LEAP Digital Platform
The LEAP service is an innovative learning platform designed to enhance digital literacy across organisations through experiential learning. It offers interactive workshops, peer-to-peer collaboration, and a rich repository of digital content, effectively bridging the digital divide and fostering a culture of continuous innovation and growth.
Features
- Engages users with peer-to-peer, hands-on digital modules.
- Provides real-time analytics on progress and knowledge gains..
- Ensures learning flexibility with access from any location.
- Centralises method cards, tutorials, and playbooks for easy access.
- Keeps learning materials current with automatic updates.
- Adapts scenarios and topics to fit various learning needs.
- Facilitates problem-solving and innovation through interactive sessions.
- Protects user data with advanced security protocols.
- Supports growing user numbers and complex scenarios efficiently.
- Links seamlessly with existing systems for enhanced functionality.
Benefits
- Enhances productivity and proficiency across the organisation.
- Reduces traditional training costs with scalable digital resources.
- Offers anytime, anywhere learning via remote access capabilities.
- Provides real-time analytics to improve training strategies.
- Facilitates easy content management and access on multiple devices.
- Encourages teamwork and problem-solving through dynamic workshops.
- Supports ongoing professional development and adaptation to new technologies.
- Implements top-tier security protocols for data protection.
- Enhances productivity through smooth integration with existing infrastructure.
- Secures and makes accessible valuable corporate knowledge for strategic advantage.
Pricing
£499 a user a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 8 5 3 2 9 9 0 9 8 0 1 2 5 9
Contact
Brainwave Labs Limited
Michael Ekpe
Telephone: 07771255949
Email: michael@brainwavelabs.io
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Hybrid cloud
- Service constraints
- Nil.
- System requirements
- Requirement for internet access.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- 1 Hour.
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AAA
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- Yes, at an extra cost
- Web chat support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support accessibility standard
- WCAG 2.1 AAA
- Web chat accessibility testing
- We conducted rigorous web chat testing with assistive technology users, ensuring accessibility compliance. Users navigated chat interfaces using screen readers, assessing functionality and ease of interaction. Feedback guided iterative improvements, ensuring seamless engagement for all users, regardless of ability.
- Onsite support
- Onsite support
- Support levels
- Standard (working hours) support is included. Premium Support is at an additional cost as described in the pricing sheet, depending on the level on service.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
To ensure users start using our service effectively, we offer a comprehensive onboarding process that includes several forms of support and training:
1. Online Training: We provide a series of interactive online training modules accessible directly through the platform. These modules cover all key features and functionalities, tailored to different user roles to ensure relevance and effectiveness.
2. User Documentation: Comprehensive user documentation is available within the platform. This includes detailed guides, FAQs, and step-by-step instructions designed to help users navigate the platform independently.
3. Onsite Training: For organizations that require it, we offer onsite training sessions conducted by our experts. These sessions are custom-designed to meet the specific needs of the team and focus on hands-on practice with the platform.
4. Webinars and Workshops: Regularly scheduled webinars and workshops are available to deepen user understanding and highlight advanced features or new updates to the service.
5. Customer Support: Our dedicated customer support team is available to answer any queries and assist with any challenges that arise as users familiarise themselves with the service. Support is available via phone, email, or live chat. - Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
-
When a contract with our service comes to an end, we ensure that users can extract their data easily and securely. Here’s how the process works:
1. Data Extraction Tools: Users have access to tools within the platform that allow them to download their data in common file formats, such as CSV, SQL, XML, Excel, or PDF, depending on the data type. These tools are accessible through an admin dashboard under the ‘Data Management’ section.
2. API Access: For more comprehensive data needs or automated extraction, admins can utilise our API to programmatically retrieve their data. Detailed documentation is available to guide users through this process.
3. Support Assistance: If users require assistance with data extraction, our support team is available to help. They can provide guidance on how to use the extraction tools effectively or assist in preparing custom data exports if the standard options do not meet the user’s needs.
