INPUTE TECHNOLOGIES LIMITED

Alfresco

The Alfresco Digital Business Platform is a Content and Process platform with strong Governance features to help organisations comply with industry regulations. The platform is built on open-source components and services with extensive open and public APIs for integration and customisation.

Features

• Enterprise Content Services platform
• Business Process Automation Services
• Records Management
• MS Office and MS Outlook integration
• Integration to 3rd party applications
• Easily Extendable
• Open APIs
• Open Source Platform
• Supports containerised deployment
• Cloud Native features

Benefits

• Highly flexible
• Scalable
• Increased efficiency through automation of knowledge work
• Enhanced document management capabilities
• Streamlined workflows through automation
• Seamless integration with CRM and ERP systems
• Accessible via mobile devices for flexibility
• Enhanced search capabilities for information retrieval
• Automated compliance and security measures for data protection

£20.42 to £58.50 a user a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at c.howard@inpute.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

154726519745987

Contact

Chris Howard
+44 203 026 7521
c.howard@inpute.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Supported platforms are documented in the Hyland Alfresco documentation site at https://www.alfresco.com/services/subscription/supported-platforms; Maintenance is by arrangement with the service owner.
• System requirements:
  • Use of a Supported Browser (Safari, Edge, Chrome or Firefox)
  • Deployed on supported Infrastructure

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Helpdesk open Monday to Friday, 0830 through to 1730. Extended hours available. Please contact Inpute for details
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Inpute provide a range of response times depending on clients needs. 1hr, 4hr and 8hr SLA agreements are available during normal office houses Monday to Friday, 0830 to 1730. ; ; Weekend cover and 24/7 support is available and responses times are subject to client requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As a part of Alfresco Digital Business Platform implementation, Hyland trains your organisation’s designated system administrators, testers and trainers responsible for educating their user community. Hyland will compose training materials specific to the configured solution for use by your organisation’s designated trainers. The courses will cover in depth all the basic system functions—scanning, storing, retrieving, printing and so on, plus your organisation’s specific application and procedures, which typically varies by department.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Alfresco Cloud Off-boarding Assistance; In the event that a customer wishes to cancel the service, Hyland will provide the following off-boarding assistance for 30 days: ; While the Alfresco Cloud will go into read only mode, the customer will continue to have access to the data extraction capabilities for 30 days. This allows the customer to extract all content within the Alfresco Cloud.; If the customer provided custom code for Alfresco to deploy, upon the customer's written request, Alfresco will return a copy of that custom code to the customer.; For large content stores, Hyland will work with the customer to find the most cost effective method for retrieving or transferring the data. Additional fees may be required for this assistance and/or to migrate content in bulk.
• End-of-contract process: While the Alfresco Cloud will go into read only mode, the customer will continue to have access to the data extraction capabilities for 30 days. This allows the customer to extract all content within the Alfresco Cloud.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Web interface is scalable according to the device it is run on using Google Material Design standards to provide the best user experience.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Alfresco has administration console web applications for admin tasks however given the nature of the deployment service management is typically via IT systems tools.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: VPAT
• API: Yes
• What users can and can't do using the API: REST APIs support content CRUD operations, authentication, searching, user and group management, audit record access, process management.; ; See https://api-explorer.alfresco.com/api-explorer/; ; Extensive Public JAVA services support extensions for custom actions in the repository and process engine.; ; Also https://docs.alfresco.com/content-services/latest/develop/reference/java-foundation-ref/
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The platform is highly customisable to support unique business requirements. Business users are able to build their own process applications using the BPMN modeller with web forms to provide a full business application.; ; Developers may extend the Digital Workspace with their own UI components using Angular or build Alfresco integration into LOB applications. See https://www.alfresco.com/abn/adf/docs/extensions/; ; The platform is built on Java with a large number of extension points and an opensource SDK. Java developers can extend the platform quickly and in a supported way to provide application specific functionality.

Scaling

• Independence of resources: This entirely depends on the deployment strategy. If hosted in customers own cloud the customer is responsible for providing appropriate resources to run the service. If hosted by Inpute the service will be deployed in a dedicated environment scaled to support the application requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly PDF report on named user and storage capacity and usage, Uptime SLA and current months uptime.
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Hyland Software

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Customers own the service and can export their data using the documented API methods directly or commission a services engagement to export data in a preferred format.
• Data export formats: Other
• Other data export formats:
  • XML Metadata
  • JSON Metadata
  • Native File Formats
  • PDF Rendition (where applicable) of content
• Data import formats: Other
• Other data import formats:
  • Native File Format
  • XML Metadata
  • JSON Metadata

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Alfresco Cloud Services offers different tiers - each tier has defined uptime, Recovery Point Objective targets (RPO) and Recovery Time Objective targets (RTO)
• Approach to resilience: The Alfresco Cloud has been designed following recommendations and best practices defined in the AWS Well Architected Framework. One of the benefits is that your deployment is spread redundantly across multiple availability zones providing resilience against underlying hardware failure.; To ensure consistency and repeatability, Alfresco Cloud deployments are fully automated with no manual steps. This gives confidence in correct deployments as the mechanisms used for deployments will have been fully tested before being run with no manual steps involved.; All Alfresco Cloud instances have a regular backup process, which is monitored for errors and regularly tested. These have defined Recovery Point Objective targets (RPO) and Recovery Time Objective targets (RTO) for the Alfresco Cloud operating environment varying based on which tier of Alfresco Cloud Services has been purchased.; Alfresco Cloud also includes comprehensive disaster recovery processes which will be regularly tested.; Your environment will be monitored for availability, capacity, and security incidents.; All infrastructure components, and the Alfresco Cloud itself, will be configured to capture key events and logs to enable the Alfresco team to have full visibility of the functioning of the system.; has context menu
• Outage reporting: Customers will receive email notifications of upgrades, outages etc.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access to the infrastructure is strictly controlled. All access is via controlled, audit logged access controls using strong PKI encryption. Accounts with access to the production environments are regularly reviewed. Access credentials are only provided on an “access required” basis to personnel who have undergone appropriate training and have passed all applicable background checking and onboarding requirements at the time of hire. These individuals are also subject to additional, ongoing information security and confidentiality training.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The AWS certification was certified by EY CertifyPoint
• ISO/IEC 27001 accreditation date: 18/11/2022
• What the ISO/IEC 27001 doesn’t cover: AWS Detailed Certification available here: ; https://d1.awsstatic.com/certifications/iso_27001_global_certification.pdf
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 06/11/20202
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: Details available here; https://d1.awsstatic.com/certifications/csa_star_certification.pdf
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC 2
  • SOC 3

