Objective Corporation Limited

Objective Connect

Secure content and process sharing for Digital Government. Objective Connect enables government organisations to securely create Workspaces with external partner organisations. With ISO27001 accreditation and hosted in 3+ AWS UK zones, many public-sector organisations are using Connect as their only tool for external secure content sharing and collaboration.

Features

• Information Governance
• Integration with Common Line of Business Systems
• Social Collaboration
• Comprehensive Administration, Auditing & Reports
• Secure File & Document Management
• Task & Process Management
• Native Mobile Apps

Benefits

• Connects Multi-Organisational Business Process & Services
• Maintains Governance Outside of the Firewall
• Empowers True Digital Transformation
• Unique & Very Cost Effective Commercial Model
• High User Adoption
• Low Cost of Management
• Minimises the Impact of Change

£4,830.00 a unit a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mat.graves@objective.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

227134297660350

Contact

Mat Graves
+44 (0)118 2072300
mat.graves@objective.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: HPE Content Manager (TRIM); Objective ECM
• Cloud deployment model:
  • Public cloud
  • Community cloud
• Service constraints: Outlined in Objective Connect terms and conditions and Objective Connect Support Handbook
• System requirements: Any modern, supported Internet browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard Support and Premium Support are available dependent upon edition.; Online Incident creation available 24/7 - ; Other support channels available Mon-Friday during Business Day Hours 8am-6pm
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Objective Connect support services are based on standard support and premium support. PREMIUM SUPPORT Premium Support customers receive all the elements Standard Support plus the following: • Up to four (4) named Support Contact accounts • Access by Support Contacts to telephone support on Business Days between 8am and 6pm where the customer is located; • Incident Priority Definitions and Incident Response and Resolution Targets (see Section 8); • Incident resolution, escalation and reporting • Extended support hours for Priority 1 Incidents (24x5 Monday to Friday, Business Days only); • Objective will provide Priority 1 post-incident reports; • Support Contact access to the portal to view Incidents and status; • Incidents are managed by the Objective Global Support team, providing real-time updates of progress and the ability to negotiate incident priority levels; • Assistance to Support Contacts in resolving Objective Connect technical issues such as applying certificates and installation assistance of new Objective Connect Link versions; • Support Contacts are notified by email of updates and new releases of Connect. Connect enhanced support for Connect Link customers provide Target Levels 1-4 for Response and Resolution.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: "Objective Connect is designed with zero training requirements in mind and most users start using it without any additional help.; Extensive getting started guides, tutorial videos and FAQs are available from:; https://www.objective.co.uk/resources/tutorials; Additional training and workshops can be provided as a paid service."
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All documents hosted in Objective Connect can be downloaded at any time.; Audit trail can be exported by administrators to a CSV file at any time.
• End-of-contract process: At the end of the contract users lose the option to create new secure workspaces and to add new documents to their workspaces. Administrators no longer have access to the administration features of Objective Connect.; Prior to the end of the contract users and administrators can download all documents and audit trails and close all workspaces, which will delete all contents from Objective Connect.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The web application is fully responses and provides the same level of experience on mobile devices.; Additionally there is a native mobile application for iOS and Android devices, which provides full access to the documents and folders hosted in Objective Connect.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Via supported Browser or via Outlook Plug-in
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Via Testing with Government Customers and in Lab
• API: Yes
• What users can and can't do using the API: The API is public and integration with it is described in the API documentation.; All functionality available through the web application is available through the API as well.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Administrators can brand Objective Connect by providing their organisation's logo. This logo is displayed on email notifications and on Objective Connect workspaces.

Scaling

• Independence of resources: Objective Connect is a SaaS solution that can scale up and down as required.

Analytics

• Service usage metrics: Yes
• Metrics types: The Objective Connect administration dashboard provides access to the following metrics: ; Connections are the currency of Connect and are calculated by multiplying the number of participants by the number of documents available in the same workspace. Administrators can view connection count at the account, workgroup, user or individual workspace level.
• Reporting types:
  • API access
  • Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: "Audit trails, containing records of all actions on the users' workspaces can be exported as CSV files through the customers' administration dashboard.; Additionally, Workspace Record's in PDF format can also be generated for download. Workspace Record functionality is available as an Enterprise-only subscription offering, presenting all audit events in a concise, human-readable document format."
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats:
  • Users input their information manually (such as names, contact details)
  • Data migration can be provided as a paid service

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: FIPS 140-2; AES-512;256
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: FIPS 140-2;AES-512;256

Availability and resilience

• Guaranteed availability: 99,9%, excluding scheduled downtime.
• Approach to resilience: "The Connect architecture primarily leverages Wildfly, MySQL and ActiveMQ running across multiple AWS Virtual Machines, along with multiple auto-scaling microservices, providing additional system functionality.; This configuration directly supports both service redundancy and high-availability across the system."
• Outage reporting: Email alerts, on the login page and on the public Objective Connect website.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Users require elevated Admin permissions associated with their login.
• Access restriction testing frequency: Never
• Management access authentication:
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: July 2018
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001
  • ISO 27018
  • GDPR Compliant