We aim to make the data extraction process as straightforward and user-friendly as possible, ensuring that all data is retrieved securely and efficiently as the contract concludes. - End-of-contract process
-
At the end of the contract, here is a breakdown of what's included in the pricing and any potential additional costs:
Included in the Price:
• Data Extraction: Users are entitled to use built-in tools to download their data at no extra cost. This includes access to data in standard formats such as CSV, Excel, or PDF.
• Account Deactivation: Deactivating user accounts and access to services is included, with no additional fee for the account closure process.
• Final Review Meeting: A concluding session to discuss the service performance and any end-of-contract concerns is part of the contract without additional charges.
Additional Costs:
• Extended Data Access: If users need to extend their access to the platform beyond the contract end date to retrieve data or complete projects, additional fees may apply depending on the duration of the extension.
• Data Migration Support: Should users require assistance with data extraction or need custom reports and data formats, there may be additional charges based on the complexity and resource requirement.
• Archival Services: If users opt for archival of their data on our servers beyond the grace period outlined in our data retention policy, additional fees will be incurred.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
Both our mobile and desktop services provide full access to our platform's features, but they are tailored to suit the specific strengths and user contexts of each device type. Using either the mobile or desktop version of our service, users can enjoy a flexible learning experience that adapts to their lifestyle and preferences, ensuring they have the tools they need in the format that best suits their immediate context.
The mobile UI/UX provides is designed with a simplified interface, optimised for touch interaction and provides instant notification features. - Service interface
- Yes
- User support accessibility
- WCAG 2.1 A
- Description of service interface
- The LEAP interface is intuitively designed for ease of use, featuring a streamlined dashboard that provides a quick overview of progress, activities, and personalised recommendations. A clear navigation menu offers direct access to courses, workshops, community forums, and additional resources. Learning modules integrate interactive content with quizzes and real-time feedback to enhance engagement and retention. Integrated communication tools, including a messaging system and discussion boards, facilitate collaboration and community engagement. Accessibility features such as adjustable text sizes, and keyboard navigation ensure the platform is inclusive for all users. The mobile-optimised interface supports learning on-the-go with touch-friendly controls and offline access.
- Accessibility standards
- WCAG 2.1 A
- Accessibility testing
-
Testing Scenarios
Our testing includes a variety of real-world scenarios to ensure that users of assistive technologies can navigate the interface, access content, and interact with all platform functionalities effectively. Scenarios tested include:
• Navigating the dashboard and accessing various sections of the platform using screen readers.
• Interacting with learning modules using keyboard-only navigation to ensure that all interactive elements are accessible without a mouse.
Compliance and Standards
All interface testing is conducted in line with established accessibility standards, including the Web Content Accessibility Guidelines (WCAG) 2.1, to ensure compliance with both legal requirements and best practices. We aim to meet or exceed Level AA compliance, addressing issues related to navigability, readability, and operability.
Training and Documentation
In addition to interface testing, we provide comprehensive training materials and documentation that are accessible and easy to understand for users of assistive technologies. - API
- Yes
- What users can and can't do using the API
-
Our API provides robust options for users to customise and automate their interaction with our service, yet there are specific limitations to consider:
Capabilities
- Users can set up new accounts, specifying user roles and access levels.
- Settings for organisational structures, learning paths, and content categories can be configured via the API.
- Add, update, or delete learning materials and organise them into modules or courses.
- Update profiles, modify roles, and manage permissions.
- Generate custom reports on user engagement and performance, with options for data export.
- Data analytics
Limitations
• Initial Setup: Initial platform setup and integration with enterprise systems like SSO may require direct UI interaction or technical support.
• Complex Configurations: Advanced security settings and intricate organisational structures often require manual setup.
• Bulk Operations: There are restrictions on the volume of bulk operations to prevent system overload.
• Feature Availability: Some UI features, particularly those involving complex interactions or real-time collaboration, are not accessible via the API.
