NOT PROTECTIVELY MARKED
E-Mail as a Service
GCloud 4
Version: 1, Issue Date: 19 September 2013
NOT PROTECTIVELY MARKED
NOT PROTECTIVELY MARKED
ii
© Capita Secure Information Solutions Ltd 2016.
Other than for the sole purpose of evaluating this Service Description, no part of this material may be reproduced or transmitted in any
form, or by any means, electronic, mechanical, photocopied, recorded or otherwise or stored in any retrieval system of any nature
without the written permission of Capita Secure Information Solutions Ltd.
Capita Secure Information Solutions Ltd, Methuen Park, Bath Road, Chippenham, Wilts SN14 0TW
Telephone: 08456 041999, Fax: 08456 042999
Registered Office: 17 Rochester Row, London, SW1P 1QT. Registered in England No. 1593831 Vat Reg No. GB 618 1841 40
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
1
Contents
1
Overview .................................................................................................................... 2
2
Description ................................................................................................................ 2
3
Example use cases ................................................................................................... 2
4
Product features ....................................................................................................... 3
5
Pricing ........................................................................................................................ 3
6
Technical features .................................................................................................... 5
7
Backup / Recovery & Disaster Recovery ............................................................... 6
8
Information assurance: Impact Level (IL) at which the G-Cloud Service is
accredited to hold and process information ......................................................... 6
9
On-boarding and off-boarding ................................................................................ 6
10
Service options ......................................................................................................... 6
11
Service management ................................................................................................ 7
12
Service levels ............................................................................................................ 7
13
Service constraints................................................................................................... 8
14
Training ...................................................................................................................... 8
15
Ordering and invoicing ............................................................................................ 9
16
Service lead time ...................................................................................................... 9
17
Termination ............................................................................................................... 9
18
Data restoration / service migration ....................................................................... 9
19
Consumer responsibilities....................................................................................... 9
20
Technical requirements ........................................................................................... 9
21
Trial service ............................................................................................................. 10
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
1
2
Overview
Email and Collaboration as a Service helps organisations and end users work in a secure, efficient
and effective manner by providing a range of productivity tools including email, calendaring and
tasks. A “Briefcase” provides organisations with a solution for creating a centralised repository to
manage and share documents and information with colleagues.
The Capita Email and Collaboration as a Service reduces the cost of deploying and managing
enterprise email systems, delivering improved availability, productivity and reduced total cost of
ownership, and is accessible through a range of popular applications and mobile devices.
Capita have achieved Pan Government Accreditation for both IL2 and IL3 data for this service,
meaning that a significant proportion of assurance has already been completed thus allowing
Public Sector Organisations to gain the benefits of secure, purpose built, on-demand compute
resources that meet their stringent requirements, all on a true utility (pay for what you use)
consumption model.
1.1
Highlights
 Pan Government Accredited - Suitable for IL0, IL1, IL2 and IL3 data.
 Exceptional value – lowest cost IL3 mailboxes (from £3.25 per user per month at scale)
 Immediately available at all impact levels – zero delay to your project.
 No frills – focussed on core messaging and collaboration features
 All datacentres are highly resilient, Tier3 and UK sovereign with >50 miles separation.
 Connectivity via the Internet or a government secure networks (e.g. PSN, GSI, etc.) or your
own dedicated circuits such as Xcryptors, CPA, Leased Lines, MPLS, etc.
2
Description
Using either a web browser, an email client or a mobile device, individuals can access their own
personal and group mail boxes simply and easily with either little or no set up needed.
 Capita manages the underlying infrastructure and application.
 The Client organisation is responsible for administration of their end-users and devices /
client applications.
 The Service is offered as a secure multi-tenanted solution.
Capita’s service has been designed specifically of for the UK public sector, and is available only to
the UK public sector. The service supports and complies with all relevant areas of the Government
ICT Strategy and Information Principles for the UK Public Sector. Capita’s datacentres are some of
the most energy efficient in the world and as such support the Greening Government ICT Strategy
in full.
3
Example use cases
 Organisations wanting to reduce costs both in terms of licensing and management without
compromising on features or customisations associated with other multi-tenanted solutions.
