Everbridge Europe Limited

Everbridge Critical Event Management Suite

Unified critical communications suite of applications that enable organisations to manage the entire critical event life cycle. Can be used as a unified clinical comms as a single application for specific critical plans, critical event notification and incidents, or in combination to manage multiple or all parts of the process.

Features

• Critical Event Platform and Multi Model Crisis Communications
• Single unified platform, multiple communications applications, secure instant messaging
• Quick & simple to implement, with user friendly interface
• Open integration with existing systems & single sign on
• Definitive role and administration rules for platform users
• 24/7/365 Technical support and live operator
• Store crisis plans on mobile and in the cloud
• Secure critical mobile messaging, remote wipe, message expiry
• Scalable, resilient & redundant infrastructure with 99.99% uptime
• Integrated GIS mapping with unified contact data

Benefits

• Dramatically improve response time and stakeholder engagement during any incident
• Target communications by organisation, department, role, location & skill set
• Target mass notification to specific stakeholders, not devices
• Automated communication process saves valuable time & eliminates errors
• Auditable reporting and analytics for incident communications and events
• You lead critical communications and updates, not social media
• Increases organisational resilience and compliance in an emergency
• Save cost and complexity of multiple integrations and data sources
• Simple 'press to join' conference call capability
• Your business continuity and disaster recovery plans go mobile

£3.43 a user a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at philip.pate@everbridge.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

879897262853415

Contact

Phil Pate
0800 035 0081
philip.pate@everbridge.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The Everbridge Suite is a full cloud SAAS platform and is not available on premise.
• System requirements:
  • Administrators need an internet enabled device
  • Users need an SMS, Email, Voice or Data capable device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Using our 24/7 Support team, standard response is 4 hours. However questions are usually answered within 2 hours.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: The Everbridge Professional Services team can support customers onsite on a day rate basis. Costs are included in the rate card.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The standard onboarding is right-sized to support small to medium organizations on deploying all basic Mass Notification and Interactive Visibility functionality. A dedicated onboarding specialist is provided to guide you through the onboarding process and provide strategic advice, tailored to your organisation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Microsoft Office Suite formats
  • CSV
• End-of-contract data extraction: Everbridge customers can download their contact data at any time during the contract period as a CSV file. Customers can also create reports to query the data which can be downloaded as CSV or PDF files.
• End-of-contract process: Everbridge will end the user's access to the account, the account is deleted and purged from the Everbridge platform and all data is securely removed. All customer data can be returned to the customer before deletion upon request. This is included in the contract cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All features of the Everbridge Suite are available in both the mobile and desktop service. However advanced administrator functions may be easier to access via the desktop version.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: The Everbridge Restful API allows applications to interact with contact management, user access management, notification sending, incident sending and location tracking aspects of the Everbridge system.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Users can customise the notification device terminology, can create static and dynamic grouping structures as well as customise the content of the recipient profile portal.

Scaling

• Independence of resources: As part of the enablement of our commitment to 99.99% availability, Everbridge leverages an elastic infrastructure to accommodate high volume of calls using multiple redundant telephony providers and dynamic call routing algorithms to redirect calls to the least congested providers. Our unparalleled dedicated infrastructure, combined with our Elastic Infrastructure, provides unlimited global scale, speed, and resiliency without having to purchase dedicated lines or ports.

Analytics

• Service usage metrics: Yes
• Metrics types: The Everbridge Suite has native analytics to provide reporting and dashboards relating to contacts, incidents, notifications, responses & utilisation.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Everbridge customers can download their contact data at any time during the contract period as a CSV file.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: Everbridge’s security and data protection policies and controls are based on the FISMA risk management framework defined within NIST special publication (SP) 800-37. An independent, accredited third-party security assessment firm verifies Everbridge’s compliance with NIST SP 800-53 (Security and Privacy Controls for Federal Information Systems and Organizations). This verified compliance enables Everbridge to map our compliance with other security and data privacy frameworks including ISO 27001, ISO 27701, HIPAA and HITECH. Everbridge is also compliant with SysTrust Statement on Standards for Attestation Engagements No. 16 (SSAE 16) and Service Operations Controls 2 & 3 (SOC 2 & 3).

