Capricorn Ventis Ltd.

Glu Platform

Glu Platform is a suite of solutions enabling data and process management across a range of business areas, including customer, communications, marketing, opportunity and service management. It extends to asset, event, product and contracts management. Data can be shared with specific B2B collaborators, and/or published to a B2C marketplace.

Features

• Core CRM: All Data and Functions, Communications and Service
• Additional Scope: Assets, Events, Products, Agreements and Contract Management
• Marketplace: Publish, Share and Collaborate with Everybody or Anybody.
• International: Multilingual, Multi User Needs and Accessibility
• Secure, GDPR Compliant and Scalable
• Data Collections, Measures and Descriptors Linked to any Entities
• Integration: Open APIs, IoT, Real Time, All Connector Formats.
• Self Service and Internal/External Control of Own Data
• Guided Data Entry and Work Flow
• Analytics: Modern and Innovative Search, Discovery and Insights

Benefits

• Scope Ranges from One Area to As Many as Needed
• Everything in One Place and Connected, with No Data Duplication
• Very Sophisticated yet Simple to Configure, Deploy and Use
• Unlimited Range of Data, Descriptors and Content; Customisable
• Seamless, Covers Operational End to End.
• Search and Analytics Incorporated
• Data Sets Easily Created and Exported
• Data Self Service and Maintenance by External Customers and Collaborators
• Connects and Integrates with Any External Channels and Systems
• Built on Modern and Scalable Technolgies

£5 to £100 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brian.oflynn@capventis.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

435073283706552

Contact

Brian O'Flynn
+44 845 313 8696
brian.oflynn@capventis.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Glu Platform can extend to any internal or external system, as well as oprerating as its own system.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No. Glu can be deployed locally or hosted by the main cloud vendors. ; We are open to discussing and accomodating specific needs or scenarios.
• System requirements:
  • High Speed internet connection
  • Standard Browser
  • Any Connected Device

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Typically an initial response is given within an hour.; Support times 9:00hrs to 17:00hrs, Monday to Friday (BST).; Weekend support can be provided by special request.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Capventis provides standard support level agreements which are delivered on a flat fee basis. Once received, the support request is triaged, prioritised and addressed by our team of business and technical experts. When the request can be addressed or fixed straight away, it is. Otherwise, depending on the nature of the problem, it is promptly escalated within Capventis and Glu Systems. Remediation options are then discussed, explored with our client and actioned where possible.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Capventis provide customers with full on-boarding support, including implementation, training and bespoke consultancy.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: The data can be extracted to .csv, JSON & xml files
• End-of-contract process: There is no additional cost at the end of the contract. The entitlement to use the software ends.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The service has been designed to work on Mobile Devices. As the screens are responsive the layouts will automatically change to fit Mobile and Table devices
• Service interface: No
• User support accessibility: WCAG 2.1 AAA
• API: Yes
• What users can and can't do using the API: Glu Platform provides a GraphQL and REST API, and also supports integration to any standard interface or protocol.
• API documentation: Yes
• API documentation formats:
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The Glu Platform is designed to be configurable by business users and designers by maintaining, adding or removing business parameters in simple-to-understand drop down lists of values and guided forms.; ; The Glu Platform can be customised at system component levels, typically carried out by Glu and/or Capventis teams.

Scaling

• Independence of resources: The Glu Platform is fully deployable and scalable across multiple cloud service instances. It utilises enhanced load balancing and caching, with auto scaling when necessary.

Analytics

• Service usage metrics: Yes
• Metrics types: Everything in the Glu Platform is audited and tracked, from users logging on and off, to an audit log of all data creation, maintenance, voiding and deletion. Performance and System Status data are also tracked and exposed.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Glu Systems (SaaS) Spun out of Capventis (Integrator), Summer 2022.

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: A user can export their data by using the Glu API(s).
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • XML
  • JSON
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • XML
  • JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Glu Systems Service Levels.; Dependent on service infrastructure, for example AWS, Azure or In-House.
• Approach to resilience: Data Centre is dependent on the Cloud Hosting Service Provider. ; Typically we use a choice of AWS or Azure.; We can configure resilience based on contractual requirements.
• Outage reporting: Yes, we do include public dashboards, an API and email alert.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access restriction depends on client requirements but can include a range of authentication and control mechanisms as needed.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: Capventis follow client standards and adheres to ISO27001/2

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: At Capventis we implement a formal blueprint process, within our overall IMPROVE framework, and pre-agreed Statement of Work (SoW). Development cycles include functional and non-functional testing in dedicated test environments. Once approved via Internal QA Process, we release for user acceptance testing and then schedule risk-managed promotion to the live environment.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We regularly patch systems and actively maintain/enforce security policies and procedures. Within the procedures, we include client-specific security requirements along with current industry best practice. Internal assessments involve all relevant parties, including clients. We assess in accordance with both industry standards and relevant project requirements. We employ active monitoring processes to highlight issues as soon as they occur. Additionally, we employ network hardware and software to protect our systems. We gather information about potential threats from our suppliers, antivirus companies, clients, trusted technical media, telecommunications providers, and internal resources.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We identify potential compromises in several different ways, some dependent on available services within client or supplier environments. Manual checks and software monitors and alerts us to potential network attacks and/or breaches. We raise issues with senior management and instigate detailed investigations and associated threat assessments immediately. If necessary, we quarantine the machines and network segment(s) affected and/or close down compromised devices. We can then address the issue within a quarantined environment before determining how to restore services and resolve matters arising. We also employ third parties to test services, and support clients in testing or monitoring for incidents.
• Incident management type: Undisclosed
• Incident management approach: We use a ticketing service within our CRM system where clients can raise, respond to, and track incidents. We also provide ‘front-desk’ support calls, where clients can call and raise issues via telephone. For common events, we provide a client Wiki and for more complex client environments, full troubleshooting guides and supporting documentation. We flow-chart common issues to ease resolution, and review processes regularly to resolve/remove regularly occurring or more common issues.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The Glu Data model supports an implementation that reduces record duplication, network data transfers and storage requirements. This reduces the resource and energy requirements to host the platform.

  Covid-19 recovery

  The platform helps organizations adapt to the challenges posed by the pandemic by providing a data capture tool insights into all aspects of the pandemic.

  Tackling economic inequality

  Help manage, identify and address all disparities in the provision of services to disadvantaged groups.

  Equal opportunity

  Ensuring inclusivity by providing accessibility options and multilingual support, allowing all customers to participate regardless of their backgrounds.

  Wellbeing

  As the platform is intuitive and easy to use it promotes wellbeing for its' users and end customers.

Pricing

• Price: £5 to £100 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Up to the end of 2024, data management and integration components of our platform are provided as a support service. Certain functions, such as basic/foundation market published information and related consumer search are free. Also certain not-for-profit or charitable organisations will benefit from free to preferential pricing.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brian.oflynn@capventis.com. Tell them what format you need. It will help if you say what assistive technology you use.