 Organisations requiring centralised data that is accessible in a secure manner by a range of
individuals across a number of devices.
 End users requiring greater functionality and collaborative tools to improve their working
productivity.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
4
3
Product features
Email and Collaboration as a Service offers the following features:
 Email & Calendaring – An email and calendaring service that delivers a range of capabilities,
accessible via the internet or government secure network, from mobile devices or through a
number of client based applications (Microsoft Outlook etc.).
 Contacts and addresses – a centralised repository delivering rich functionality.
 Archive – stored based on company or individual user requirements (optional).
 Briefcase – document storage and sharing gives the ability for organisations to store and
access content in one centralised location. Fully configurable, it allows users to create
folders, access rights, document check in / out and version control.
 Access Anywhere – access the service (Impact Level dependant) via web, mobile devices or
through a number of client based applications.
 Social – supports integration with a wide range of social networking and collaboration tools, if
desired.
 Assured Security – the platform is hosted in highly resilient Tier3, UK sovereign data centres
and can benefit from QinetiQ’s Protective Monitoring solution. Compute as a Service
provides an accredited, secure and highly scalable compute platform which offers the
following benefits:
 Already Pan Government Accredited to IL2 and IL3 – Organisations gain significant
advantages in terms of costs, time and effort compared with how systems and platforms
were built in the past.
 Expedites your project – no need to wait for infrastructure and deployment teams – new
mailboxes are provisioned quickly via an easy-to-use self-service portal.
 Assured Security – the platform is Pan Government Accredited at both IL2 & IL3, hosted in
highly resilient Tier3, UK sovereign data centres and benefits from QinetiQ’s Protective
Monitoring solution at IL3.
 Green – the Capita service is based in UK data centres which offer market leading efficiency
around power and cooling. A Capita solution will generate less Carbon than many other
solutions.
The service is billed on the basis of the resources used or reserved during a period of time (1
month minimum) based on metrics including number of mailboxes, mailbox size (mailbox and
archive) and bandwidth.
5
Pricing
IL0
IL2
IL3
G4: <499 Mailboxes
£5.50
£6.05
£6.60
G4: 500-999 Mailboxes
£5.23
£5.78
£6.33
G4: 1000-2499 Mailboxes
£4.68
£5.23
£5.78
G4: 2500-4999 Mailboxes
£4.40
£4.68
£4.95
G4: 5000-9999 Mailboxes
£3.85
£3.85
£4.13
G4: 10000+ Mailboxes
£3.58
£3.58
£3.58
Additional Mailbox storage
(per GB per Month)
£1.10
£1.10
£1.10
Archive Storage (per GB per
Month)
£0.33
£0.37
£0.41
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
4
The pricing in the above table is based on GBP (£) per user per month (part month charged as a
whole month).
Connectivity Options
Option
Notes
Price
Internet
Inbound Data Transfer
£0.00p per GB
Outbound Data Transfer
£0.132p per GB
Dedicated Leased
Lines
Leased line to be ordered and managed by the
Consumer directly with a Capita approved Telco.
Connection terminated on a Capita router.
Per Data Centre Charge:
£2,200 one off setup charge
No recurring charge
IL3 VPN Solutions
CAPS approved or appropriate CPA assured solutions
to be ordered and managed by the Consumer directly,
requiring VPN devices to be hosted within the Capita
data centre(s)
Per Data Centre Charge:
£2,200 one off setup charge
£550 per month
Colocation of
equipment
See specific Service Description
See specific Service Description
Data ingestion and extraction
In some circumstances, Capita can help facilitate the bulk import or export of mailboxes and
associated data to/from the platform. This service option is priced on a time and materials basis
form the Capita SFIA rate card.
All pricing is exclusive of VAT.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
6
5
Technical features
Email and Collaboration as a Service has the following technical features all available as standard:
 Email including calendaring and tasks
o Fully featured email, calendar, address book, tasks and file collaboration.
o 1GB mailboxes (optional unlimited Archive available).Supports Secure POP3,
IMAP4, MAPI and SMTP access using TLS/SSL encryption.
o Access: available using either client based software (VMware Zimbra Desktop,
Microsoft Outlook) or through common web browsers.
o Support for a variety of mobile devices (Apple iPhone, Android and Windows Mobile
via ActiveSync / Direct Push).
o Global address lists and third party application extension capabilities.
o Message size limits (max attachment size): 25MB.
