Agento Digital

Govintranet Wordpress Intranet & Extranet Deployment & Support

We offer comprehensive design, build and ongoing support for Intranets and Extranets based on the open-source GovIntranet WordPress theme, and provide Intranet solutions for a number of Central Government and NHS clients. We can quickly deploy the GovIntranet theme and customise the GovIntranet website with your branding and other requirements.

Features

• Discovery and prototyping phase
• Responsive WordPress design
• GovIntranet WordPress theme development and support
• Ongoing maintenance and updates of themes and plugins
• Accessibility (W3C) and usability reviews
• Facilitated training and documentation of all new features
• Hosting and monitoring
• Comprehensive reporting and analysis
• Helpdesk facility and comprehensive service level agreement
• Use of Git, Ansible, HTML5, CSS3, PHP, MYSQL

Benefits

• Fully secure and Cyber Essentials certified
• Agile development process adhering to GDS open standards
• Quickly develop working prototypes and launch services
• Fully compliant and transferrable code (you own all code)
• Rigorous testing and quality assurance
• Flexible contracts, helpdesk support hours and working arrangements
• Agreed Service Level Agreement with exemplary response guaranties
• Established partnerships with UK data centres
• Public sector specialists with decades of experience

£1,200 a licence a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at luke@agentodigital.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

513792418962683

Contact

Luke Oatham
0203 538 0068
luke@agentodigital.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No.
• System requirements:
  • Internet connectivity
  • Modern web browser
  • Access to private trusted network (private / hybrid cloud only)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond within one business day (8 hours for urgent tickets)
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AAA
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: We provide the same high-level of support to all clients. We operate a retainer-based system where you can choose the amount of support time that you require each month, generally starting at a base level of 2 hours per month. Clients can use support time flexibly for general advice and guidance, training and consultancy. Support hours can be rolled over within a financial quarter. Each client is assigned a technical account manager and we encourage clients to nominate a single point of contact. Support hours cost £120 per hour.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of any service we will train your team to use the new system effectively. ; ; - Administrator training; - Publisher training; - Online help and user community site; ; Agento Digital is committed to empowering clients to take control of their systems and all of our development is designed to allow clients full access. This means that project teams do not have to rely on us to make simple changes, and thus do not have to spend time/money on support and development requests (unless they wish to).
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: We provide a database archive file and a zip file of all media library assets including images, documents, audio and video files.
• End-of-contract process: After the Exit strategy is completed the service will be closed and any personal data securely destroyed inline with associated legislation requirements. ; ; We charge additional costs to provide help with data migration and installation on a new platform.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All sites are fully responsive to work across all devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The WordPress CMS has an easy to use editing experience that provides access to all content from across the site and supports easy updates. Our team will train you how to use the CMS as part of any ongoing support.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The interface has undergone usability and accessibility tests with screen-reader users across Government departments including BEIS, Crown Commercial Service and Cabinet Office.
• API: Yes
• What users can and can't do using the API: Our system can be fully extended with a variety of API endpoints, enabling users to undertake a wide range of frequent tasks as required. Full details can be discussed and agreed at service commencement.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our service allows a high level of customisation, which is based around specific client requirements. As part of service commencement any customisation requirements will be discussed and scoped - this is likely to focus around functional requirements. Our agile delivery methodology ensures that regular updates are provided in a transparent manner, allowing adjustments to be made throughout the project lifecycle.

Scaling

• Independence of resources: Each service uses a separate virtualised server. Resources are not shared between services.

Analytics

• Service usage metrics: Yes
• Metrics types: Bandwidth, server load, disk space.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The administration interface allows users to export all or a selection of data to a JSON file ready for import into another WordPress instance.
• Data export formats:
  • CSV
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Depending on the level of service required we can support high availability environments up to 99.999% uptime. As standard we guarantee our minimum level of availability to 99.9%. Refunds for loss of service will be agreed as part of our service engagement process.
• Approach to resilience: We are experienced in building and maintaining high availability cloud configurations with full redundancy. Further information is available on request.
• Outage reporting: Outages are reported by email alerts, sms updates and public dashboards can be configured if required. Our dedicated support team will provide frequent updates during any outages as part of our service level agreement and can subsequently provide a report into the root cause and resolution.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: The management interface is configured with a range of roles and permissions, which are used to restrict access for specific users.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Internal guidelines, policies, and procedures are in place to ensure effective operational security with controls to mitigate risk.
• Information security policies and processes: All relevant staff have completed full Disclosure and Barring Service Checks. We complete quarterly information security reviews to ensure that standards are maintained and we follow a cycle of continuous improvement.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We have an agreed change management process to allow services to evolve over time. Before any service updates a security impact report is completed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We adopt a range of good practice approaches and industry-standard tools and patterns to detect and prevent intrusion or abuse, mitigate the impact where it occurs, and monitor and report on the health of the servers so we can identify problems quickly and take appropriate action.; We put the emphasis on preventing unauthorised server access, by minimising the attack surface exposed to the outside world, and locking down services and ports to minimum needed to run WordPress websites. Security patches to production services are applied immediately.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We scan installations for malware and for changes in files. Potential compromises are assessed for risk based on security, personal data and malicious activity. We make immediate contact with the client nominated point of contact with details of risk level, mitigation and time scales for fixes.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents cover various categories including software security vulnerabilities, user-based problems and external attacks such as DDoS. Some incidents will be reported by our monitoring systems while others will be by users via our helpdesk. We follow industry standard procedures for responsible disclosure of security bugs.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  As a small business, we help to fight climate change by offsetting our carbon footprint for cloud hosting and each member of staff. We plant 100 trees for each new subscription to the Govintranet service.

Pricing

• Price: £1,200 a licence a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at luke@agentodigital.com. Tell them what format you need. It will help if you say what assistive technology you use.