Skip to main content

Help us improve the Digital Marketplace - send your feedback

Made Purple Ltd

Purple LMS Learning management system

Made Purple LMS is a purpose built iso27001 certified secure learning management system it's a scalable, robust, and innovative platform with purpose built media server's, booking system's and a lesson planning features. All lessons and tutor communications can be monitored and recorded with data centres strictly within the UK.

Features

  • Remote education delivery
  • Purpose built booking system
  • On-demand lessons
  • one to one or one to many lesson functionality
  • Pre call tutor facial verification security system
  • Fully managed and serviced public APPs
  • educational analysis tools
  • cloud learning can continue post release
  • interactive whiteboard
  • Purpose build media servers for guaranteed data sovereignty

Benefits

  • Allows secure remote lessons to take place
  • security features for staff to moinitor in real time
  • Improves digital literacy
  • Brings Secure education to in room devices
  • Stock images and word processor tools
  • Reduces risks associated with classroom education
  • Reduces the need to move residents around the site
  • Allows remote cross site education classes
  • Access to online secure encyclopaedia Britainnica

Pricing

£9.95 a user a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at George@madepurple.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

1 7 1 9 8 5 3 9 4 0 6 2 6 7 9

Contact

Made Purple Ltd George Kyriacou
Telephone: 01842558121
Email: George@madepurple.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Purple MDM
Made Purple OS
Cloud deployment model
Private cloud
Service constraints
The Learning Management software requires Windows, IOS, Android Made Purple OS hardware to run. Hardware advice and options can be made available.
System requirements
Stable Broadband

User support

Email or online ticketing support
Email or online ticketing
Support response times
Normally within 1 hour of emails received between the hours of 8am and 8pm

Telephone support available for P1 incidents 24 hours a day
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
On site support for hardware / software issues can be arranged at an additional cost based on the complexity and access issues.

Support is provided through a combination of Email, Phone, Live chat.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onsite training for staff in the use of the system will be provided (1 day)
Online "how to" videos will also be accessible to clients along with our support team on hand to answer any specific questions.
Onboarding can take as little as 3 days subject to staffing availability at the site and number of sites requiring onboarding at the time.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Users who have the correct permissions can extract data from the management portal. The data files that are exported will be encrypted using PGP.
End-of-contract process
Made Purple will destroy all information from the sites environment and it will be permanently removed. Users will have access to all data that they are the controllers of for 93 days beyond the contract end date. There are no end of contract or data extraction charges.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Other
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The in establishment terminals will use a purpose built and configured windows, Android, IOS or Made Purple OS application. It can also be accessed using a secure browser if preferred. The tutor application has been designed to work on both Android and IOS devices as well as a browser option.
Service interface
No
User support accessibility
WCAG 2.1 A
API
Yes
What users can and can't do using the API
The system provides a secure API which can be customised to provide access to particular features or for generating tailored usage reports.

The API offers full functionality which in turn will enable easy integration with both legacy and newly built systems as required.
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Email response templates are provided but can be customised
Lesson plans
content access
productivity suite access
stock image access
lessons

Scaling

Independence of resources
Our services are designed to be highly available and will auto-scale based on demands and traffic patterns. The service has been thoroughly stress tested . All services are load balanced and have health checks for target groups. We utilise multiple data centres in the London Region to load traffic and to make sure there is no single point of failure in our system.

Analytics

Service usage metrics
Yes
Metrics types
We can provide metric data on the amount of lessons an individual user has had.

lessons accessed
Documents created
Live lessons attended
Courses completed

Additional metrics can be implemented based on individual needs more details available upon request.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Admin can set system to auto export data to a local device using a VPN. The data files that are exported will be encrypted using PGP.
Data export formats
  • CSV
  • Other
Other data export formats
  • MP4
  • XML
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
System availability can be guaranteed provided a set criteria are met, Upon detection of a system outage, we immediately move to rectify the issue and aim to resolve it within 72 hours.
Approach to resilience
Made Purple is an ISO27001 accredited organisation and has full continuity and disaster recovery management plans in place which have been independently audited. Further information available on request.
Outage reporting
There are multiple ways you can receive alerts:
1. Email alerts
2. Slack or Teams integration
3. Using our API with webhooks