 Security
o Encrypted client connectivity using FIPS 140-2.
o S/MIME for digital signatures and email encryption.
o Configurable administration rights.
o Admin activity audit trail.
o Access controls for application and data sharing.
o Complex password policy.
o Single sign-on support.
o Integrated spam and virus protection.
 Mobility Security
o Supports corporate security policies on supported devices that mobile devices must
accept to receive and store company data / communications such as;

Force PIN security on device.

Require alpha-numeric password for device.

Automatic device wipe.

Auto device lock.
 Briefcase - Document Storing / Sharing
o A central repository to store and manage documents and files.
o Set access roles and responsibilities per user or group on either folders or
documents.
o Create document versioning and approval workflows to improve data integrity and
collaboration.
 Archiving
o The service can include integrated archiving and discovery as a chargeable option.
This can be enabled for all or selected users and copies every message (sent and
received) into an archive mailbox. Cross mailbox search (discovery) of items is
supported in the web admin client.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
7
6
Backup / Recovery & Disaster Recovery
The service is deployed across multiple sites to provide a degree of service continuity in the event
of a disaster.
The service is also backed up on a daily basis.
As standard, the service offers a 'Dumpster' folder, which retains items (messages, appointments
etc) which have been deleted by a user from their mailbox and the Trash folder for 30 days. If the
deletion turns out to be accidental, the user can recover the message(s) themselves.
8
Information assurance: Impact Level (IL) at which the G-Cloud
Service is accredited to hold and process information
Compute as a Service has achieved Pan Government Accreditation (PGA) for data at Impact Level
2 and Impact Level 3.
 Suitable for IL0, IL1, IL2 and IL3 data. In addition to PGA for IL2 and IL3, Capita also hold
independent ISO9000, ISO20000 and ISO27001 accreditations which underpin our business
operations and Cloud Platform.
 All datacentres are highly resilient Tier3, UK sovereign and separated by >50 miles for
geographical diversity.
 Capita staff are Security Cleared and based in the UK
9
On-boarding and off-boarding
9.1
On-boarding
Within 10 days of acceptance of an order, Capita will create the Consumers Primary Administrator
account and send the consumer a Welcome Pack which includes the URL for the Capita Customer
Portal, mailbox services and associated authentication details.
The Consumers Administrator is then able to create additional user accounts and allocate roles
and privileges for users within their project. Each user can then simply log on and begin using the
service.
The Administrator is also able to set policies, create user accounts and allocate roles and privileges
for users within their organisation. Capita provide tools to assist Administrators migrate data from
popular existing environments.
Set up of Client based software or mobile devices may be required dependant on the chosen
access methods.
10
Service options
A summary of the Service Options is below:
Service Level Agreement
99.99%
Antivirus, Malware & Spam protection
Web Level AV included
IL3 Content Inspection available
Multi-site Resilience
Yes
Backup
Daily
Archiving
Optional Cost per GB
Relays available as standard
GSI, Internet
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
QinetiQ Protective Monitoring
11
7
Included for IL3 IaaS
Service management
As a true Cloud service aligned to the NIST definition of SaaS, the service is designed to be self
managed via the secure online Capita portal (or API) which provides common Service
Management functionality and addresses standard requirements.
On rare occasions, Capita may decide to assign an experienced, qualified ITIL Service Delivery
Manager to some Consumers. In these cases, the SDM will provide additional assistance with
reporting, incident escalation and continual service improvement, at all times following Capita’s
ISO20000 certified ITIL-based process framework.
For Organisations that require more of a managed service, Capita work with a number of Partners
which have extensive capability to provide a Managed Service wrapper around the Capita SaaS.
Capita will be pleased to make an introduction where appropriate.
Capita may use MDS Technologies as a subcontractor. Other subcontracts can / may be used.
