SirsiDynix BLUEcloud Library Services Platform
SirsiDynix BLUEcloud Library Services Platform is an open, versatile, scalable library management solution for managing all technical and public services within libraries and consortia. We provide enterprise class hosting facilities for both Symphony and Horizon LMS. SirsiDynix have developed a suite of integrated discovery, reporting, events and marketing tools.
Features
- Feature rich, web based library management system
- Full suite of APIs and Web Services
- MARC21, RDA, AACR2, and Unicode compliant
- SIP2/NCIP/RFID compliant with LCF pending
- Cataloguing, Circulation, Cash Management, Serials, Acquisitions with EDI
- Integrated Discovery Layer
- Digital Asset Management
- Customer and staff apps for iOS and Android
- Real-time reporting and Business Intelligence reporting tool
- Marketing and events management tool
Benefits
- Lower total cost of ownership
- 99.95% uptime for nine consecutive years
- 24/7 support portal
- UK based support via phone, email, and support portal
- Dedicated Library Relations Managers
- Dedicated Software Development team
- Dedicated SaaS team
- Established and active user groups
- Support for consortia leading to reduced transportation and ILL costs
- Optional fully managed service
Pricing
£5,000 an instance a year
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
1 6 8 7 1 8 4 8 9 1 5 7 6 1 1
Contact
Sirsi Ltd (trading as SirsiDynix)
Margaret McEvaddy
Telephone: 01923 202923
Email: margaret.mcevaddy@sirsidynix.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Hybrid cloud
- Service constraints
- The solution is designed to provide a fully functional system at all times (including the public facing service). The system will be available to all users with a minimum 99.9% availability.
- System requirements
-
- Internet capable PCs/laptops/mobile devices
- Modern versions of Internet browsers (Edge, Chrome, Firefox, Safari)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Priority 1 incidents have an acknowledgement time of 1 hour (as long as you report the problem using the support telephone number) and target time to begin resolution of within 1 hour.
Priority 2 incidents have an acknowledgement time of 4 business hours and target time to begin resolution of 1 business day.
Priority 3 incidents have an acknowledgement time of 4 business hours and target time to begin resolution of 2 business days.
Every SirsiDynix customer has 24/7 access to Critical Care support for down systems.
Our SaaS Customers have 24/7 access to the cloud support team. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 24 hours, 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 A
- Web chat accessibility testing
- Our web chat facility meets WCAG 21.A and most of WCAG 21.1AA and AAA. We have not tested with assistive technology users.
- Onsite support
- Yes, at extra cost
- Support levels
-
All SirsiDynix customers have access to SirsiDynix Customer Support. The Customer Support team can be contacted by telephone, email, live chat or via the Support Centre portal. The Support Centre portal is available 24/7 for customers to log and view cases. For UK based customers, during weekdays between 8am and 5pm, members of the client care team based in the UK will deal with the majority of telephone phone calls, after which calls are routed to the North American customer support team.
Every SirsiDynix customer has access to critical care support as standard for high priority system failures 24 hours a day, 7 days a week.
Our SaaS Customers have 24/7 access to the cloud support team.
Every customer is assigned a dedicated Library Relations Manager (LRM). LRMs work with customers worldwide to facilitate and personalise interactions between SirsiDynix and our customers. The LRMs hold regular meetings with our customers to ensure that each library gets the best out of our products and services for its local environment with a goal of a smooth and productive relationship between the individual customer and SirsiDynix. Any outstanding calls and development requests can be reviewed with the LRM. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
SirsiDynix has several decades of proven track record in project delivery of LMS projects. Our UK based project team will work with the client through every phase of the project, through to completion. SirsiDynix provides a full implementation services to all new users which will include the following:
• Project management
• Policy configuration consultancy services
• Software installation and setup
• Data conversion consultancy and services
• Training services
• User Documentation
No matter which system we migrate the data from the data migration project follows the same tried and tested processes. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- At the termination of a Cloud contract SirsiDynix will provide extractable customer data at no additional charge in a supported MARC and/or ASCII delimited format.
- End-of-contract process
-
On termination all data will be deleted as required. It is standard practice that all traces of data and operability components of the service are deleted on request of the customer at the end of the contract once successful migration is complete or any time convenient to the customer.
At the termination of a Cloud contract SirsiDynix will provide extractable customer data at no additional charge in a supported MARC and/or ASCII delimited format.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- SirsiDynix has developed BLUEcloud MobileStaff, our staff application for use on mobile devices. Our Enterprise resource discovery platform is browser based and can be used on mobile devices automatically adjusting to the real estate available on a given device. BLUEcloud Mobile is our public facing app supported on iOS and Android.
- Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- The Enterprise resource discovery platform delivers a clear, powerful, attractive public user interface, a one-stop shop for searching. Enterprise can provide access to not just the library’s physical collection but also eBooks, eAudiobooks, local history photograph collections, websites, metadata from other authority databases, and more. The discovery platform enables borrowers to log into their online account to renew items, reserve material, download eResources and pay bills. The interface is highly customisable using the web based administration tool.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- Tested using the JAWS screen reader and mobile phone operating system aids for iOS and Android.
- API
- Yes
- What users can and can't do using the API
-
SirsiDynix BLUEcloud LSP includes over 700 APIs and Web Services. This service-oriented foundation allows the BLUEcloud library services platform interface to interact with every portion of the Symphony database.
SirsiDynix offers tight integration between our systems and whatever systems your library chooses to use, and allows you to modify, extend, and customise the SirsiDynix system to meet your individual needs through APIs and Web Services that expose data using a Resource Oriented Architecture. These APIs and Web Services expose any and all data loaded into your system and allow you to access that data (with read and write privileges) in whatever systems and interfaces you choose.
Additionally our API provides tools that allow:
• global selection, editing, removal, and formatting of records
• creation of custom reports
• tools that allow users to mimic transactions, e.g., charging, discharging, etc.
• tools for data loading and data manipulation. e.g., import /export bibliographic, authority, user records - API documentation
- Yes
- API documentation formats
-
- HTML
- Other
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The following areas of the system can be customised by users who have received the appropriate training:
• Library system policies and parameters e.g. loan policies, user policies, cataloguing policies etc.
• Staff logins with role-based permissions
• Reports
• Notice text
• Discovery platform and end-user app e.g. colour schemes, brandings, searches
Scaling
- Independence of resources
-
SirsiDynix SaaS does not allow resources to exceed a pre-determined threshold. In the event resources are approaching defined thresholds, we automatically assign additional server side resources. Our scaling is more vertical (add resources to existing Symphony servers to handle additional load) and not horizontal (add more physical servers to the cluster of servers to handle additional load).
We do not limit any customers usage of CPU, RAM, I/O, storage, bandwidth, etc. We scale our hardware to be no more than 80% of total capacity.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
The system records every successful transaction made to the database. The reporting tools enable our customers to report on all activity including the following:
• Number of records added to the system (bibliographic, item, user, serials, acquisitions)
• Circulation statistics (issues, renewals, reservations, payments)
We have developed a suite of reports to provide data according to CIPFA reporting requirements.
The Enterprise discovery layer integrates with Google analytics to provide public usage metrics.
On request, we can provide metrics on system uptime and customer support performance. - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with another standard
- Other
- Other data at rest protection approach
- FIPS assured encryption is available for an additional cost. We also make use of secure containers, racks or cages. All systems run on Pure Storage arrays encrypted at AES 256.
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
-
Reports to select and export records can run at any time, whether or not the system is also in use for other purposes. Staff can extract data from SirsiDynix Symphony in basic flat ASCII text, making it available for loading into any external desired application. A number of the reports also provide the option of XML output.
Bibliographic records can be exported in MARC format by making use of the standard delivered MARC Export utility and reports. - Data export formats
-
- CSV
- Other
- Other data export formats
-
- MARC
- Flat ASCII
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- MARC
- Flat ascii
- XML
- Dublin Core
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- Other
- Other protection within supplier network
- SirsiDynix protects data within our network by our ability to optionally configure internal communications for Software as a Service (SaaS) systems to use TLS v1.2 or a similar technology.
Availability and resilience
- Guaranteed availability
-
Covered Services will be available 24/7 with the exception of Scheduled Maintenance periods or any events or occurrences due to the products, services, and/or actions of 3rd parties beyond SirsiDynix’s reasonable control, including but not limited to any Force Majeure events, which result in Reduced Functionality or an Unscheduled Outage.
At Customer’s request, SirsiDynix will calculate Customer’s Service Availability during a given calendar month. Interruptions will only be counted if SirsiDynix confirms that the non-availability is due to an occurrence under SirsiDynix’s control.
Service Availability Interruption Service Credit (*)
Less than 1% of hours in a calendar month - No Credit;
1% to 4% of hours in a calendar month - 5%;
4% to 6% of hours in a calendar month - 10%;
6% to 12% of hours in a calendar month - 25%;
12% of hours or more hours in a calendar month - 50%.
* (Percentage of the total Customer monthly fees due to SirsiDynix for that calendar month. The total credit from all Services Level Agreements is not to exceed 50% of such fees due to SirsiDynix for that calendar month.) - Approach to resilience
-
SirsiDynix cloud based products are hosted through a colocation facility provided by iomart Hosting. Within the environment, equipment is purchased and installed by SirsiDynix. We utilise Cisco servers and
networking equipment, Sonicwall firewalls and SAN storage from Pure Storage. The Symphony application and Oracle database run within a virtual machine on VMware ESXi. Wherever possible we implement redundancy in the solution, for example HA firewall configuration, redundant switches and additional server capacity in case of server failure.
