Encodian Services Ltd

AskAI - Secure ChatGPT for businesses

AskAI is highly customisable and extensible solution for enabling organisations to implement natural language AI and LLM technologies in their business securely.

Hosted in your Microsoft Azure environment, AskAI provides a method to deploy ChatGPT functionality across your Microsoft and Third-party system environments securely, without exposing your sensitive data.

Features

• Query your own Microsoft data using natural language chatbots.
• Ingest data from other third-party systems.
• Access on mobile, tablet or desktop.
• Generate images using natural language prompts.
• Recogonise and convert speech across a plethora of languages.
• Generate content directly within Office365: Word, Excel and PowerPoint.
• Deploy AskAI centrally using the Microsoft admin centre.
• Ensure your data never leaves your environment.
• Admin centre which captures granular audit trails of queries.
• Highly customisable to align with your brand and existing systems.

Benefits

• Empower employees and customers with real-time information.
• Improve accessibility through the use of natural langauge.
• Customised solutions tailored to your exact requirements.
• Automate repetitive tasks and reduce human errors.
• Protect your data and ensure compliance.
• Analyse information quicker for smart decision making.
• Improve employee and customer experience with more intuitive Chatbot responses.
• Drive business efficiency and productivity.
• Integrate directly with Microsoft to avoid application swapping.
• Ingest third-party information for more intelligent responses.

£2 to £10 a user

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan.kong@encodian.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

870615757964935

Contact

Daniel Kong
+441212954330
dan.kong@encodian.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements: System requirements vary based on volumes: contact us for recommendations.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support tickets are first categorised in terms of priority and have the following response times. P1 = 1 hour / P2 = 2 hours / P3 = 4 hours / P4 = 8 hours. Details are referenced in the attached terms of service. Response times do not vary at weekend, however, weekend support may require a premium support option.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Encodian does not conduct internal testing on our web chat service, however, as part of our service selection process we regularly review and audit the testing and services conducted by our technology provider (Zendesk). Details can be found here - https://www.zendesk.com/company/agreements-and-terms/accessibility/
• Onsite support: Yes, at extra cost
• Support levels: We provide the following working hour options for all our support and maintenance services. ; ; 1) Standard Hours 9am > 5pm, Monday to Friday excluding bank holidays. ; 2) Extended Hours 8am > 8pm, Monday to Friday excluding bank holidays. ; 3)24*7, 7 Days a week including bank holidays. ; ; Our standard terms of service are inclusive of standard hours support, details of which are provided within the attached Terms of Service document. For extended hours or 24*7 support, organisations are required to contact Encodian for a quotation as various factors such as complexity, nature of business and expected volumes will be considered when creating tailored support agreements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Encodian follows a 5-stage approach to all engagements: Project Initiation, Design and Analysis, Solution Development, Content Migration or Indexing and Project Close. ; ; Getting started involves interactive workshops with Encodian experts using tried and tested methodology to accurately capture requirements and move onto a solution design specific to the project. ; ; Stakeholders are involved from the first day and wherever possible our team will provide knowledge transfer activities to drive your Power Platform independence.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data will reside in a customer's Microsoft Azure environment and therefore all customer's retain access and ownership of their data throughout the contract.; ; There is no specific activity required for data extraction at the end of contract.
• End-of-contract process: All technical documentation will be handed over and specific customer questions or requests will be handled as part of the project closure.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Experiences have been optimised for both mobile and desktop service. Core functionality remains the same, however, the user interface and system ergonomics are adapted appropriately to be suitable for the screen size being used.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: AskAI provides a Unified Interface. It provides a Responsive Design which uses responsive web design principles to accommodate various screen sizes, devices and orientation.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: AskAI as part of the due-diligence of being accessible via the Microsoft market place undergoes an audit by Microsoft's ISV quality assurance team.; ; As part of this process Microsoft review accessibility for users with additional needs and provide recommendations. ; ; These recommendations are addressed as a pre-requisite of the latest release being made available.
• API: Yes
• What users can and can't do using the API: Encodian open up access to the AskAI API for customers without limitations. However, the majority of implementations involve Encodian delivering the work required to ensure API integrations are developed and tested correctly.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • PDF
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: AskAI is a fully supported solution where Encodian commit to deliver additional functionality via the product roadmap.; ; Customers can customise elements such as branding and preferences independently. With the option to make product feature requests when additional functionality is required.

Scaling

• Independence of resources: Microsoft Azure services are elastic and can be scaled up or down anytime with an almost immediate affect.

