Jisc Services Ltd

Microsoft 365 Support

Jisc offers the full range of apps and services within the Microsoft 365 portfolio with pricing models for government, business, education and the third sector. Our support service optimises your use of M365 licensing, maintains a secure environment, and provides access to Microsoft Support. This excludes licencing charges.

Features

• Best-in-class technology advice, engineering and support
• Full management of your Microsoft Office 365 environment
• User administration including Office 365 Exchange groups and SharePoint sites
• Expert support and guidance via telephone and email
• Predictable monthly spend with full visibility of Office 365 utilisation
• Elastically flex Office 365 licensing according to needs and demand
• Office 365 SaaS approved for use at OFFICIAL category
• Easily access Microsoft Office 365 from multiple devices and locations
• Unified communications with Microsoft Teams
• Microsoft Cloud Solution Provider, Microsoft Partner

Benefits

• Expert ITIL aligned management of your Office 365 business applications
• Boost productivity with familiar Microsoft Office 365 applications
• Improve collaboration with Microsoft SharePoint, Yammer, OneDrive and Teams
• Increase flexibility with always-on access to Office 365 from anywhere
• Easy integration with existing services such as Microsoft Active Directory
• Enable unified communications and mobile device management
• Trusted technology advisor for higher and further education
• Comprehensive connectivity solutions including Janet, PSN and Azure ExpressRoute
• Transform the way you work with Microsoft Office 365 applications
• Anywhere, anytime, flexible working with Microsoft Office 365 applications

£1.00 to £2.10 a user a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.support@jisc.ac.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

911749746930546

Contact

Bid Support
03003002212
bid.support@jisc.ac.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Any current web browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 Target response 30 Mins P2 Target response 2 hours P3 Target response 4 hours Out of hours - Target response 30 Mins (P1 only) P1 incidents Service component failed or severely impaired resulting in serious business-wide impact or multiple users/services impacted. P2 incidents Service component impaired resulting in a loss of functionality, or loss of access to a single or subset of users, but work can continue in an impaired manner. P3 incidents Incident with minor or no direct impediments on the customer’s business and/or is not time sensitive
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Jisc's Managed Service Gold tier support package - for further information, see Jisc's Managed Cloud Service.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: A Microsoft 365 specialist will work with you to understand the scope and nature of the required services, including: Office 365 features required, the deployment process, any integration requirements of legacy services/applications, end users, segmentation and associated security profiles. Details include agreeing reporting requirements and scheduling, formats and transportation. This will normally take place prior to contract award. We will provide user guides, both online and in crib card format as part of user activation. Onsite training can also be provided as an additional charged item.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Details of how to extract data from Office 365 can be found here https://products.office.com/en-us/business/office-365-online-data-portability
• End-of-contract process: A termination plan will be produced and agreed with you. A generic termination plan is available, on request, and this will be tailored to reflect appropriate roles and responsibilities. Production of this tailored plan is included within the service price.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: If you're using at least iOS 10.0 we recommend using the Office for iPad apps instead. You'll find them in the Apple app store. If you're using an older version of iOS then Safari is the best browser for Office Online on iPads, but some features may not be available. There are currently no browsers on Android that are officially supported with Office Online. We recommend using the Office for Android apps instead. You'll find them in the Google Play store.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: All features of the service are available through the service interface.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: N/A
• API: Yes
• What users can and can't do using the API: Please see https://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview for more information on the Office 365 API
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Please see https://docs.microsoft.com/en-us/Office365/ and https://products.office.com/en-gb/business/compare-more-office-365-for-business-plans for more information on Office 365 options.

Scaling

• Independence of resources: A detailed description of how Microsoft isolates individual customer tenancies can be found here https://www.microsoft.com/en-us/download/confirmation.aspx?id=54249

Analytics

• Service usage metrics: Yes
• Metrics types: Office 365 usage reports are available for your administrators in the Office 365 admin center. Please see https://support.office.com/en-us/article/activity-reports-in-the-office-365-admin-center-0d6dfb17-8582-4172-a9a9-aed798150263 for more information.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Details of how to extract data from Office 365 can be found here https://products.office.com/en-us/business/office-365-online-data-portability
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Information on how Microsoft protects data within its enterprise services can be found here https://www.microsoft.com/en-us/download/details.aspx?id=55848

