Digital Workplace Online
Service description valid from 1.12.2022
The user services are delivered as named individual services or as packages consisting of several of the named services, in accordance with the Cloud Agreement's Appendix 1: «Prices and scope» or SSA-D appendices.
All services described here are provided in accordance with the terms of the following documents as published on the Supplier's website:
• Digital Workplace General Terms and Conditions
• Security SLA for Braathe Gruppen Services
• Service description Support
• Backup Policy
The user services in this Service Description are covered by Proactive Operational Services and Reactive Support Services, as described in more detail in the Service Description "Support", unless exceptions or additions have been made for the individual sub-services.
The customer can purchase Microsoft Online licenses as a pure purchase of goods. This applies to Microsoft 365 and Office 365 license-based products and services, as well as selected Microsoft Azure products and services.
SLA Point | SLA Value |
Basic establishment of O365 and Azure Tenant | Included in the Establishment Fee |
Standard storage location for new O365 Tenant | Norway1 |
Establishment of O365 Subscription and licenses | Included in the Establishment Fee |
Setup of administrative accounts for the Customer's Tenant with MFA | Up to 5 administrative accounts for the customer's users included in the Establishment Fee |
Support regarding errors in Tenant and Subscription | Including |
1 Data storage in accordance with Microsoft's current Service Description
Assistance regarding configuration, setup, use and troubleshooting of O365 services can be provided according to Service description "Hourly-based consulting services".
Managed Microsoft 365 provides the Customer with a Microsoft 365 Online presence with setup, operation and administration, as well as the Provider's user support for Microsoft Cloud services. Managed Microsoft 365 is delivered in two main packages and as selected individual services:
SLA Operation and Administration | SLA Value |
Microsoft 365 server services and data storage from Microsoft Nettsky | Ja |
Standard storage location for new O365 Tenant | Norway1 |
Free operation and administration of Microsoft Online Core Services | Including |
Backup of Exchange Online mailboxes, SharePoint Online and OneDrive | According to section Microsoft 365 Backup in the Provider's Backup Policy published online |
Free correction of errors that occur on Core Services that are in operation | Ja |
Free Reactive user support on the services, up to 30 minutes per. inquiry | Ja |
1 Countries may differ. Data storage in accordance with Microsoft's current Service Description
SLA Point | SLA Value |
Requirements for multifactor authentication (MFA), for users, guest users and administrators | Ja |
Microsoft 365 online services are protected with relevant security settings according to documentation for Microsoft's "Best Practice" | Ja |
Built-in antispam and antimalware features in the license are enabled | Ja |
Microsoft Purview Standard unified audit logging enabled, 90 days land history | Ja |
Microsoft Purview land surveys and reporting. Up to 30 minutes per inquiry included | Ja |
DKIM verification of mail sender domain activated | Ja |
When blocking the sending of e-mails to the user, the Supplier is notified1 | Ja |
In the event of a block for sending e-mails to the customer's tenant, the Supplier is notified1 | Ja |
SharePoint Online: Sharing is limited to new and existing guest users. All users can share2 | Ja |
Group with permission to invite guest users (Azure Portal) Default all users | Ja |
Access to the Customer's Azure portal is restricted to administrator accounts | Ja |
1Microsoft blocks the sending of e-mail when system limits are exceeded
2The sharing policy can be changed upon written request from the Customer to support@braathe.no
The following Microsoft online services are considered Core Services with respect to the Supplier's SLA:
The supplier must have good expertise in the above-mentioned Core Services.
Core services include free administration, operation and error correction applicable to the Manufacturer's online services and relevant to the subscription.
Inquiries regarding other Microsoft Online products, services and functions are supported according to the "Best effort" principle with 30 minutes of Reactive User Support. Further assistance in connection with such inquiries can be provided in accordance with the Service description "Hourly-based Consulting Services".
The following establishment is included in the establishment fee for the Service:
* The supplier sends out necessary list templates
365 Arbeitsplass Service packages are delivered in the following variants:
Additional functionality to the packages can be provided under conditions as stated above in Part 2: Managed Microsoft 365.
