SPACETRACK IT SOLUTIONS LIMITED

Microsoft 365 Cloud Hosting Services

SpaceTrack IT provides Microsoft 365 collaborative & productivity platform hosting as a service. SpaceTrack specialises in providing consultancy, migration, implementation, and support services ensuring security within the Microsoft cloud and ensuring you are getting the most out of the tools that are available to you within your Microsoft 365 platform.

Features

• Complete range of Microsoft 365
• Microsoft UK, European Data Centers
• Cloud Consultancy and Onboarding Services
• Cloud project Management Services
• Training and Support and Services
• Regulatory and Compliance Services

Benefits

• Utilise the Complete Power of Microsoft Cloud
• Deployment Options as per the Business Requirements
• Windows 11 readiness/migration consultancy, design and planning
• Implementation and Support for the strategic move to the cloud
• Microsoft Enterprise Workshops and Training services

£4.50 a licence

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chinenye.unamma@spacetrack.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

838791552334836

Contact

Chinenye Unamma
+442080951500
chinenye.unamma@spacetrack.co.uk

Service scope

• Service constraints: None
• System requirements:
  • Microsoft Cloud Services Will be provided via CSP
  • Internet Connectivity

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Same day response is part of the standard support. Tickets raised into our service desk are triaged immediately and they are then dealt with in line with their priority level in line with our service promise and the Service Level Agreements put in place as part of the contract. Support hours are from Monday to Friday 9 AM to 5 PM. Out-of-office hour support, Weekend support, public holiday, and 24/7 support are available up on request.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Please contact us for details
• Onsite support: Yes, at extra cost
• Support levels: SpaceTrackIT service desk will be the first point of contact and all support calls will be assigned with a unique ID and will be used to track and manage the resolution. SpaceTrack provides remote and onsite Priority support during normal office hours from 9 to 5.30 Monday to Friday. Out-of-office hours support, weekend support, and public holiday support can be facilitated upon request. SpaceTrack provides technical account managers and support engineers according to the requirement of the customer. ; ; Priority Support Levels can be tailored according to client requirements. ; Level 1 - Critical—Critical system component/severely impaired -severe business disruption – The business unable to operate - Response Immediate ; Level 2 – High - Critical user/user group unable to operate/the business is experiencing a significant reduction in system performance - major business disruption - Response within 2 business hours ; Level 3 – Medium - A single user unable to operate with no available workaround - minor business disruption - Response within 8 business hours; Level 4 – Low - A single user or user group is experiencing incidents, but a workaround is available - minor disruption - Response within 24 hours; Level 5 - Planning - Response within 48 business hours
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite and virtual consultation, designing, planning, implementation, training workshops will be run to ensure the right set of services and licenses required to support your journey to Office 365. We will also provide access to user adoption guides and videos for customers.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Microsoft Cloud services are provided on a subscription basis and follow the standard Microsoft Cloud subscription terms. Data can be extracted at any point while resources are provisioned through a valid subscription using the various tools provided by Microsoft.
• End-of-contract process: Microsoft Cloud services and hardware support will be ended once the contract term has been fulfilled and subscriptions deleted. Customers are able to transfer management and licenses to other providers as required.

Using the service

• Web browser interface: Yes
• Using the web interface: Using Web Interface.; Microsoft provides its own administrator portal
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Web Interface accessibility testing
• API: Yes
• What users can and can't do using the API: Azure APIs are available for automation and monitoring activities
• API automation tools:
  • Chef
  • Puppet
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
  • MacOS
• Using the command line interface: All Azure services can be provisioned and managed via Powershell or the Azure CLI

Scaling

• Scaling available: Yes
• Scaling type:
  • Automatic
  • Manual
• Independence of resources: The Azure hypervisor enforces memory and process separation between virtual machines.
• Usage notifications: Yes
• Usage reporting:
  • Email
  • Other

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Cloud based mailboxes, OneDrive and Sharepoint sites
  • User Accounts and other data as stored in Office 365
• Backup controls: Microsoft provides synchronized copies of all data contained within the Microsoft Cloud. SpaceTrack provides additional on-premise or cloud-based backup services as required or can provide an interface into existing backup services as required.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
  • Single datacentre with multiple copies
• Scheduling backups: Users schedule backups through a web interface
• Backup recovery:
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Uptime availability is managed by Microsoft.
• Approach to resilience: Microsoft Data Centres across each region for resilience.
• Outage reporting: Alerts will be by Microsoft when an issue is experienced. SpaceTrack engineers and often are fully aware of any issues and can provide appropriate notification to customer key contacts.

