Route 101 Ltd

Zendesk, delivered by Route 101 - Zendesk Premier Partner

Zendesk is beautifully simple software that helps you provide better customer service. Route 101 is a Premier Partner and EMEA Development Partner of the Year with Zendesk, offering the entire Zendesk portfolio, including design, implementation, support, training and optimisation, as well as additional contact centre and communications expertise.

Features

• Ticket / incident management
• Omnichannel solution (email, chat, voice, messaging, social media, answerbot)
• Reporting, analytics and insights
• Mobile apps and SDK for in-app development
• Self-service knowledge base and community forum
• Multi-language and multi-brand
• Fully customisable white label solution
• Industry standard REST APIs, SDK and development framework
• Highly secure including SSO, 2-factor authentication, data encryption
• Sales force automation software

Benefits

• Improve agent efficiency with a single, omnichannel agent interface
• Connect your social channels, including WhatsApp, Facebook and Twitter
• Take customer calls in Zendesk or via other telephony suppliers
• Reduce support costs and drive sales via Chat and Answerbot
• Streamline support with ticket views, triggers and automations
• Provide 24/7 customer service support
• Use Zendesk to build powerful self service knowledge base capability
• Transform your Zendesk to match your brand
• Measure customer satisfaction and your support team's performance
• Use over 500 apps that sit natively within Zendesk's interface

£15 to £159 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@route101.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

792532693277754

Contact

Tom Haxby
01174725347
bidteam@route101.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Zendesk is provided as a hosted cloud solution only and is not available for implementation in an on-premise environment. As such, Zendesk requires a high speed internet connection to allow access to the solution and its use requires certain minimum specifications of the computer and browser (see "System Requirements").
• System requirements:
  • High speed Internet connection
  • Computer must meet minimum specifications for OS (Windows/Mac OSX)
  • Browser must be a stable release.
  • Browser Configuration - Javascript must be enabled
  • Browser Configuration - Cookies must be enabled
  • Browser Configuration - Local storage must be enabled
  • Browser Configuration - Security protocol TLS v1.2 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Between 24 x 7 and typical office hours, dependent on options selected and severity of issue.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Route 101 is both a Zendesk Premier Partner and Zendesk Premier Implementation Partner. As such, we provide our own in-house Zendesk implementation and support services from our team of Zendesk accredited engineers. Our support services range from 24 x 7 x 365 to a typical work week of 9.30 to 5.30, Monday to Friday, excluding Bank Holidays. This is dependent on factors such as the support tier selected and the severity of the issue. We continue to proactively support our customers throughout the duration of the contract, helping them to optimise the system and their usage of it, in order to achieve their business goals. We provide either monthly or quarterly update and review sessions to help keep the service in good shape, to advise of any new releases and to review the service received. These sessions will typically be attended by account, service, technical or consultative personnel, depending on the focus of the particular session.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: As a Zendesk Premier Partner, Route 101 has had great success in operating a collaborative implementation model with our Zendesk customers. This means that we implement together and train as we go, imparting practical knowledge throughout and promoting super-users, or train-the-trainers, within your business. This enhances your own ongoing self-sufficiency and reduces the dependency on a partner for additional costly training. ; We will also design a bespoke training package to cover all the elements of the solution we provide. This package can either be delivered face to face in a classroom setting by our own trainers, or via webinar sessions. Classroom sessions are great for smaller groups, such as a handful of designated train-the trainers. Webinar sessions are better for a wider spread of learners or those based in different locations. ; There are also additional training resources which are made available to all our customers on Zendesk's website, such as recorded demo sessions, self-service guided resources, free and paid instructor and self-led recorded webinar sessions, product manuals, informative blog posts and more.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Zendesk’s REST APIs and CSV / XML functionality allow customers (via their Account Administrators) to export service data on demand, and service data will be available for export for 30 days after the contract ends. In the event a customer terminates their subscription, they can also request Zendesk to provide a full export of their service data, for which an additional charge may apply at Route 101's published professional services rates.
• End-of-contract process: On termination or expiration of the contract, service data will continue to be available to the customer's account administrators for an additional thirty days, during which the customer's service data may be exported by the administrators. If customers require assistance with data export, a charge may apply which will be charged at Route 101's published professional services rates.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile is provided via native iOS and Android apps; desktop is accessed via web browser. Mobile utilises Zendesk APIs to provide functionality for agents on-the-go. Mobile does not have all the features of the desktop service e.g. admin / account setup, security configuration, customer satisfaction ratings, WYSIWYG comment editing, adding in-line images, ticket actions audit display and other non-mobile friendly features. Mobile focuses on features that enable agents to perform core ticketing workflows, and has configurable push notifications that desktop does not have. There are no admin functions within mobile. Security and permissions are the same for mobile as desktop.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Please see https://www.zendesk.com/support/features/; ; https://support.zendesk.com/hc/en-us/articles/203661806-Introduction-to-the-Support-agent-interface
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Please see the following link for information on accessibility:; https://www.zendesk.com/company/policies-procedures/accessibility/
• API: Yes
• What users can and can't do using the API: The REST API allows customers to interact with a variety of features and aspects of Zendesk products. The majority of the functionality available via user interfaces can be interacted with using the API.; ; Customers can use the Reseller API to create accounts, or they can create an account on the web and then use the API. Users and agents can also be created via the API.; ; The API supports updates to tickets, users and other key Zendesk data points. Customers can use various endpoints to make updates.; ; Full documentation, including the list of supported endpoints, is available in the API documentation which can be found in the Zendesk Developer Portal on Zendesk's website: https://developer.zendesk.com
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Zendesk Support was created with three user groups in mind: Agents, Administrators and Managers. One of the core requirements of Zendesk is to enable suitably authorised members of these user groups to use, configure and enhance Zendesk without the need for development capabilities.; ; Areas of the Support solution that can be configured by authorised users to meet customer specific requirements include: (i) business processes and workflows, including Automations, Triggers, Macros; (ii) multi-channel capabilities, including self-service, email, chat, phone, social media; (iii) analytics; (iv) consumer / customer facing Help Centre functionality and user interface; (v) knowledge content management; (vi) native mobile apps; and (vii) Community.; ; Additionally, Zendesk’s extensive SDK and API support allows more technical users to extend the power of the solution through the development of specific apps and integrations. For example: (i) Mobile SDK allows for support of Android and iOS capability within your own mobile apps; and (ii) the Zendesk APIs allow customers to extend the solution’s capabilities through integration with external systems, as well as enriching Zendesk data with data from third party sources to provide an enhanced consumer / customer experience.