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Management interfaces are restricted either to Made Purple Ltd staff and approved sub-contractors or, if required for the function of the service, limited to authorised users of the service.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ACM-CCAS (UKAS)
ISO/IEC 27001 accreditation date
19-07-2020
What the ISO/IEC 27001 doesn’t cover
All aspects of this product are covered by our ISO certification
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
Yes
Any other security certifications
  • Check Certified Penetration test
  • Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
The data we store in AWS databases (London only) and storage is encrypted at rest with TDE (transparent data encryption) and while in transit using TLS. Policies are enforced by restricting access to virtual machines, databases and any administrative portals. User accounts can be revoked once a person leaves or is no longer associated with the project. All databases are protected by firewall with IP whitelisting rules.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We use the Software Assurance Maturity Model (SAMM) to manage configuration and change within our services, utilising Infrastructure as code (IaC) so that configuration and change can be identified, controlled and automated. We use Rolling updates and A/B testing to ensure changes are fit for purpose. Automated tests are built into our CI/CD pipeline to test the functionality, security and resilience of our system which includes fuzz testing, vulnerability scans and static code analysis. We use a comprehensive SIEM solution which provides monitoring, detection, and alerting of security events, anomalies, infrastructure changes and incidents.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We use a comprehensive SIEM solution which provides monitoring, detection, and alerting of security events, anomalies, software vulnerabilities, file integrity monitoring as well as cloud configuration issues. All logs are fed in to our SIEM solution so we have real time tracking of security incidents. All machines contain an agent to track software versions which are checked against CVE's as published by NVD and other sources such as OS security feeds. Upon detection of a vulnerability, we immediately move to patch the issue and aim to resolve any vulnerability within 48 hours.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use a comprehensive SIEM solution which provides monitoring, detection, and alerting of security events, anomalies, infrastructure changes and incidents. All logs are fed into this system. We also employ sophisticated industry standard software provided by AWS to monitor our systems for potential compromises, and proactively monitor logs relating to other services not covered by automated threat detection. Upon detection of a potential compromise, we immediately move to patch the or respond to the issue and aim to remove or patch any compromised system within 48 hours.
Incident management type
Supplier-defined controls
Incident management approach
We have pre-defined processes in place for common incidents such as compromised user accounts or the detection of suspicious activity. These processes are commensurate with the severity of the incident.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
Other
Other public sector networks
  • Quantum if required
  • NOMIS if required
  • NHS Network if required

Social Value

Fighting climate change

Fighting climate change

Climate change is something that the Made Purple team take incredibly seriously, which is one of the reasons we have selected AWS as our UK data centre. AWS has a long-term commitment to use 100% renewable energy. When using AWS Cloud rather than on-premises infrastructure, you typically reduce carbon emissions by 88% because larger data centres can offer environmental economies of scale. Organisations generally use 77% fewer servers, 84% less power, and tap into a 28% cleaner mix of solar and wind power in the AWS Cloud versus their own data centres.
Covid-19 recovery

Covid-19 recovery

To Aid in the UK recovery of Covid-19 we have implemented a number of policies that provide our team members with flexible and favourable working arrangements that allows for them to take time off when needed to care for those close to them who may be shielding. We encourage our team to to use our in house built mindfulness applications and have implemented remote working policies for members of the team that may be unable to return to the workplace fully.
Tackling economic inequality

Tackling economic inequality

Made Purple encourage our team members to seek out and take advantage of the companies training and improvement policy which helps our team members to take part in a range of courses and up-skill themselves at their own pace.
Equal opportunity

Equal opportunity

As an equal opportunities employer Made Purple's employment policy states: Your gender, your skin colour, your gods, your sex life, or your best friends great grand mother make absolutely no difference here. If you’re smart, have a positive attitude with a willingness to learn as well as a true desire to serve our system users to the very best of your ability every single day, well, come as you are.
Wellbeing

Wellbeing

The wellbeing of the Made Purple team is paramount to our success and vital to ensure that we are delivering world class service to our customers and our system users. As a technology company we are well aware that physical activity during the working day can be difficult, which is why we encourage the use of stand up desks and support all team members with their physical goals providing additional time off for events such as marathons and mountain climbs. Mental wellbeing is also taken incredibly seriously within Made Purple, so much so that we have developed our very own mind fullness application that our staff can use for breathing exercises as well as guided / un-guided meditation. We keep our team fully updated in terms of current and future contracts to help provide them with an understanding of the companies activities and ensuring that they are fully trained and able to move onto a new contract should the contract they are working with come to an end. This we believe helps our team members to feel comfortable and confident with their Job security which is one of the top 5 reasons for stress within the technology sector.

Pricing

Price
£9.95 a user a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free trail available to one site within a group, 30 day 50 user trial is available.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at George@madepurple.com. Tell them what format you need. It will help if you say what assistive technology you use.