365 Workplace Business Premium, E3 and E5 provide the Customer with a full-fledged solution for the users' PC-based workplaces. The packages include licensing, setup, operation, and management of Microsoft 365 presence, as well as setup, operation, administration, security features, and user support related to users' PCs and mobile devices.
365 Workplace F3 provides the Customer with a full-fledged online Microsoft 365 solution. 365 Workplace F3 includes online editions of Microsoft 365 Apps. For packages based on the MS 365 F series, the service does not include support on endpoints, only limited basic operation of mobile devices (Tablets and mobile phones).
For the Online packages, data and server services are delivered from Microsoft's data centres.
Package | Business Online | E3 Security Online | E5 High Security Online | F3 Online |
Basic license1 | MS 365 BP | MS 365 E3 | MS 365 E5 | MS 365 F3 |
cisco umbrella | X | X | ||
Operation SLA | 365 Workplace | 365 Workplace | 365 Workplace | 365 Workplace2 |
Security Baseline | Ja | Ja | Ja | Ja |
Power BI Pro | X |
1See the Microsoft website for detailed functionality and content in the license and services from the manufacturer
2For packages based on the MS 365 F series, the service does not include operation and support for endpoints, only limited basic operation of mobile devices based on MAM (Tablets and mobile phones).
365 Arbeitsplass is delivered either as stand-alone service packages, or as part of BRA Complete packages. The packages include licenses for software as specified later in this Service Description, as well as services as defined under the SLA section.
The packages include licenses and access to server software operated from Microsoft's cloud.
1Applies to customers with services in accordance with «Digital Workplace from the Supplier's Data Center»
2See the Provider's "Backup Policy" as published on their website
3For packages based on the MS 365 F series, the service does not include support on endpoints, only limited basic operation of mobile devices (Tablets and mobile phones).
Security SLA service levels are indicated with overall description below. Security SLA levels leverage functionality included in licensed Microsoft services and products. Security is put in focus at the same time that users are given a good experience. A more detailed technical description of settings can be sent to the customer on request. The technical basis is subject to continuous updating in line with changes in the products and the Manufacturer's "Best Practice".
Security SLA for 365 Workplace | F3 | Business | E3 Security | E5 Security |
---|---|---|---|---|
All settings from «Managed O365 security SLA» | X | X | X | X |
Microsoft Security Baseline enabled (see separate section below) | X | X | X | |
CYBR Online security training for users | X | X | X | X |
Conditional access to the customer's online business data (conditional access) | X | X | X | X |
Configuration of compliance requirements for Windows and Mac endpoints for access to Microsoft online services1 | X | X | X | |
Mobile Application Management enabled for Android and iOS (see section below) | X | X | X | X |
Deviation notification regarding the user's compliance with the Endpoint Manager policy is sent to the user | X | X | X | |
Operation of Microsoft Defender Antivirus as included in the operating system and license. | X | X | X | |
Operation of Microsoft Defender for Endpoint as included in the MS 365 license. Including health monitoring of updates and signature files. Deviation messages to the user in the event of an incident.2 | BP | P1 | P2 | |
Configuration of Windows Update for continuous updating of cumulative updates of the Windows Operating System.3 | X | X | X | |
Operation and maintenance of Microsoft Endpoint Manager (Intune) for Windows | X | X | X | |
Installation and operation of Cisco Umbrella | X | X | ||
1 hour of annual security advice and review of the Customer's Microsoft Secure Score. Carried out at the Customer's request. | X | X | X | |
Enabling Microsoft standard configuration of Office Message Encryption service (OME) and Azure Information Protection (AIP) | X | X | X | X |
Operation of risk-based access control | X | |||
Compliance monitoring of risk-based conditional access, from registered units | X |
1 The compliance requirement can be adjusted for the Customer's solution on request. May be necessary if the Customer's equipment or software installations cannot satisfy compliance rules.
