ADDIN365 LIMITED

Addin Work Hub

Addin365 offer Addin Work Hub, a product suite that supports employee collaboration and productivity.
This SaaS product has 4 modules and bolsters what is available out of the box from Microsoft Teams and OneDrive. We help organisations deploy and adopt Addin Work Hub and the associated Microsoft 365 capabilities.

Features

• Addin WorkHub is an app package for the M365 tenant
• Products live alongside Microsoft 365 components
• Monthly product updates enhancing existing and net new capabilities
• Deliver a standardised, personalised way of working in Microsoft Teams
• Automate Microsoft Teams governance
• Govern Microsoft Teams without business change management
• Personalised Q&A bot in Microsoft teams to answer employee questions
• Employee feedback on bot enabled to continuously improve content
• Content Packs for standardisation of best practices
• Content Packs for process automation

Benefits

• Work with a Microsoft Charter Partner and 3 Microsoft MVPs
• Evergreen products so your employee experience stays up to date
• Use app packages to enhance out of the box
• Automate the availability of your best practices in Microsoft Teams
• Personalise the availability of your best practices in Microsoft Teams
• Apply Microsoft Teams governance consistently in your organisation
• Analytics to measure content engagement and value
• Measure project success based on business outcomes achieved

£1,100 to £5,500 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@addin365.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

945214426165592

Contact

Suzy Dean
07759040258
hello@addin365.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: Microsoft 365
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Webparts can be configured by not modified.
• System requirements:
  • Microsoft 365
  • Appropriate Microsoft licenses assigned to all required users.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Within 24 hours. A unique support SLA can be negotiated.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use Microsoft Teams for chat support which meets WCAG 2.1 AA standards.
• Onsite support: Yes, at extra cost
• Support levels: Addin365 will provide fixes to defects reported that can be replicated by the Addin365 production team.; ; Addin365 will not provide fixes for Microsoft 365 defects. These need to be reported by the organisation or their service partner to Microsoft Support.; ; Addin365 use a ticketing platform called Freshdesk to support incidents, as well as a dedicated client teams channel. ; ; Within 24 hours of a defect being reported to Addin365 a response will be issued to confirm receipt.; ; Addin365 will investigate the defect. Addin365 aim to investigate issues and respond with a target fix date within 3 days. However, if the defect is complex it may take longer.; ; If the defect can be reproduced Addin365 will issue a target fix date for the defect. The priority given to fixing a defect is dependent on the severity of the defect.; ; Priority 1 defects will be resolved as a minor patch of the current release.; ; Priority 2 and 3 defects will be fixed and delivered in the next major release.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Once Addin Work Hub has been purchased, Addin365 install the products for you. You will need to have a Microsoft 365 tenant and licences for those you wish to use the platform, as a pre-requisite. User training is undertaken online and in person. User training also covers Microsoft Teams settings for IT service owners. Training can be undertaken in one hour, two hour or four hour sessions.; Support services can be provided for:; Microsoft Teams governance definition.; Microsoft Teams policy design and creation. ; The Power Platform, including but not limited to the design and development of workflow, forms and custom capabilities. ; Change management.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Addin365 do not hold customer data.
• End-of-contract process: To off-board from Addin365 products at the end of the contract term, you will need to, from the SharePoint app catalog site, remove the Addin365 solutions from the catalogue. This fully removes them from your tenant. Existing SharePoint pages will lose the Addin365 user experiences (the web parts will no longer be available to use), but remain unchanged content wise. The data within the page remains, and the audit experience remains. ; ; For Skills and Bot; From Azure AD remove the Enterprise applications trust from your tenant. This disconnects your tenant from the Addin365 platform and removes our capabilities. Remove any Addin365 apps from the Teams app catalog. The whole process takes less than 15 minutes.; ; There are no off-boarding charges following the end of a subscription purchase.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There are no differences.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: User experience elements reside within the Microsoft Teams experience.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The user interfaces are checked using screen reading technology JAWS
• API: No
• Customisation available: Yes
• Description of customisation: Avatar naming and branding is customisable, as are user configuration choices and layouts

Scaling

• Independence of resources: Microsoft are responsible for the scale and demand management of the underlying experience. Our Teams experiences are hosted within an auto-scaling Azure platform.

