MICRO FOCUS

Micro Focus - File Analysis Suite (FAS) - SaaS

Micro Focus File Analysis solutions protect and secure data, reduce
information risk associated with data privacy, and provides secure access to critical data; to know where their data is stored,
who has access to it, and can passively or actively act on it, remediate
it, move it or delete it.

Features

• Data Privacy & Discovery
• Sensitive Data Management & Compliance addressing PI/ PII, PCI, PHI
• Governance of high-value assets, contracts, intellectual property & patents
• Data lifecycle management
• Content Analysis
• Data Mapping
• Actionable Analytics
• Data Quality Tools
• Rights bases Identity and access governance
• Security and governance across business-critical lead applications and repositories

Benefits

• Governance and Compliance: Deep data discovery, data classification
• Sensitive Data Analytics
• Risk mitigation
• Research Workspaces
• Data Subject Analysis
• Data Management: Remediation actions to be applied to selected files
• Data Subject Access Request (DSAR) processing
• Data Optimization - cleanup of legacy data

£5,168.23 an instance

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectoruk@microfocus.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

573959762108721

Contact

Micro Focus, now OpenText - Public Sector Team
01635 565330
publicsectoruk@microfocus.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
• Service constraints: No
• System requirements:
  • Internet Access
  • Web Browser

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 24 hours turn-a-round for standard support queries. Better times available at request.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Standard Support: Self Service & Outreach. Free.; ; Enterprise Support: Customer Success Manager & Solutions Expert Team. Upgrade review meetings. Yearly Service Reviews. Focus on Adoption. £20000 Annually.; ; Premier Support: Named Customer Success Manager. Named Solutions Expert. Managed upgrades with choice of date & project manager. Comprehensive upgrade planning. Quarterly service reviews. Relationship-based services. Incident and crisis management. £75000 annually.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training & education available through separate Micro Focus G Cloud offering. Provides live virtual and/or onsite classrooms at cost. Extensive user documentation and help website. https://www.microfocus.com/documentation/file-analysis-suite/
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Run export via standard UI.
• End-of-contract process: Service Decommissioning; Customer may cancel Micro Focus SaaS by providing Micro Focus with sixty (60) days written notice; prior to the expiration of the SaaS Order Term ("Cancellation”). Such Cancellation shall be effective; upon the last day of the then current SaaS Order Term. Upon Cancellation, expiration, or termination of; the SaaS Order Term, Micro Focus may disable all Customer access to Micro Focus SaaS solution, and; Customer shall promptly return to Micro Focus (or at Micro Focus’s request destroy) any Micro Focus; Materials.; Micro Focus will make available to Customer such data in the format generally provided by Micro Focus.; The target timeframe is set forth below in Termination Data Retrieval Period SLO. After such time,; Micro Focus shall have no obligation to maintain or provide any such data, which will be deleted in the; ordinary course.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: MyAccount, allows high level service dashboard. User & admin controls plus ticketing system.
• Accessibility standards: None or don’t know
• Description of accessibility: The service is generally WCAG 2.0 compliant but due to range of services and types of graphical data the service is constrained.
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: Data Discovery has a Rest based APIs (Gateway Service) which represents many of the features that are shown in the standard web user interface. ; All Gateway APIs are documented through the following URL. You can use this resource to research possible calls. Most of the methods are self-explanatory and relate to the UI interactions. However some of the names relate to the original functions e.g. for repositories use the “Job“ method.; https://www.demo.microfocusfileanalysis.com:9310/swagger/?TENANT=<tenant name>
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Each tenant is provisioned with standard grammars for PII detection but custom grammars can be configured using the UI using regex syntax; Each tenant is provisioned with default weighting labels to identify the level of risks associated with files. Label colours and scores can be editing and new ones created.; Each tenant is provisioned with default tag search criteria. New tags can be created with any keyword elastic search syntax, metadata and grammar entity criteria.; Term lists can be added from any text based source.; Workspaces templates can be created and edited to provide business processes based on analytical processing. Data Subject Access Request processing is provided but others can be created.

Scaling

• Independence of resources: Load balancing. Redundant architecture. 24/7 monitoring team.

Analytics

• Service usage metrics: Yes
• Metrics types: Utilisation, users
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Object and volume storage containing non-ephemeral data is encrypted using the industry standard AES-256 algorithm (Encryption at Rest).
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Run exports using standard UI
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • API
• Data import formats: Other
• Other data import formats: Agents are provided to index data

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide Customer access to the Software-as-a-Service production application on a twenty-four hour, seven days a week (24x7) basis at a rate of 99.9 % (“SaaS Service Uptime Metric”).
• Approach to resilience: "To ensure that infrastructures such as: Remote access, Active directory, DNS services, mail services, DB services, and mission critical customer facing applications such as: the Customer Authentication systems, and the Ticketing system are fully disaster recoverable, using Business Impact Analysis (BIA) MFI SaaS identified and prioritized system components and mission/business processes, and established the backup strategies required to enable both employees and customers to keep a communication channel open in case of any disruption.; In the standard Recovery Point Objective (RPO), MFI SaaS performs both on-site and off-site backups as follows: (Unless there is a special customer contractual requirement);  On-site backup occurs daily and includes a local copy of production data followed by an offsite backup of the same production data to a remote site.;  Backup process takes place out of working hours per region.; When there is a service disruption, customers are notified in accordance with the MFI SaaS customer notification Service Level Objective (SLO) statements."
• Outage reporting: We use a centralized notification system to deliver proactive communications about application changes, outages and scheduled maintenance.

