VISION33 LIMITED

Saltbox

Saltbox is a cloud-native, low-code integration platform as a service (iPaaS) solution that empowers small and midsized companies to integrate disconnected business systems like ERP, CRM, and eCommerce.

Features

• Integrate disconnected applications and data sets
• Automate manual error-prone processes and tasks
• Synchronize data between business systems

Benefits

• Eliminate silos
• Get more value
• Accomplish more

£400 an instance a month

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at john.palmer@vision33.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

747473118985082

Contact

John Palmer
07771964312
john.palmer@vision33.co.uk

Service scope

• Service constraints: Planned Maintenance is scheduled and announced in advance
• System requirements:
  • Integrations as a service on demand fixed price annual subscriptions
  • Flexible Infrastructure locations utilising AWS

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Vision33 is able to deliver a configured support arrangement to meet the organisations requirements. Support is delivered standard UK Time 08:30 through 17:30.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: N
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Saltbox is designed as a Low Code Integration Platform as a Service and as such users find it quick and easy to pick up. Training is given online as requested
• Service documentation: No
• End-of-contract data extraction: Typically we don't store data.
• End-of-contract process: To be agreed with individual customers

Using the service

• Web browser interface: Yes
• Using the web interface: Map fields and design workflows with drag-and-drop ease.; Design and automate common transactional communications such as invoices and shipping notices.; Track workflow changes and revert to prior versions.; Discover, diagnose, and resolve failed transactions and workflows.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: N/A
• Web interface accessibility testing: None
• API: Yes
• What users can and can't do using the API: Construct real-time integration scenarios with lightning-fast, real-time data exchange.
• API automation tools: Other
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: No

Scaling

• Scaling available: Yes
• Scaling type: Manual
• Independence of resources: Each user has their own dedicated resources
• Usage notifications: Yes
• Usage reporting: Other
• Other usage reporting: User interface notification

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Memory
  • Number of active instances
  • Other
• Other metrics:
  • Message Rates
  • Message Success/Fail
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: AWS S3 service is used to store data and encryption at rest is enabled in the S3 bucket
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: No

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: No guaranteed availability. We utilise AWS and rely on their serverless services
• Approach to resilience: Available on Request
• Outage reporting: Email Alerts to affected customers

Identity and authentication

• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Roles and authorisations
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication
• Devices users manage the service through: Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Less than 1 month

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Currently in the process of achieved SOC2 certification
• Information security policies and processes: Currently in the process of implementing SOC2 policies and controls

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Vision33 uses MS Azure Dev Ops to manage source code production and deployments and utilises MS Azure GitHub Advanced Security for static security code analysis and third party dependency analysis.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Internal and third party vulnerability assessments. Patches are applied on a scheduled weekly basis. We use Crowdstrike Falcon to monitor threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We sue Crowdstrike Falcon to monitor potential threats which is reviewed on a daily basis.
• Incident management type: Supplier-defined controls
• Incident management approach: Vision33 have a dedicated support organisation responsible for collecting user reported incidents and proactive monitoring

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Third-party
• Third-party virtualisation provider: AWS
• How shared infrastructure is kept separate: Separate Tenants and separate virtual machines

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: As per AWS's protocols

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity

  Fighting climate change

  All of our services support organisations in the quest to deliver a carbon neutral existence by promoting removal of unnecessary infrastructure, remote working and a flexible working environment. Our services are digital with a default paperless principle. As a company, we have chosen to be a work from home environment. Our only major supplier (SAP) is actively pursuing intention to become carbon-neutral in its own operations

  Covid-19 recovery

  Vision33 and our services promote organisations in their digital revolution and this includes supporting organisations in their recovery from the COVID19 pandemic by enabling remote working, remote implementation, remote support and training of business operations. The result of these services supports organisations in a more agile workplace ensuring flexible working arrangements can be fully supported in a post pandemic world.

  Equal opportunity

  Equal opportunity; ; As an organisation we recognise the difference in everyone and support all candidates and employees to fulfil their potential. All employees are supported in training appropriate to their needs through the provision of self paced training and certifications. Our services enable organisations to meet the needs of all employees. As a cloud provider we encourage a flexible employment engagement ensuring that employees can operate flexibly around their needs such as flexible hours, flexible locations etc. All our training materials are self paced and supported by our team ensuring that users are able to realise and be recognised for their potential.

Pricing

• Price: £400 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at john.palmer@vision33.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.