Analytics

• Service usage metrics: Yes
• Metrics types: Calculated process automation value.; Questions asked and answered.; Product usage.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: No need to export data as it all lives in the customer tenant.
• Data export formats: Other
• Other data export formats: No need to import data. It lives in customer tenant
• Data import formats: Other
• Other data import formats: No need to import data. It lives in customer tenant

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Microsoft determines the protection levels. ; Our Skills and Bot are hosted in Microsoft Teams, therefore Microsoft determines the protection levels.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Since the solution is based on the Microsoft 365 platform, Microsoft provide a financially-backed guarantee of 99.9% availability for their Microsoft 365 platform - with service credits for non-availability beyond this threshold. Please see SLA documents at https://www.microsoft.com/licensing/docs
• Approach to resilience: Since the solution is based on the Microsoft 365 platform, full relevant details can be found here - https://www.microsoft.com/en-gb/trust-center
• Outage reporting: Since the solution is based on the Microsoft 365 platform, full relevant details can be found here - https://status.office365.com/

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Azure ID managed Identity with 2-factor authentication
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus. ; Information security based on • International Standard ISO27001 – Information Security Management System • International Standard ISO27002- Code of practice for Information Security Controls • EU General Data Protection Regulation • UK Data Protection Act 2018 • Compliance with other appropriate UK and International Legislation as appropriate.
• Information security policies and processes: Our CTO is our DPO and is for responsible for IT security, and for implementing our information security policy. Our CEO is responsible for implementing our Business continuity plan. We follow industry recognised threat and risk assessment methodologies and undertake risk assessments as necessary, at a minimum annually for the overall organisation. Risk Assessment tools include but are not limited to – • Risk Register • DPIA (Data Privacy Impact Assessment) We base our information security policy on the recognised industry standards and laws applicable to Addin365’s information assets as follows: • International Standard ISO27001 – Information Security Management System • International Standard ISO27002- Code of practice for Information Security Controls • EU General Data Protection Regulation • UK Data Protection Act 2018 • Cyber Essentials • Compliance with other appropriate UK and International Legislation as appropriate. We are Cyber essentials plus accredited. We update our information security policy annually, and ensure all contents are communicated to staff, and that staff receive adequate awareness training at hire and at least annually. Staff have to acknowledge that they have read and understood our information security policies and procedures.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes that could transform, alter, or modify the operating environment or standard operating procedures of any system or service that has the potential to affect the stability and reliability of the infrastructure or disrupt the business shall be carried out through a formal change control process and supporting business justifications are documented. The CTO (Chief Technical Officer) is responsible for change management of all Addin365 systems.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We only use platforms which are SaaS so do not have an operational requirement to do operating system and firmware patch management. The Addin365 software development process includes a gated ring deployment config which includes a pipe step for vulnerability discovery and remediation.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We are Cyber Essentials Plus accredited. We have effective controls to both prevent and detect the execution of malicious application code that could impact the confidentiality, integrity, or availability of Addin365 capabilities. Controls are implemented to prevent, detect, and remove malicious code from business systems and applications. Anti-virus/Anti-malware/Anti-ransomware software is installed and running on all of Addin365 computing assets. Email messages and attachments are scanned for viruses and other malicious code prior to being accessed by staff. Unauthorised software is not accessed or installed on Addin365 systems or devices by any member of staff.
• Incident management type: Supplier-defined controls
• Incident management approach: Addin365 will ensure information security incidents are identified, managed, and reported in an effective manner to protect the confidentiality, integrity, and availability of Addin365 capabilities. This is supported by the following policy, procedure and supporting documents – Breach/Incident Procedure Subject Access Request Procedure Risk Register Data Protection Policy

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Tackling economic inequality
  • Equal opportunity

  Tackling economic inequality

  Addin365 regularly donate to the Watford foodbank. The Watford Foodbank is part of the Trussell Trust network, which distributed 3 million food parcels from April 2022 to March 2023, a 37% increase from the previous year. Addin365 is one of the largest donors to Watford Foodbank. Our regular foodbank donations, totalling 1,500kg (Feb 2024) of food, have directly stopped people from going hungry. The Watford Foodbank is providing an important community contribution and helping many people in need. Addin365 believe everyone's needs should be met and that is why helping the Watford foodbank is important to us.

  Equal opportunity

  Despite the fact that only 26% of the UK tech workforce are women, according to the Women in Tech Survey 2023, we are determined to change this. Our social impact strategy includes support initiatives that empower women to enter and thrive in the tech industry. From early career days for female graduates to back to work programmes for new mothers and guidance for female entrepreneurs seeking funding for growth, we are actively working to create a more inclusive and equitable tech industry. At Addin365 we are looking to make a difference through multiple avenues. We participated in a roundtable hosted by WM People focusing on foregrounding best practice in SME recruitment and retention. This event was a valuable opportunity to learn from other SME leaders and to contribute to the ongoing conversation on how to create a more sustainable, inclusive and innovative SME sector. We were also a speaker at the "Scaling Up Your Business and Exercising a High Growth Mindset" event. Our CEO, Suzy Dean had the privilege of sharing her knowledge and experience with entrepreneurs, especially women, as to how to scale their businesses. We were also able to provide a portion of the tickets for this event to Everywoman, whose mission is to contribute to a more diverse, energised and profitable tech sector. We have also participated in STEM events, and were able to sponsor the Everywoman Tech Forum Early Careers Day and share our insights and experiences with aspiring female STEM graduates.

Pricing

• Price: £1,100 to £5,500 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@addin365.com. Tell them what format you need. It will help if you say what assistive technology you use.