ecce.

Ensemble Event Management System (EMS)

Ensemble EMS is a fully-featured events platform. Create and manage unlimited, multi-day/multi-track events within the online app. Create custom event pages to advertise to your audience. Automated tools and workflows are designed to remove any administrative burden. Customizable to your unique requirements.

Features

• Add and manage unlimited events
• Customise multi-day and multi-track events
• Attendee registration
• Automated attendance certificates
• Import/Export attendee and delegate information
• Automate email and SMS event reminders
• Create custom event pages
• Automated feedback surveys per event
• No limits on users, events, venues, delegates or, attendees
• Custom reporting

Benefits

• Quickly manage events, venues, delegates or, attendees
• Upload CSVs to populate data in bulk
• Responsive design accessible to multiple devices
• Publish custom event pages
• Attendee’s and delegates can manage their own bookings
• Create custom feedback surveys per event
• Save time with Event templates
• Easily clone past events
• Manage users with groups and permissions
• Manage everything the easy to use admin system

£400.00 an instance a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brant@ecce.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

452956085509824

Contact

Brant McNaughton
01959525717
brant@ecce.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: An Internet connection and supported browser required to access service.
• System requirements:
  • Latest verions of Chrome, FireFox, Safari, Edge
  • Internet Exploer 11+
  • Mobile Safari, Chrome, Firefox

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support available 24/7. All issues deemed to be ‘mission-critical’ will be acted upon and where possible resolved within 8 business (UK) hours
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: All support is inclusive of our monthly fee. Included are a dedicated project contact, initial online training session, users docs (accessed within the application), phone (9 am to 5 pm) and email (24/7). All support is ‘unlimited’ and remains in place for the length of our contact. We can offer support to named contacts and third parties by prior arrangement.; ; Further training (online or onsite) can be agreed at an additional cost.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide an initial online training session with a member of the team to help you get set-up. Helps docs are also available available from within the app.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Key data can be exported from the app via CSV. We can provide a complete mySQL dump at any time.
• End-of-contract process: Once your initial contact has ended your service will continue on a monthly rolling basis, using the same terms. This is to ensure continuity of service and protection of your data. You can choose you to cancel your service by sending confirmation in writing to your account manager. Unless otherwise agreed the service will be cancelled at the end of your contact. If you are out-of-contract you will need to provide one months notice. Once your cancellation has been processed, all users will lose access to the system and any domain name used will be removed from the system. Application data (information and uploaded files) can be provided as a compressed zip on request. All data, backups, and files will be deleted in line with our data retention policies. For an additional fee, we can hold data back-ups for an agreed period of time, providing this falls in line with data retention laws.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The same level of service is available to both Mobile and Desktop users.
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: ------------------
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: None
• API: No
• Customisation available: Yes
• Description of customisation: The service can be tailored to work with exisiting business process. This is a bespoke service offered at addional cost.

Scaling

• Independence of resources: Each customer receives their own reserved instance of the application. This instance has its own dedicated resources allocated based on requirements. This minimises any disruption caused by other users on the system. All reserved instances and the cloud system as a whole are independently monitored. Resources can be scaled to meet demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Key metrics related to events can be found within the app. We can provide additional data on request. This can be in the form of a custom dashboard or a one-off report.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: Azure Disks are encrypted at rest (so when powered off the disks are encrypted) and the data is sharded and protected on the Azure Cloud so no single disk could be; removed to acquire your data.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Key data can be exported from the app via CSV. We can provide a complete MySQL dump at any time.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: SSH secure via public/private keys
• Data protection within supplier network: Other
• Other protection within supplier network: The traffic between the web servers and the DB servers is over azures private backbone.

Availability and resilience

• Guaranteed availability: Single Virtual Machine using Premium SSD – 99.9% (https://azure.microsoft.com/en-; us/support/legal/sla/virtual-machines/v1_9/); ; Azure Database for MySQL – 99.99% (https://azure.microsoft.com/en-; us/support/legal/sla/mysql/v1_1/); ; Azure Backup – 99.9% (https://azure.microsoft.com/en-; gb/support/legal/sla/backup/v1_0/)
• Approach to resilience: Available on request
• Outage reporting: Email and SMS alerts send to both Ecce a suppliers staff.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access restricted via username and password. Access can also be resticted to IP (range) on request.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We adhere to the ISO/IEC 27001 specification and are working toward certification.
• Information security policies and processes: Our information security policies and processes are confidential. We adhere to ISO27001 specification and are working towards certification. We can provide further details on request.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: As discussed in the Incident management process, any change requests to the environment are tracked through the tickets in the system that are deemed a P4 (Change Request) rating. As a result, the internal staff will follow the; change management process to assess the impact on their environment before initiating changes.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The servers are patched automatically once a month. Should a significant threat be idenifed an update can be triggered as soon as a patch is made available and tested. ; ; Information on threats comes from vendor providers via changelogs or subscribed threat lists.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The servers web applications are monitored and should they start to fail the team will investigate. The standard procedure for a compromised server is to take it offline, quarantine it and investigate offline if required.; ; Incidents once identified are triaged and default with inline with suppliers SLAs. The most serious incidents will be responded to within 1 hour within business time, 2 hours overwise.
• Incident management type: Supplier-defined controls
• Incident management approach: All requests regarding the platform flow through the Customer Portal using a ticketing system. This is the portal that users report incidents or automated monitoring/alerting notifies the Support Team to action an issue. In-office hours, the ticket will be triaged and classified between P1 (critical) and P4 (Change Request) which determines the SLA response time. Any incident reports will utilise this system to report issues to our clients. Full Process can be provided.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Equal opportunity:

  Equal opportunity

  At ecce. we celebrate diversity and are committed to creating an inclusive environment for all employees. We welcome applications from all suitably qualified candidates regardless of their race, religious beliefs, age, sex, sexual orientation or disability.
• Wellbeing:

  Wellbeing

  - We encourage our staff to close their laptops & phones to work communications at the end of their day ; - Limit the number of non-essential comms; - Limit the number of online and offline meetings ; - We respect our co-worker's status (do not disturb etc.) ; - Encourage our team to take breaks from their screens during the workday

Pricing

• Price: £400.00 an instance a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at brant@ecce.uk. Tell them what format you need. It will help if you say what assistive technology you use.