12
Service levels
Capita provide both an Availability SLA and Response Time SLA for the Compute as a Service for
Test & Development service as per the following table.
ENHANCED
Availability (monthly*)
99.99%
Incident response
P1 – within 15 minutes
P2 – within 4 hours
P3 – within 24 hours
P4 – within 72 hours
Incident update
P1 – hourly
P2 – every 2 hours
P3 – every 24 hours
P4 – every 24 hours
Communication1
P1/P2 Phone
P3/P4 Bespoke email
Capita customer support advisor
Incident review
Service credits
1
FAQs via online
portal
Incident Report
10% of monthly spend
Support emails can also be sent to a mailbox hosted outside of the Capita platform
* Availability indication based on an average 730hrs per month. Excludes planned & emergency
maintenance. Unavailability applies to existing mailboxes where the mailbox becomes
unresponsive due to a fault recognised at the SaaS layer or below:
 i.e. fault is not within the Consumers control (OS, Applications, user networks)
 fault is within Capita controlled components such as the messaging infrastructure, storage,
power and physical firewalls & routers etc.
 External connectivity providers (e.g. internet, PSN, GSi) and components collocated at
Capita are also not included in the availability calculation.
In addition, Capita also provide an Availability Service Level Target on the Capita Portal i.e. the
ability to log into the portal to create support tickets and use other functions.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
8
Target Availability (monthly*)
Client Portal Availability (monthly)
12.1
99.90%
Financial recompense model if service levels aren't met
If the service level falls below the stated availability percentage (excluding Planned and Emergency
maintenance periods), consumers will be eligible for service credits on affected VM’s only. Service
credits will be calculated as a percentage of the fees for the affected services for the monthly billing
period during which the failure occurred (to be applied at the end of the billing cycle).
Service Credits
13
Service Credit
Cap
5% of monthly spend per 5% below service
level target or part thereof
Up to 10% of monthly spend
Service constraints
 Message send limits: users can only send 30 emails in any one minute period.
 Minimum of 25 mailboxes per organisation required to initiate the service.
Capita will adhere to the following in terms of maintenance windows;
“Planned Maintenance” means any pre-planned maintenance of any infrastructure relating to the
Services. Capita shall provide the Client with at least twenty four (24) hours’ advance notice of any
such planned maintenance:
 Planned maintenance of Capita’s infrastructure relating to the Services shall happen
between the hours of 00:00 and 06:00 (UK local time) Monday to Sunday and/or between
the hours of 08:00 and 12:00 (UK local time) on a Saturday and/or Sunday. No planned
maintenance will take place on a Saturday unless agreed in advance by both parties;
 Planned Maintenance shall be excluded from any availability calculation in regard to service
credits but shall be included in the monthly service reporting;
“Emergency Maintenance” means any emergency maintenance of any of the infrastructure relating
to the Services. Whenever possible, Capita shall provide the Client with at least six (6) hours’
advance notice:
 Whenever possible Emergency Maintenance of Capita’s infrastructure will happen between
the hours of 00:00 and 06:00 (UK local time) Monday to Sunday and/or between the hours of
08:00 and 12:00 (UK local time)on Saturday and/or Sunday unless there is an identified and
demonstrable immediate risk to a Clients environment;
Emergency Maintenance shall be excluded from any availability calculation in regard to service
credits but shall be included in the monthly service reporting.
14
Training
Capita have created a number of videos, help guides, manuals and FAQs to help train and instruct
users so that are up and running quickly and easily.
Capita also have a number of Partners who are able to deliver additional services such as training,
support and managed services. Capita would be please to introduce you to such partners where
appropriate.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
15
9
Ordering and invoicing
Billing for the service is monthly in arrears.
Payment can be via Purchase Order and Direct Debit. Capita are preparing to be able to accept
Debit/Credit Card payments (e.g. Government Procurement Card) – please enquire at time of order
to check whether this is available.
16
Service lead time
Setting up a new organisation will typically be completed within 10 days from acceptance of order.
Shorter deployment times are typically achieved and can be prioritised upon request. Once set up
Organisations have instant access to additional compute and storage resources with no notice
period required as they manage this themselves.