• Rate Limits: API usage is subject to rate limits to ensure system stability and fair usage. - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- HTML
- ODF
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Our service is adaptable, enhancing both user experience and operational efficiency for organisations of varying sizes and complexity.
What Can Be Customised
• User Interface: Tailor themes, colours, and layouts to match organisational branding.
• Learning Content: Create and integrate custom training content.
• Workflows and Processes: Adjust workflows to fit organisational procedures.
• Access and Permissions: Set user-specific access controls and permissions.
• Reports and Dashboards: Customise reports to highlight relevant metrics.
• System Integration: Seamlessly integrate with existing HRIS, CRM, and ERP systems.
How Users Can Customise
• Admin Panel: Use an intuitive interface for UI adjustments, content management, and role configurations.
• API Access: Utilise our API for deeper system modifications and integration with external databases.
• Templates and Wizards: Employ built-in tools to easily develop custom reports and learning modules.
Who Can Customise
• Administrators: Manage all system settings, user roles, and permissions.
• Managers: Customise team-related operations and generate specific reports.
• End Users: Personalise dashboard layouts and notification settings.
Scaling
- Independence of resources
- We ensure independence of resources through robust infrastructure scaling and resource allocation mechanisms. Our infrastructure utilises elastic resources (dynamically adjusts resources to accommodate varying demand levels), preventing performance degradation during peak usage. Additionally, we employ load balancing, high availability, content delivery networks, IP rate limiting, and isolation techniques to ensure user experience remains unaffected by others' activities. This approach guarantees consistent and reliable service performance regardless of concurrent user activity.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Yes, we provide comprehensive service usage metrics. This includes tracking key metrics like login frequency, active users, and session duration. We also monitor feature adoption, content creation, content consumption, community engagement, and learning progress. User feedback, knowledge gains, learning outcomes, knowledge gaps, frequently accessed content, learning requirements, career progression options, and security metrics are also included. Additionally, we offer custom reporting for tailored analysis.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Users can export their data easily through our platform's intuitive interface. Simply navigate to the "Data Management" section, where you can select export and find data you wish to export and choose the desired file format. Our platform supports common formats such as CSV and Excel, ensuring compatibility with various systems and tools. Once selected, the export process is initiated with just a few clicks, and users receive a download link via email or directly within the platform once the export is complete.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- XML
- SQL
- Excel
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- XML
- SQL
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- 99.995% measured annually
- Approach to resilience
-
Brainwave’s engineers have designed a highly scalable, and resilient product architecture that can operate on either Azure and AWS.
Features include:
Load balancing
Elastic resources
Horizontal scaling
Multiple availability zones
Data backups and archiving
Content delivery networks
Web Application Firewall (WAF)
System performance is vigilantly monitored for vital metrics, ensuring that no single system bears an excessive load. In the event of overloading or faults, automated processes swiftly deploy additional temporary systems or replace existing ones.
Automation is ingrained in our architecture, enabling seamless system monitoring, updates, and corrective actions without downtime. - Outage reporting
-
The system has multiple layers of monitoring at database, server, and user interface. Cloud service providers also provide physical monitoring capabilities that are integrated within our service.
Outages are monitored and reported via multiple channels including: admin dashboards, email, SMS, and slack. Additional reporting capability can be provided via integration with the preferred tools of our client organisations.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Access in management interfaces and support channels is strictly controlled to authorised personnel only. We enforce access restrictions through role-based access controls (RBAC) and multi-factor authentication (MFA). Additionally, access is monitored and audited regularly to ensure compliance with security policies and regulations. Our team undergoes regular training to reinforce security protocols and practices.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
Our commitment to security governance is unwavering, safeguarding the platform/software, data, and infrastructure. With Security as a distinct function and board-level accountability, we instil confidence in our approach.
Software Security: We embed security best practices into the software development process from inception.
Infrastructure Security: Our data centre and transit provider boast SOC2 and ISO27001 security accreditation, catering to public sector entities with cloud solutions.
