Zengenti Limited

Insytful - The accessible website improvement platform

Insytful provides a single place to evaluate how searchable, accessible and enjoyable your website is for all users. Insytful allows you to frequently identify any issues and improve user experience by auditing for WCAG 2.1 accessibility, SEO, page load speed, broken links, website performance and other content quality issues.

Features

• Clean, user friendly interface that makes identifying issues easy
• Content Management System (CMS) integration to rectify issues at source
• Website speed, SEO, performance, broken links and content quality testing
• Accessibility testing (WCAG 2.1 A, AA, AAA)
• Spellcheck and readability scoring for your web content
• PDF accessibility checking
• Create custom reports based on keywords, HTML snippets and more
• Quality assurance workflow checks before content is published
• Analyse data and manage reports for sections of your website
• SEO domain health check

Benefits

• Create a WCAG 2.1 compliant and user friendly web experience
• Improve your website speed to maximise conversions
• Spellcheck with multi-language and custom dictionary support
• Check technical SEO issues for crawlability and error messages
• Identify and fix broken web links
• Enjoy a UI without needing technical expertise to use it
• Deep link with your CMS to make instant web changes
• Automatic website audits, carried out weekly or monthly
• Visual dashboard reports for accessibility, performance, SEO and content quality
• Free tier available to scan up to 250 web pages

£0 a unit a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@zengenti.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

829950395724215

Contact

Stef Robinson / Ola Andersson
01584 824202
tenders@zengenti.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Insytful is a standalone product, but it also deep links with the Contensis Content Management System (CMS) as well as other popular CMS systems.
• Cloud deployment model: Private cloud
• Service constraints: Any planned maintenance on the Insytful platform is carried out by our engineers outside working hours and should not directly affect our customers.
• System requirements:
  • Users need one of the following browsers to access Insytful:
  • Google Chrome (latest)
  • Safari (latest)
  • Firefox (latest)
  • Microsoft Edge (latest)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to questions on the same day on weekdays by email, telephone or Slack. We don't respond to questions on weekends or bank holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide unlimited support for any technical issues with Insytful. We can also work with customers who require any additional support and help on an ad-hoc basis.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Insytful includes a guided "getting started" process for new users to start using Insytful. The introduction walks users through each area of Insytful and where they can expect to find certain information. Detailed user guides and documentation are also available, with our support team on hand to help with any questions.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Clients can request their historical scan data to be exported by the support team.
• End-of-contract process: When a contract ends, clients are downgraded to the free tier service and will continue to have access to Insytful within the limits of the free tier.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AAA
• Description of service interface: The Insytful web application itself, allows users to manage their website scans in Insytful, view their content and interact with the features that we provide.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We perform manual testing of all user interfaces using assistive technology including JAWS, NVDA and VoiceOver.
• API: Yes
• What users can and can't do using the API: Insytful has its own API. It is not currently available to users but it is something that we are working on and will make available in the future. We can work with a customer to make the API available to allow them to action and use most features available in Insytful. The most common use cases are to be able to provide scan data and results so that customers can surface these in their own reporting tools such as Microsoft Power BI or be able to initiate single page scans so they can integrate Inysytful's scanning in their own tools and CMS systems.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise their own dictionary that is used for spell checking, which allows them to provide a list of words that could be specifically used by their organisation and would therefore not be picked up as misspellings. Users can also use the policy section to create reports based on different criteria. e.g. certain words used. Users can also customise their scan schedule and frequency, specifying the time and day they want their scan to happen.

Scaling

• Independence of resources: The Insytful service operates on elastic infrastructure that is highly-specified, and is capable of sustained website scanning traffic of at least 30% beyond normal demand.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Clients can request their historical scan data to be exported by the support team.
• Data export formats: Other
• Other data export formats: JSON
• Data import formats: Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Insytful has an uptime of 99.99%, measured on a monthly basis. This includes planned maintenance. Service credits are calculated on the basis of the difference between actual and SLA availability.
• Approach to resilience: This is available on request.
• Outage reporting: Any service outage is reported by email and Slack alerts and via a public dashboard.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Anyone wanting to self-register for the help desk or Insytful requires a valid client email address. Once registered, the software can only be accessed by registered users who authenticate.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Less than 1 month
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 29th June 2021
• What the ISO/IEC 27001 doesn’t cover: All relevant areas of our operation are comprehensively covered in the certification scope. We are happy to provide potential G-Cloud clients with a copy of the Statement of Applicability.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All staff receive a set of standard training sessions at the point they are recruited, and this includes secure work practices. These are reinforced through ongoing appraisal and supervision processes and are included in the Staff Handbook. As an ISO27001 registered company, our data handling process is scrutinised on a regular basis as part of internal and external quality audits. As a company we are registered with the Data Protection Registrar. Where an issue requires escalation, we have a set of identified processes, including phone numbers, so that you can talk directly and express the level of urgency or business challenge. The levels are:- After 1 hour Head of Support After 2 hours Chief Product Officer 3 hours+ Chief Executive Officer One of the key advantages of working with Zengenti Ltd, is that we keep the barriers to communication as low as possible - commensurate with delivering services efficiently to our whole client base. This means that when you need to speak to someone with the necessary technical skill and the authority to decide a course of action, you can.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our infrastructure is managed through a configuration management system. As a result, all changes to the configuration of our environments are auditable. Changes are first tested in staging environments, before being rolled into production.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We assess potential threats through proactive monitoring of logs and security advisories from major partners/suppliers in the security sector. We can deploy patches in minutes, but we would assess the risk posed by the particular vulnerability and decide the most appropriate schedule. Typically patches are applied monthly. We recently had an opportunity to prove the resilience of our processes, when our engineers discovered a vulnerability. Within 48 hours, we had put fixes in place to eliminate any potential risk and told all our clients about the process.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have monitoring systems in place that will detect unexpected network traffic and behaviour on servers. There are a range of different solutions depending on the device, for example, on a Linux server we will be automatically notified if there's a change in user account details. If we find a potential compromise, our incident management process would be triggered. From that point, the speed of response would be agreed between the engineers and the incident manager.
• Incident management type: Supplier-defined controls
• Incident management approach: The majority of incidents are handled through the help desk. This streamlines incident management, tracking and resolution. Supportive questions help us gather essential information. Users rate the severity via impact on their business processes. For critical incidents, on-duty incident managers assess the situation and any affected customer(s) and create a communication list for the incident. All communication is available within the help desk portal.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Zengenti has invested in wood chip/pellets from sustainable sources to run our heating and hot water systems. Our biomass boiler helps to reduce energy loss during energy generation and distribution and the heating and hot water for our headquarters are completely supplied via this method. All the electricity that we consume as a company is 100% renewable. Both our Interxion and Equinix data centres all run using 100% renewable energy. We use EON to supply the electricity for our headquarters, which is also 100% renewable. We are also currently planning the installation of a solar panel array in the grounds of our headquarters to further reduce the need for electricity from the grid. Our staff continue to mainly work from home, which reduces the need to commute into the office, greatly reducing CO2 emissions and any unnecessary travel. The majority of our staff now typically come into the office a few days a month rather than almost every day.
• Covid-19 recovery:

  Covid-19 recovery

  As a company our staff continue to mainly work remotely with around 5-10% of the team working from our offices at any one time. We have updated our office spaces to ensure that effective social distancing is in place when people do work from the office, including in all our communal areas. We have also created more communal areas and casual meeting spaces. Supporting our teams to continue to work remotely has greatly reduced travel and has reduced the demand on health services, as our teams are far less likely to come into contact with others who may have had COVID-19. We continue to ensure our teams are given the flexibility that they need to help others who might be shielding or who are at high risk from COVID-19. We have offered those who do need to work from the office paid leave if they need to stay away from the office due to illness, which is also helping to reduce the risk of others who are working from the office. Throughout the pandemic and beyond we have always tried to help our team with their mental health. We have a regular section in our weekly staff newsletter on mental health, and we also have trained mental health staff who are available in the event that someone needs some initial help. We have embraced opportunities to get our teams together, subject to COVID-19 restrictions, and where we have been able to do so in a safe manner, such as outdoor walks for example. These activities have all been aimed at helping people to get together and encourage people to talk and share experiences.
• Tackling economic inequality:

  Tackling economic inequality

  As a company we have created many training and development opportunities for young people. This starts with us supporting work experience and school away days, and often ends with people from the local community joining our team, where we train them from the ground up in the latest technologies. Whilst the area we are based in is not a deprived area, we are one of very few technology companies in the area, and we have given lots of opportunities to local people, which has helped to develop and diversify the local economy, which otherwise is very agricultural. We also sponsor charities and initiatives in our community, including paying for children to attend a circus event that they might otherwise not get the opportunity to go to. We also sponsor The Green Festival, Ludlow. This is an event which celebrates everything “green”. We support a local technology group who meet up monthly and invite guest speakers to share knowledge and expertise. In addition, we support “Local to Ludlow” suppliers where we can. In terms of our own supply chain, this is very small and focuses almost entirely on three or four companies who provide our infrastructure services. Outside of these companies, who need scale to provide their services, we do largely use SMEs to deliver our other business requirements. This includes air conditioning engineers for our data centre through to local sole traders helping us deliver lunch for our teams. Working with business startups is something that we have always been willing and excited to do, ensuring that any risks are low enough not to impact any of our existing customers if something goes wrong.
• Equal opportunity:

  Equal opportunity

  Zengenti is an equal opportunities employer and has an equal opportunity policy. The aim of this policy is to ensure that no job applicant or employee receives less favourable treatment on the grounds of gender, race, disability, colour, nationality, ethnic or national origin, marital status, sexuality, dependants responsibility, religion, trade union activity and age (up to 65). Selection criteria and procedures will be kept under review to ensure that individuals are selected, promoted and treated on the basis of their relevant merits and abilities. All employees will be given equal opportunity within the company’s service and will be encouraged to progress within the organisation. To ensure that direct or indirect discrimination is not occurring, recruitment and other employment decisions will be regularly monitored in conjunction with ethnic records of job applicants and existing employees. The company is committed to a programme of action to make this policy fully effective.
• Wellbeing:

  Wellbeing

  We hold regular events as a team to raise money for charity. Previous events have included bake sales, organised treks, and a week of activities to support Mental Health Awareness Week which included yoga classes and running/cycling challenges. We have trained a number of our staff under the MIND courses on mental health awareness and first response, with an aim to help us to spot any first signs and issues and offer any help to our teams. We have a section in our weekly staff newsletter on mental health and all our teams get involved in order to produce this, helping to raise general awareness as well as delivering advice and suggestions aimed at helping anyone who might be struggling with their mental health. In terms of practical aspects, prior to the COVID-19 pandemic when we were all working in the office, we ensured that we made special changes to help certain team members, who struggled with certain physical issues such as noisy spaces, and we continue to ensure we offer support in how people work wherever possible. We are planning in the future to support local primary schools with their mental health activities too, by providing access to activities such as yoga and meditation.

Pricing

• Price: £0 a unit a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The free tier of Insytful scans up to 250 pages of a single website checking for accessibility, SEO and performance. There are no time limits on the free version of the product, only a limit on the number of pages that can be scanned.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@zengenti.com. Tell them what format you need. It will help if you say what assistive technology you use.