Queue-IT ApS

Queue-it: Virtual Waiting Room

A virtual waiting room is a cloud-based solution for websites and applications to manage online traffic surges.

When traffic exceeds a site or app's capacity, traffic is redirected to a virtual waiting room using a HTTP 302 redirect, then returned back to the website in a first-come, first-served order.

Features

  • 24/7 Website Traffic Management and Peak Protection
  • Custom Virtual Queue Design
  • Queue System Detailed Reporting Capabilities
  • E-mail Notifications
  • Online Queue Connectors
  • Bots and Abuse Management
  • Queueing Notifications and Logs
  • Virtual Waiting Room API
  • First in first out (FIFO) Queue
  • Load Testing for Online Traffic Management Issues

Benefits

  • Avoid website crashes and slowdowns during high website demand.
  • A fair citizen experience with a custom virtual queue system.
  • Streamlined online application management and online registration processes
  • Reduce complaints, maintain reputation with reliable website performance.
  • Ensure maximum application availability on critical service websites
  • Bot protection; mitigate bots and abuse on critical service websites
  • Safeguarding measures for government digital infrastructure.
  • Ensure website uptime and mobile application uptime during critical events
  • Scaling cost reduction
  • Fair and accessible government websites through FIFO online queueing system

Pricing

£15,663 a licence a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at misc@queue-it.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

3 4 7 6 2 9 1 7 6 6 0 9 6 7 5

Contact

Queue-IT ApS Mie Schneider
Telephone: +45 22 53 19 86
Email: misc@queue-it.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Queue-it is a SaaS solution hosted in AWS. Therefore, no hardware constraints apply. Customers will get a notice about any planned maintenance arrangements that require the suspension of access to the Services in advance.
System requirements
Queue-it is SaaS, no system requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
We provide Mon-Fri 24h support. The response time depends on the Subscription Level: On standard plans response time is less than 4 hours, pro plans response times are less than 2 hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AAA
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
Our chat service we use at Queue-it uses a Voluntary Product Accessibility Template (VPAT), to publish an Accessibility Conformance Report (ACR), which documents an audit of the systems relative to WCAG 2.1 AA performed by a third party accessibility vendor.
Onsite support
Yes, at extra cost
Support levels
We have two levels of support that are accessible to all our customers.
Level 1: email support provided by the support team. Level 2: involve Solutions Architects for complex troubleshooting or project-based involvements. Each customer has a dedicated Solutions Engineer or Architect during the onboarding period. After the onboarding is complete, they have an assigned Account Manager or Customer Success Manager.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Each customer has an assigned Solutions Engineer or Architect to assist them with onboarding. We provide online training, documentation and ad-hoc assistance and advisory required for successful integration and setup.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Customers can export metrics of the waiting rooms they used as well as the latest versions of their setup configuration. This is managed via the admin platform (GO Platform) and data will be available from the start of the engagement with Queue-it.
End-of-contract process
Customers should remove Queue-it integration from their website or mobile application and end all the active waiting rooms before the contract expiration date. When the contract ends, their account will be deactivated or switched to a limited-access mode.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Our virtual waiting room is designed to work on desktop, mobile, and mobile applications with no significant difference. Our control panel can be accessed via mobile but is not optimised.
Service interface
Yes
User support accessibility
WCAG 2.1 A
Description of service interface
Customers can interact with Queue-it using the self-service platform called "Go". The platform allows them to set up and monitor their waiting rooms and provides access to their historical data. It has three levels of user access: admin, user and read-only. The changelog allows customers to see the log of their users' activity.
Accessibility standards
WCAG 2.1 AAA
Accessibility testing
To deliver accessible products we pay attention to Accessibility throughout our release cycle. We following the standards and documentation created by our Product Accessibility team. We train everyone involved in delivering our products around assistive technology and Accessibility best practices. This includes, designers, engineers, product and program managers, and content writers. We test our products before release using both manual and automated techniques. Conducting regular research with agents, admins and end users who rely on assistive technology to collect feedback and help us prioritize improvements. Systematically tracking both remediation and new feature progress to drive quality improvements. Finally, we listen to feedback from customers.
API
Yes
What users can and can't do using the API
Queue-it offers a REST-based API for programmatic access to configure and control the waiting room. The API must be accessed through the customer specific endpoint: https://{CustomerID}.api2.queue-it.net/. HTTPS is required and the CustomerID must be part of the request to ensure that the account is accessed at the correct segment with the required data.
The API endpoint is not scaled to end-user volumes. If data from the API is supposed to be used for end-user functionalities, then access should be created via a server-side service with a cache (e.g. with 15 second flush time). If traffic is excessive, it may be blocked automatically.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Our service is fully customisable to fit the needs of our clients. The placement of the queue page can be customised, so it is only proecting a specific part of your infrastructure where bottlenecks occur. The design and features of our queue page can be customised based on the needs of the client: to show the expected wait time, number of citizens in line in front of you, send email alert, invite-only queue and more. Our experienced team is ready to support you to meet your needs and requirements.