Availability and resilience

• Guaranteed availability: Details of the Office 365 service level agreement can be found here https://technet.microsoft.com/en-us/library/office-365-service-level-agreement.aspx
• Approach to resilience: Details of how Microsoft ensures resiliency in the Office 365 service can be found here https://www.microsoft.com/en-us/download/details.aspx?id=53560
• Outage reporting: Office 365 includes a service status portal for tracking any outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Office 365 allows for creation and management of administration roles, please see https://support.office.com/en-gb/article/office-365-admin-overview-c7228a3e-061f-4575-b1ef-adf1d1669870?ui=en-US&rs=en-GB&ad=GB for more information
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 23 June 2019
• What the ISO/IEC 27001 doesn’t cover: All Jisc activities related to the provision of this service are covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: CREST

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Jisc is certified as compliant with ISO27001:2005 (Certificate CI/12868IS) by a UKAS accredited certifying body. Services that we have designed, implemented and operate have been subject to risk assessment including ITHCs and penetration testing by independent CHECK providers. We are able to supply our Information Security Policy subject to a non-disclosure agreement being put in place with the receiving party.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Jisc is committed to ITIL aligned Change and Configuration Management for effective management and control of its infrastructure. Jisc's management tool incorporates an automated Change Management Database (CMDB) at the heart of its operation, with all service support and delivery modules linked to the CMDB to ensure a complete and accurate view of customer estates. A CAB team exists within the services department and liaises closely with all other teams to ensure changes are successful and our infrastructure is maintained and accurately modelled within the CMDB.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We rely on vendor support services to ensure we are operating in line with the latest recommendations and are made aware of any potential vulnerabilities by them.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Jisc makes use of cloud-native applications for the collection, monitoring, analysis, alerting and reporting of all IT event, log and performance data. A real-time analytics engine is used to correlate events, logs and performance metrics across your cloud and on-premise infrastructure. A comprehensive suite of highly configurable rules allow alerts to be sent in response to malicious activity and performance-impacting events, all of which is included as standard in the service.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Our ITIL-aligned Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes. Customers can report incidents via phone, email or our portal. Our Incident Management process ensures that we respond to any reported faults and sets out target resolution times to ensure that these are fixed within agreed timeframes. For Major Incidents, once the Incident has been resolved, the Incident Manager will ensure an Incident Review Meeting is held and a Major Incident Report is created and distributed.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Joint Academic Network (JANET)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As part of our core strategy for 2022-2025 the theme ‘Be a force for good’ recognises sustainability as an organisational imperative. Committed to achieving Net Zero emissions by 2040, 10 years ahead of government target, we plan to cut our emissions by over half by 2030 and be net zero across our remaining scope three emissions (net zero plus) by at least 2050. We have a Net Zero Roadmap outlining how we will reduce emissions and our plans for future projects.; Below are some examples of what we have done:; ; Lowered our carbon footprint by: reducing the size of our estate, motion-controlled lighting to save electricity in our Bristol office, as well as generating electricity through solar power. ; ; Reduced travel emissions by: a hybrid working model, introduction of a staff electric car scheme, alongside an existing cycle to work scheme. ; ; An Environmental Policy outlining our commitment to continually improve our environmental performance: We are developing an environmental management system to ISO14001, this will guide action across key areas, such as consumption, waste, biodiversity, travel.; ; Started to embed sustainability into our procurement processes: We will introduce a Sustainable Procurement Policy to drive this further.; ; Sustainable Jisc Events: Jisc’s Digifest event offered a meat free menu, estimated to have saved 6.4 tonnes of carbon. Catering was locally sourced, and any food waste was disposed through anaerobic digestion. We encouraged exhibitors to use digital messaging, reducing printed materials. Our event app reduced the amount of printing required, and any required event printing is now FSC certified and fully recyclable. ; ; Reuse or recycle old IT equipment: Wiped and sold for reuse old IT equipment, and recycled equipment not suitable for reuse, resulting in zero waste to landfill. In 2022/23 we recycled over 370 pieces of IT equipment.

  Covid-19 recovery

  Providing our people with the flexibility they need to balance their personal lives and do well at work, Jisc offers a range of ways of working, including flexible hours and working from home. We have adopted a hybrid working model for most roles. Flexible working eliminates the limitations posed by geographical location and personal circumstances. To support their home working environment, remote workers are provided with an allowance for equipment and advice and training on DSE.; For the benefit of people and community, everyone at Jisc can make a difference, with up to three paid volunteering days per year. In 2022/23 29% of our staff took a volunteering day. Colleagues used 321 volunteering days across the year for the benefit of people and community. Examples include, foodbanks, animal sanctuaries, helping children to learn to read, litter picking, giving blood.

