Softlink Information Centres

illumin: Knowledge & Research Management Software

illumin is the perfect tool for knowledge and research management as it collects, records, quantifies and précis’s queries and answers provided to staff and clients. The knowledge base becomes a comprehensive, audited database of relevant information that can be easily shared.

Features

• Full Text Search
• Reporting & Analytics
• Customizable Interface
• Cloud Hosting
• Free Training
• Single Sign-on
• Integration Options
• First Class Support
• Flexible Request and Response Management

Benefits

• Search all the fields within your knowledge base, including documents
• Create and schedule custom, detailed reports
• Highly configurable page elements and layouts
• Reliable and secure certified T4 hosting facilities are available
• Softlink conducts several free training sessions throughout the year
• Support for Single Sign-on (SSO) means secure and convenient acces
• Advanced email integration and workflow helps manage incoming requests
• Access to a support team comprised of qualified professionals
• Multiple ways to generate and respond to requests

£1,210 a licence a year

• Free trial available

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew.coy@softlinkint.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

150520222597373

Contact

Matt Coy
1.206.508.0450
matthew.coy@softlinkint.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements:
  • For hosted, only supported web browser.
  • For local installation, Windows 2012, 2016, 2019

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Access to chat, email, or phone 24 hours a day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: The Annual Support and Maintenance program protects your investment by ensuring that you receive maximum benefit from your solution into the future. In addition to access to a wide range of help desk support services, your support and maintenance subscription includes major releases and regular minor updates to your software each year. ; Softlink provide full support to their clients via a toll free phone number, email support and online support (FreshDesk) that can be accessed from any web browser. Softlink support team always provides a response to queries within 3 hours of receiving them, however responses are usually answered within 1 hour or less. Softlink also provide global Virtual User Group meetings, webinars with the latest features for new upgrade releases which are released as online videos for our clients to view at any time. Softlink also provide an annual National illumin User Group meeting and Group training sessions free for our illumin clients to attend. Softlink also provide a number of free one-hour phone training sessions each year. Technical Account Managers are on hand to answer questions or provide solutions.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Training is flexible and can be tailored to your needs; however below is a sample standard training program for your information. Each session runs for approximately for 1-1.5 hours, but this may vary depending on requirements. Training can be live remote online training or onsite training depending on requirements. Provide both YouTube videos and user documenation as well.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Admin users are able to run reports to gather their data and export to CSV or Excel. Softlink can also provide a paid service for providing a full single MS SQL .BAK File.
• End-of-contract process: Annual support includes:; 1 x Professional Services Assistance. Each year choose 1 of the following:; ▪ Assistance to apply a customization such as CSS modifications or banners; ▪ Basic Custom Report; ▪ 1 hour phone walkthrough Q&A session / mini training session; ▪ System Health Check. ; ✓ Virtual Group Training. 4 per year, repeated across time zones so that you can participate at a ; convenient time.; ✓ Customer Care call. Annual check-in call from a member of the Softlink support team. You can also of course call Softlink whenever you wish; ✓ A customer support portal. A user-friendly support portal for getting help and support resources. ; ✓ Technical support including access to Support Self Service portal, log and access and monitor Support ; requests 24x7, contact the support team by email or phone, talk to product experts in your geographic ; region.; ✓ Extended hours support. If support is required outside normal business hours, can contact any ; Softlink support office around the world in the UK, USA and Australia.; ✓ Beyond technical support - assistance with minor training issues, altering data in the system where a ; simple script is required, and cannot be done through global changes interface.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Illumin can be used from any browser found on mobile device.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Illumin data can either be exported or imported thru an API. Softlink would need to create the API depending on the data required.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Illumin is extremely customisable. Colors, logos, content, taxonomy, reports and wording can all by customised by Research Staff who have an admin license.