17
Termination
17.1
Terms
At the point of termination, all consumer data, accounts and access will be permanently deleted,
and will not be able to be subsequently recovered or restored.
17.2
Costs
There are no termination costs for this Service. Consumers are responsible for extracting their own
data from the platform if required.
Capita may make an additional charge for transferring data out of the service.
18
Data restoration / service migration
In many circumstances, Capita can help facilitate a bulk migration to the platform using local data
import. This is priced on a time and materials basis form the Capita SFIA rate card.
19
Consumer responsibilities
The control and management of access and responsibilities for end users including appropriate
connectivity, security and accreditation if required. Where access is required over GSI or PSN, the
consumer is responsible for adhering to the Code of Connection.
Management and administration of layers above the SaaS (e.g. email applications, mobile devices,
etc).
As a core benefit of the Cloud Platform, consumers are expected to self-manage the environment
including provisioning mailboxes, user administration, AV, patching, etc.
Consumers must be aware of the variable nature of the billing based on usage.
The consumer is also responsible for ensuring only appropriate data (e.g. IL0-IL2 or IL3) is stored
and processed by applications on this environment and that they comply with the Capita Security
Operating Procedures (SyOps) and other information assurance requirements as specified in
Capita System Interconnect and Security Policy (SISP) and associated accreditation
documentation sets.
20
Technical requirements
Consumers will require appropriate network connectivity such as internet access (IL0-IL2) or
accredited connectivity such as a government secure network (IL3) to the Capita Cloud Platforms.
Connectivity via the internet, a government secure network (PSN, GSI) or private leased line is
available but may incur additional charges if the hosting of CPE routers is required - see the pricing
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
10
section for more details. Where required, Consumers are responsible for procuring and managing
appropriate devices or software to meet the requirement for data security over the various forms of
connectivity.
Consumers have a number of options to choose from with Capita to access their environment
dependant on their requirement. The below are guides to demonstrate what is possible but may
require further engagement to explain further:
IL0 – 2
 Standard Internet connectivity over common protocols (HTTP, HTTPS, SSH, etc)
o Non-standard ports considered via Service Request
 Secure commercial grade VPN
o Self-managed Site-to-Site IPSEC VPN to the Capita compute environment
o Self-managed SSL VPN to the Capita compute environment
 PSN - You will need to assign part of your PSN IP allocation to your services hosted by
Capita
 Leased Line (CAS(T) compliant) or non-CAS(T) using CPA/PEPAS overlay encryption
IL3
 Preferred connectivity is over a Government Secure Network such as GSI or PSN
 PSN/GSI - You will need to assign part of your PSN/GSI IP allocation to your services
hosted by Capita

PSN or CAS(T) Leased Line (IL3 over IL2)
o CPA/PEPAS approved solution providing overlay encryption (e.g. Cisco ISR/ASR)
 IL0 (e.g. Internet or non CAS(T) circuit) to IL3 VPN
o Site-to-Site VPN using CAPS approved solutions (e.g. Ultra AEP Xcryptor)
o CPA assured solution where Foundation Grade assurance is appropriate (e.g.
Cisco ISR/ASR)
 IL3 Leased Line (assured network connection)
Advanced web client (Ajax):
 Microsoft Internet Explorer 7+, Firefox 3.0+, Safari 4+, Google Chrome 2.1+
Standard web client (HTML):
 Microsoft Internet Explorer 6+, Firefox 3+, Safari 3+ (4+ MacOS), Google Chrome 2.1+
Desktop clients:
 Zimbra Desktop, Microsoft Outlook (2003, 2007, 2010), Apple iSync
 Any POP or IMAP supported client
Mobility:
 Any compatible smartphone (Android, Symbian, Windows Mobile)
 Apple iPhone / iPad
21
Trial service
Capita offer a 30 day free trial for up to 500 people within a single organisation, available upon request.
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016
NOT PROTECTIVELY MARKED
File: DOCUMENT1
Doc Reference: CUST-0000-0000 Issue: 1
1
Document Type: Service Description
Copyright: Capita Secure Information Solutions Ltd 2016