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Keycloak
• Access restrictions in management interfaces and support channels: Industry standard Principle of least privilege (PoLP) is consistently applied. This is applied within the application, as well as within the back office (governing access to infrastructure resources, limiting intra-back office communications ,and so on).
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: The Certification Body of Schellman & Company LLC
• ISO/IEC 27001 accreditation date: 15/12/2020
• What the ISO/IEC 27001 doesn’t cover: 2013 wholly compliant
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Corporate policies are designed after ISO 27001

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: All non routine changes go through change control requiring approval and verification post implementation
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Monthly Qualys scans, risk assesment based on findings for remediation
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Sitescope plus other monitoring services. Respond in real time via 24/7 monitoring team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Follows industries standards and complies with all contractual terms. Users report incidents by phone or raising a support ticket. Incident reports are mailed out to user base.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  At Micro Focus, we are committed to reducing our environmental footprint and supporting the transition to a low carbon business. We encourage our employees to live and work sustainably – and help our customers and partners address their carbon footprint by implementing carbon-friendly IT strategies, which deliver greater efficiency and extend the life of their existing technology and equipment.; Through our support of the United Nations Sustainable Development Goals (UN SDGs), we are working to adopt and inspire sustainable actions across everything we do to help shape a more sustainable, inclusive and equitable future for all.
• Covid-19 recovery:

  Covid-19 recovery

  Micro Focus continues to manage the evolving situation and monitor closely how COVID-19 is affecting our communities, our team, our customers, and our partners.; Nearly two years since the start of global lockdowns, we continue to keep focused on helping you by making it easier to ensure business continuity for your remote workers and your organization. ; Micro Focus continues to maintain a state of full operational readiness. Given the unprecedented dynamics of the COVID-19 pandemic, our dedicated COVID-19 Steering Group, comprised of leaders from across our organization, continues to operate and collaborate to adapt our plans as needed.; The COVID-19 Steering Group is actively monitoring the evolving situation, working closely with our teams, customers, and partners locally to ensure that business continues to operate without disruption. Our own business continuity plans are robust, focused on maintaining the delivery of services and support to customers and partners worldwide while supporting our local team.; Having 40 years of experience helping customers navigate the need to build, operate, secure, and analyse their systems – the systems that keep important business and social functions running and optimized. COVID-19 has reinforced the importance of using that knowledge and experience to help our customers and partners. Our goal is to continue to be there for all customers and colleagues in whatever way they need.; We will continue to make content and resources available to all of customers and partners to help you keep your business plans progressing and ensure you have what you need for your own business continuity. We remain confident in the power of our people and of our collective ability to come out stronger. Please know that the entire Micro Focus community is continuing to do our part and are here to serve when and where needed.
• Equal opportunity:

  Equal opportunity

  At Micro Focus, we are committed to actions that support diversity and inclusion (D&I) in everything we do. We believe in the power of a diverse and inclusive workforce that reflects the many aspects of the customers, suppliers, and communities we serve around the world, and promotes equal opportunity for all. We seek to enable the needs of our customers, drive new business, fuel innovation, and attract, engage, and retain our employees.; We are committed to creating and maintaining an inclusive culture where every employee feels a sense of belonging, has opportunities to grow, express themselves, exchange ideas, and feel heard. This commitment includes providing fair and equal opportunities to both employees and prospective employees throughout their career journeys. We are actively striving to identify and eliminate biases and barriers (seen or unseen) that could delay or prohibit full participation by any individual or group. D&I also means we provide an ethical and safe workplace environment where we treat each other with dignity and respect, creating a culture free of harassment, bullying, and hostility. This is underpinned by our Code of Conduct.; We recognise that each person brings a unique set of qualities, attributes, backgrounds, skills, and perspectives to work. We aim to not only accept but to value and harness those unique differences. Our intention is to achieve our broad business goals by increasing representation of underrepresented people groups, including at the leadership level.
• Wellbeing:

  Wellbeing

  Employee wellbeing and maintaining mental health are key priorities at Micro Focus.; ; The Micro Focus Wellbeing program focuses on The Five Pathways to Wellbeing (Stay Connected, Be Active & Healthy, Maintain Emotional & Mental Health, Keep Learning & Give Back) and offers a rich library of resources including tips, videos and curated learning.; ; Micro Focus also celebrates World Wellbeing Week and Mental Health Awareness Week each year to further highlight the importance of wellbeing of all employees.; ; Mental Health Awareness training is provided for managers, employees and HR. Through our 24x7 learning resource partners, employees have access to self-paced training on topics such as stress, anxiety and burnout management, meditation, and mindfulness. In addition, we monitor employee sentiment and wellbeing through My Voice surveys.; ; A global Employee Assistance Program (EAP) is available to all employees and their family members to help address specific life concerns and stressors that impact concentration, motivation and enjoyment of life. Available in multiple languages, EAP is a free, 24/7 confidential service offering counseling and resourcesdesigned to help employees with family, relationship and parenting issues, financial and addiction concerns. ; ; Micro Focus launched a dedicated COVID Resource Center for all employees, providing specific health, wellbeing, including mental health resources such as webinars on managing work life balance, and coping with depression and anxiety. COVID-19 manager-specific training is also provided, offering both coaching and group discussion opportunities to help support managers themselves and to help managers support their teams.

Pricing

• Price: £5,168.23 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at publicsectoruk@microfocus.com. Tell them what format you need. It will help if you say what assistive technology you use.