EASY SOFTWARE (UK) LTD

EASY Archive Cloud

EASY Archive Cloud provides a powerful solution for document archiving in the cloud. It lets you archive in a compliant manner, properly maintaining, keeping and storing documents in electronic form. You can access archived documents anytime, anywhere, with each document being found quickly through the Web client or Smartphone app.

Features

High availability server landscape 99.5 %
Full text search across folders available
Maximum data security - high-security data centres and encrypted transmission
Automatic text recognition of archived documents with integrated OCR function
Remote access via tablet, smartphone or laptop / PC
Interfaces for convenient data transfer
Concurrent access by multiple user
Revision-proof archiving to guidelines
Unchangeable activities log makes all changes transparent
Certified to ISO/IEC 27001

Benefits

Intuitive usability, means quick and easy access for all users
Enables archiving in compliant manner in electronic form
Documents are saved based on the Data Protection Act
Safely access data archived in the cloud at anytime, anywhere
Auto-versioning means immutability of files once archived
Save tax-related data and documents subject to retention requirements
Preconfigured and ready to use so quick to deploy
Convenient data transfer for use as part of tax audits
Enables cost optimisation of production systems, decommissioning of legacy applications
Provides opportunity to improve strategic decisions through data analytics

£200.00 a unit a month

Free trial available

Service documents

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rachel.taylor@easy-software.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

Contact

EASY SOFTWARE (UK) LTD Rachel Taylor
Telephone: 01284 727870
Email: rachel.taylor@easy-software.com

Service scope

Software add-on or extension: No
Cloud deployment model: Public cloud
Service constraints: None
System requirements: Document archival via https, webservice, sftp

Document read via https

User support

Email or online ticketing support: Email or online ticketing
Support response times: 2-hour, priority level 1 responses within standard office hours
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: Standard Support: 9 to 5 GMT, Mon to Fri
24x7 optional for priority 1 incidents (additional cost)
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Online training documentation and videos.
Onsite training is available at additional cost.
Service documentation: Yes
Documentation formats: HTML

PDF
End-of-contract data extraction: Xml export provided by EASY
End-of-contract process: All data is exported and made available for download.
If required EASY supports the customer in migrating its data to another platform (optional consulting service at additional cost)

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: No differences
Service interface: Yes
User support accessibility: None or don’t know
Description of service interface: RESTful webservice
Accessibility standards: None or don’t know
Description of accessibility: Web browser based, https, sftp, RESTful web service
Accessibility testing: N/A
API: Yes
What users can and can't do using the API: Read and Write, Documents retrieval, basically all product functionality
API documentation: Yes
API documentation formats: HTML
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Through consultation

Scaling

Independence of resources: Through on-going Capacity Management, details available upon request.

Analytics

Service usage metrics: Yes
Metrics types: Availability metrics and usage

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: None

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Supplier-defined controls
Penetration testing frequency: Less than once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with another standard

Other
Other data at rest protection approach: Redundant storage and backup
Strict access policies
Data sanitisation process: Yes
Data sanitisation type: Deleted data can’t be directly accessed
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: Through consultation
Data export formats: CSV

Other
Other data export formats: Xml

Download in native format
Data import formats: CSV

ODF

Other
Other data import formats: All electronic document formats

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Other
Other protection between networks: Firewalls, IP-Filtering, on-going virus scan
Data protection within supplier network: TLS (version 1.2 or above)

Other
Other protection within supplier network: Firewalls, IP-Filtering, on-going virus scan, ITIL based service delivery, strict access management and processes

Availability and resilience

Guaranteed availability: 99.5% on sever level
Approach to resilience: Available on request
Outage reporting: Recognised by monitoring

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Username or password
Access restrictions in management interfaces and support channels: Role and right based access management
Access restriction testing frequency: At least once a year
Management access authentication: Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information: Users contact the support team to get audit information
How long user audit data is stored for: Less than 1 month
Access to supplier activity audit information: Users contact the support team to get audit information
How long supplier audit data is stored for: Less than 1 month
How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: Certivation GmbH
ISO/IEC 27001 accreditation date: 01/12/2021
What the ISO/IEC 27001 doesn’t cover: No out of scope activities.
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: ISMS in accordance with ISO27001, augmented with industry good practice

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Operate an established change management process. More details are available upon request.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Threats are assessed on potential risk to service and data security.
Standard security patches are tested and deployed weekly. Any vulnerability actively affecting service would be patched as soon as possible.
We gather information by monitoring access, use and feedback to the service along with reports concerning components in use (os, db, web server, server side code components).
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: We log and monitor all access to the service, highlighting unknown ip, invalid service use, or invalid api keys.
Proactive systems (fail2ban) maintain a firewall approach to catch early attacks. If security is found to be compromised we would respond immediately with the goal to remedy as soon as possible.
Incident management type: Supplier-defined controls
Incident management approach: The incident management process is based on ITIL. Incidents are assessed on risk to service and user data security. Users can report incidents through any of our methods of contact. All reported incidents are logged. Incidents cause and efforts to prevent going forwards will be documented in our change control system. Reports would be provided at request.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Pricing

Price: £200.00 a unit a month
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: Comprehensive demo version available upon request with all features activated

Service documents

Request an accessible format

Cookies on Digital Marketplace

EASY Archive Cloud

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents