INTRAGEN LIMITED

IGA, PAM, CIAM Solutions as a Service

Intragen's IAM consultants provide end-to-end professional services for the following solutions:

Identity Governance & Administration (IGA)
Access Management, Single Sign-On & Multi-Factor Authentication (SSO & MFA)
Privileged Access Management (PAM)
Customer Identity and Access Management (CIAM)

Features

• Access Review covering cloud and on premise applications
• Automated provisioning user lifecycle (JML) management as a service
• Self-service Access Request and approval to applications and resources
• Self-service management of all administrative tasks
• Zero-code application on-boarding and workflow configuration
• Full auditing and reporting of all tasks
• Pre-configured best-practice set-up, no previous IAM knowledge assumed
• Access Certification Campaigns verifies user access permissions by line manager
• Identity warehouse showing all accounts and access users have
• Management of Privileged access

Benefits

• Automated manual access management tasks for efficiency and quality
• Ready-made workflows simply configured with no consultancy costs
• Automated Joiner, Mover, Leaver and recertification access processing
• Single source of truth for all questions concerning user access
• Potential implementation within a number of days rather than months
• Developed for SMEs to minimize expertise required to maintain
• Easy compliance reports for auditors
• Connector library supporting leading enterprise systems and custom connectors
• Reduce help-desk calls to track access requests through self-service
• Simple management of privileged accounts and access

£0.14 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.taylor@intragen.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

199931195912542

Contact

Paul Taylor
07738 310768
paul.taylor@intragen.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Our consultancy services, which have experience of implementing over 150 IAM projects, can be used to provide advice, guidance, maturity assessments, agile dev ops and development services .
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Intragen's offerings can be deployed and hosted in multiple cloud solutions. If there is a requirement to deploy solutions on a customer’s private cloud this is an option, but requires that the infrastructure meets the minimum requirement for the solution to ensure availability and performance SLAs.
• System requirements:
  • Intragen's platform will require user licenses to be purchased
  • Web Browsers- Firefox, Internet Explorer, Microsoft Edge, Chrome and Safari
  • Public Cloud - SaaS solution fully managed by Intragen
  • Private Cloud – VM, firewalls and load balancers require set-up

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Intragen offer varying support packages with SLA's to meet individual requirements ie Entry, Silver, Gold and Platinum.; ; The MSSP team work Monday to Friday (normal business hours, not bank holidays).; ; 24/7 services are available upon request and priced accordingly.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Monday to Friday, 9am – 5pm (Additional escalation service available for Priority 1 / critical incidents, 24 x 7 (optional and additional cost applied).; ; MSSP customers have the options of 4 Support SLA tiers they can choose from. These are Entry, Silver, Gold & Platinum and dependent upon the level that they choose will determine the SLA's applicable to that offering.; ; Priority 1 ; Complete outage or loss of core functionality impacting all users with no acceptable workaround; Response SLA dependent upon tier chosen.; ; Priority 2; Severe impact on performance and/or function. Workaround in place.; Response SLA dependent upon tier chosen.; ; Priority 3; Issue or defect with minor impact on business processes; Response SLA dependent upon tier chosen.; ; Intragen provide both business and technical consultants of varying levels along with project managers and pricing depends on the level of experience and works to be conducted.; Managed Support customers will have a dedicated service manager (Technical Account Manager).; ; Pricing ranges per day from £1250 an Associate Consultant to £1800 a Principle Consultant. A project manager will cost £1350 per day. All other consultants priced upon application/project requirement.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Intragen's expert team of IAM consultants provide end-to-end professional services. This allows you to leave the analysis, planning, project management and support to us. We don't believe that you need an in-house team of experts because we bring all the knowledge and experience to deliver everything you need.; ; Intragen provide a comprehensive on-boarding, documentation and on-going support service. This includes education sessions, configuring and setting up ie the automated JML workflows, attestation etc..; Additional consultancy services are available for customers, if required during initial set-up, or during the lifetime of the contract.; After initial set-up, Intragen can provide Managed Support, Professional services, Maturity Assessments etc..
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: During the term of the contract the Account team will be in close communication with the customer. As the contract reaches an end the Account Manager will be working with the customer to agree renewal terms. If the customer chooses not to renew their contract they can export all relevant data. This is completed by raising a request ticket to the support team, who will provide the data to an approved customer contact.
• End-of-contract process: Upon termination of the subscription term Intragen will act as per their Terms & Conditions which will have been agreed with the customer. ; ; All Intragen professional services are additional costs and this would include any transitional professional services required at the end of the contract. Extended support hours such 24x7 would incur additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The service supports both mobile and desktop access.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Intragen's solutions are acccessed via a web client (e.g. any standard browser) from any web enabled device. The portal allows access to all elements of the platform from product to support enabling a really simplistic service, giving the user a true SaaS experience.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Currently not applicable but does fall on the roadmap for the service going forward.
• API: Yes
• What users can and can't do using the API: The underlying service has a fully featured API. However, the recommendation for SME organisations is to use the configurable UI for a simpler and more easily supportable solution.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: The advantage of all Intragen's offerings is the highly configurable/customisable nature of the service. Allowing non-IAM experts to use checkboxes and radio buttons to configure Joiner/Mover/Leaver workflows, set-up access attestations/recertifications, set-up request and approval workflows, configure email notifications, and set-up connectors to upstream and downstream systems e.g. HR, AD, etc.

