Accenture (UK) Limited

Accenture Email Security Services

A managed email security service to protect your email services from spam, malware and phishing attacks. The ability to perform advanced email routing, encryption and data loss prevention for your outbound email.

Features

• Defend against spam, phishing and malware
• Secure email transmission with TLS encryption
• Data Loss Protection
• Advanced Sandbox analysis of zero-day threats
• Time of Click protection for embedded URLs

Benefits

• Reduce exposure to security threats
• Fully managed to limit time required from your staff
• Rapid deployment

£95 to £2,240 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.TenderMonitoring@accenture.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

370170245397383

Contact

Sarita Sudera
+44 20 3335 4305
UK.TenderMonitoring@accenture.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No. With Accenture’s Global head count of over 730,000 people, we support clients around the clock via our On-shore, Near Shore or Off-Shore support teams allowing flexibility in service design to meet requirements. Our specialist service is available to Buyers within Ministerial Departments, Non-Ministerial Departments, Agencies and Other Bodies, High Profile Groups, Public Corporations, Local Authorities and Developed Administration and covers (including but not limited to): defense, health, pensions, transport / public infrastructure, public safety, justice, tax, education, postal and financial institutions.
• System requirements: No specific system requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This would be dependent on the client requirements and agreed ‘response’ service level agreement (SLA). We operate a number of different bespoke SLA models across our client base.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Accenture can develop and deploy chatbots powered by Artificial Intelligence (AI) that can provide online web chat support (requirements dependent) at an additional cost. Accenture also utilise Microsoft Teams which can be another means of support but is reliant upon the customer also using a Microsoft Teams solution.
• Onsite support: Yes, at extra cost
• Support levels: Support services are flexible options available to our clients and can be agreed at the time of negotiation. We have three areas of contact: Email, Phone, and online self-service. This is a standard support service which is shared across multiple clients. Every organisation will have a technical account manager assigned. If you require dedicated support or support from specific locations, this will be at an extra cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The service only requires backend infrastructure changes, there is no end user training required. Accenture will provide guidance on configuring the relevant DNS and firewall rules to allow the service to accept mail for the customer and connect to their local email systems.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: No data extract required
• End-of-contract process: The customer will reconfigure their DNS MX records to direct email traffic to their new service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No difference between mobile and desktop service as filtering is done before email reaches these devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface provides the ability to configure a set of heuristic and AI rules for filtering, routing and matching email. The interface is a web based portal which allows detailed configuration of the products.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have a number of administrators using screen readers and other assistive technology to interact with out management console; these users have been able to manage the product successfully. We also use a number of static analysis tools to ensure compatibility with the relevant standards and tools for assistive technology.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our infrastructure provides services across a very large number of customers. We have built in real time monitoring on volume of email by customer and the ability to throttle throughput on any accounts which are sending unusually high volumes of email (i.e. compromised accounts, broken scripts/applications, etc.) to prevent impact on other customers.

Analytics

• Service usage metrics: Yes
• Metrics types: The service will provide metrics on the following items:; - Availability; - Average Processing Time; - Volume of email transmitted inbound/outbout; - Volume of malicious emails
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Multiple partners. Refer to our additional resale terms and conditions

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: N/A
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.98% availability SLA covered by service credit regime in contract
• Approach to resilience: The service is load balanced across multiple sites with excess capacity in each site. An entire site can be taken out of service without impacting customer experience.
• Outage reporting: Any service alerts are displayed on the service portal.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access management for any interactive elements is done through a user name and password with a 2nd factor authentication device.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 20/12/2023
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 29/03/2023
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: CERT UVDB Silver

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Accenture has a comprehensive set of security policies and processes managed through our Client Data Protection programme. This includes training for all staff.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components of the service are managed within a CMDB which is integrated with our change management system. Each Request for Change is tagged against the specific Configuration Items being updated. The change process includes review and approval of RFCs by a security reviewer team.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The services are regularly scanned by automated tools to detect potential security vulnerabilities. All recorded vulnerabilities are tracked through our vulnerability management system to closure; the target resolution time will depend upon the severity of the vulnerability. Patches are deployed on a regular basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Accenture monitors its network to look for potential risk and vulnerabilities through our Cyber Incident Response Team (CIRT) who our Security Operations Centre (SOC), which performs real-time 24x7 monitoring to identify security events, suspicious activities and unsafe practices. We continually perform threat-hunting assessments of our systems and our Security Information and Event Management SIEM) system provides comprehensive threat detection and management infrastructure to identify potential security risks and threats. When a potential compromise is identified we will respond as soon as possible and within contracted SLAs to contain the compromise, inform required parties and restore services.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Accenture monitors its network to look for potential risk and vulnerabilities through our Cyber Incident Response Team (CIRT) who our Security Operations Centre (SOC), which performs real-time 24x7 monitoring to identify security events, suspicious activities and unsafe practices. We continually perform threat-hunting assessments of our systems and our Security Information and Event Management SIEM) system provides comprehensive threat detection and management infrastructure to identify potential security risks and threats. When a potential compromise is identified we will respond as soon as possible and within contracted SLAs to contain the compromise, inform required parties and restore services.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Scottish Wide Area Network (SWAN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Accenture’s environmental strategy supported by our ISO 14001 certification, focuses on three areas to fight Climate Change: running efficient operations that reduce emissions and other impacts; enabling client and supplier sustainability; engaging and influencing our people, leaders, partners, and other stakeholders as throughout targeted activities and initiatives. Influence environmental protection and improvement: ; • Accenture is working to achieve net zero emissions by 2025. We are proud to be largest professional services company aligned to Science Based Targets initiative. ; • Engagement to raise awareness: We will use Carbon Disclosure Project’s (CDP) supply chain tools to promote engagement and sustainable business practices with our suppliers. CDP methods are recognised globally as setting the industry standard for sustainability of supply chains. ; • Co-design/creation: Our ‘Responsible by Design’ framework will guide our work so the solutions we create for each buyer will include environmental protection and will reduce negative effects whilst maximising benefits. ; Additional environmental benefits: ; • Training and education: Our delivery nominated Sustainability Coaches will ensure we are focusing on environmental protection and improvement throughout our work. We will use our Sustainability Quotient (SQ) training to develop our skills and adopt climate smart behaviours. ; • Partnering/collaborating with the community: Engagement with communities throughout call offs will support the delivery of environmental objectives. We will improve our environmental outcomes in call offs through buying locally and ethically, sponsoring local environmental protection events, offering training and apprenticeship schemes, and building environmentally friendly services and products. We will leverage partnerships with bodies such as SciStarter to influence the public to contribute to climate projects. Reporting: ; • We use regular surveys and measurement to identify and implement opportunities to support the environment and tackle climate change. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, to provide transparent 3rd party verified reporting.

  Covid-19 recovery

  One of Accenture’s core values is Stewardship, which includes helping improve the communities in which we live and work. As such, we are committed to helping local communities to manage and recover from the impact of COVID-19. We are committed to ensuring that the G Cloud 13 contract supports local organisations and communities to manage and recover from the impacts of COVID-19. We will do this by: ; • Supporting local businesses: We will work with small/growing organisations to help optimise and grow their businesses. We will provide access to Accenture Leadership through hosting online workshops providing business mentorship opportunities to SMEs. ; • Investing in people to create opportunity: Accenture will support individuals to maximize their employability through training, apprenticeship, work placements, mentorships, and other initiatives where applicable at call-offs. Our initiatives will develop new skills that can keep them employed, upskilled and resilient in an uncertain job market. Our approach focuses on engaging with those who have been hit hardest by the pandemic in terms of employment opportunities including NEET and young people to enable them to get upskilled. ; • Rebuilding local communities: At call offs, we will invest in supporting local communities to recover from the less tangible effects of COVID-19. Mental health and isolation have become increasingly pressing issues during the pandemic particularly among the socially vulnerable. ; We are committed to supporting local and national charities to rebuild connections between people in the community. Our staff volunteer through our charity network in Leeds, Newcastle and London to create volunteering opportunities for all. Reporting: We use regular surveys and measurement to identify and implement opportunities to support Covid-19 recovery. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.

  Tackling economic inequality

  Accenture’s commitment in the UK extends beyond the Equality Act’s protected characteristics to include ensuring that individuals from lower socio-economic backgrounds. Entrepreneurship, growth, and business creation: Our established Accenture programmes support social mobility across a range of activities including outreach, work experience, recruitment, progression, and advocacy. ; • Employment: We will continue to offer our world class apprenticeship and graduate programme which provides opportunities for young unemployed people and creates a path to long term employment. The aim of Accenture’s apprenticeship and graduate programmes is to expand our talent pool by finding, training, and developing young people for a career in technology. This is part of our broader commitment to creating entry level opportunities in the technology and digital sectors for those facing greater barriers to entry. ; • Diverse supply chains: We remain dedicated to help develop small, medium and diverse suppliers through our Diverse Supplier Development Programme, Procurement Plus. By standardising and simplifying how we do things, we lower the barrier to entry for diverse SMEs to our supply chain. ; • Making our payments in accordance with the Prompt Payment Code and regularly reporting on the % of payments within 30/60 days. ; • Innovation and disruptive technologies: Accenture’s Innovation Programme - started in 2014, the programme will be used to leverage insights from within the Accenture organisation to resolve our clients’ problems. Our outreach programmes focus on areas of high deprivation across the UK; Skills to Succeed and Accenture's Digital Skills platform have upskilled 573,000 people across various social and economic circumstances, and we have reached over 10,000 young people nationallyTo manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.

  Equal opportunity

  Accenture is committed to accelerating equality and creating a work environment where everyone belongs. Our commitment starts at the top with our board and extends across the company. ; • Identifying and tackling inequality in employment, skills and pay: Inclusive and accessible recruitment practices: we provide opportunities appropriate to individuals from different backgrounds and at different stages in their career. We have partnered with a diversity software programme to drive a non-biased recruitment processes removing the need for human screening during the initial candidate sift. ; • We provide a range of learning and employment routes to tackle inequality and give opportunities to young people from disadvantaged backgrounds, including through our Technology Apprenticeship Programme and Movement to Work Scheme. ; • Reducing Gender Pay Gap: we are working towards eliminating gender-based pay disparity.; • Quarterly ethics/ unconscious bias training: all our employees must complete this training. We had global compliance of 99% in 2020. Supporting in-work progression including for those from disadvantaged/ minority groups Training and mentoring opportunities to disadvantaged and under-represented groups is a powerful way to raise their career aspirations and fulfil their potential.; • Our Networks of champions and allies can provide support in development and tailored mentoring for career progression, e.g., our South Asian network recently ran a Women’s Leadership Development workshop covering topics such as ‘Career Progression’. ; • ‘Accent On’ initiatives (such as gender/family/enablement/ethnicity) promote sharing knowledge and understanding to create cohesive and supportive diverse teams where everyone belongs and feels motivated. ; • Reporting: We use regular surveys and measurement to identify inequalities and implement measures to tackle them. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.

  Wellbeing

  Accenture has responsibility to our employees and the communities we work within to lead in advancing the mental and physical wellbeing agenda. Supporting physical and mental health in the contract workforce: ; • We strive for excellence in relation to support our employees’ Health and Wellbeing (H&W): We actively encourage physical fitness through access to l fitness experiences catering to all levels. ; • Mental Health at Work Pledge – we are committed to upholding a set of standards that improves and supports mental health of our people. We implement the six Mental Health at Work commitment standards through consistent communication, training at all levels, open conversations, workplace conditions/adjustments, routine check-ins via people leads and engagement surveys ; • We offer private medical insurance, including unlimited access to GP appointments, and our Employee Assistance Programme (EAP) including full access to confidential counsellors supporting our employees’ long-term mental health needs via a dedicated 24/7/365 helpline to all staff. ; • Influencing staff, suppliers, customers and communities through delivery of the contract: We will run our Truly Human workshops that focus on wellbeing – Heart (sense of belonging), Mind (mental wellbeing), Body (physical wellbeing) and Soul (sense of purpose); • We pride ourselves on mental health literacy for staff and provide opportunities to learn how to manage mental health effectively by: ; o Providing all staff with a mental health ally; o All staff will complete Mental Health Awareness courses so they can have effective conversations with their teams about metal health. ; • We will leverage Accenture Volunteering Programme to deliver volunteering days to drive positive health and wellbeing impact in community. ; • Reporting: We use regular surveys and measurement on staff wellbeing and explore opportunities to provide best-in-class support. To manage our social value commitments, we use www.SocialValuePortal.com, to provide transparent 3rd party verified reporting.

Pricing

• Price: £95 to £2,240 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.TenderMonitoring@accenture.com. Tell them what format you need. It will help if you say what assistive technology you use.