Scaling

• Independence of resources: Softlink will use commercial best efforts to provide customers with 99.99% uptime

Analytics

• Service usage metrics: Yes
• Metrics types: Illumin has standard reports, custom reports, and an analytical reporting module that all come standard.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Admin users are able to export data to Word, Excel, and PDFs by running either standard reports, custom reports, and through the analytical reporting module.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Softlink will use commercial best efforts to provide customers with 99.99% uptime. This does not include periods scheduled for upgrades and maintenance. Downtime is measured from the time an unscheduled service interruption is reported by the Customer.
• Approach to resilience: Softlink employs industry standard methods, including but not limited to:;  Role based access;  Password security policies;  Network egress and ingress controls;  Detailed Logging and Monitoring; All Amazon Web Services Data Centres are housed in nondescript facilities with strictly controlled physical access at the perimeter and ingress points, monitored by professional Security Staff.; Softlink Systems are hosted on regularly updated and maintained Windows servers, protected by the Amazon Web Services Network infrastructure.; Hosted servers are protected by local Anti-Virus and Firewall configurations, which are audited and updated regularly.; AWS Shield is a managed Distributed Denial of Service (DDoS) protection service which protects all web services running out of any AWS Data Centre.; Client databases are backed up nightly and stored as follows:;  Daily backups are kept for 7 days on a rolling schedule;  Weekly backups are kept for up to 90 days on a rolling schedule;  All backups are available offsite and are designed to deliver 99.999999999% durability.
• Outage reporting: Multiple levels of monitoring to ensure maximum uptime for all systems.; A tiered alarm system is configured to pick up and automatically escalate any system performance issues which may be experienced.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: SSO can be implemented or username/password requirement to access
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Softlink audits against a large number of controls derived from security standards including ISO-27002, NIST 800-53, OWASP, CSA COM, GDPR and others. The audit schedule is determined based on risk according to industry, service, and the type of information processed.
• Information security policies and processes: Resolution of Queries and Problems within Target Resolution ; Times. All support tasks related to reported error conditions are ; prioritized according to defined criteria, assigned a target resolution date based on priority and scheduled for action by relevant personnel. This scheduling process is carried out on a daily basis, and progress is reviewed regularly. Softlink will use reasonable endeavors to resolve support tasks within the target period. Each priority has a target period for resolving the support task. For details of the target support task resolution period. Support tasks related to functional modifications to the software (i.e. where the Customer has requested that the functionality be modified), or third party products are handled separately from this procedure.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Change Request Procedures: Any change to systems go through a formal change request process. This involves creating a documented request which includes the rationale for the change, the expected benefits, and an analysis of potential risks.; ; Impact Assessment: Before any change is approved, a thorough impact assessment is conducted. This includes analyzing potential security impacts, compatibility with existing systems, and effects on overall system performance. .; ; Security Review: Changes are reviewed with a focus on security, ensuring that no new vulnerabilities are introduced. ; ; Testing: All changes are tested in a controlled environment before being deployed to the production system.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Patch Management Policy: We have a stringent patch management policy in place that dictates how patches are prioritized, tested, and deployed. ; ; Testing Before Deployment: All patches undergo thorough testing in a controlled environment before implemented.; ; Rapid Deployment: Critical patches can be deployed within 24 hours, while less critical updates follow a scheduled deployment plan that minimizes disruption to services.; ; Vendor Bulletins and Updates: We closely monitor updates and security bulletins from our software vendors and third-party service providers. This ensures that we are aware of any known vulnerabilities that may affect components we use.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our systems are monitored continuously using a combination of automated tools and manual oversight. This monitoring covers network traffic, system performance, and logs of user activities, allowing us to detect anomalies that could indicate a compromise.; ; Incident Response Plan: Our incident response plan includes predefined procedures for various types of security incidents. This plan outlines steps for containment, eradication, recovery, and post-incident analysis to prevent future occurrences.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident Response Plan: Our incident response plan includes predefined procedures for various types of security incidents. This plan outlines steps for containment, eradication, recovery, and post-incident analysis to prevent future occurrences.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Softlink uses data centres committed to increasing renewable energy in supply of cloud hosting.

  Equal opportunity

  Library software to support organisations with freedom of access of information.

Pricing

• Price: £1,210 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 1 week free trial for sandbox version of illumin

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew.coy@softlinkint.com. Tell them what format you need. It will help if you say what assistive technology you use.