Accenture (UK) Limited

Accenture Email Security Services

A managed email security service to protect your email services from spam, malware and phishing attacks. The ability to perform advanced email routing, encryption and data loss prevention for your outbound email.

Features

• Defend against spam, phishing and malware
• Secure email transmission with TLS encryption
• Data Loss Protection
• Advanced Sandbox analysis of zero-day threats
• Time of Click protection for embedded URLs

Benefits

• Reduce exposure to security threats
• Fully managed to limit time required from your staff
• Rapid deployment

£190 to £2,310 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.TenderMonitoring@accenture.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

513785687951383

Contact

Sarita Sudera
+44 20 3335 4305
UK.TenderMonitoring@accenture.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: No specific constraints
• System requirements: No specific system requirements

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Response times depend upon severity of issue, these will be agreed as part of the SLA with each customer.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The services are provided with a standard support level. This can be enhanced with the provision of a dedicated engineer or account manager where required, particularly with large or complex customers this is recommended.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The service only requires backend infrastructure changes, there is no end user training required. Accenture will provide guidance on configuring the relevant DNS and firewall rules to allow the service to accept mail for the customer and connect to their local email systems.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: No data extract required
• End-of-contract process: The customer will reconfigure their DNS MX records to direct email traffic to their new service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: No difference between mobile and desktop service as filtering is done before email reaches these devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface provides the ability to configure a set of heuristic and AI rules for filtering, routing and matching email. The interface is a web based portal which allows detailed configuration of the products.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have a number of administrators using screen readers and other assistive technology to interact with out management console; these users have been able to manage the product successfully. We also use a number of static analysis tools to ensure compatibility with the relevant standards and tools for assistive technology.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Our infrastructure provides services across a very large number of customers. We have built in real time monitoring on volume of email by customer and the ability to throttle throughput on any accounts which are sending unusually high volumes of email (i.e. compromised accounts, broken scripts/applications, etc.) to prevent impact on other customers.

Analytics

• Service usage metrics: Yes
• Metrics types: The service will provide metrics on the following items:; - Availability; - Average Processing Time; - Volume of email transmitted inbound/outbout; - Volume of malicious emails
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller (no extras)
• Organisation whose services are being resold: Multiple partners. Refer to our additional resale terms and conditions

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: N/A
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.98% availability SLA covered by service credit regime in contract
• Approach to resilience: The service is load balanced across multiple sites with excess capacity in each site. An entire site can be taken out of service without impacting customer experience.
• Outage reporting: Any service alerts are displayed on the service portal.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: Access management for any interactive elements is done through a user name and password with a 2nd factor authentication device.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 2/10/2013
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 23/03/2017
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: CERT UVDB Silver

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Accenture has a comprehensive set of security policies and processes managed through our Client Data Protection programme. This includes training for all staff.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components of the service are managed within a CMDB which is integrated with our change management system. Each Request for Change is tagged against the specific Configuration Items being updated. The change process includes review and approval of RFCs by a security reviewer team.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The services are regularly scanned by automated tools to detect potential security vulnerabilities. All recorded vulnerabilities are tracked through our vulnerability management system to closure; the target resolution time will depend upon the severity of the vulnerability. Patches are deployed on a regular basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We use a number of monitoring processes to detect attempts to compromise the services. Any detected events are responded to by our security team as quickly as possible. More specific information may be provided to potential customers under NDA if required.
• Incident management type: Supplier-defined controls
• Incident management approach: Accenture's Security Operations Centre manages all security incidents for the company's services globally. This includes standard processes and procedures for investigating the incident, engaging with relevant stakeholders and managing remediation.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Scottish Wide Area Network (SWAN)

Social Value

• Fighting climate change:

  Fighting climate change

  Accenture’s environmental strategy focuses on three areas to fight Climate Change: running efficient operations that reduce emissions and other impacts; enabling client and supplier sustainability; engaging and influencing our people, leaders, partners, and other stakeholders as throughout targeted activities and initiatives. Influence environmental protection and improvement: • Accenture is working to achieve net zero emissions by 2025. We are proud to be aligned to the Science Based Targets initiative. • Engagement to raise awareness: We will use the Carbon Disclosure Project’s (CDP) supply chain tools to promote engagement and sustainable business practices with our suppliers. CDP methods are recognised globally as setting the industry standard for sustainability of supply chains. • Co-design/creation: Our ‘Responsible by Design’ framework will guide our work so that the solutions we create for each buyer will include environmental protection and will reduce negative effects whilst maximising benefits. Additional environmental benefits: • Training and education: Our delivery nominated Sustainability Coaches will ensure we are focusing on environmental protection and improvement throughout our work. We will use our Sustainability Quotient (SQ) training to develop our skills and adopt climate smart behaviours. • Partnering/collaborating with the community: Engagement with communities throughout call offs will support the delivery of environmental objectives. We will improve our environmental outcomes in call offs through buying locally and ethically, sponsoring local environmental protection events, offering training and apprenticeship schemes, and building environmentally friendly services and products. We will leverage partnerships with bodies such as SciStarter to influence the public to contribute to climate projects. Reporting: • We use regular surveys and measurement to identify and implement opportunities to support the environment and tackle climate change. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.
• Covid-19 recovery:

  Covid-19 recovery

  One of Accenture’s core values is Stewardship, which includes helping improve the communities in which we live and work. As such, we are committed to helping local communities to manage and recover from the impact of COVID-19. We are committed to ensuring that the G Cloud 13 contract supports local organisations and communities to manage and recover from the impacts of COVID-19. We will do this by: Supporting local businesses: • We will work with small/growing organizations to help optimize and grow their businesses. We will provide access to Accenture Leadership through hosting online workshops providing business mentorship opportunities to SMEs. Investing in people to create opportunity: • Accenture will support individuals to maximize their employability through training, apprenticeship, work placements, mentorships, and other initiatives where applicable at call offs. Our initiatives will develop new skills that can keep them employed, upskilled and resilient in an uncertain job market. Our approach focuses on engaging with those who have been hit hardest by the pandemic in terms of employment opportunities including NEET and young people to enable them to get upskilled. Rebuilding local communities: • At call offs, we will invest in supporting local communities to recover from the less tangible effects of COVID-19. Mental health and isolation have become increasingly pressing issues during the pandemic particularly among the socially vulnerable. • We are committed to supporting local and national charities to rebuild connections between people in the community. Our staff volunteer through our charity network in Leeds, Newcastle and London to create volunteering opportunities for all. Reporting: We use regular surveys and measurement to identify and implement opportunities to support Covid-19 recovery. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.
• Tackling economic inequality:

  Tackling economic inequality

  Accenture’s commitment in the UK extends beyond the Equality Act’s protected characteristics to include ensuring that individuals from lower socio-economic backgrounds. Entrepreneurship, growth, and business creation: Our established Accenture programmes support social mobility across a range of activities including outreach, work experience, recruitment, progression, and advocacy. Employment: • We will continue to offer our world class apprenticeship and graduate programme which provides opportunities for young unemployed people and creates a path to long term employment. The aim of Accenture’s apprenticeship and graduate programmes is to expand our talent pool by finding, training, and developing young people for a career in technology. This is part of our broader commitment to creating entry level opportunities in the technology and digital sectors for those facing greater barriers to entry. Diverse supply chains: • We remain dedicated to help develop small, medium and diverse suppliers through our Diverse Supplier Development Programme, Procurement Plus. By standardising and simplifying how we do things, we lower the barrier to entry for diverse SMEs to our supply chain. • Making our payments in accordance with the Prompt Payment Code and regularly reporting on the % of payments within 30/60 days. Innovation and disruptive technologies • Accenture’s Innovation Programme - started in 2014, the programme will be used to leverage insights from within the Accenture organisation to resolve our clients’ problems. Over the last year, Accenture has taken 7 innovations through the full patent process and have a further 6 within the process itself. Several of the innovations have been taken forwards with clients directly. Reporting: We use regular surveys and measurement to identify inequalities and implement measures to tackle them. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.
• Equal opportunity:

  Equal opportunity

  Accenture is committed to accelerating equality and creating a work environment where everyone belongs. Our commitment starts at the top with our board and extends across the company. Identifying and tackling inequality in employment, skills and pay: • Inclusive and accessible recruitment practices: we provide opportunities appropriate to individuals from different backgrounds and at different stages in their career. We have partnered with a diversity software programme to drive a non-biased recruitment processes removing the need for human screening during the initial candidate sift. • We provide a range of learning and employment routes to tackle inequality and give opportunities to young people from disadvantaged backgrounds, including through our Technology Apprenticeship Programme and Movement to Work Scheme. • Reducing Gender Pay Gap: we are working towards eliminating gender-based pay disparity. Our median gender pay gap in the UK is 12.1% (UK=15.5% (ONS)). • Quarterly ethics/ unconscious bias training: all our employees must complete this training. We had global compliance of 99% in 2020. Supporting in-work progression including for those from disadvantaged/ minority groups Training and mentoring opportunities to disadvantaged and under-represented groups is a powerful way to raise their career aspirations and fulfil their potential: • Our Networks of champions and allies can provide support in development and tailored mentoring for career progression, e.g., our South Asian network recently ran a Women’s Leadership Development workshop covering topics such as ‘Career Progression’. • ‘Accent On’ initiatives (such as gender/family/enablement/ethnicity) promote sharing knowledge and understanding to create cohesive and supportive diverse teams where everyone belongs and feels motivated. Reporting: We use regular surveys and measurement to identify inequalities and implement measures to tackle them. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.
• Wellbeing:

  Wellbeing

  Accenture has a responsibility to our employees and the communities we work within to lead in advancing the mental and physical wellbeing agenda. People are our greatest asset. Supporting physical and mental health in the contract workforce: We strive for excellence in relation to how we support our employees’ Health and Wellbeing (H&W): • We actively encourage physical fitness through access to a multi-channel fitness experience catering to all levels. • Mental Health at Work Pledge – we are committed to upholding a set of standards that improves and supports the mental health of our people. • We offer private medical insurance, including unlimited access to GP appointments, and our Employee Assistance Programme (EAP) which includes full access to confidential counsellors supporting our employees’ long-term mental health needs via a dedicated 24/7/365 helpline to all staff. Influencing staff, suppliers, customers and communities through the delivery of the contract: • We will run our Truly Human workshops that focus on wellbeing – Heart (sense of belonging), Mind (mental wellbeing), Body (physical wellbeing) and Soul (sense of purpose). • We pride ourselves on mental health literacy of our staff and will provide opportunities to learn how to manage mental health effectively by: o Providing all members of staff with a mental health ally. o All staff will complete Mental Health Awareness courses so they can have effective conversations with their teams about mental health. • We will leverage Accenture Volunteering Programme to deliver volunteering days to drive positive health and wellbeing impact in the community. Reporting: We use regular surveys and measurement on staff wellbeing and explore opportunities to provide best-in-class support. To manage our social value commitments at call offs, we will use www.SocialValuePortal.com, a leader in social value contract management who will provide transparent 3rd party verified reporting.

Pricing

• Price: £190 to £2,310 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at UK.TenderMonitoring@accenture.com. Tell them what format you need. It will help if you say what assistive technology you use.