Skip to main content

Help us improve the Digital Marketplace - send your feedback

INTRAGEN LIMITED

IGA, PAM, CIAM Solutions as a Service

Intragen's IAM consultants provide end-to-end professional services for the following solutions:

Identity Governance & Administration (IGA)
Access Management, Single Sign-On & Multi-Factor Authentication (SSO & MFA)
Privileged Access Management (PAM)
Customer Identity and Access Management (CIAM)

Features

  • Access Review covering cloud and on premise applications
  • Automated provisioning user lifecycle (JML) management as a service
  • Self-service Access Request and approval to applications and resources
  • Self-service management of all administrative tasks
  • Zero-code application on-boarding and workflow configuration
  • Full auditing and reporting of all tasks
  • Pre-configured best-practice set-up, no previous IAM knowledge assumed
  • Access Certification Campaigns verifies user access permissions by line manager
  • Identity warehouse showing all accounts and access users have
  • Management of Privileged access

Benefits

  • Automated manual access management tasks for efficiency and quality
  • Ready-made workflows simply configured with no consultancy costs
  • Automated Joiner, Mover, Leaver and recertification access processing
  • Single source of truth for all questions concerning user access
  • Potential implementation within a number of days rather than months
  • Developed for SMEs to minimize expertise required to maintain
  • Easy compliance reports for auditors
  • Connector library supporting leading enterprise systems and custom connectors
  • Reduce help-desk calls to track access requests through self-service
  • Simple management of privileged accounts and access

Pricing

£0.14 a licence a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.taylor@intragen.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 9 9 9 3 1 1 9 5 9 1 2 5 4 2

Contact

INTRAGEN LIMITED Paul Taylor
Telephone: 07738 310768
Email: paul.taylor@intragen.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Our consultancy services, which have experience of implementing over 150 IAM projects, can be used to provide advice, guidance, maturity assessments, agile dev ops and development services .
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
Intragen's offerings can be deployed and hosted in multiple cloud solutions. If there is a requirement to deploy solutions on a customer’s private cloud this is an option, but requires that the infrastructure meets the minimum requirement for the solution to ensure availability and performance SLAs.
System requirements
  • Intragen's platform will require user licenses to be purchased
  • Web Browsers- Firefox, Internet Explorer, Microsoft Edge, Chrome and Safari
  • Public Cloud - SaaS solution fully managed by Intragen
  • Private Cloud – VM, firewalls and load balancers require set-up

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Intragen offer varying support packages with SLA's to meet individual requirements ie Entry, Silver, Gold and Platinum.

The MSSP team work Monday to Friday (normal business hours, not bank holidays).

24/7 services are available upon request and priced accordingly.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Monday to Friday, 9am – 5pm (Additional escalation service available for Priority 1 / critical incidents, 24 x 7 (optional and additional cost applied).

MSSP customers have the options of 4 Support SLA tiers they can choose from. These are Entry, Silver, Gold & Platinum and dependent upon the level that they choose will determine the SLA's applicable to that offering.

Priority 1
Complete outage or loss of core functionality impacting all users with no acceptable workaround
Response SLA dependent upon tier chosen.

Priority 2
Severe impact on performance and/or function. Workaround in place.
Response SLA dependent upon tier chosen.

Priority 3
Issue or defect with minor impact on business processes
Response SLA dependent upon tier chosen.

Intragen provide both business and technical consultants of varying levels along with project managers and pricing depends on the level of experience and works to be conducted.
Managed Support customers will have a dedicated service manager (Technical Account Manager).

Pricing ranges per day from £1250 an Associate Consultant to £1800 a Principle Consultant. A project manager will cost £1350 per day. All other consultants priced upon application/project requirement.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Intragen's expert team of IAM consultants provide end-to-end professional services. This allows you to leave the analysis, planning, project management and support to us. We don't believe that you need an in-house team of experts because we bring all the knowledge and experience to deliver everything you need.

