Syncity Ltd

Hashiru Strategic Business Intelligence

In a world captivated by numbers, the real essence of your business—its untold story—is woven through qualitative data: the decisions, conversations, and insights often overlooked.
We turn your untold stories into structured insights, giving you the clarity to adapt and the confidence to evolve.

Features

• Built on the proven Salesforce Platform
• Powerful analytics capabilities allowing for real-time BI reporting
• Browser User Interface
• Structure unstructured Data
• Understand and address possible barriers to business delivery
• Tasks, Actions, Risks and Issues easily tracked and managed
• Agile project management methodology with the correct level of governance
• Full audit of all Decisions made
• Flexible timeboxes of activity
• Flexible Dashboards

Benefits

• Mobile, remote and home working
• Real time management information
• Automated reports
• Control and governance
• Make informed decisions
• Ensures that IT and the Business are working together
• Capture all Discovery and Decisions in one place
• Set length of project and resources upfront
• Promotes a more agile collaborative way of working
• Ensures visibility of projects

£25.00 to £25.00 a licence a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@syn-city.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

680416026462861

Contact

Richard Godfrey
07493074025
hello@syn-city.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements: Supported Versions of IE, Chrome & Safari

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday to Friday 9:00am to 5:30pm
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Same business day
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online documentation and video is provide to help users start using the service.; Hashiru comes in a pre-configured Org for users to begin using the application immediately. There is no set up or configuration required.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Video
• End-of-contract data extraction: There are a number of options available for customers to extract their data from the service, either during the contract or when the contract ends. We encourage customers to export their data during their contract on a periodic basis to maintain a local copy of their salesforce database, rather than wait until the end of the contract.
• End-of-contract process: Upon receiving notification of termination of contract your account will be closed based on either the requested termination date or upon expiration of your contract. If there is no subsequent extension or new contract formed then the customer will be entitled to extract all of their data from the cloud environment using a standard set of tools provided within the salesforce platform that underpins Hashiru.; ; Your data will be available for 30 days from the date of termination and can be exported from ditch in standard CSV files by the customer using standard data management tools including the SalesForce Dataloader application. The data can be securely downloaded and, if necessary, ditch can perform intermediary services to extract the data in a specific CSV format at an additional cost (which will vary according to the volume and complexity of the data itself).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The Salesforce Mobile app allows users to access the platform from any mobile device enabling agile working practises to be achieved. The app is downloadable for free from various app stores.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Hashiru is built on the Salesforce platform. The Salesforce interface is a modern and intuitive design, with help functions throughout. The interface can be configured as maybe required or left as default.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Third-party vendors have completed an accessibility assessment of salesforce core products and have documented their accessibility status using these VPATs. Further details can be found on salesforce.com
• API: No
• Customisation available: Yes
• Description of customisation: Point-and-click configuration: The Salesforce platform makes it easy to modify the functionality of Salesforce applications to meet your unique requirements. Working with the metadata framework and a series of simple point-and-click wizards, you can design custom user interfaces and modify the structure of the data model and the application’s business logic. Configuration enables organisations to modify objects, fields, validation rules, workflow, security settings, formulas, and much more without the need for code.; Hashiru does not require any customisation to work, but it can be enhanced by users. There is a core managed package that can not be customised.

Scaling

• Independence of resources: Each customer runs in a separate Salesforce Org. The multitenant application design, combined with the fastest servers and high-performance networking infrastructure available, guarantees fast performance.

Analytics

• Service usage metrics: Yes
• Metrics types: Hashiru is built on the Salesforce platform and can take advantage of its standard reporting and dashboard functionality. This allows users to build their own individual reports that allow reports of different types to be built. Ranging from real-time snapshots through to yearly summaries.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Other
• Other data at rest protection approach: Salesforce is compliant with a number of standards which require protection of data at rest (ISO 27001/27018, SSAE 16/ISAE 3402, SOC-1, SOC 2, SOC 3, PCI-DSS, TRUSTe Certified Privacy Seal, CSA STAR)
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can export their data using the reporting engine. All reports can be exported in CSV format. Data can also be exported via the API but for a more standard user, they can generate a report and export that report. There are features available that would enable an administrator to monitor, and in some cases prevent, the exporting of sensitive data in this regard.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Standard HTTPS TLS/SSL encryption is used for data in transit protection.
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Hashiru is built on the Salesforce platform. Salesforce Services are designed with the concept of continuous improvement and Trust in the infrastructure. Salesforce uses commercially reasonable efforts to make its on-demand services available to its customers 24/7, except for (minimal) planned downtime, for which Salesforce gives customers prior notice, and force majeure events.; Excellent availability statistics (historically 99.9%) are critical to Salesforce's customers’ success and to the success of Salesforce as a company.
• Approach to resilience: The service is delivered via the Salesforce platform which uses highly redundant networking. Data held in Salesforce is stored and processed in a primary server and replicated to a second site. Each server has multiple active clusters and use highly redundant carrier-class disk storage.
• Outage reporting: Hashiru is built on the Salesforce platform. Salesforce provides current and historical (the preceding month) data on service availability for each of their instances at https://status.salesforce.com.; A swagger-format API is available, as is an email notification system.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: The role-based security model only permits specified users to modify the configuration of the system. Access can be further restricted to only permit certain operations in 'high-assurance sessions', i.e. where two-factor authentication has been completed.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We follow the standards laid out in ISO27001 and have begun the process of obtaining accreditation to the standard.
• Information security policies and processes: We fully recognise that Information is a critical asset of our customers.; Our staff are given training (both initially and ongoing) that includes both data protection and information security. All staff must conform to these policies, breeches of these policies are taken very seriously and may result in disciplinary measures.; ; Any reports of suspected breeches to these policies can be made by ANY member of staff to ANY senior manager. All confirmed breeches are dealt with by a Director of the company.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We maintain a change log of environmental controls and operate releases via Salesforce processes. ; ; Any changes to LIVE services must go through our change control process which includes a Change Assessment Board. All changes must be documented and approved by the board prior to entering production.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Salesforce has various vulnerability management processes in place around internal scanning, external scanning & vendor patch release management. Technical operations and security personnel monitor vulnerability alerts and patch release notifications from vendors and other sources. There are associated evaluation and deployment processes in place. Salesforce also regularly performs self-vulnerability assessments using various tools and techniques, such as Qualys. There is also an on-going external application scanning service used.; the ditch project management app has to pass the Salesforce security review prior to being sold on the Appexchange.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Records all login attempts: originating IP address, time and success/fail against each user account. Information can be extracted for analysis against organisational policies. Configurable settings: enforce logins from an approved IP range and/or at certain times of day, maximum session length and automatic account locking after x failed login attempts.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Standard incident management ensures that all recorded incidents are triaged and routed to the appropriate resolver groups and, where necessary, escalated. In specific cases, it may be necessary to escalate incidents directly to the provider. We have a standard handoff process to ensure that end-to-end communication is maintained.; ; Users should report incidents by our standard support mechanisms i.e. by phone, or email depending on severity. For major incidents of any kind, regular telephone contact is then established until resolution.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  We sponsor local youth sports teams with each qualifying purchase to promote healthy kids and sport participation

Pricing

• Price: £25.00 to £25.00 a licence a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 30 day free trial - contact us for information

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@syn-city.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.