The equipment is hosted on our behalf by iomart, who provide us internet connectivity, power and rack space. They have diesel generators to provide additional protection in case of power failure, multiple redundant core switches and routers, and a temperature controlled environment, with redundant HVAC (heating, ventilation and air conditioning) and ventilation. - Outage reporting
- Combination of email alerts and a customer-accessible dashboard.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Web application administrative access can be restricted to VPN only with a username and password, while SirsiDynix support access is only via a password obfuscation tool such as Remote Desktop Manager (RDM) or via two-factor authentication.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- 2-factor authentication
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 1 month and 6 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- A-LIGN
- ISO/IEC 27001 accreditation date
- Original Issue Date: 11/14/2017, Recertification Date: 1/4/2021
- What the ISO/IEC 27001 doesn’t cover
- N/a
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
SirsiDynix has a documented framework for security governance, with policies governing key aspects of information security relevant to the service. High-level security requirements are found in the Corporate Security Policies (CSP) document. The CSP has several subordinate policy and procedure documents, listed below, which describe how SirsiDynix meets each of these requirements.
• SirsiDynix Controlled Access Plan;
• SirsiDynix Audit Management Plan;
• SirsiDynix Change Management Plan;
• SirsiDynix Disaster Recovery Plan;
• SirsiDynix Incident Response Plan;
• SirsiDynix Personnel Security Plan;
• SirsiDynix Risk Assessment Plan.
The framework ensures that security processes and procedures are defined, and implemented by all staff across the company. All staff are aware of the documentation and receive security training annually.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- SirsiDynix manages configurations and changes according to industry best practices and ISO 27001 requirements, requiring reviews and security lead authorisations for changes throughout software or system lifetimes. See the SirsiDynix Change Management Plan (CMP) section 3 (available on request).
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- SirsiDynix uses sources such as the US-CERT ratings and industry and vendor threat reports to assess potential threats, deploying patches as needed based on the severity of the ratings. Policy related to patch deployment is found in the SirsiDynix Risk Assessment Plan (RAP) section 3 (available on request), with a target of 24 hours for critical patches, 36 hours for high-risk patches, and 2 weeks for moderate-risk patches.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Potential compromises are identified using detection of unauthorised and out-of-policy configuration changes, network behaviour, and other activities; SirsiDynix also uses logic built into security tools to perform identification. Response to potential compromise includes isolation, investigation, remediation, and reconstitution (from the Incident Response Plan section 6). Goals for speed of response (from IRP section 6.1) are listed below. SirsiDynix networks are also protected by Sophos network security monitoring, with 24x7x365 threat detection.
Critical - within 24 hours
High - within 36 hours
Moderate - within 2 business weeks - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- SirsiDynix customers report potential incidents to Customer Support via phone, email or the support portal. We proactively monitor all aspects of our applications and infrastructure and in many cases an incident will be identified via our monitoring solution. SirsiDynix Cloud technicians will work on the issue until it is resolved. Incident reporting includes notification as soon as possible after identification of an incident, regular updates, and a final report upon incident conclusion. We have clear escalation procedures for the management of incidents.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Fighting climate change
-
Fighting climate change
SirsiDynix regularly monitors and reviews our internal work practices to ensure that, as a company, we are meeting our goals towards minimising our carbon footprint. For example, in 2021 we took the decision to allow all our staff to work from home indefinitely and to minimise business travel, thus reducing the amount of unnecessary carbon emissions expended, and so protecting the environment.
As a responsible supplier, SirsiDynix imposes stringent criteria when selecting a collocation partner to host our software in the UK. Iomart are regularly inspected by independent auditors and hold both 14001 Environmental Management System and IOS 50001 Energy Management certification, which demonstrates continuous work to improve their environmental position and performance, as well as constantly working to upgrade energy use and output in their facilities.
We build sustainability into our development plans, identifying ways our customers can protect the environment. A recent example is the introduction of digital borrower cards, allowing customers to access library services from their phones, reducing the use of plastics. Focusing on the sustainability of resources, our company policy is to go paperless in all our work practices and in the technology we build for our customers. All of our solutions and supporting documentation are web based and available online. Our systems can all be used remotely, supporting our customers to encourage library users and staff to cut down on unnecessary travel.