Availability and resilience

• Guaranteed availability: Availability SLA:; Everbridge’s commits to service availability of 99.99% or greater, measured on a calendar quarterly basis. Including scheduled maintenance windows. ; ; Broadcast Performance Target: ; During a 60 minute period, Everbridge shall make a minimum number of notification attempts to the 1st contact path for all Client broadcasts, using the standard configuration, per the list below. Notification attempts do not include third party network delivery.; ; 500 character Contact Bridge Notification - 600,000 per hour;; 30 seconds Voice Notification - 300,000 per hour;; 500 characters SMS Notification - 600,000 per hour;; 500 characters email - 600,000 per hour.
• Approach to resilience: Everbridge’s system is designed to provide a true zero-point-of-failure system. To provide the unique architecture, Everbridge employs multiple data centre locations in each of our production implementations. Data is continuously replicated between each data centre location within a specific production implementation, and each data centre site can provide the full range of Everbridge services. If service is disrupted at either data centre, all traffic is dynamically rerouted to the remaining data centre so that Everbridge's systems remain constantly available to all of our clients.; Each data centre site is designed with full redundancy from top to bottom. Dual network uplinks feed dual routers, fully meshed with dual load balancers, which secure the front-end network with tight controls. Each tier of servers are clustered using a combination of highly customized, secure, high performing, and scalable database solutions, which allows for real-time load balancing and failover between nodes, and affords easy scalability to meet increasing demand.
• Outage reporting: When impacted clients are notified of service degradation/outages, all client defined “main points of contact” will receive the email notification. These operations are conducted by Everbridge Technical Support staff.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Everbridge supports role based access to the platform. At all times, clients maintain full control over any user granted access to the client organisation (environment) in the Everbridge system, the rights that are assigned, and the ability to revoke access at any time. Everbridge allows for an unlimited number of user roles. Each user may have multiple roles as is appropriate.
• Access restriction testing frequency: At least once a year
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Coalfire ISO Inc
• ISO/IEC 27001 accreditation date: 7th May 2021
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 30/9/2015
• CSA STAR certification level: Level 2: CSA STAR Attestation
• What the CSA STAR doesn’t cover: We believe that all applicable parts of our service are covered within the CSA STAR accreditation.
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO27701 standard covering the protection of personally identifiable information (PII)
  • SOC2
  • SOC3
  • FISMA
  • BSI C5

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: SOC 2, ; SOC 3,; NIST 800-53 (This mirrors ISO 27001),; TLS 1.2,; AES 256-bit encryption.
• Information security policies and processes: To make our system the most secure, we comply with FISMA security guidelines set forth by NIST (National Institute of Standards in Technology).

