INOVEM Limited

Kahootz Enterprise collaboration platform

Kahootz Enterprise, accredited by the UK MOD to store and share information marked up to OFFICIAL-SENSITIVE, is ideal for public sector organisations that desire the simplicity of a quick-to-deploy cloud collaboration platform together with the administrative control, security, customisation, agility and configuration capabilities that an enterprise deployment demands.

Features

• Unlimited secure collaboration workspaces, rich functionality, highly configurable
• Corporate branding, customised stakeholder database and user profiling
• Advanced site configuration and centralised system administration and governance
• Support for workspace template creation and public web communities
• Increased cloud storage plus document approval workflows and publishing
• Tele-conferencing and integration with Microsoft Lync instant messaging
• Customised site security policies, single sign-on and plug-in development
• Access to application programming interface (API) for EDRM/CRM integration
• Monthly pay-as-you-use ‘Active User’ concurrent licensing
• Disaggregated billing for cost centres, departments and partner organisations

Benefits

• Enables mobile working for employees and the extended enterprise
• Breaks down organisational silos via online agile project team working
• Speeds up deployment of workgroups, online communities and committee workspaces
• Streamlines service transformation, staff consultation, social collaboration and discovery
• Exceeds statutory requirement, and government standards, for web accessibility
• Deeper levels of service integration, management and monitoring (SIaM)
• Active User licensing - pay only for what you consume
• Cost savings for multi-agency partnerships arrangements, no double-counting
• Easier to deploy than Microsoft Sharepoint - no consultancy required
• More for less when compared with Huddle and Box Enterprise

£3.59 to £10.97 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@kahootz.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

434482646419767

Contact

Luca Leone
01488 648 468
sales@kahootz.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • A recent web browser
  • An email client