The web based and contactless solutions we offer cut the environmental cost of traditional library services, promoting streamlined and COVID-secure usage, with less dependence on self-check kiosks and heavy desktops. Our discovery platform and associated eResources management system support an ever-growing body of digital content, reducing reliance on print material. - Covid-19 recovery
-
Covid-19 recovery
No member of SirsiDynix staff (currently 32 staff in the UK) has lost their job or been furloughed due to the COVID-19 pandemic.
Our experience in supporting remote working places us in a strong position in the continuing and post COVID-19 environment, allowing us to recruit and on-board new employees remotely, including hiring and training in a fully remote environment.
Recruitment during the COVID-19 pandemic has been carried out in a remote only environment, with training and support given remotely, enabled by technology platforms such as MS Teams and Zoom. All employees have access to both local and global training, backed up by our comprehensive self-service Support Portal and our eLearning platform, Mentor, the staff intranet, and Global and UK-specific Employee Handbooks.
In addition, we have been able to keep library staff in jobs by providing remote working technologies through web-based systems, supporting staff working from home. We have also created an extensive catalogue of webinars and self-paced training to support key library staff in delivering their services to end users.
Addressing the wider context of post COVID-19 recovery, we provide a digital interface to customers, enabling their users to access content to support wellbeing, literacy, employment skills, and schools, helping local communities to up-skill in the challenging post COVID-19 environment. - Tackling economic inequality
-
Tackling economic inequality
SirsiDynix is an international company with EMEA headquarters based in Watford, UK. We have a team of 32 staff working in the UK, contributing directly to the domestic workforce. We also support local businesses through our third-party supply and delivery chains, partnering with SMEs across the UK. Examples of partnerships include Solus, based in Scotland, for the development of our mobile app, and iomart, UK-based, who host our data centre collocation facilities.
We offer programmes to young adults as internships, helping them to gain valuable work experience. The most recent example is a young man from the local area who has autism, he joined our Engineering Team on a six-month contract and has now been taken on a full-time permanent basis. - Equal opportunity
-
Equal opportunity
SirsiDynix is an Equal Opportunities Employer, continuing to comply with the spirit and letter of UK equality laws. We promote a fair and harmonious working environment in which all employees are treated with dignity and respect. All workers and job applicants receive the same opportunities regardless of their age, disability, ethnicity, sexual orientation or gender. These conditions are written into our employment contracts.
In the UK, our average employee tenure is 10 years. 18% of staff in the UK are from a minority background, covering BAME, LGBTQ+ and disability. Women make up 50% of our UK work force and hold the most senior positions in the UK office. SirsiDynix provides appropriate support and adaptations to enable disabled staff to access their work, for example providing specialist equipment for visually impaired staff. We provide mandatory training in equality and discrimination to all our staff on an annual basis, and we continue to build software which is accessible to all and is regularly assessed against WCAG guidelines.
SirsiDynix believes in finding the right balance between responsibilities at home and at work. We honour requests for part-time work due to domestic circumstances, and all of our staff have the option to work from home.
We employ talented people from diverse backgrounds. As an international company with offices around the world, we have a very open mind to different cultures and we adapt our employment policies to make sure we are sensitive to regional differences. - Wellbeing
-
Wellbeing
At SirsiDynix we take the obligation to meet the highest standards in looking after our own and customers’ staff very seriously.
Wellbeing is at the core of our values. A healthy workforce means a happy team and leads to happy customers. This belief is led from the very top by our CEO, Bill Davison. The most recent review on GlassDoor has SirsiDynix rated at 4.3 for our Culture & Values, 4.2 for Diversity and Inclusion and 4.4 on Work / Life balance. 92% of raters approve of the CEO.
The active Global HR Department works hard to promote a healthy work-life balance for SirsiDynix staff, and to make staff feel appreciated and included, covering aspects of health, mental health and interests outside of work. Regular team meetings and catch ups, and a monthly slideshow help management and HR communicate motivational thoughts, work anniversaries, birthdays and milestones.
SirsiDynix’s CEO gives regular monthly all-staff updates to ensure staff are aware of any changes to company policy around COVID-19, and to pre-emptively address worries staff might have about visiting the office, travelling for work, work-life balance during the pandemic and other related issues that could potentially affect staff mental health. In addition, all UK staff can opt in to benefit from private medical insurance provided by BUPA, which includes provision of mental health support.
We carry out annual workplace assessments to ensure staff have the right equipment to perform their duties comfortably. Our annual holidays are generous and we recently added an additional two days’ annual leave pro-rata to the allowance for every member of staff for health and wellbeing activities.
As a technology company, SirsiDynix is well placed to promote and support flexible working for our employees, including creating flexible and remote work opportunities without restriction to a specific geographic area.
Pricing
- Price
- £5,000 an instance a year
- Discount for educational organisations
- No
- Free trial available
- No