Sandyx

AnyCal - Intelligent Booking App

AnyCAL is an intelligent appointment booking application that allows you to link locations, human resources and clients to a highly functional and flexible calendar system. Capable of managing complex booking and scheduling requirements; AnyCAL will turn your diary into a powerful resource management solution.

Features

• Intelligent calendar and appointment booking app
• Manage multiple locations, personnel and clients
• Schedule personnel based on skills, location & client requirements
• Get the right personnel to the right client
• Optimise resource utilisation

Benefits

• Optimise task and processing capability
• Improve customer self service
• Optimises route selection to reduce travel time
• Sophisticated skills and competencies matching

£10 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart.greig@sandyx.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

309163316919703

Contact

Stuart Greig
0161 710 3250
stuart.greig@sandyx.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: AnyCal is built on the Salesforce.com platform
• Cloud deployment model: Public cloud
• Service constraints: AnyCal requires Salesforce.com
• System requirements: Supported Browser

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Severity 1 response is 1 working hour from submission of ticket; Severity 2 response is 2 working hour from submission; Severity 3 response is 4 working hour from submission; Normal support hours are 08:30 to 17:30 Monday to Friday. We can also tailor a support service to meet specific customer requirements, such as outside normal office hours, weekends and Bank Holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: In the UK we normally offer support 08:30 to 17:30 Monday to Friday. We can also tailor a support service to meet specific customer requirements, such as outside normal office hours, weekends and Bank Holidays.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online documentation, online training and onsite training
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data is open to user to export into CSV format at any time.
• End-of-contract process: The customer is free to extend the contract, or non-renew, as desired

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile version is optimised for a smaller display
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: API Services include: SOAP, RESTful and Native connectors Outlook
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Administrative users can customise various elements of the AnyCal display, including colour schemes, component names and supported time slots

Scaling

• Independence of resources: The Salesforce.com platform is load balanced to support user demands

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Tools are provided within the solution to export any data into CSV format
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.9% availability, assured by independent validation of assertion
• Approach to resilience: Full details are available at the following link: https://trust.salesforce.com/en/
• Outage reporting: Public dashboard: https://trust.salesforce.com/en/

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Assured by independent testing of implementation
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: Additional authentication methods include:; - Single Sign-on: using Security Assertion Markup Language (SAML) or delegated authentication; - Certificate-based authentication: PEM-encoded X.509 digital certificates; - Network-based security: limits where users can log in from, and when they can log in

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Independent third party
• ISO/IEC 27001 accreditation date: 1/6/2016
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 14/03/2016
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: None
• PCI certification: Yes
• Who accredited the PCI DSS certification: Unknown
• PCI DSS accreditation date: 31/01/2012
• What the PCI DSS doesn’t cover: Full details here: https://trust.salesforce.com
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: CSA CCM version 3.0
• Information security policies and processes: Full information provided here: https://trust.salesforce.com/en/

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: New system components of the Salesforce Services are evaluated by architectural and operational teams, and are introduced following change management requirements. Salesforce implements a multipronged approach to help ensure the software released is secure.; Full details provided here: https://cloudsecurityalliance.org/star-registrant/salesforce-com-inc/
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Salesforce regularly performs self-vulnerability assessments for the Salesforce Services using various tools and techniques, including network-layer vulnerability scans, application-layer vulnerability scans, and local operating system-layer vulnerability scans. Depending on the severity and the risk to Salesforce systems, security patches can be scheduled for immediate deployment or deferred to an appropriate planned maintenance interval. Full details here: https://cloudsecurityalliance.org/star-registrant/salesforce-com-inc/
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Full details of Salesforce security methodologies and applied best practice can be found here: https://trust.salesforce.com
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Salesforce has a formal Incident Management Process applicable to the Salesforce Services. During a security incident, the process guides Salesforce personnel in management, communication, and resolution activities. Regular updates are provided to engaged parties until issue resolution. Incident tracking and resolution is documented and managed within an internal ticketing system. Full details here: https://cloudsecurityalliance.org/star-registrant/salesforce-com-inc/

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  COVID-19 has fundamentally changed how and where people work, shining a spotlight on the desire of workers for flexibility and balance. Implementing a cloud based solution like Salesforce.com will help to enable staff to work in a more environmentally sustainable way.

Pricing

• Price: £10 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free version includes a single Appointment filter

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at stuart.greig@sandyx.com. Tell them what format you need. It will help if you say what assistive technology you use.