Creative Networks

Microsoft 365 Support

As a Silver Partner with Microsoft, we provide installation, management and fixes for Microsoft 365. Our service includes incident management/change management/proactive support/License Optimisation/Health Check. This service follows the processes of the ITIL framework and ISO 20000 standard and is aligned to security management regarding the ISO 27001 standard/Cyber Essentials.

Features

• Microsoft 365 Apps for enterprise (Word/PowerPoint/Excel/Outlook/Teams).
• Microsoft 365 Groups to enhance discoverability and sharing.
• Advanced compliance tools, including rights management services and information protection.
• Microsoft Power Apps (Microsoft 365/Office 365/Dynamics CRM/OneDrive/SharePoint/SQL Server).
• Tools to support compliance, information protection, priavcy, EDRM and GDPR.
• Enterprise Mobility, MDM and Cyber Security Solutions.

Benefits

• Collaborate and communicate securely across many devices.
• Unifying digital content creation, storage, and management.
• Build, integrate, and share apps that work on any device.
• Automate workflows across applications.
• Microsoft 365 offers Rapid Elasticity and scalability.
• Robust security and reliability.

£4.90 to £18.10 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aj@creative-n.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

963593448413020

Contact

Azeem Javed
03303337337
aj@creative-n.com

Service scope

• Service constraints: Planned maintenance. The Service Descriptions from Mircosoft are available at https://technet.microsoft.com/en-us/library/office-365-service-descriptions.aspx
• System requirements: Microsoft Licencing

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 08:30 - 18:00 Weekdays, excluding Bank Holidays. Out of hours support available where necessary. 30 minutes to 8 hour response dependent on priority call, P1 - 30 mins, P2 - 1 hour, P3 - 4 hours, and P4 - 8 hours. Performance in 2021 included an average call wait time of 8 seconds and 90% of tickets being resolved within one day.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: No web chat testing has been done with assistive technology users by Creative Networks.
• Onsite support: Onsite support
• Support levels: End-user support and training can be provided at an ad hoc cost. We provide a UK based Service Desk for support. Out of hours support is available. Additional support can be provided from our satellite office in Nottingham. Our helpdesk is made up of 1st line, 2nd and 3rd Line technical expertise. A Technical Account Manager will be assigned as standard as a part of our standard and premium IT Support, see our pricing schedule and SFIA Rate Card for details.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Creative Network's provide onsite and remote training, awareness support and user documentation. This service helps organisations to increase their employee’s digital skills to support transformation programmes. Delivered by certified trainers across a wide variety of engagement channels, this service increases technical and end user skills driving the successful adoption of systems. Creative Network's can provide a digital skills gap analysis and training needs assessment and provide performance and adoption metrics throughout the contract.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Exported upon request. Contact the Support Helpdesk or Technical Account Manager.
• End-of-contract process: At the end of the contract services will continue on a rolling 30 day agreement until either party serves notice. If it is decided the client will exit, Creative Networks will assist in transitioning and migration of services ensuring continuity and a smooth handover. We will, where applicable deliver an Exit Plan which sets out the proposed methodology for achieving an orderly transition of Services on the expiry or termination of the contract. The Exit Plan will contain at minimum: Separate mechanisms for dealing with Ordinary Exit and Emergency Exit. The management structure to be employed during both transfer and cessation of the services and a detailed description of both the transfer and cessation processes, including a timetable. Document how the Services will transfer including details of the processes, documentation, data transfer, systems migration, security and the segregation of technology components. Specify the scope of the Termination Services that may be required and any charges that would be payable for the provision of such Termination Services and detail how such services would be provided. Provide a timetable and identify critical issues and set out the management structure to be put in place and employed during the Termination Assistance Period.

Using the service

• Web browser interface: Yes
• Using the web interface: Self-service portal with consultative assistance.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Basic tests only using Microsofts built in accessibility tools.
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: One of the primary benefits of cloud computing is concept of a shared, common infrastructure across numerous customers simultaneously, leading to economies of scale. This concept is called multi-tenancy. Microsoft works continuously to ensure that the multi-tenant architectures of our cloud services support enterprise-level security, confidentiality, privacy, integrity, and availability standards.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: No

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• Backup controls: Backups can be scheduled by contacting the support team.
• Datacentre setup: Single datacentre with multiple copies
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: All service level agreements are as per the ones supplied by Microsoft, and published by them.
• Approach to resilience: Hosted by Microsoft Amazby Web Servico, they have multiple locations and replication
• Outage reporting: Website Updates.; Email alerts.

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Supplier defined controls.
• Access restriction testing frequency: Less than once a year
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Comply with ISO/IEC 27001 standard, certification in progress.
• Information security policies and processes: We recognise the value of information and privacy and have therefore implemented an information security management system to control all our efforts towards information security in line with the ISO 27001 Standard. We have in place several policies and processes including, but not limited to our, Access Control Policy, Back-up Policy, Password Policy, and Supplier Relationship Policy. More information is available on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Creative Network's have in place a Change Management Process that follows the ISO 20000 Standard. A change is proposed with the Change Manager and then added to the Changes-overview. The change is scheduled to be executed and a roll back plan is created (if necessary). Rollback is actioned immediately upon confirmation as per following the rollback matrix, resources are freed and announcements are published. Periodically, the overview of archived changes is checked.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Creative Network's have a Vulnerability Management process that implements the following: Receives information about zero day threats from the National Cyber Security Center; subscribe to newsletters from vendors and used products, in contact with special interest groups; Technical vulnerabilities are handled either using the Incident management process or the Change management process; Patches are tested following the Installation of software on operational systems.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All devices have a monitoring agent on them which can identify potential issues and report back to our service desk. If an issue is identified we have an internal 4 hour SLA to ensure remedial actions are carried asap, the seriousness of an incident will be assessed on discovery so that any priority issues can be responded to quickly.
• Incident management type: Supplier-defined controls
• Incident management approach: Fully developed Business Continuity and Disaster Recovery management process developed in line with ISO 22301. Creative Network's have a pre-defined Incident Management Process in place where by an incident is reported with the Incident Manager and then added to the Incidents-overview. After which, relevant log files (from all systems affected) and evidence is gathered. The incident is corrected by implementing a patch, temporary fix or workaround. It is determine whether future occurrences of the incident can be prevented, e.g. by modifying/strengthening one or more controls. Periodically, the overview of archived incidents is checked for apparent trends and effectivity of corrections.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: Hyper V
• How shared infrastructure is kept separate: Separated by Microsoft.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: Our Data Centre follows the ISO 14001 standard. We have in place a robust environmental management system ; • Procuring consumed energy from sustainable energy sources wherever possible

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Covid-19 recovery

  Efficient support aids Covid-19 recovery by facilitating remote work, enabling businesses to adapt and thrive amidst the pandemic.

  Equal opportunity

  Office 365 Support offers equal opportunity through accessible assistance regardless of location or background, our service helps tackle economic inequality.

  Wellbeing

  Office 365 Support contributes significantly to wellbeing by ensuring users can navigate digital work environments with ease and confidence. Swift issue resolution and access to resources reduce stress and frustration, promoting mental health.

Pricing

• Price: £4.90 to £18.10 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Please contact Hello@creative-n.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aj@creative-n.com. Tell them what format you need. It will help if you say what assistive technology you use.