Intragen provide a comprehensive on-boarding, documentation and on-going support service. This includes education sessions, configuring and setting up ie the automated JML workflows, attestation etc..
Additional consultancy services are available for customers, if required during initial set-up, or during the lifetime of the contract.
After initial set-up, Intragen can provide Managed Support, Professional services, Maturity Assessments etc..
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
During the term of the contract the Account team will be in close communication with the customer. As the contract reaches an end the Account Manager will be working with the customer to agree renewal terms. If the customer chooses not to renew their contract they can export all relevant data. This is completed by raising a request ticket to the support team, who will provide the data to an approved customer contact.
End-of-contract process
Upon termination of the subscription term Intragen will act as per their Terms & Conditions which will have been agreed with the customer.

All Intragen professional services are additional costs and this would include any transitional professional services required at the end of the contract. Extended support hours such 24x7 would incur additional costs.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The service supports both mobile and desktop access.
Service interface
Yes
User support accessibility
WCAG 2.1 AA or EN 301 549
Description of service interface
Intragen's solutions are acccessed via a web client (e.g. any standard browser) from any web enabled device. The portal allows access to all elements of the platform from product to support enabling a really simplistic service, giving the user a true SaaS experience.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Currently not applicable but does fall on the roadmap for the service going forward.
API
Yes
What users can and can't do using the API
The underlying service has a fully featured API. However, the recommendation for SME organisations is to use the configurable UI for a simpler and more easily supportable solution.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
The advantage of all Intragen's offerings is the highly configurable/customisable nature of the service. Allowing non-IAM experts to use checkboxes and radio buttons to configure Joiner/Mover/Leaver workflows, set-up access attestations/recertifications, set-up request and approval workflows, configure email notifications, and set-up connectors to upstream and downstream systems e.g. HR, AD, etc.

Scaling

Independence of resources
There is no impact to users due to the availability SLAs provided by cloud tenancy ie AWS who utilise high availability, scalability and elasticity to ensure the user experience is not interrupted.

Analytics

Service usage metrics
Yes
Metrics types
* Service availability
* Audit log metrics for all provisioning, access request and access certification actions within the service
* Active users
* license allocation
* Provide details on number of users accessing the service

Intragen are not limited to the above and many more service metrics are available.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
One Identity, Okta, SailPoint, CyberArk and Workato

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Customers can export their data by raising a request ticket to the support team, who will provide the data to an approved customer contact.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • RTF
  • Text
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Service Availability is based on desired hosting requirements ie customer own Azure (AWS) tenancy 99.95%.
Approach to resilience
Intragen's offerings are provided utilizing Microsoft Azure with each primary hosting location providing full redundancy of hardware, software, and network infrastructure. It includes advanced backup and failover mechanism and processes to ensure timely recovery as per customer requirements.
However, resilience is based upon the customers own requirements.
Further information is available upon request.
Outage reporting
Intragen's solutions have automatic alerting and monitoring to ensure notification and remediation can occur in a timely manner. These alerts are monitored by Intragen's Managed Support Service team and where an outage occurs which could impact the SLAs being breached, email notifications will be sent customers.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Intragen follows the principle of least privilege. All administrative level access requires approval through a strict process to ensure those that require access are granted it. The scope of this access to administrative access to restricted to the Intragen Managed support team. Customer administrative access is restricted to the admin UIs.
Access to infrastructure requires access via secure channels only.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
AIWA
ISO/IEC 27001 accreditation date
27102021
What the ISO/IEC 27001 doesn’t cover
TBC
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
All Intragen offerings are based on the customers requirements with Intragen being accredited to ISO27001, with the relevant policies and procedures in place to ensure compliance to high security standards. These include but not limited to security training, incident management, data handling, compliance to GDPR, etc.

To maintain certification, we are audited on a regular basis.

Intragen's partner providing the hosting service is an ISO 27001 certified organisation.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Intragen has formally documented change management procedures are in place to govern the modification and maintenance of production systems and address security, availability, and confidentiality requirements. The Company has adopted a formal software development life cycle (SDLC) methodology that governs the development and deployment of application code. This ensures that releases are correctly developed, tested, and release into production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Intragen's solution infrastructure is managed by the customer within their cloud environment or by the vendors cloud. This is regularly monitored for any vulnerabilities using tooling. Patches are regularly applied depending on the criticality.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring tools are designed to detect unusual or unauthorised activities and conditions at ingress and egress communication points. These tools monitor server and network usage, port scanning activities, application usage, and unauthorised intrusion attempts. Azure security monitoring tools help identify several types of denial of service (DoS) attacks, including distributed, flooding, and software/logic attacks.