  Tackling economic inequality

  We are an accredited Living Wage Employer. Jisc meets the standards set by Citizens UK and the Living Wage Foundation by signing the ‘UK Living Wage Employer' licence agreement. This agreement confirms that Jisc pay the Real Living Wage as a minimum. We also ensure that people in our supply chain delivering goods and services are paid the National Living Wage as a minimum.; Jisc is committed to the development of our people, and encourage they use 10% of their time on development. To help our people to upskill and achieve, they have access to a huge variety of learning resources including access to the full LinkedIn Learning catalogue. Where a qualification is directly linked to career progression, Jisc contribute or cover the full cost of the training. ; Jisc provide their employees with a number of benefits. For example, our Pay Framework gives a fair, flexible and transparent pay structure to work within. Our employee Healthcare cash plan allows members to claim back everyday healthcare costs, like dental or eye care. ; Apprenticeships provide an amazing opportunity to boost the skills of the local community and beyond. We are extremely proud of our apprenticeship scheme at Jisc, which cover legals, marketing, network engineering, procurement, HR and finance. Our scheme celebrates diversity, and we know that it is critical to our success. We work hard to make sure we’re inclusive and welcome all applicants who share our values and want to join us in our mission to improve lives through digital transformation.

  Equal opportunity

  One of Jisc’s guiding principles ‘Always Inclusive’ reflects our commitment to equity, diversity and inclusion (EDI). ; Our EDI policy outlines our commitment to de-constructing systemic racism and other barriers which have historically affected under-represented groups in the workplace. We strive to be an organisation where everyone here is able to be their authentic self and recognise the benefits of diversity with regards to innovation, team performance and organisation-wide productivity. ; We engage with external partners such as the Black Leadership Group and Emerge. Emerge are co-designing on the delivery of our Conscious Inclusion of Leaders Programme. In 2023 we launched a new Board and Committee diversity policy. The Board believes a mix of skills, knowledge and experience with different perspectives and insights builds a strong foundation for well-informed decision-making and as a consequence, better performance of Jisc in support of its stakeholders. ; Our EDI steering group meets quarterly to address inclusion-related topics from our employee networks, including the faith and LGBTQIA+ networks. We provide EDI training through our leadership program and have conducted anti-racism masterclasses for staff. Our recruitment team has also received inclusion-focused personal development and assists hiring managers in refining their practices.; We won’t accept modern slavery, forced labour or any human trafficking anywhere within our operations or supply chain. Our Modern Slavery working group assess risk areas, implement improvements and monitor progress against our Modern Slavery objectives and policy. Staff are educated on how to report modern slavery in the workplace and what signs to look for. ; Currently four of nine of our executive leadership team are women, including our CEO. According to benchmarking we carry out as part of our commitment to the Tech Talent Charter, we are above the national average for employing women in tech roles, having 31% taken by women against 28% nationally.

  Wellbeing

  The health and wellbeing of our staff is crucial to us. In 2023 we introduced a new benefits package for staff including an employer paid healthcare cash plan, an electric car scheme and the opportunity to buy additional annual leave. We offer a cycle to work scheme and an employee assistance programme for advice on a range of legal, financial, physical, emotional and mental health issues. We value good work/life balance and work flexibly. We also offer a generous leave entitlement, enhanced sick policy and enhanced maternity, paternity and adoption leave in addition to statutory entitlement, and shared parental leave. ; Trained to support our staff, we have 41 (April 2024) mental health first aiders easily assessable to our people across our geographical locations. Promoting and delivering wellbeing initiatives within Jisc, some of our mental health first aiders are also wellbeing champions. ; Providing staff with education, support and tools to help them live a happier and healthier life, they have access to a Wellbeing centre through our Jisc reward scheme, where they can access a range of resources to support wellbeing.; Our employee assistance programme provides staff and their immediate family access to confidential advice on a number of topics covering physical, mental, financial advice and is accessible through various mediums. ; Volunteering has been shown to improve mental health, by giving a sense of purpose and reducing stress and anxiety. Our staff can use up to three days volunteering per year. Through our volunteering network, staff share their experiences with others.

Pricing

• Price: £1.00 to £2.10 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bid.support@jisc.ac.uk. Tell them what format you need. It will help if you say what assistive technology you use.