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Level Response Resolution; 1 - Critical 1 hour 4 hours. A software or hardware fix will be applied if necessary.; 2 - Major 1 hour 1 day. A software or hardware fix will be applied if necessary.; 3 - Minor 4 hours 2 days.; 4 - Problem 1 day Next release.; 5 - RFI 1 day Information provided.; 6 - RFE 1 day Request noted.; ; Support requests that are received outside the Support Hours (08:30-17:30 weekdays) are handled at the start of the following support day. Response times may vary due to circumstances out of our control.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 1 - Critical ; The website is inaccessible to all users, or a critical software function cannot be performed by all users.; ; 2 - Major ; A major area of software functionality is not working correctly for many users and there is no convenient workaround.; ; 3 - Minor ; Several users are experiencing a software bug that is causing a minor loss of service. The problem is an inconvenience. ; ; 4 - Problem ; All other bugs. The inconvenience is slight, and can be tolerated. ; ; 5 - RFI ; Request for information - You are requesting guidance or help with the software configuration or functionality. ; ; 6 - RFE ; Request for enhancement - You are requesting a new or improved feature in our software. ; ; Support for all the above support levels are provided at no extra cost as part of the service. On-site support is provided at our published G-Cloud consultancy day rate.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Kahootz supports all commonly used web-browsers and requires no software downloads or plug-ins, so there are no unnecessary barriers to access. ; ; Kahootz.com enables requests for provisioning and de-provisioning. Once a request has been submitted at http://www.kahootz.com/start-trial/ the service is provisioned immediately.; ; Kahootz is extremely easy to use and most of our clients find they can implement Kahootz with zero training.; ; To help your users get the most out of Kahootz, we provide a very informative online Knowledgebase. We also provide email support to every user if they need extra assistance.; ; At an extra cost, we also provide workspace set-up consultancy and on-site Workspace Manager classroom training. This is a 1 day course aimed at those who will be creating and configuring workspaces . It covers:; • Different types of workspaces; • Overview of the features; • Workspace layout and customisation; • Policy and workspace defaults; • Principles of good workspace management ; • Help, support and guidance resources.; ; We can also provide an Audit review, which is a 1 day workshop to review a client's implementation of Kahootz including workspace design, custom template requirements and user adoption approach.; ; A costed option for System Administrator training is available.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: There are simple interfaces available to users to:; • Export databases, users, document comments and questionnaire results to Microsoft Excel, XML and CSV format; • Export documents and images to a ZIP file.; ; A data extraction service is available on request at any time during the subscription period or for a period of up to one month after the expiry of the subscription period. All the data that the service holds for a consumer will be exported as follows:; • Structured data will be exported as XML files; • Document and image data will be exported as system files, in their original format, and referenced within the XML files.; ; Data exports of up to 1Gb can be supplied as a download. The cost of data extraction using our standard export tools is often nil but we may charge a fee if there is a large volume of data. ; ; Kahootz can design and develop a data-extraction process that exports data to meet specific requirements, or to assist in the import of data into another service, subject to design and development costs. Kahootz will provide a fixed-cost quote within 2 days and subsequently start the work within 2 days of being requested.
• End-of-contract process: There are no termination costs. ; ; We will commence data removal one month after your license to use Kahootz expires or earlier upon your request.; ; When this happens, all the data that the service holds for a consumer will be permanently deleted. Data will be removed from the live service within 2 days of being requested but can take 1 additional month to be removed from backup services. The data removal service is free of charge.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Full Kahootz functionality is available on mobile devices. Kahootz uses a responsive design which allows it to be re-sized and adapt to the device screen being used. This approach, favoured by GDS, avoids the need to maintain a mobile application and ensures the preservation of custom layouts created by each Workspace or Community Manager.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: By avoiding the need for software installations, special plug-ins or 3rd party add-ons, we make sure there are no unnecessary IT obstacles to team collaboration. Kahootz is tested to work with all common web browsers and is fully responsive, automatically adapting to any screen on any platform.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Our collaboration software is regularly tested with text-only browsers and screen readers to ensure Kahootz meets stringent international accessibility standards, including: ISO/IEC 40500 W3C Web Content Accessibility Guidelines (WCAG 2.0) Level AA and also Section 508 and BS8878.
• API: Yes
• What users can and can't do using the API: The Kahootz API is available to Kahootz Enterprise customers. It provides access to all the functionality and features that are available in the service, apart from reporting. ; ; The API operates over a secure HTTPS connection and uses secure token-based authentication. Data is sent to and from the service using JSON.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Kahootz Enterprise clients have the option, through consultancy services, to customise the look-and-feel of what is presented to their users, which can include:; • Branding the Kahootz service to match your own (existing) website design; • Use of your own URL/domain; • Custom user profiles and site registration pages; • Your own custom default workspace and/or database templates.; ; System Administrators can configure a Kahootz site with preferred system defaults and, if required, run and manage multiple Kahootz sites concurrently, each with their own configuration sets, customisations and policy settings.; ; Kahootz provides facilities for authorised users to develop and easily maintain content with tailored navigation. Each workspace can have its own custom layout through a user-configurable dashboard that can include social media content and workspace content.; ; The workspace structure is a folder-based hierarchy and, within each folder, workspace managers can decide which collaboration objects are available and who is empowered to create and modify them, or even see them.; ; Throughout the workspace, users can add a narrative to content using the in-built rich-text editor. This makes it extremely easy to provide guidance with pointers to relevant content, instructions as to key actions required, and helpful advice on how to make contributions.

Scaling

• Independence of resources: We pro-actively manage the service to monitor a large number of metrics such as server CPU, disk usage, storage, database load and network bandwidth to ensure a highly robust, reliable and responsive service.

Analytics

• Service usage metrics: Yes
• Metrics types: Site owners have access to a real-time reporting page which displays metrics corresponding to the parameters on which the subscription in based:; • The number of users paid for and how many are being used; • The number of users, broken down by day or month; • The amount storage paid for and how much is being used; • The amount of storage used, broken down by day or month
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can:; • Export databases, users, document comments and questionnaire results to Microsoft Excel, XML and CSV format; • Export documents and images to a ZIP file
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • Zip files
  • Microsoft Excel
  • PDF
  • HTML
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • ZIP
  • Microsoft Excel
  • PDF
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: The service level agreement is as follows:; • The minimum availability for the service is 99.95% per month.; • The minimum performance is for the server to process 99% of page requests (excluding bulk operations and reports) within 1 second.; • The minimum availability excludes up to 6 hours per quarter annum of scheduled downtime (between 10pm and 6am on weekdays or between 7pm and 6am on weekends).; ; To demonstrate that we meet our SLA, we use an independent 3rd party service (Pingdom) to monitor the site and create a public record of availability.; http://stats.pingdom.com/3as4us3d6yr7/674246; ; Service credits are awarded when the service availability within any month falls below the target service level. The service credit is a percentage of that month’s service fee. For subscriptions that are not billed monthly, the service fee is treated as the pro-rata monthly fee.; Availability Service Credit; >99% and <99.5% 5%; >= 98% and < 99% 10%; >=97% and < 98% 25%; <97% 50%; ; To receive service credits, a site owner must up to date with their payments and submit a request to accounts.info@kahootz.com, within 30 days after the end of the month in which the service failed to meet its service level agreement.
• Approach to resilience: Kahootz uses modern and purpose-built Tier 3/4 data centres. Our hosting partner provides the world-class infrastructure necessary to keep our service up and running, uninterrupted around the clock. ; ; Data centres have at least two entirely geographically diverse network connections. Significant network capacity overhead is maintained. The cooling systems, UPS and generator backup are all at least N+1 resilient. ; Traffic volume and netflow is monitored to enable an appropriate response to disruptive events such as Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.; ; Further information is available on request.
• Outage reporting: We use an independent 3rd party service (Pingdom) to monitor the site and create a public record of availability. It is available at:; http://stats.pingdom.com/3as4us3d6yr7/674246