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Alfresco Cloud follows the controls described in the SOC2 principles and is audited regularly against those controls. More widely, we have a corporate Information Security Management System (ISMS) that is aligned with appropriate industry standards.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Hyland provides the process and infrastructure for Customers to introduce change; into their environment via change management. Hyland follows internal change management procedures.; Generally, change requests are submitted via a change management system and are then evaluated by; subject matter experts. Upon approval by such subject matter experts, changes are implemented,; documented, and tested. Customers are responsible for testing all configuration changes, authentication; changes, and upgrades to their solution.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Hyland has a defined incident response and management policy, which includes processes for responding to product security vulnerabilities that are discovered after product release, as well as information security incidents identified within the Hyland Cloud.; Issues are categorised and communicated. Hyland will implement security fixes, patches, updates, etc. as they are released.; Hyland has an incident response policy for dealing with IS incidents that occur in the Hyland Cloud. The plan includes identifying necessary involved parties, defined management protocols of the incident, reporting protocols and requirements for Hyland personnel, defined incident response, notification and handling protocols, and post-incident reviews protocol.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We continuously monitor the user interface and the Public REST APIs to measure uptime availability for the Alfresco Cloud. Monitoring is made up of, but not limited to, the following critical system metrics:; Firewall and Load Balancer health checks; Resource Capacity on Servers (CPU/Memory/Disk Space); Monitoring the Health of the Operating System; Monitoring System Logs; Monitoring Application and Infrastructure Access Logs; Monitoring Search Indexes State and Performance; Monitoring Database Health and Performance of Database Indexing; Monitoring Repository Size and Performance; Monitoring Transformation Services Health and Performance; Monitoring background services such as backups ; System-wide Networking Performance Monitoring and Auditing
• Incident management type: Supplier-defined controls
• Incident management approach: Hyland has an incident response policy and plan for dealing with information security incidents that occur in the; Platform in a timely manner and with all relevant communication. Our response plan includes identifying the; necessary involved parties, defined management protocols of the incident, reporting protocols and; requirements for Alfresco personnel, defined incident response, notification and handling protocols and; protocols for post-incident reviews.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Inpute recognises sustainability and humanity’s response to climate change as one of the greatest challenges of our lifetime. That’s why we’ve committed to put sustainable technologies at the heart of our innovation—to make sure we are adapting and growing along with the planet with the lowest environmental impact. We continue our work on reducing our emissions on many levels (offices heating & energy, product lifecycle, travels).

  Covid-19 recovery

  In response to the challenges posed by the COVID-19 pandemic, our policy aims to catalyst economic recovery by fostering the creation of new opportunities and skills for people. We recognise the need for innovative solutions to address shifting market demands and embrace the opportunity to empower individuals and communities.; Our policy outlines several key strategies including:; Entrepreneurial Support: We provide comprehensive support our people, including access to mentorship, and supporting new opportunities, and incubation programs. ; Skills Development Programs: Recognising the importance of upskilling and reskilling in a rapidly evolving economy, we invest in training programs to equip our people with the skills needed for emerging markets and opportunities. By fostering a culture of lifelong learning, we empower individuals to adapt and thrive in a post-COVID world.

  Equal opportunity

  At Inpute, we empower our people with support, benefits, and resources. That means putting our company culture first with communities that get people connected, while celebrating unique backgrounds and experiences. No matter the office location or team, we focus on promoting Diversity, Equality and Inclusion through numerous. We also invest in local communities and charities ; Inpute works diligently to promote trust and transparency in everything we do. Among our core values, we strive to “Acting with Integrity”—we act with integrity, make ethical decisions, and use good judgment. In that spirit, Inpute is committed to the highest standards of corporate governance, compliance, and ethics.

  Wellbeing

  Inpute is dedicated to fostering holistic wellbeing among our people. We prioritise mental, physical, and emotional health through comprehensive initiatives. Our wellness program includes flexible work arrangements and access to mental health resources, ; At Inpute, we believe in work-life balance, we promote a supportive and inclusive culture where employees feel valued and respected. Our Employee Assistance Program offers confidential counselling services, ensuring that all team members have access to the support they need.; Additionally, through continuous feedback mechanisms, we ensure that our wellbeing initiatives remain relevant and effective. At Inpute, we recognise that our people are our most valuable asset, and their wellbeing is paramount to our success

Pricing

• Price: £20.42 to £58.50 a user a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A trial version of Alfresco Content Services is available in the following ways: ; Download: Docker-based, free for 30 days.; Online: Email activation, free for 14 days.; A trial version of Alfresco Process Services can also be downloaded. Point and click install, free for 30 days.
• Link to free trial: https://try.hyland.com/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at c.howard@inpute.com. Tell them what format you need. It will help if you say what assistive technology you use.