Scaling

Independence of resources
We have built the system for fault tolerance and malfunctioning servers an automatically pulled off load balancers and many functions have backup functions. In addition our customers are hosted in logical segments (A, B, C etc.). and hosted on unique hostnames. We can move single customers from one segment to another. For example we move your account to a separate segment, if you give us a heads-up on a huge onsale.

Analytics

Service usage metrics
Yes
Metrics types
We provide the metrics about the traffic passing through customers' waiting rooms (e.g. Inflow, Number of visitors currently waiting, Expected wait time, etc.) that allows our customers to assess their usage of our service. In addition to this, we have diagnostics metrics that help customers detect issues in the service setup or website performance.
Reporting types
  • API access
  • Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users can export their data from the Queue-it self-service platform where there is a statistics section where users can analyze past performance of waiting rooms and export data from their account.
Data export formats
  • CSV
  • Other
Other data export formats
  • .xls
  • .png
  • .jpeg
  • .svg
  • .json
Data import formats
Other
Other data import formats
.json

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Queue-it has a bespoke optional Enterprise SLA agreement with availability, uptime and response guaranties. The SLA will refund on monthly fees upon agreement.
Approach to resilience
Queue-it SaaS has been designed from the offset with a fault tolerant high availability architecture. We have tracked uptime since Q4 2012 using CA App Synthetic Monitor and can provide documentation and historic reports upon request.
Outage reporting
Outages will be reported on our public status page here: http://status.queue-it.com/
As well as in the notifications in the GO platform.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Other
Other user authentication
Each user signs in using an ID / password. User can be set up with enforced MFA via authenticator app. / text.
Access restrictions in management interfaces and support channels
Each user can be set up as admin, user, or read-only. The right are handled in the system.
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Queue-it delivers a scalable cloud computing SaaS (Software as a Service) queuing platform with high availability and dependability. Helping to protect the confidentiality, integrity, and availability of our customers’ systems and data is of the utmost importance to Queue-it, as is maintaining customer trust and confidence.
Queue-it security governance is inspired by ISO 27001, but are not accredited.
Information security policies and processes
Queue-it has a strict set of security policies in its employee handbook. Each employee will be taken into the policies upon onboarding. Half yearly awareness training will be conducted and critical topics will be presented on monthly allhand meetings.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Different services are deployed to production on a daily basis, using automated Canary deployments. To minimize the risk, the deployment is done in a stepwise process.
First, it’s deployed to EU Partition A, but only for availability zone A. When it’s observed that no alarms are triggered and no issues are seen, then it’s deployed to EU Partition A availability zone B. If all is still good, then it’s deployed as to additional segments.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Queue-it has an incident management process in order to effectively detect, assess, communicate, and take action on any vulnerabilities within the Queue-it system. The purpose of this process is to ensure that all incidents are effectively and efficiently handled, and that stakeholders external as well as internal are informed and involved.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Queue-it have ~35,000 metrics reported to AWS CloudWatch every minute. Most of them are there for forensic reasons to help identify errors. The most important ones are monitored on region specific dashboards.
Queue-it are using Amazon AWS GuardDuty as threat detection service.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Queue-it defines an incident as an event that causes disruption to or a reduction in the quality of a service which requires an immediate emergency response. An incident can e.g., be caused by a bug in our own software, an infrastructure issue, a hacker attacks, etc. Queue-it has pre-defined processes for common events. In additional, users can report incidents via Queue-it Zendesk system and Queue-it provides incident reports in accordance with its "Queue-it Incident Response Plan"

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Equal opportunity

Equal opportunity

Queue-it core focus is fairness and we bring that into all aspects of our organization. One example is our diversity and inclusion initiatives including a D&I Board who is there to identify and drive initiatives, provide employee support, and advise management on diversity and inclusion to help Queue-it excel on this part of our fairness mission.
Our values around fairness are also present in how we discuss, build, and use our product. As we transform into a digital society, more and more of our offline world moves online including critical government applications and registrations. We need websites and apps to work as they should. And we need everyone to have fair access to the products or services they need.
Queue-it is helping the world’s leading organizations keep their websites and apps running in a fair and transparent way. Virtual waiting rooms take advantages away from bots and malicious users who are out to game the system. They level the playing field and give real people a more equal chance regardless of their technical capabilities, internet connection, or location

Pricing

Price
£15,663 a licence a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Queue-it offers a free trial version of our software for integration and internal testing.
Link to free trial
https://queue-it.com/free-trial/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at misc@queue-it.com. Tell them what format you need. It will help if you say what assistive technology you use.