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Authenticated by username - Customer defined
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials Plus in progress
  • ISO certification in progress

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: SpaceTrackIT’s security governance outlines the strategy of the security team to mitigate business risks. We have security policies and standards in place, which are at the core of our information security lifecycle (Identity, Assess, Protect and Monitor). As part of our security governance process, the security management team identifies the resources we protect and ensures the database is up to date. They decide how security incidents and risks are assessed, managed, and communicated to the broader management team.
• Information security policies and processes: SapceTrackIT has security policies and process in place to that are in line with government security framework. Our policies include password policy, list privilege policy, remote access policy, disaster recover policy, encryption policy, security incident management policy, risk management policy, security awareness policy & patch management policy. ; ; As part of our security policy management process, the security team identifies and captures all the resources in scope, and ensure the database is always kept update. All staff are compliant with security awareness training. ; ; The approach for managing security risks is:; 1. All identified threats, vulnerabilities and incidents via our monitoring tools, internal systems or third-party status notification are graded as critical, high, medium, and low. ; 2. Our security policies and procedures list essential information security individuals/teams to contact for all critical and high breaches and the approach to kick off the incident management process and communication.; 3. The critical risks/incidents are investigated, addressed, and mitigated immediately. They are also communicated to the senior management, and any changes needed to mitigate the risks are approved via emergency change. ; 4. Senior management reviews security reports bi-weekly, and the outcome is communicated to the team leads, and actions cascaded to responsible owners

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: SpaceTrack will provide full documentation of all our services and we track and manage changes to any of the services with complete audit trails. Components are tracked through their full life cycle from implementation to decommissioning. Changes are reviewed prior to implementation to assess for potential security impact. SpaceTrack will work with customers to identify the most optimal monitoring solution for their requirements, including using already existing toolsets available.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: "Upon contract SpaceTrack will work with customers to identify the most optimal vulnerability management approach in line with the business requirements. Regular security scanning and scheduled patch management based on the assessment will be part of the solution and will be in line with the cloud provider complying with a recognized standard.; In order to identify potential threats we will:; - compile an inventory of assets connected to the network; - identify critical systems/at-risk systems; - established timely and scheduled patch management process; - established a process ensuring programs and apps run the latest software versions; - established remediation timelines"
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring processes are in line with the service and customer requirements. SpaceTrack will work with customers to identify the most optimal protective monitoring approach for their requirements, including using already existing toolsets available, and will establish a security Information & event management solution to identify potential compromises. Found compromises will be investigated and a Security Incident will be raised to track the investigation, root cause, and solutions if required to rectify or improve the situation.
• Incident management type: Supplier-defined controls
• Incident management approach: SpaceTrack has defined incident management, resolution, and escalation processes in place to respond to and resolve incidents. Customers can generate support call tickets by contacting our helpdesk and all support calls will be assigned with a unique ID and will be used to track and trail the outcome. Any incident is logged in our service management system platform and as soon as the incident is logged, the relevant people will assess the Incident and its seriousness and ensure communications take place with those affected to develop tactics for containing the Incident, ascertain its root cause, ensure correctives actions are implemented.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Yes as per vendor

Social Value

• Fighting climate change:

  Fighting climate change

  SpaceTrackIT has the policy to contribute positively adhering to the government's policy for fighting climate change. SpaceTrack's policy focus on reducing business emissions with the three environmental Rs: reduce, reuse, and recycle.; As a start-up SME, SpaceTrack currently has a limited carbon footprint and as part of the growth plan company’s focus is to align its policies with the government target of achieving net-zero by 2050. To achieve this company will adopt a phased approach with set targets. ; As part of our policy SpaceTrack promotes, practices, and encourages reducing waste, decreasing travel, purchasing carbon offsets, Investing in renewable energy, promoting climate-friendly innovation, and supporting sustainable businesses. ; SpaceTrack is committed to continuing educating, employees, the supply chain, customers, and the local community about climate change and the role everybody can play in fighting climate change. The policy gives importance to collaborating with the local community and contributing a portion of any contract in enabling the well-being of the local community and fighting climate change.; SpaceTrackIT practices and promotes reducing waste by recycling when and where possible and reusing in all possible ways and practices purchasing recycled or refurbished office products. The use of energy-efficient equipment and reduced use of energy is practiced by unplugging the equipment and turning off computers and equipment overnight. Where possible SpaceTrack uses business collaboration software and online meetings instead of driving or flying to a client meeting. ; The policy ensures that the company engages with the supply chain and uses the company's purchase power to support sustainability efforts. We select those as our partners and vendors who are giving importance and taking steps to reduce energy consumption and carbon emissions. ; Investing in renewable energy sources and contributing toward carbon offset projects are major considerations in SpaceTrack policy to contribute toward fighting climate change
• Covid-19 recovery:

  Covid-19 recovery

  SpaceTrackIT understands that Micro and small enterprises (SMEs) can power a stronger recovery from the COVID-19 pandemic, due to their innovative and opportunity-seeking nature. SpaceTrack, IT has the policy to contribute positively to local communities and other businesses to manage and recover from the impact of COVID-19 aligned with the government’s Covid-19 recovery plans. As a start-up company SpaceTrack will focus on a few key areas to achieve these ; SpaceTrack will work with local communities as part of our social value commitments and implement the steps to identify and positively contribute to Covid-19 recovery plans by creating employment opportunities as part of our growth plan providing Jobs, apprenticeships, or other recognized training places created and/or completed within the local community. ; SpaceTrack focus on the training and guidance on return to work for those affected by the pandemic aligned with the government’s policy of covid recovery plan for SMEs. The company will engage to identify the training/re-training requirements and will be adequately supported accordingly to enable those affected by the pandemic situation and will give priority to those worst affected or who are shielded.; SpaceTrack policy focuses and supports the employees on their physical and mental health positively by providing flexible working conditions and remote work options with limited travel to office/client locations. ; SpaceTrack as part of a new and efficient way of rendering its services has identified and implemented remote working and support tools to enable employees to remote work and to achieve the company’s vision to deploy and support our services remotely reducing the need for travel. ; SpaceTrack policy gives importance to engaging with those businesses worst affected by the pandemic and the company will explore all the possible opportunities to work with other businesses affected by the pandemic providing them with procurement and subcontracting opportunities.
• Equal opportunity:

  Equal opportunity

  SpaceTrackIT Solution Limited is a start-up company founded and managed by women entrepreneurs from black ethnic minorities with a vision to provide efficient technology services with a commitment to equality of opportunity as an employer with policies and practices aligned to government equal opportunity policies. SpaceTrack recognises that discrimination and victimisation are unacceptable and it is the aim of the company to ensure that no employee or job applicant receives less favourable facilities, wages, or treatment (either directly or indirectly), in recruitment or employment on grounds of age, disability, gender or gender reassignment, marriage, or civil partnership, pregnancy or maternity, race, religion or belief, sex, or sexual orientation (the protected characteristics under the Equality Act 2010).; The Equal Opportunities Policy will be communicated to all applicants, new appointees during their induction, and to all employees. SpaceTrack is committed to the recruitment and retention of disabled people. The company will provide the necessary equipment and facilities for employees, applicants, and interviewees with disabilities to enable them to participate successfully in the workplace. The company will provide job applicants with details of the vacant job and information about the company/department in alternative formats. ; Should an employee believe they have experienced harassment, bullying or discrimination then they may either attempt to resolve the matter informally or invoke the formal complaint procedure under SpaceTrack Grievance Procedure to pursue their claim. All cases will be taken seriously, dealt with quickly, and treated with the utmost confidence. Employees are advised to seek the advice of their representative at the earliest opportunity.; SpaceTrackIT Solution Limited will monitor equal opportunities by collecting diversity data as appropriate to enable SpaceTrack to identify and address issues to provide equal opportunities for all, diversity data will be reported to the board periodically and be included in reports.
• Wellbeing:

  Wellbeing

  At SpaceTrackIT, we believe that we have a duty to care to look after the health, safety, and well-being of our employees, and protecting this is of the utmost importance for us as an employer. We aim, so far as is reasonably practicable, to create a supportive workplace culture, which reduces negative impacts on wellbeing and ensures managers have the right skills to support staff. In addition to reducing safety risks, this means operating the business in a way that minimises harm to employees' mental health.; ; We aim to support and develop a positive mental health workplace by assisting those with mental ill-health and raising awareness of mental and physical wellbeing across the business and also within our supply chain, local community, and customers. If anyone needs support we will offer non-judgemental help, support, and guidance. Where necessary we will assist to return to work after a period of mental ill-health and support the manager with mental health first aid training for teams, or ensure the business has mental health first aiders.; ; Identifying workplace stressors/mental ill-health triggers is a health and safety issue. We will aim to identify all foreseeable workplace stress/mental ill-health factors/scenarios and carry out risk assessments, aiming to apply suitable and sufficient support to mitigate and reduce the likelihood and harm. ; ; We will work with staff, suppliers, customers, and communities to promote and build integrated communities and challenge segregation by bringing people together to form a key part of the policy. The Company will encourage to be healthy and active by; ; • Raising awareness of the importance of physical activity for mental and physical wellbeing.; • Promoting physical activity across the business.; • Provide access to the UK Government’s ‘Cycle to Work Scheme’.; • Provide access to a gym membership or other employee benefits.

Pricing

• Price: £4.50 a licence
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chinenye.unamma@spacetrack.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.