Analytics

• Service usage metrics: Yes
• Metrics types: https://learn.microsoft.com/en-us/power-platform/admin/analytics-powerapps; ; https://learn.microsoft.com/en-us/power-platform/admin/analytics-flow; ; https://learn.microsoft.com/en-us/power-platform/admin/analytics-ui-flow; ; https://learn.microsoft.com/en-us/power-bi/collaborate-share/service-modern-usage-metrics
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data is held in Microsoft Azure within the customer's ownership. Therefore, data does not necessarily need exporting but could be done using any of the methods provided by Microsoft.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: AskAI licensing includes commitments to ensure all defects and bugs are remediated within the agreed SLAs.; ; Level of availability is dictated by a customer's Azure environment where the technology is implemented / installed. Availability will be subject to the agreements of this service.
• Approach to resilience: https://learn.microsoft.com/en-us/compliance/assurance/assurance-resiliency-and-continuity
• Outage reporting: https://azure.status.microsoft/en-us/status

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: Management interface and support channels are all Username / Password protected.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Approachable Certification
• ISO/IEC 27001 accreditation date: 01/04/2024
• What the ISO/IEC 27001 doesn’t cover: The scope of Encodian's ISO 27001 certification is the 'ISMS Scope'. Anything outside of the following is not covered.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Encodian has a robust Information Security Management System in place which is compliant with ISO 27001 standards. This is overseen by a dedicated lead who ensures standards are met across the organisation and handles escalations directly.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Encodian operate an Information Technology Infrastructure Library ITIL aligned change management process alongside a robust Application Lifecycle Management (ALM) process which has multiple approval levels. This includes multiple environments for development, staging and production.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Encodian subscribe to various channels to receive information regarding current threats such as OWASP and the national cyber security center. Threats are assessed internally in line with procedures documented in our ISMS (ISO27001). The severity of the threat is categorised, determining the appropriate response and speed of patching.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Encodian's risk management processes are in line with our ISO 27001 compliant controls. To identify compromises, all services and software solutions provided by Encodian are monitored via Azure App Insights. Initial response includes a full assessment of the compromise to categorise the severity of the compromise and escalate appropriately. Response time is correlated to the severity of the compromise and is documented as SLAs in our Incident Security Management System (ISMS).
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Encodian have an Incident Security Management System that is in line with ISO 27001. Customers can report incidents via our Zendesk Web Chat, Website Ticketing System or emailing Support@encodian.com. Reference: https://support.encodian.com/hc/en-gb/articles/360006230253-What-are-your-support-SLAs-

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Encodian are an organisation with very minimal footprint on climate. Our team work remotely from home and we're conscious to choose modes of transport with minimal impact on the environment when travel is required. For example, many of our team have electric cars or opt for public transport. Encodian will be working with an organisation across 2024 to certify our carbon neutral status.

  Covid-19 recovery

  Encodian adapted swiftly to the 'new ways of working' which Covid-19 accelerated the creation of. We offer flexible working from home which has allowed us to hire employees anywhere in the UK to continue growing our headcount, presenting new job opportunities and revenue sources to support Covid-19 recovery. In addition to this, Encodian has engaged in the support of many Covid-19 software solutions for key public sector clients which were integral in the delivery of services such as Covid-19 vaccines. Details of these case studies are available upon request.

  Tackling economic inequality

  Encodian have a diversity and inclusion policy and welcome employees from all backgrounds regardless of ethnicity, sex, geographical location, age or any other categorisation. All employees have salaries that fairly reflect their job role and performance with no prejudice. We also look to offer opportunities to candidates who may not have a wealth of previous experience in the beginning and offer them a foundation to learn and up-skill with us. In addition we offer our existing employees a plethora of education / training opportunities to continue their development which is particularly important for those from less wealthy economic backgrounds who may not have had the same opportunities as others.

  Equal opportunity

  All opportunities at Encodian are awarded solely on a merit and commitment basis. This is regardless of ethnicity, sex, geographical location, age or any other categorisation.

  Wellbeing

  The backbone of wellbeing at Encodian is around having ideal working conditions on a day to day basis for employees. Firstly, we have a flexible working policy which allows employees to balance other responsibilities such as picking children up from school. Secondly, we not only provide all the required equipment for working at home, we also complete comfort questionnaires to provide additional equipment such as additional monitors or adjustable equipment to ensure comfortable working environments. Finally, senior management ensure all employees have the opportunity to share challenges in supportive 1-2-1 settings, as well as group environments during team event days or meetings. If employees are struggling and wish to speak with an external body, they may choose to access this via the healthcare insurance the company provides.

Pricing

• Price: £2 to £10 a user
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at dan.kong@encodian.com. Tell them what format you need. It will help if you say what assistive technology you use.