Microsoft CSP for Azure and Microsoft 365

As a Microsoft Azure CSP we are responsible for customer support, meaning customers can rely on us to manage Azure workloads and solve technical problems. Services available: Compute, Networking, Storage, Containers, Data Analytics, Security and Identity and Microsoft 365.


  • File storage and sharing with 1TB storage/user
  • Business class email, calendar and contacts with a 50GB inbox
  • Unlimited online meetings, IM and HD video conferencing
  • Enterprise management of apps with Group policy
  • Word, Excel, Powerpoint, Outlook, Publisher and OneNote
  • Azure Compute, Networking and Storage
  • Azure Security and Identity
  • Azure Data Analytics and Enterprise Integration
  • ExpressRoute


  • Collaborative working across your organisation
  • Familiar using experience
  • Truly mobile working solutions
  • Always up to date
  • Return on investment
  • Secure online storage


£0.17 a licence

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 7 0 3 0 4 5 2 6 4 6 0 9 2 8


Telephone: 0333 335 5352

Service scope

Service constraints
System requirements
  • Compatible Web Browser
  • Internet Connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
Primary support hours are Monday-Friday, 9am-5.30pm, where we respond to tickets within 1 hour. Out of hours support is available for emergencies.
User can manage status and priority of support tickets
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
We provide support for all queries between the hours of 9am - 5.30pm, Monday-Friday, but offer a 24hr service for emergencies.
Support available to third parties

Onboarding and offboarding

Getting started
During setup we work with the key stakeholders to ensure they have a full working knowledge of the system.
Service documentation
End-of-contract data extraction
Data can be extracted/downloaded at any time and for any reason without any assistance from Microsoft. Exchange Online data, including emails, calendar appointments, contacts, and tasks, can be downloaded to a local computer by any end user at any time via the Import and Export wizards. SharePoint Online documents can be downloaded at any time from the workspace into your local computer.
End-of-contract process
Provide 30 days written notice of your intent to cancel, and we will stop providing the service from that date.

Using the service

Web browser interface
Using the web interface
An online portal is available for the provision of Microsoft Licensing. All Microsoft Services are managed through the Azure & Microsoft 365 online admin centres.
Web interface accessibility standard
None or don’t know
How the web interface is accessible
The web interface is compatible with standard Windows accessibility options.
Web interface accessibility testing
Command line interface


Scaling available
Scaling type
Independence of resources
Microsoft Azure and Office365 are highly available and easily scalable with high capacity for a large numbers of users.
Usage notifications
Usage reporting


Infrastructure or application metrics


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Staff screening not performed
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Microsoft's Service Level Agreement (SLA) can be found here:
Approach to resilience
Delivering services at huge scale requires a radically different approach to designing, building, deploying and operating data centers. When software applications are built as distributed systems, every aspect of the physical environment — from the server design to the building itself — creates an opportunity to drive systems integration for greater reliability, scalability, efficiency and sustainability
Outage reporting
Microsoft provide a public dashboard, and also send E-mail alerts to the tenant administrator(s).

Identity and authentication

User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Can be detailed on request.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
Less than 1 month

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
We work towards an ISO/IEC 27001 standard.
Information security policies and processes
Can be provided on request.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
The change management approach is managed by Microsoft directly.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The vulnerability and management process is managed by Microsoft.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
The monitoring is performed by Microsoft, and reported to a public online dashboard.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Can be detailed on request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Virtualisation technologies used
Other virtualisation technology used
Microsoft Azure Hypervisor
How shared infrastructure is kept separate
Microsoft cloud services, including Office 365, were designed with the assumption that all tenants are potentially hostile to all other tenants. Thus, multiple forms of protection have been implemented throughout Office 365 to prevent customers from compromising Office 365 services or applications, or gaining unauthorized access to the information of other tenants or the Office 365 system itself.

Energy efficiency

Energy-efficient datacentres
Description of energy efficient datacentres
Details on Microsoft's Datacentre's can be found here:

Social Value

Covid-19 recovery

Covid-19 recovery

During the beginning of the Covid-19 pandemic, we provided discounted IT Consultancy Services to a number of local businesses who required assistance in preparing and setting up for remote working, to help ensure they could continue operating during such difficult times.


£0.17 a licence
Discount for educational organisations
Free trial available
Description of free trial
We can provide a free trial of the service as a proof of concept.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.