Data Security: We ensure data security through robust policies, processes, and automated tools, embracing the principles of least privilege. - Information security policies and processes
-
Brainwave’s engineers have designed a highly scalable, and resilient product architecture that operates on AWS and Azure.
System performance is vigilantly monitored for vital metrics, ensuring that no single system bears an excessive load. In the event of overloading or faults, automated processes swiftly deploy additional temporary systems or replace existing ones.
Automation is ingrained in our architecture, enabling seamless system monitoring, updates, and corrective actions without downtime.
Our secure hosting infrastructure safeguards all data. We ensure regulatory compliance through meticulous adherence to formal and informal policies and internal procedures, subject to regular review.
New staff undergo comprehensive training covering all aspects outlined in our Information Security Policy, vital for server and data access. Breaches or concerns are promptly reported to the Chief Technology Officer and the designated security officer.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Our development team manages a central version control solution housing the code base. All code alterations are meticulously logged in this repository.
A Release Manager oversees software updates across various logical environments, including:
• Compiling update packages
• Coordinating customer testing
• Documenting release notes on resolved functionality or faults
• Tracking software updates
• Orchestrating releases to the production environment. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Our information collection process consolidates data from trusted sources, partner sites, and official product/service channels.
Upon threat identification, we promptly assess them with the relevant teams and owners, prioritising necessary actions into our backlog for swift resolution.
We uphold stringent security standards by operating our applications on the latest, security-supported versions of the Operating System and platform code. Leveraging Long Term Support (LTS) versions where possible, we ensure weekly updates and patches every Wednesday.
Our patching procedures are meticulously executed every Wednesday, guided by threat severity levels and rigorous testing regimes to guarantee the utmost resilience and protection. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
The Brainwave platform operates on the public cloud infrastructure. Cloud providers deploy comprehensive monitoring devices across environments to detect unauthorised intrusion attempts, usage abuse, and network/application bandwidth utilisation.
These devices monitor various aspects such as port scanning attacks, resource usage (CPU, processes, disk utilisation), application metrics, and unauthorised connection attempts. Near real-time alerts promptly notify potential compromise incidents, triggered by pre-defined thresholds set by the cloud Service/Security Team.
Remedial actions are applied across the stack from software through to data and infrastructure components. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
We employ pre-defined processes for common events. Users report incidents through our service desk or management tools.
Incident management begins once the incident is identified, classified within our systems, and managed within our SLA following full ITIL processes. We have agreed escalation points and provide reporting to the client based on the severity level. Incident reports, particularly for P1 events, are available upon request.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
Covid-19 recovery
To aid in the nation's recovery from the COVID-19 pandemic, our G-Cloud services enhance remote working capabilities and support public health initiatives through experiential learning platforms. These platforms are tailored to train government staff and the public in new digital tools and health guidelines through interactive, practice-based scenarios. This hands-on approach ensures that knowledge is not only acquired but also applied effectively, enhancing both individual and organisational resilience.Tackling economic inequality
Our commitment to reducing economic inequality is furthered by providing scalable, experiential learning solutions. These offerings enable smaller government bodies and communities to gain access to quality educational resources, thus bridging the digital divide. By offering cost-effective, innovative solutions that include practical learning experiences, we ensure that technological advancements are accessible to all, promoting economic opportunity across diverse communities.Equal opportunity
Our approach to delivering G-Cloud services is rooted in the principle of equal opportunity. Our commitment to reducing economic inequality is furthered by providing scalable, experiential learning solutions. These offerings enable smaller government bodies and communities to gain access to quality educational resources, thus bridging the digital divide. By offering cost-effective, innovative solutions that include practical learning experiences, we ensure that technological advancements are accessible to all, promoting levelling up of economic opportunity across diverse communities.
Pricing
- Price
- £499 a user a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
30-day access to online platform
Access to a deck of activity cards
Access to a LEAP workshop