Scaling

• Independence of resources: There is no impact to users due to the availability SLAs provided by cloud tenancy ie AWS who utilise high availability, scalability and elasticity to ensure the user experience is not interrupted.

Analytics

• Service usage metrics: Yes
• Metrics types: * Service availability; * Audit log metrics for all provisioning, access request and access certification actions within the service; * Active users; * license allocation; * Provide details on number of users accessing the service; ; Intragen are not limited to the above and many more service metrics are available.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: One Identity, Okta, SailPoint, CyberArk and Workato

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Customers can export their data by raising a request ticket to the support team, who will provide the data to an approved customer contact.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • RTF
  • Text
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Service Availability is based on desired hosting requirements ie customer own Azure (AWS) tenancy 99.95%.
• Approach to resilience: Intragen's offerings are provided utilizing Microsoft Azure with each primary hosting location providing full redundancy of hardware, software, and network infrastructure. It includes advanced backup and failover mechanism and processes to ensure timely recovery as per customer requirements.; However, resilience is based upon the customers own requirements.; Further information is available upon request.
• Outage reporting: Intragen's solutions have automatic alerting and monitoring to ensure notification and remediation can occur in a timely manner. These alerts are monitored by Intragen's Managed Support Service team and where an outage occurs which could impact the SLAs being breached, email notifications will be sent customers.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Intragen follows the principle of least privilege. All administrative level access requires approval through a strict process to ensure those that require access are granted it. The scope of this access to administrative access to restricted to the Intragen Managed support team. Customer administrative access is restricted to the admin UIs.; Access to infrastructure requires access via secure channels only.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: AIWA
• ISO/IEC 27001 accreditation date: 27102021
• What the ISO/IEC 27001 doesn’t cover: TBC
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All Intragen offerings are based on the customers requirements with Intragen being accredited to ISO27001, with the relevant policies and procedures in place to ensure compliance to high security standards. These include but not limited to security training, incident management, data handling, compliance to GDPR, etc. ; ; To maintain certification, we are audited on a regular basis.; ; Intragen's partner providing the hosting service is an ISO 27001 certified organisation.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Intragen has formally documented change management procedures are in place to govern the modification and maintenance of production systems and address security, availability, and confidentiality requirements. The Company has adopted a formal software development life cycle (SDLC) methodology that governs the development and deployment of application code. This ensures that releases are correctly developed, tested, and release into production.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Intragen's solution infrastructure is managed by the customer within their cloud environment or by the vendors cloud. This is regularly monitored for any vulnerabilities using tooling. Patches are regularly applied depending on the criticality.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring tools are designed to detect unusual or unauthorised activities and conditions at ingress and egress communication points. These tools monitor server and network usage, port scanning activities, application usage, and unauthorised intrusion attempts. Azure security monitoring tools help identify several types of denial of service (DoS) attacks, including distributed, flooding, and software/logic attacks.; ; Intragen uses a variety of tools to monitor the availability of the production environments for its clients, including alerts from Azure. These tools send alerts to the Managed support team that trigger follow-up procedures.
• Incident management type: Supplier-defined controls
