Intelogy Limited

Orinoco 365: Automated Records Management and Governance tool in Microsoft 365

The easy way to manage records in Microsoft 365, Orinoco 365 automates the creation of SharePoint Sites, Microsoft Teams and Viva Engage Communities while applying your default retention labels and policies to them. Orinoco 365’s provisioning process allows you to take advantage of the rich retention capabilities in Microsoft Purview.

Features

• In place, immutable records management within SharePoint Online and M365
• Expert translation of your file plan into retention labels
• Automated site and team request, configuration and provisioning processes
• File plan and retention schedule definition and integration services
• Dynamic application of SharePoint metadata to your content
• Automatically apply sensitivity labels across your Sites & Teams
• Avoid need for bespoke scripting or development to apply retention
• Harness the value of E5; extend the capabilities of E3
• Significantly improved ability to understand and govern your Sites/Teams
• Automatically apply retention to private channels and new libraries

Benefits

• Records Management by-stealth: automated application of retention
• Enable your staff, by minimising need for ongoing manual classification
• Ensure contextual retention labels are applied to content by default
• Expert-led adoption; work with the leading M365 retention specialists
• Easy onboarding and offboarding process - don't get locked in
• Flexibility to safely extend the service to meet specific objectives
• Improved return from your existing investment in Microsoft 365
• Simplified records management in SharePoint Online / Microsoft Teams
• Quickly align with Microsoft allowing old systems to be decommissioned
• Understand the purpose, ownership and value of your organisation's sites

£0.04 to £4.37 a user a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.tomlins@intelogy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

863105373902515

Contact

Andrew Tomlins
02037473506
andrew.tomlins@intelogy.co.uk

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft 365
• Cloud deployment model: Public cloud
• Service constraints: None, we will discuss your objectives and scenario to understand any constraints
• System requirements: Works with any standard M365 licence: E1, E3, E5

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All tickets raised with our helpdesk are prioritised by impact and triaged accordingly. Our helpdesk operates during UK-based office hours (Mon-Fri 9-5). Tickets will be responded to in a priority order: P1 tickets within 2 hour; P2 within 4 hours; P3 and above 10 hours. Our service response targets are guidelines for resolution times for incident tickets which Intelogy intend to meet or beat.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Support is provided as a service offering for the accelerator. This covers issue investigation and resolution where appropriate. Provision is also included for feature enhancements and change requests, which may (or may not) be prioritised into the product roadmap for future release. You will be provided with access to a named technical account manager.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide a range of hosting options, which we will discuss with your team. Once determined, the service is rapid to deploy and enable allowing you to get going rapidly. Included within the onboarding service, our team will train you on how to configure your workspace types and templates, complete with how you map you retention to each. We will also provide full user documentation. Further consultancy days can be easily procured to help translate your file plan / retention schedule into our architecture.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data remains entirely inside your tenant. This includes all files, all configuration settings and all retention/metadata/sensitivity that has been applied. This makes the offboarding process simple and clean.
• End-of-contract process: At the end of the contract, if you decide that you don't wish to renew your licences, we will simply turn off your ability to apply default settings to new Teams / Sites. Existing Teams, Sites and all of your content will be unaffected by this process, but new workspaces will not benefit from out default application of retention. There are no additional costs associated with the end of contract process

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Full mobile support provided for any device compatible with Microsoft 365
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Via our implementation team
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Define your own retention labels, retention policies, SharePoint metadata, content types, sensitivity labels, workspace types and workspace templates. Integrate custom processes.

Scaling

• Independence of resources: User access to content is overseen by Microsoft who have provide 99.9% SLA for uptime. Our service has been designed to balance load and avoid being throttled by Microsoft 365. At times of high demand this might increase the time it takes to create new workspaces slightly, but typically users will be unaffected.

Analytics

• Service usage metrics: Yes
• Metrics types: A full list of all workspaces, complete with their requested configuration is provided and can be exported to Excel as needed.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Records Management Solutions Limited

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: All client data is stored within and protected by Microsoft 365
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: All data is retained within Microsoft 365. As such, Microsoft 365's export capabilities can be used.
• Data export formats: Other
• Other data export formats: Any format supported by Microsoft 365
• Data import formats: Other
• Other data import formats: Any format supported by Microsoft 365

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: All client data is stored and protected within Microsoft 365. As such it is never exposed to our network.
• Data protection within supplier network: Other
• Other protection within supplier network: All client data is stored and protected within Microsoft 365. As such it is never exposed to our network.

Availability and resilience

• Guaranteed availability: Access to data and use of the workspaces we've configured is governed by Microsoft 365's 99.9% uptime SLA. We aim to ensure our accelerator has > 99% uptime, excluding downtime in Microsoft/client services outside of our control.
• Approach to resilience: Microsoft 365 has significant data resilience and uptime, provided by multiple data centres. Our service is hosted within Microsoft Azure and as such benefits from the resilience provided by Microsoft. Further information is available on request
• Outage reporting: Our accelerator has been designed with resilience in mind. If outages/errors are encountered, our service will periodically retry. If this fails administrators are notified of the issue in our issue tracker and if warranted by priority notifications are also sent via email.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Our accelerator leverages Microsoft 365's authentication model. [STEF]
• Access restriction testing frequency: Never
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We provide various approaches that scale to meet the security needs of each client. Our preferred model secures identity in an Azure Key Vault, with process to update secret on a routine basis.
• Information security policies and processes: We can provide full architectural and operational detail of security processes on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our change management process depends upon the model selected by each of our clients. Our preferred process sees our team routinely update our core capabilities on a quarterly basis. We provide our clients with a clear schedule of future updates and include detail of each change a month prior to each release. We have a defined rollback process in the event of deployment issue. Updates are undertaken outside of UK working hours to minimise service disruption.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We make use of Qualys scanner to assess vulnerability of our Azure-hosted logic. Full details available upon request.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our service management team uses System Center Operations Manager to allow us to be rapidly notified of potential application compromises. We will triage rapidly within 4 hours (during UK working hours). Response values depending upon the nature of the compromise. Full details can be provided upon request.
• Incident management type: Supplier-defined controls
• Incident management approach: Our team follows a defined process of Identification > Escalation > Diagnosis > Resolution. Nominated client users can raise tickets either online, by email or via the phone with our Service Desk if incidents needs to be reported. Our Managed Services team provide a routine summary of all incidents that have been reported.; ; Full details can be provided upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  As well as encouraging less travel to work and use of physical consumables (like paper), the main way that our cloud services can help reduce carbon emissions is by lowering the energy consumption of IT infrastructure. According to a study by Microsoft, cloud computing can reduce the energy use and carbon footprint of IT operations by up to 93% compared to traditional on-premises data centres. This is because cloud providers can optimize the utilisation of their servers, use more efficient cooling systems, and leverage renewable energy sources. By contrast, on-premises data centres often have low utilization rates, inefficient cooling systems, and rely on fossil fuels for power generation. By moving to the cloud, businesses and individuals can save energy and reduce their environmental impact.

Pricing

• Price: £0.04 to £4.37 a user a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at andrew.tomlins@intelogy.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.