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO/IEC 9001
• Information security policies and processes: Customer data is only available to a small number of highly trusted operations personnel which excludes the development and product teams.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All changes to production environments are tracked in an internal ticketing system. Are changes need to be classified and approved by the change advisory board located in UK. All change request are reviewed from the perspective of impact on the operation of the product and the IS 27001 certification.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: "Objective Connect has a robust monitoring and alerting and intrusion detection systems. Regular patching of applications and services compliant with the following standard is performed:; * ‘Critical’ patches should be deployed within hours; * ‘Important’ patches should be deployed within 2 weeks of a patch becoming available; * ‘Other’ patches deployed within 8 weeks of a patch becoming available"
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: "Connect is monitored in a variety of ways, depending on requirements. The main tools utilised are: ; AWS Cloudwatch - the primary monitoring tool that provides a consolidated platform for the management and investigation of system health, events and logs.; PagerDuty - providing ongoing notification via email, SMS and mobile app alerts to Operations team members.; CloudTrail - utilised to support investigation and audit functions of the AWS environment."
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Administartion Dashboard ref Connections and E-Mail Notification

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Scottish Wide Area Network (SWAN)

Social Value

• Fighting climate change:

  Fighting climate change

  Objective Connect allows you to transfer large files (up to 10Gb) to multiple contacts and agencies securely and confidentially. This removes expensive printing and courier costs whilst still providing a full audit trail and confirmation that the document was not only received but also viewed.
• Covid-19 recovery:

  Covid-19 recovery

  When COVID-19 hit, vulnerable communities were left exposed and in need. Welsh Government – along with the 22 local authorities across Wales – were responsible for ensuring shielding citizens received the same level of service and care. This included the coordination of essential food supplies for those in isolation. ; ; Coordinating a network of local authorities, suppliers and distributors to deliver the food packages, Welsh Government was responsible for handling the data side of the process, ensuring a secure method of transferring sensitive and personal information between the involved parties. Having used Objective Connect since 2015, the Information Management team were able to set a secure Connect workspace up immediately.; ; This allowed the team to consolidate information from the thousands of food parcel orders being received from the local authorities daily and send it securely to the suppliers. Information could then be received from the suppliers about the delivery in return and fed back to the local authorities, all via the same secure application. The system was also used to respond to queries where issues arose.; ; • Rapid response: Workspaces set up quickly and easily without delays to kickstart the programme network; • Continued flexibility: The process was swiftly developed and adapted as requirements changed; • Solid security: Robust security posture and credentials ensured sensitive information was shared without risk; • Instant integration: Integration with Objective ECM records system alleviated back office administration; • Future application: Plans to use workflow to systemise the pull of uploaded data from the Objective ECM system to generate new files which are automatically sent into Objective Connect; ; Examples of how Objective products helped during the COVID-19 pandemic can be found via the website link below. This includes how Volunteer Scotland and how they used our products to coordinate their Covid-19 volunteer response.; ; https://www.objective.co.uk/resources/customer-stories
• Tackling economic inequality:

  Tackling economic inequality

  During the recent outbreaks of COVID-19 and the natural disasters across the world, vulnerable communities were left in need of help. Unexpected crises force local authorities to act fast and coordinate a response across a network of stakeholders. With no time to lose, authorities need to act quickly and set up collaboration channels to share critical data across agencies.; Objective Connect allows response teams to set up lines of collaboration instantly, enabling authorities to consolidate information and send it securely to critical front-line responders in the field. The response team can easily invite Participants who can access the information required to respond, delivering support to residents in times of crisis.; • Secure by default: Government-grade security over sensitive information throughout all stages of emergency response.; • 10GB file uploads: Reduces overhead of managing large files while being able to securely share information with the response team.; • Workspace Record: Provides oversight and insight on who does what and when ensuring compliance standards are met.; • User-friendly and intuitive: Allows for rapid onboarding of key stakeholders regardless of IT proficiency.; • Connect for Mobile: Secure access to critical content anytime, anywhere – in the office or out in the field.
• Wellbeing:

  Wellbeing

  Objective Connect for Child-Safeguarding; Instant sharing of information with approved health care, social welfare, housing officers, police or other relevant agencies when a child is at risk.; The Problem; Some authorities are currently using generic methods of sharing information on children who are missing or are at risk of being harmed. These ineffective methods are not fit-for-purpose and create bottlenecks when immediate action is required, slowing response time for critical services.; ; The Solution; Objective Connect enables secure collaboration and ongoing coordination between all stakeholders on information regarding safeguarding children. It provides the level of security, visibility and accountability needed to share relevant information so that specialist services can respond quickly and activate action plans from data received in real time.

Pricing

• Price: £4,830.00 a unit a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 14 day period for Standard User excludes any optional items (see price list).
• Link to free trial: https://www.objective.co.uk/products/objective-connect

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mat.graves@objective.com. Tell them what format you need. It will help if you say what assistive technology you use.