Intragen uses a variety of tools to monitor the availability of the production environments for its clients, including alerts from Azure. These tools send alerts to the Managed support team that trigger follow-up procedures.
Incident management type
Supplier-defined controls
Incident management approach
Customers should report any issues within the Managed Support service, to Intragen support, via email or raising of tickets.
Intragen maintains a Security Incident Response Policy and Procedure, which specify the steps and roles and responsibilities should such an incident occur. These policies address remediation and follow-through to ensure the issue is understood and fully addressed. And includes communication to customers if they have been affected or it is appropriate to know the incident has occurred and the status of their data.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

Fighting climate change

Climate change presents challenges to the business world,
however it also provides an opportunity for Intragen to excel
and become a leader in the drive towards a low carbon economy.

Discovering ways to minimise our environmental footprint is a priority for our clients and employees. To contribute to the race to net zero, we will incorporate leading environmental practices into our daily operations and business strategy to encourage
environmental awareness and responsibility.
The EU aims to be climate-neutral by 2050 to keep global warming below 2°C however, at Intragen we aim to achieve this by 2035.

Intragen’s 10 year environmental plan is as follows:
1 Introduce company wide polices to encourage best practice and
environmental responsibility, for example:
• Reduce unnecessary travel.
• Encourage greener travel through financial incentives or allowing employees additional time to travel in greener ways.
• Less frequent, but longer trips client visits.
• Encourage remote working where possible, with clients and with employees.
• Where travel is essential, ensure carbon offsetting.
• Encourage employees and clients to “go digital” to reduce printing.
• Cycle to work scheme and other initiatives for employees to adopt greener alternatives.

Adapt offices to facilitate more convenient and environmental
practices for employees:
• Full recycling facilities easily accessible. Where possible eliminate the use of “single use” items. No waste should end up in landfills by 2030.
• Energy friendly lighting
• Timers on lights to ensure they turn off
• Office equipment switched off over night

Ensure IT equipment, (including laptops, desktops, monitors, docking stations and cables) is reused or recycled after all data is removed.

Move office energy suppliers to those that offer tariffs supplied by 100% renewable.
Consider advances in adding solar panels to office buildings. Purchasing 100% renewable energy should be achieved by 2025.

Equal opportunity

We are committed to providing and promoting equal opportunities in employment. We aim to treat you and job applicants equally regardless of age, disability, gender reassignment, marital or civil partnership status, pregnancy or maternity, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation (“Protected Characteristics”).

We aim to provide equal opportunities and avoid discrimination in all aspects of employment and to ensure that the talent and skills of all individuals are maximised. Our approach applies to recruitment, terms and conditions of employment (including pay), appraisals, promotion, disciplinary and grievance procedures and training.

Wellbeing

The purpose of Intragen's Diversity, Equity, and Inclusivity (DEI) Policy is to foster a diverse, equitable, and inclusive workplace at Intragen. We recognise that a diverse workforce strengthens our company by promoting creativity, innovation, and collaboration. This policy outlines our commitment to embracing diversity, fostering equity, and promoting an inclusive work environment where all employees feel respected, valued, and supported.

Policy Statement

Intragen is committed to:
* Promoting diversity in our workforce by recruiting, hiring, and retaining individuals from a wide range of backgrounds, experiences, and perspectives
* Ensuring equitable treatment of all employees by providing equal opportunities for growth, advancement, and professional development
* Creating an inclusive work environment where all employees feel respected, valued, and empowered to contribute to the success of the company
* Providing training and resources to help employees understand and embrace diversity, equity, and inclusivity
* Encouraging open communication, feedback, and dialogue about diversity, equity, and inclusivity within the company
* Regularly reviewing and evaluating our DEI efforts to ensure continuous improvement and alignment with our company goals and values

Pricing

Price
£0.14 a licence a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.taylor@intragen.com. Tell them what format you need. It will help if you say what assistive technology you use.