Scaling

• Independence of resources: Zendesk is built and hosted on Amazon Web Services, whose dynamic scaling, elastic load-balancing and redundant architecture capabilities allow Zendesk to maintain high-availability and handle heavy traffic. Any performance deviation crossing specified thresholds automatically pages technical teams for instant action. This also eliminates single points of failure through server clustering and network redundancies.; Sharded architecture allows Zendesk to re-balance load across physical database clusters and pods. Zendesk has hundreds of shards distributed across database clusters worldwide, supporting varying numbers of customers, depending on data volumes generated. Zendesk can dedicate a single shard or database cluster to a customer, if required.

Analytics

• Service usage metrics: Yes
• Metrics types: Zendesk provides pre-built real-time operational dashboards supporting monitoring of KPIs for the following inter-related areas: (i) customer satisfaction; (ii) support operations; (iii) agent / team performance; (iv) knowledge base usage; (v) community usage; (vi) search effectiveness / ticket deflection.; ; Pre-built dashboards can be filtered to time intervals ranging from the last 24 hours up to the last 90 days. Applicable KPIs, e.g. solved tickets, first reply time, customer satisfaction and agent touches, can be monitored in aggregated headline reports and graphs (also available in pre-built leaderboards by agent or team).
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Zendesk

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Service data can be exported using the Zendesk API (as further described on the Zendesk Developer Portal here: https://developer.zendesk.com). Administrators on Professional and Enterprise Support service plans may also export service data via the user interface once they have enabled data export on their account. Account owners can enable data export functionality by contacting Route 101.
• Data export formats:
  • CSV
  • Other
• Other data export formats: XML
• Data import formats:
  • CSV
  • Other
• Other data import formats: XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: Zendesk's network is protected by redundant layer 7 firewalls, best-in-class router technology, secure HTTPS transport over public networks, regular audits and network intrusion detection / prevention technologies (IDS / IPS) that monitor and block malicious traffic and network attacks. Major application data flow ingress and egress points are monitored with Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS). In addition to our own capabilities and tools, we contract with on-demand Distributed Denial of Service (DDoS) scrubbing providers to mitigate DDoS attacks. Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.

Availability and resilience

• Guaranteed availability: Zendesk use commercially reasonable efforts to make the service available 24 hours a day, 7 days a week, except during planned downtime and in the event of a force majeure. They guarantee 99.9% availability to purchasers of Premier Support, in accordance with the terms applicable to that service.
• Approach to resilience: Zendesk has developed a risk framework and strategy that accounts for the evaluation of their facilities, technology, applications, data, processes and overall organisation to ensure their risk mitigation strategy operates at multiple levels and with broad coverage. Zendesk uses a fully redundant, distributed and automated environment consisting of AWS geographically separate data centres, running multiple, self-sustaining instances of the Zendesk application. As a precaution, Zendesk has additional space and power to add capacity to their data centres should one data centre become unrecoverable in a disaster. The service uses multiple internet service providers, connected through diverse paths entering the facilities at physically secure, separate locations. This redundant mesh-edge network design delivers robust networking through a number of paths. Zendesk's database data is stored on efficient flash memory devices with multiple servers per database cluster. Any hardware component failures are handled quickly and easily with automated builds and deploys. A strict backup regime helps protect customer data should a major incident occur. Key source data for standard Zendesk accounts is backed up daily, which includes both local and off-site storage.
• Outage reporting: Service impacts are co-ordinated through a cross-functional Incident Response process. As a key part of this process, impacts to service are communicated through Zendesk's System Status page, Twitter and Zendesk Help Centre (available on the Zendesk Support website: https://support.zendesk.com/hc/en-us). The process includes appropriate update frequency, post-event follow up and ability to escalate for additional information.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Additional authentication methods are available for Zendesk Support, depending on the service plan to which a customer is subscribed, including the following: SSO, SAML, Active Directory SSO, configurable password requirements and IP restrictions.
• Access restrictions in management interfaces and support channels: Zendesk leverages the following management access methods: (i) dedicated devices on a segregated network; (ii) dedicated services for community service management; and (iii) service management via bastion hosts.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 13/4/2021
• What the ISO/IEC 27001 doesn’t cover: N/A, all controls in scope.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 25/3/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: BIME by Zendesk (analytics functionality).
• PCI certification: Yes
• Who accredited the PCI DSS certification: The Cadence Group
• PCI DSS accreditation date: 21/5/2021
• What the PCI DSS doesn’t cover: The PCI audit covers a single configurable field available for Zendesk customers on the Support Enterprise and Suite Enterprise service plans. It does not cover processing of credit card transactions via the Support product.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • TRUSTe
  • SOC 2 Type II
  • EU-U.S. Privacy Shield
  • Swiss-U.S. Privacy Shield
  • ISO 27001:2013
  • ISO 27018:2013
  • ISO 27018:2014
  • HIPAA (dependent on service plan)

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Zendesk has a full suite of security policies, including: ; (i) Information Security Policy;; (ii) GDPR Policy; ; (iii) Security Incident Response Policy; ; (iv) Production Network Security Monitoring Policy; ; (v) Production Network Change Management Policy; ; (vi) Production Network Access Control Policy; and ; (vii) Information Management Standard.; ; All policies are reviewed at least annually, or in real-time if necessary. Assurances are obtained by independent third party auditing of our security controls. ; ; In terms of reporting structure, the various security teams (Incident Response, Security Compliance, Network Security, Threat Intelligence, Secure Development, Application Security, and R&D) report to the VP of Security, who in turn reports to the CIO, who reports to the CEO.; ; Security policies are part of mandatory training and such training is backed up by internal tests including routine attempts to socially engineer staff.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Zendesk follows change control procedures for all system/software configuration changes, including: (i) documenting change impact (operational impact; security impact on major projects); (ii) peer review for technical scope; (iii) management review for timing and impact scope (segregation of change-management duties); (iv) testing of operational functionality (pre- and post-testing); (v) back-out procedures; (vi) change documentation (logs, etc); (vii) tracking of code changes and infrastructure components via code versioning tool or Ops related tickets. Changes are recorded and kept for auditing purposes.; ; Approvals are required for all changes. For network devices, approvals are required before ports can be opened to that device.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Zendesk assesses and obtains information regarding potential threats in the following ways: (i) continuous dynamic scanning for vulnerabilities on live applications; (ii) static code analysis upon each commit to our Support and BIME code bases; (iii) third-party penetration tests; (iv) dedicated Security Personnel; (v) public "bug bounty”; (vi) third party infrastructure scanning.; ; Zendesk maintains documented SLAs for bug fixes which are in line with industry standards.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Zendesk digests many sources of potential vulnerabilities for product and infrastructure, including: (i) code scans; (ii) network scans; (iii) penetration tests; (iv) bug bounty; (v) threat intel; and (vi) QA testing.; ; All of these sources feed into ticketing processes for validation, risk-ranking, assignment and tracking.; ; We investigate and respond as necessary to any incidents or potential compromises immediately.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Route 101’s Service Desk, which uses Zendesk Support, is available 24x7x365 and is staffed by skilled engineers who manage your issue to resolution. We will keep you informed on the issue's progress and provide you access to an online portal to track developments. Should the issue require escalation, we have rapid and direct access into Zendesk for prompt resolution. Issues can be reported by phone, email or online, and once resolved, we will conduct root cause analysis and provide an incident report to provide an explanation of why an issue occurred and what can be done to prevent it reoccurring.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Zendesk continues to strive to be an empathetic, active and responsible corporate citizen. As a company that builds software to improve customer relationships, Zendesk takes a service-first approach when it comes to all stakeholders, including customers, employees, partners and communities.; ; Zendesk's Global Impact Report documents their Environmental, Social and Governance (ESG) commitments, such as improving employee health and wellbeing, addressing systemic racism and using technology to help solve complex social challenges.; ; The report can be found here: https://www.zendesk.co.uk/social-impact/
• Covid-19 recovery:

  Covid-19 recovery

  Zendesk continues to strive to be an empathetic, active and responsible corporate citizen. As a company that builds software to improve customer relationships, Zendesk takes a service-first approach when it comes to all stakeholders, including customers, employees, partners and communities. Zendesk's Global Impact Report documents their Environmental, Social and Governance (ESG) commitments, such as improving employee health and wellbeing, addressing systemic racism and using technology to help solve complex social challenges. The report can be found here: https://www.zendesk.co.uk/social-impact/
• Tackling economic inequality:

  Tackling economic inequality

  Zendesk continues to strive to be an empathetic, active and responsible corporate citizen. As a company that builds software to improve customer relationships, Zendesk takes a service-first approach when it comes to all stakeholders, including customers, employees, partners and communities.; ; Zendesk's Global Impact Report documents their Environmental, Social and Governance (ESG) commitments, such as improving employee health and wellbeing, addressing systemic racism and using technology to help solve complex social challenges.; ; The report can be found here: https://www.zendesk.co.uk/social-impact/
• Equal opportunity:

  Equal opportunity

  Zendesk continues to strive to be an empathetic, active and responsible corporate citizen. As a company that builds software to improve customer relationships, Zendesk takes a service-first approach when it comes to all stakeholders, including customers, employees, partners and communities.; ; Zendesk's Global Impact Report documents their Environmental, Social and Governance (ESG) commitments, such as improving employee health and wellbeing, addressing systemic racism and using technology to help solve complex social challenges.; ; The report can be found here: https://www.zendesk.co.uk/social-impact/
• Wellbeing:

  Wellbeing

  Zendesk continues to strive to be an empathetic, active and responsible corporate citizen. As a company that builds software to improve customer relationships, Zendesk takes a service-first approach when it comes to all stakeholders, including customers, employees, partners and communities.; ; Zendesk's Global Impact Report documents their Environmental, Social and Governance (ESG) commitments, such as improving employee health and wellbeing, addressing systemic racism and using technology to help solve complex social challenges.; ; The report can be found here: https://www.zendesk.co.uk/social-impact/

Pricing

• Price: £15 to £159 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Users can register for a trial on various Support, Talk or Chat service plans. There are no limitations to the functionality available during the trial. Trials can be converted to a Production environment, without the loss of any configuration or data, if required at the successful completion of the trial.
• Link to free trial: https://www.zendesk.com/product/pricing/

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@route101.com. Tell them what format you need. It will help if you say what assistive technology you use.