• Incident management approach: Customers should report any issues within the Managed Support service, to Intragen support, via email or raising of tickets. ; Intragen maintains a Security Incident Response Policy and Procedure, which specify the steps and roles and responsibilities should such an incident occur. These policies address remediation and follow-through to ensure the issue is understood and fully addressed. And includes communication to customers if they have been affected or it is appropriate to know the incident has occurred and the status of their data.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Climate change presents challenges to the business world,; however it also provides an opportunity for Intragen to excel; and become a leader in the drive towards a low carbon economy.; ; Discovering ways to minimise our environmental footprint is a priority for our clients and employees. To contribute to the race to net zero, we will incorporate leading environmental practices into our daily operations and business strategy to encourage; environmental awareness and responsibility.; The EU aims to be climate-neutral by 2050 to keep global warming below 2°C however, at Intragen we aim to achieve this by 2035.; ; Intragen’s 10 year environmental plan is as follows:; 1 Introduce company wide polices to encourage best practice and; environmental responsibility, for example:; • Reduce unnecessary travel.; • Encourage greener travel through financial incentives or allowing employees additional time to travel in greener ways. ; • Less frequent, but longer trips client visits.; • Encourage remote working where possible, with clients and with employees.; • Where travel is essential, ensure carbon offsetting.; • Encourage employees and clients to “go digital” to reduce printing.; • Cycle to work scheme and other initiatives for employees to adopt greener alternatives.; ; Adapt offices to facilitate more convenient and environmental; practices for employees:; • Full recycling facilities easily accessible. Where possible eliminate the use of “single use” items. No waste should end up in landfills by 2030.; • Energy friendly lighting; • Timers on lights to ensure they turn off; • Office equipment switched off over night; ; Ensure IT equipment, (including laptops, desktops, monitors, docking stations and cables) is reused or recycled after all data is removed.; ; Move office energy suppliers to those that offer tariffs supplied by 100% renewable. ; Consider advances in adding solar panels to office buildings. Purchasing 100% renewable energy should be achieved by 2025.

  Equal opportunity

  We are committed to providing and promoting equal opportunities in employment. We aim to treat you and job applicants equally regardless of age, disability, gender reassignment, marital or civil partnership status, pregnancy or maternity, race, colour, nationality, ethnic or national origin, religion or belief, sex or sexual orientation (“Protected Characteristics”).; ; We aim to provide equal opportunities and avoid discrimination in all aspects of employment and to ensure that the talent and skills of all individuals are maximised. Our approach applies to recruitment, terms and conditions of employment (including pay), appraisals, promotion, disciplinary and grievance procedures and training.

  Wellbeing

  The purpose of Intragen's Diversity, Equity, and Inclusivity (DEI) Policy is to foster a diverse, equitable, and inclusive workplace at Intragen. We recognise that a diverse workforce strengthens our company by promoting creativity, innovation, and collaboration. This policy outlines our commitment to embracing diversity, fostering equity, and promoting an inclusive work environment where all employees feel respected, valued, and supported.; ; Policy Statement; ; Intragen is committed to:; * Promoting diversity in our workforce by recruiting, hiring, and retaining individuals from a wide range of backgrounds, experiences, and perspectives; * Ensuring equitable treatment of all employees by providing equal opportunities for growth, advancement, and professional development; * Creating an inclusive work environment where all employees feel respected, valued, and empowered to contribute to the success of the company; * Providing training and resources to help employees understand and embrace diversity, equity, and inclusivity; * Encouraging open communication, feedback, and dialogue about diversity, equity, and inclusivity within the company; * Regularly reviewing and evaluating our DEI efforts to ensure continuous improvement and alignment with our company goals and values

Pricing

• Price: £0.14 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at paul.taylor@intragen.com. Tell them what format you need. It will help if you say what assistive technology you use.