts and sustainability benefits.

Pricing

• Price: £3,600 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Access to a Microsoft 365 environment which hosts our solution for the purposes of evaluation and testing

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@advania.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.