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Privileged interfaces available to INOVEM support staff only are protected by secure passwords, specific user accounts, encryption in transit on all protocols, and access is restricted to a key set of physical locations.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Socotec Certification International (UK) Ltd
• ISO/IEC 27001 accreditation date: 03/05/2022
• What the ISO/IEC 27001 doesn’t cover: The scope of our certification was determined in conjunction with CESG and includes every aspect of the operation, support, delivery and development of Kahootz, with no exclusions.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Kahootz is accredited to ISO27001:2013. We have a detailed set of policies and procedures that ensure our rigorous approach to security is followed consistently. Security is a board-level responsibility. We have monthly, quarterly and annual reviews involving senior management, together with an annual audit by an accredited security professional.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Kahootz has a documented change management process that meets the requirements of ISO27001. Before any change to the service, we investigate the risk, impact, security implications, testing requirements, rollout and rollback options. Major changes must be reviewed and approved by senior management before they can proceed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Potential threats are documented and tracked through to resolution using our ISO27001 "Incident and Weakness" procedures.; ; Security related issues are automatically given our highest priority classification and if a patch is required, we aim to deploy a mitigation within 1 hour and a resolution within 24 hours.; ; Information about threats is gathered from sources such as security bulletins and product vendors.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Operating system logs, network activity, disk use and application audit logs are carefully monitored to identify unusual events or unusual levels of activity. Any issues are treated as a priority 1 issue and investigated fully.
• Incident management type: Supplier-defined controls
• Incident management approach: Kahootz has a documented procedure for reporting, investigating and analysing security incidents and weaknesses. Each incident is assigned an owner who has responsibility to manage the initial actions required to deal with the incident and corrective actions to prevent it from happening again.; ; We undertake a regular review of incidents to identify opportunities for improvement.; ; Users report incidents through the Kahootz support desk. If an incident report is required, it is provided by email to Site Owners.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  As a cloud-based collaboration software platform, Kahootz enables organisations to connect and teamwork with external agencies, suppliers and key stakeholders without needing to physically meet. This both minimises the carbon footprint and provides substantial savings on time and travel costs.
• Covid-19 recovery:

  Covid-19 recovery

  Kahootz is currently used by the Cabinet Office, Department of Health & Social Care, NHS England & NHS Improvement and UK Health Security Agency to support collaborations around COVID-19. During the pandemic, INOVEM Ltd provided extra assistance and discount offers to assist public and private sector companies to deal with the pandemic.
• Tackling economic inequality:

  Tackling economic inequality

  Kahootz is specifically used by organisations, such as the UK Ministry of Defence, to create a more inclusive and diverse supply chain of SMEs and local entrepreneurs. Delivered at a lower cost than traditional Defence IT solutions, Kahootz is directly responsible for disrupting the status quo and creating new opportunities for collaboration and increased productivity between the public and private sector organisations.
• Equal opportunity:

  Equal opportunity

  All INOVEM Ltd cloud software services are tested against WAI-AA standards to ensure accessibility for users with disability issues.

Pricing

• Price: £3.59 to £10.97 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: » Free for 30 days; » Unrestricted access to all features; » Access to online Kahootz Knowledgebase; » Access to sample workspace templates; » Full customer support; » 25 users, 2Gb storage, unlimited workspaces — (contact us if you want to try with more!)
• Link to free trial: http://www.kahootz.com/start-trial/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@kahootz.com. Tell them what format you need. It will help if you say what assistive technology you use.