2Notifications of discrepancies can also be sent to the Customer's system manager. Notification setup is done on request support@braathe.no
3Does not apply to upgrading to new major versions of the operating system. The supplier can assist with upgrading main versions such as Hourly Consulting Assignments
The following Microsoft and other online services are considered Core Services with respect to Supplier's SLA:
The supplier must have good expertise in the above-mentioned Core Services.
Core services include free administration, operation and debugging for online services. Inquiries regarding other Microsoft Online services and functions are supported according to the "Best Effort" principle within Reactive User Support, or as a consulting service according to the Service Description "Hourly Based Consulting Services".
The supplier uses the Microsoft Security Baseline to set security settings for the Customer based on functionality found in the Customer's licenses. Security Baseline represents Microsoft's "Best Practice" for security and is a comprehensive set of settings and system requirements that together reduce the risk of security breaches.
The supplier also makes its own adaptations and adjustments to settings to make the setup and use of devices as user-friendly as possible and at the same time secure.
Microsoft regularly releases new Security Baselines. These will be reviewed and tested by the Supplier at launch and gradually rolled out to Customers if necessary. If the new Security Baseline leads to significant changes in the use of the systems, the Supplier will notify the Customer in a reasonable time before rollout.
Access to CYBR AS online learning platform for digital security is included for all users of 365 Arbeidsplass. The platform uses the latest generation of AI to create training and training runs. Users get the opportunity to increase their awareness of cyber security and gain knowledge about how attacks often take place and how to protect themselves and their organisation. The portal is continuously updated with new material and the content can also be adapted to your business on request. Customer-specific adaptations are delivered as hourly consulting services.
Activation of the CYBR subscription for the Customer can be done by contacting the Customer's Sales Manager contact at the Supplier.
Establishment as specified in the section «Managed Microsoft 365 establishment». Plus:
365 Workplace services are delivered with the Supplier's standard configuration of MAM included. MAM provides control, security and protection of the organisation's company data stored on Android and IOS devices based on central policy. Policy will be set as standard for all the Customer's users. The supplier recommends MAM as the minimum security level for IOS and Android devices. The Standard Policy can be sent on request.
The customer can request that the MAM Policy be adjusted, or that MAM be turned off in its entirety, based on a written request from the Customer's Contract Manager.
Mobile Device Management functionality is included in Microsoft Endpoint Manager licenses as part of Microsoft 365 packages. (Feature level depending on license package). License applies to up to 5 mobile phones and tablet devices per User. MDM gives the organization strengthened security, management and control with Mobile devices that access company data. Setup of MDM as an addition or alternative to MAM can be carried out at the Customer's request as an Hourly Consulting Service.
The supplier recommends the use of MDM for securing the organisation's mobile devices and tablets.
The best user experience will be achieved using the Supplier's standard client models with Windows 10 Pro/Windows 11 Pro or later versions. The supplier's possibilities for assistance, user support and repair times may be affected by the actual conditions surrounding third-party products and suppliers.
We advise against the use of devices older than 4 years, as this will lead to limitations in security, performance, functionality and compatibility.
Windows Home Edition is not supported and cannot be used in connection with the Supplier's services for the operation and administration of PC clients.
365 Workplace does not include the following additional work:
The solution requires that business information is stored in the Supplier's or Microsoft's data centers based on which 365 Workplace option is used. Users who store business information, private information or other personal data only locally on the client device, or in areas not covered by the service, are themselves responsible for securing such data.
As part of error correction procedures, virus removal and other situations, the Supplier reserves the right to delete and reset user devices to factory settings. Before deletion of data is implemented by the Supplier, the User must be notified. Work with securing data on devices in connection with error correction is not included in the service, but can be carried out as an hourly consulting service. This also applies to assistance in connection with the installation of applications that are not part of the service for distribution from the Supplier.
365 Workplace includes licenses and operation of necessary tools. The supplier chooses tools to be able to deliver according to the agreement's intentions. The tools can be included with the client or be third-party tools.
Changes December 2022
This version of the Service Description reflects a comprehensive update and upgrade of the 365 Workplace services. Some of the changes and improvements are listed here: