Print365 2022

Service scope

Service constraints: Epson can confirm that there are no service constraints.
System requirements: P365 Licence

Supported browsers (Chrome , IE, Edge, Firefox, Safari...)

Windows OS, iOS

User support

Email or online ticketing support: Email or online ticketing
Support response times: Customer Support Services
The Epson Customer Interaction Centre (CIC) will provide a staffed email address, in order to allow Customers to log service requests. It is available Monday – Friday, 9am – 5.00pm, excluding bank holidays.

Epson also has a facility to log issues electronically, which is available 24/7 and will be responded to within 3 hours where the message was sent between 8:00am - 2:00pm Monday to Friday after 2:00pm Epson shall respond by 10am the next working day.

Weekend response can be provided specific to the call off agreement and may be subject to additional cost.
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard: None or don’t know
How the web chat support is accessible: Customer Support Services Web Chat

The Customer Interaction Centre (CIC) will provide a staffed web chat, in order to allow Customers to log service requests, service and support queries, place orders and request quotes . The staffed web chat shall be available Monday – Friday, 9am – 5.00pm, excluding bank holidays. CIC also has a facility to log issues electronically, which must be available 24/7 which will be responded to within 3 hours where the message was sent between 8:00am - 2:00pm Monday to Friday. In the event Customers submit the query after 2:00pm AMC shall respond by 10am the next working day.

The Dedicated Customer Service team will also have access to the finance and invoicing portals to ensure rapid resolution of invoicing queries with defined acknowledgment times and resolution timescales in line with the predefined service levels at the Contract level.
Web chat accessibility testing: None
Onsite support: Onsite support
Support levels: Customer Support Services
The Epson Customer Interaction Centre (CIC) will provide a staffed telephone line, in order to allow Customers to place orders, request quotes or log service requests. The staffed telephone line shall be available Monday – Friday, 9am – 5.00pm, excluding bank holidays. Epson also has a facility to log issues electronically, which must be available 24/7 which will be responded to within 3 hours where the message was sent between 8:00am - 2:00pm Monday to Friday. In the event Customers submit the query after 2:00pm Epson shall respond by 10am the next working day.

Epson has an experienced team of Technical account managers who will support the customer in providing the best possible solutions to meet the customers’ business requirements.

Epson has a technical team of over 800 employees in the UK and all members of the Service Team will have had full training on the required Epson Solution range.

Epson’s service IT systems have been designed to allow us to manage customers bespoke requirements. This enables us to minimise customer downtime and to meet the highest quality standards. All Epson Software will be fully supported either via the call centre or on-site engineers as required.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: The Epson Pre-Sales Support team will provide, at no extra cost, pre-sales advice. This will include full audits on each organisation, together with consultancy, to include a suggested appropriate solution.

Training
Epson can confirm it will provide full training, support and documentaion free of charge to the proportionate value and complexity of the Customers requirement for all customer requirements including:

(a) Onsite training if required;
(b) e-Training packages;
(c) Product collateral;
(d) Training Manuals;
(e) Help Desk Support;
(f) Environmental and Software Training.

Support material will be provided which will also be easily accessible online through Epson’s homepage. This will include training guides in downloadable PDF format and supplementary information, feedback questionnaires and contact details. These documents can also be made available for access on the Customers internal intranet/systems or message boards if appropriate
Service documentation: Yes
Documentation formats: HTML

PDF

Other
Other documentation formats: Hard Copy User Guides

Training manuals

E Training Packages

Cloud Hosted Portal

Epson Support Website
End-of-contract data extraction: At the end of the contract users will request their individual data extract via the Customer support Centre or via the Epson Account Manger. This will be completed by a member of Epson IT and returned to the customer. All Data records / transaction data are kept in Epson Secure Datacentre for the minimum legal amount of time and disposed of / deleted in line with the Epson Data Management Policy securely.
End-of-contract process: At the end of the contract the service and support can either be renewed with a new service contract or the software and associated services are removed from the Customer organisation. Additional cost may be incurred for the collection of any assets associated with the P365 Services

Using the service

Web browser interface: Yes
Using the web interface: Users can create customers, quotations, request and manage contracts through the web interface.
Web interface accessibility standard: None or don’t know
How the web interface is accessible: The Web interface is accessible via any supported browser from PC, Tablet or Mobile Device.
Web interface accessibility testing: None
API: No
Command line interface: No

Scaling

Scaling available: Yes
Scaling type: Automatic
Independence of resources: Each Solution has its own agreed demand and Epson adds additional flexibility and contingency. As each solution is independent of each other there would be no demand affect issues caused by other users.
Usage notifications: Yes
Usage reporting: Email

Other

Analytics

Infrastructure or application metrics: No

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Managed by a third party
Penetration testing frequency: At least every 6 months
Penetration testing approach: In-house
Protecting data at rest: Physical access control, complying with another standard

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed

Hardware containing data is completely destroyed
Equipment disposal approach: A third-party destruction service

Backup and recovery

Backup and recovery: Yes
What’s backed up: Databases

Files
Backup controls: Backups are performed on a scheduled basis inline with the Epson IT Policy. Users do not have control of data or schedule
Datacentre setup: Multiple datacentres with disaster recovery
Scheduling backups: Supplier controls the whole backup schedule
Backup recovery: Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability: Epson can guarantee high availability to all customers using the P365 Solutions.

SLA and KPI’s
Epson has a next business day business solutions. Key Performance Indicators (KPI’s) for this are we achieve 90% next business day onsite contact “Best Endeavours” excluding Highlands and Islands and achieve an 80% First Time Fix (FTF) to all service calls.
Our current actual performance for next day is 99.66%
• Our current actual performance for first time fix rate is 85%
Approach to resilience: Epson can confirm its service is designed to be resilient and will provide this information and further information regarding its datacentre resilience upon request as it is considered to be commercially confidential and requires an agreed non-disclosure agreement prior to release.
Outage reporting: Downtime or outage is reported it via an email alert to the user

Identity and authentication

User authentication: Username or password
Access restrictions in management interfaces and support channels: Access in Management Interfaces and support channels is restricted. These are password and system access protected ensuring access is only granted to personel in line with the Epson IT Security Policy.

• IT asset, (hardware, software, application or data) have a named custodian who is responsible for the information security of that asset.

• Only authorised personnel who have justified and approved business requirements can access restricted areas containing information systems or stored data.

• Access to data, system utilities and program source libraries is controlled and restricted to authorised users who have a legitimate business need e.g. systems/database administrators.
Access restriction testing frequency: At least once a year
Management access authentication: Username or password
Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: Yes
Who accredited the PCI DSS certification: Self Certification - our acquiring bank Ingenico
PCI DSS accreditation date: Ongoing
What the PCI DSS doesn’t cover: PCI compliance, this is a contractual obligation and the compliance process is based on the number of card payments processed per year. On that basis, as our volumes are relatively low, we self-certify and have to provide the relevant details and quarterly network scans directly to our acquiring bank (Ingenico). No certificate is issued. The scope of PCI compliance is limited to areas of the network associated with e-commerce/payment card processing.
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: Cyber Essentials Plus Certificate no.: 9832617625699364

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001

Other
Other security governance standards: Cyber Essentials Plus Certificate no.: 9832617625699364

Epson Europe B.V.
Azië Building, Atlas ArenaA, Hoogoorddreef 5, 1101 BA Amsterdam Zuidoost, The Netherlands
Has been assessed
by Jonathan O'Reilly for NCC Group PLC
Information security policies and processes: In terms of the security controls/processes, Epson follow the security ‘best practice’ as outlined in the ISO27001 security standard. We are also Cyber Essentials Plus certified

Responsibility for information security rests with the President of EPSON EMEA, on a day-to-day basis the Chief Information Security Officer (CISO) is responsible for managing and implementing this policy and related procedures.

Line Managers are responsible for ensuring staff
o The information security policies applicable in their work areas
o Their personal responsibilities for information security
o How to access advice on information security matters

Line Managers are individually responsible for the security of their physical environments where information is processed or stored.

All staff shall comply with information security procedures including the maintenance of data confidentiality and data integrity.

• Each member of staff is responsible for the operational security of the information systems they use.

Only authorised personnel are given access to restricted areas containing information systems or stored data. An audit trail of system access and data use by staff is maintained and reviewed.

EPSON regularly audit compliance with this and other policies. In addition monitors activity where it suspects that there has been a breach of policy.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: EPSON EMEA IT shall ensure that appropriate security management requirements are considered for all new information systems, applications and networks under its control. In this way, specific responsibilities may be assigned and obligations communicated directly to those who use the system.

Changes to information systems, applications or networks shall be reviewed and approved by the designated system owner in accordance with the Epson IT Policy.
Vulnerability management type: Undisclosed
Vulnerability management approach: Identification and quantification of information security risks are classified in terms of their perceived value of asset, severity of impact and the likelihood of occurrence.

Information security risks are managed on a formal basis. They are recorded within a baseline risk register and action plans put in place to effectively manage those risks including the preventative and corrective action such as Patches, Service packs and Software Updates. The risk register and all associated actions shall be reviewed at regular intervals. Implemented information security arrangements are regularly reviewed within EPSON EMEA's risk management programme. These identify areas of continuing best practice.
Protective monitoring type: Undisclosed
Protective monitoring approach: All information security events and suspected weaknesses are to be reported to the CISO. All information security events shall be investigated to establish their cause and impacts with a view to avoiding similar events.

The organisation shall use software countermeasures and management procedures to protect itself against the threat of malicious software. All staff shall be expected to co-operate fully with this policy.

Response times to incidents are dependent on the threat level, and responded to accordingly based on the Epson Risk Management Program
Incident management type: Supplier-defined controls
Incident management approach: An integrated set of processes, procedures and associated systems are in place, ensuring that management of incidents is conducted effectively and in line with company policy. The dedicated contract manager will be the focal point and will support all after sales service departments and work in partnership with the departmental manager to review, investigate and resolve any incidents or problems for swift resolution.
The process review will comprise a number of stages, including:
Incident Reporting - Phone, Email
Understanding the occurrence
Identifying the impacts;
Working with the business to implement resolution;
Process reviews;
Preventative improvements;
Renew procedures;
Written notification/reports .

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

Energy-efficient datacentres: No

Fighting climate change: Fighting climate change

Epson commits to fighting climate change and as art of its CSR will work with organisations to reduce climate change via Heat Free Low Energy technology
Covid-19 recovery: Covid-19 recovery

Epson confirms it has recovered from the impacts of COVID 19 pandemic
Tackling economic inequality: Tackling economic inequality

Epson commits to tackling economic inequality
Equal opportunity: Equal opportunity

Epson commits to Equal opportunity
Wellbeing: Wellbeing

Epson confirms it has wellbeing policies in place for all its staff

Pricing

Price: £15 to £346.00 a device a month
Discount for educational organisations: No
Free trial available: No

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Pricing

Service documents

Cookies on Digital Marketplace

Print365 2022

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Backup and recovery

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Separation between users

Energy efficiency

Social Value

Pricing

Service documents