EnableIT Technologies Ltd

Sugar CRM Customer Relationship Management Platform

SugarCRM brings customer data into one place, then builds a complete system for automation, collaboration, and reporting on top of that underlying data. Also performs as a comprehensive Customer Relationship Management (CRM) platform that empowers you and your teams to create the exact CRM you need.

Features

• Reporting and dashboards
• Business process management
• Easily customisable
• Role-based views
• A 360-degree perspective of each individual on your database
• Cloud or on-premise deployment
• Mobile/remote accessibility
• Sugar Sell - Sales automation including reporting & dashboards
• Sugar Serve - Everything you need for outstanding customer experiences
• Sugar Market - Marketing Automation

Benefits

• Unlimited online and phone support
• Maintain control of your data
• Capture the attention of your most promising prospects
• Create more meaningful experiences and build lasting relationships
• Give customers the support they need quickly and confidently
• Manage sales processes from lead to renewal
• Access information on multiple devices, from anywhere in the world
• Automate processes to save valuable time
• Integrate with other business critical platforms
• Get started with a system designed to work for you

£39.20 to £108 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jbushnell@enable.services. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

295041683802214

Contact

Joseph Bushnell
01473618980
jbushnell@enable.services

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: An active license is required for each user

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: P1 SLA : 2 Business Hours; P2 SLA : 4 Business Hours; P3 SLA : 1 Business Day; ; Support-Authorised Contacts 4
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have undergone intensive testing to alert users that a new chat has been opened and to also direct any chat visitors outside of office hours.
• Onsite support: Yes, at extra cost
• Support levels: We can scope, design, build and configure your CRM processes. Our talented in-house development team can architect a solution that works brilliantly for you. Our remote support team will even be able to give you; IT and tech set up assistance if required. Not forgetting our professional and friendly services team (including helpdesk and infrastructure engineers) who will be there for you every step of the way, full familiarisation time, training, and ongoing support. Training can be onsite or remote sessions - we're flexible. We want you to utilise your CRM's capabilities, so it works to its exceptional capacity for you and all your departments.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: You will be assigned a dedicated project manager to ensure the system is ready for go-live and contains all the required functionality. We provide both onsite and online training. You will also be assigned a dedicated account manager who will be able to assist with any queries once the system is up and running.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats:
  • Word documents
  • Video
• End-of-contract data extraction: A full system data snapshot is provided to customers at the termination of any service.
• End-of-contract process: Various terms are available which can be discussed prior to contract agreement.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: None
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The Sugar REST API is a full bi-directional API that allows all field data to be transferred both ways, this includes custom objects.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The entire system can be customised to suit your business needs.

Scaling

• Independence of resources: Continuous monitoring of performance metrics, analysis, and provisioning.

Analytics

• Service usage metrics: Yes
• Metrics types: User activities such as calls, meetings, tasks, emails and project tasks.; Tracker tables are also created that allows for reporting on record views, creation and editing.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: SugarCRM

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The exporting of data can be limited by; specific users, roles, and teams. For example, a user can only export records assigned to them, or only admin users can export any data.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Create security zones using subnets, gateways and access control lists.

Availability and resilience

• Guaranteed availability: Availability and contractual obligations thereof can form part of any contractual agreement.
• Approach to resilience: Full-stack redundancy and multiple routes to the internet backbone.
• Outage reporting: Public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: We use security groups and public key authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 11/05/2018
• What the ISO/IEC 27001 doesn’t cover: There were no exclusion of any services
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 20/06/2020
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: None
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO 27001, ISO 9001, Cyber Essentials. We are also undergoing recertification for ISO 27018:2014. We have created a management system internally for Change Requests, GDPR Compliance, ISO Risk Register, ISO Audit Records, Information Asset Register, Access Logs and Consent Logs.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The company uses SugarCRM as it change request platform, any changes to any internal or external systems. The change request is made by either the customer or employee via a downloadable form which is then summited to the compliance officer who then forwards to the appropriate person. If the change is agreed then the applicant will receive an email authorising to carry out the change within a set period. All services are both internal and external are subject to the change management policy.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Both internal and external systems are continually scanned from both inside and external from secure scan points. Manual scans are carried out using the Metasploit framework carried out by the infrastructure. Snort and Open VAS network intrusion detection vulnerability and prevention servers are also deployed which provide updates real-time. All equipment is scanned and patched automatically from a central server, updates are applied on as soon as a possible but within four hours. The company subscribes to industry standard NGIPS list and rule sets which update automatic both the Snort, Open VAS, and Metasploit servers.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Both the internal and external facing ports are scanned once a week and the internal network is scanned daily. Once a month the external port are per tested and the report export and any vulnerabilities rectified. As soon as a potential compromise is found it is dealt with within four hours.
• Incident management type: Supplier-defined controls
• Incident management approach: The company has a predefined policy for all incidents as laid out in our 27001/13 policy.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  As the novel coronavirus (COVID-19) continues to spread around the world, our uncompromising priorities at enable.services remain the success of customers, the safety of our employees, and supporting efforts that combat this outbreak the best ways we can.; ; Our commitment to quality service ; ; As a company, we are committed to providing a safe environment for our employees and ensuring business continuity, to best serve our customers and partners.; ; We are confident that the effects of the coronavirus (COVID-19) will not impact our enable.services solutions and platforms and our commitment to our global community of users is unwavering. We thank you for your continued support and trust in us.; ; We have ensured that our team members have whatever they need to work remotely as needed, and to continue doing their jobs securely. We have increased channels of internal communication, and as always, prioritise communication with you, our customers, so you can remain focused on your business priorities.; ; What we’re doing to help; ; Today, hundreds of non-profit organizations, hospitals, and universities are using our solutions to accelerate their efforts to do good things in the world. ; ; In light of the ongoing outbreak, we want to help as many teams as we can to accomplish even more. We believe in the power of our solutions to help any team work better together, and especially in a remote environment, and we want to do our part to support the efforts combatting COVID-19.; ; Guidance on remote work, with more to come; ; Helping virtual teams overcome the communication and collaboration obstacles they face on a daily basis is an essential part of our solutions. Over the years, many remote teams have chosen to use our solutions to improve their daily workflows and relationships, but working as a remote team takes time to refine.

Pricing

• Price: £39.20 to £108 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free two-week trial but this can be extended to 30 days upon request.
• Link to free trial: https://info.sugarcrm.com/create-your-free-trial?ptr_id=76aa7669-65a2-6042-d836-41e81d3eb942&utm_medium=ptr-referral

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jbushnell@enable.services. Tell them what format you need. It will help if you say what assistive technology you use.