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Everbridge maintains a formal system development lifecycle policy which includes application development, testing, security verification, and detailed change management procedures. These policies are in place to ensure secure development of application code and features, to test and verify all features developed, and to ensure smooth rollout to the Production environment without degrading our client’s access or use of the notification platform.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: All development undergoes peer review, integration testing, and acceptance testing, and the entire application and infrastructure is included in regular internal vulnerability scanning and assessment. Furthermore, any changes to any level of the Everbridge infrastructure must adhere to the well defined Everbridge change management process.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Everbridge enables active monitoring, intrusion detection, and logging of all events, on all components, within all tiers of the fully redundant, geographically dispersed SaaS infrastructure. The tools consist of both network based IDS devices scanning all network traffic, and host-based probes that are designed to detect any activity outside of normal application traffic and performance. If a monitor detects any unusual or suspicious activity, the monitoring tool generates an automated alert that is immediately investigated by our on-call support team.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Everbridge follows the Incident Response procedures outlined in NIST 800-61 and are included in NIST 800-53, which Everbridge leverages as our security framework. Everbridge’s compliance to NIST 800-53 is audited annually by a 3PAO as required. Please see http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf, IR-1 through IR-10 for more information.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Climate Change is driving an increase in extreme weather and natural disasters globally. Everbridge is providing data-driven indicators and software communications to unlock resilience by helping to identify risk at a hyper-local level, warn people of extreme climate threats, and reduce loss and damage to governments and business. Everbridge supports the United Nations Sustainable Development Goal 13 and 17 by bridging the last mile of the Hydromet chain for public safety organizations, aiding international organization’s efforts to ensure that ‘by 2025 all countries have the capability for effective, authoritative emergency alerting.’ ; Everbridge has employed a proactive sustainability strategy for the last eight years. As an early adopter of in-office programs making use of professional environment best practices, our sustainability efforts include:; -Recycling paper, cans, bottles, and paper products;; -The use of water filters in all break areas to encourage filling reusable bottles versus providing bottled bulk or individual water bottles;; -Distribution of reusable coffee and cold drink cups and glasses to each employee customized with their name for individual identification and use;; -Placement of work areas in strategic arrangement to make use of as much natural light as possible;; -Timers on a light system with motion sensors to ensure lights are only used when needed and automatically turned off when not in use;; -The use of LED lights throughout the building;; -An active “eRead It” program encouraging employees to read and edit documents whenever possible on their computer screen and avoid printing out things as often as possible;; -The use of plants throughout the office to serve as natural air filters and provide a receptacle for any unused water in glasses prior to end of day;; -With our last corporate move, Everbridge specifically chose a LEED-certified building.; ; Everbridge leverages AWS as our hosting provider. AWS's sustainability statements are here: https://sustainability.aboutamazon.com/environment/the-cloud?energyType=true
• Covid-19 recovery:

  Covid-19 recovery

  Everbridge enables staff to return safely to the workplace by:; -Surveying employees to assess their health and needs;; -Conducting regular wellness checks;; -Determining employee’s readiness for returning to work.; ; Everbridge provides end-to-end Contact Tracing for an organisations people anywhere they might be at any point in time, with end-to-end Contact Tracing capabilities which includes current, past and expected locations, potential exposure, and follow-up management. Should they be:; -In company’s facilities and buildings (via integration with building access system, Wi-Fi hotspots, facility security equipment, and more);; -Moving between buildings or campuses;; -Working remotely via GPS localization or self check-in;; -Travelling (via integration with your travel itinerary systems).; ; Capturing location data from different sources in addition to proximity data, while fully adhering to privacy regulations and restrictions, constitutes the richest information that helps understand the potential exposure of employees and therefore take appropriate actions.
• Tackling economic inequality:

  Tackling economic inequality

  Along with a passion for the Everbridge mission, its customers, and each other, Bridgers enthusiastically give back to non-profit organizations and the communities they serve. The company’s pro bono technology and stewardship have supported organizations including the CDC Foundation, the Boston Marathon, Team Rubicon, Cradles to Crayons, Habitat for Humanity, Wrap Up London, LA Food Bank, Union Rescue Mission, and others. ; More recently, Everbridge has begun offering volunteer organizations, charities, non-governmental organizations (NGOs), and local Ukrainian government resources a free critical communications platform to support humanitarian efforts in Ukraine. Everbridge mobilized with other technology leaders to provide organizations with a reliable means to share risk intelligence and communicate life-safety updates.
• Equal opportunity:

  Equal opportunity

  We prioritize diversity, equity and inclusion to create a workplace that reflects the customers and populations we serve. We demonstrate our commitment to DEI by focusing on several key initiatives. This includes aligning our hiring and recruiting practices to attract a diverse and talented workforce; creating employee resource groups dedicated to celebrating and empowering communities within our organization, including women, employees of color, employees who identify as LGBTQ+, and members of the military and first responders; holding open forums for company-wide discussion and dialogue on civil unrest and equal justice; and supporting a growing ecosystem of minority-owned and led suppliers and partners.

Pricing

• Price: £3.43 a user a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at philip.pate@everbridge.com. Tell them what format you need. It will help if you say what assistive technology you use.