APPTechnology

Browsium - Securely overcome Legacy Java and web application compatibility

Browsium is a browser management solution that enables you to overcome web application compatibility issues with Java, Oracle and other legacy plugins on your browser estate. APPtechnology will provide a proof of concept environment for your applications then deploy and maintain service under SLA.

Features

• Securely run legacy and current versions of Java
• ActiveX controls can be invoked without local install
• Lock down Java usage to sites designated by IT whitelist
• Inject or replace HTML, JavaScript or CSS in real time

Benefits

• Remove security threats and standardise on the latest browsers
• No need to switch between separate environments or launch VMs
• Avoid cost and complexity of virtualization and application rewrites
• Use latest secure Java version without breaking older Web Apps

£40 a user

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at martin.sweeney@apptechnology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

587422703760490

Contact

Martin Sweeney
0207 469 4053
martin.sweeney@apptechnology.co.uk

Service scope

• Service constraints: None
• System requirements: Internet Explorer or Chrome in use in enterprise

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 24/7 4 hour response
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Dedicated account manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Onsite implementation, remediation of web applications and administrator training.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Not applicable
• End-of-contract process: Toolset functionality reduced.

Using the service

• Web browser interface: No
• API: No
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Automatic
• Independence of resources: Ion process runs locally to user, overall demand does not impact individual users.
• Usage notifications: No

Analytics

• Infrastructure or application metrics: Yes
• Metrics types: Other
• Other metrics: Enterprise browser usage
• Reporting types: Regular reports

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Browsium

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks: Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: 99.9%
• Approach to resilience: Not relevant to Ion
• Outage reporting: Email alerts

Identity and authentication

• User authentication: Username or password
• Access restrictions in management interfaces and support channels: All adminstrative activity logged
• Access restriction testing frequency: Less than once a year
• Management access authentication: Username or password
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: Between 6 months and 12 months
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: Between 6 months and 12 months
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: Internal policies and cyber essentials Plus

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Waterfall
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Internal supplier controls
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Supplier defined controls
• Incident management type: Supplier-defined controls
• Incident management approach: Supplier defined controls

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: No

Energy efficiency

• Energy-efficient datacentres: No

Social Value

• Fighting climate change:

  Fighting climate change

  As per APPtechnology Environmental, Sustainability and Waste Policy v2 May 2021
• Covid-19 recovery:

  Covid-19 recovery

  As per APPtechnology Business Continuity Plan v4 May 2021
• Tackling economic inequality:

  Tackling economic inequality

  The Company has formulated a policy called “Remuneration Policy” to ensure the payment of equitable, competitive remuneration to all Directors, Key Managerial Personnel and employees of the Company which is based on individual performance, Company’s benchmark, Industry practices and performance of the Company as a whole.
• Equal opportunity:

  Equal opportunity

  As per APPtechnology Equal Opportunities Policy v2 May 2021

Pricing

• Price: £40 a user
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at martin.sweeney@apptechnology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.