Interact

Service scope

Software add-on or extension: No
Cloud deployment model: Public cloud
Service constraints: No
System requirements: Web browser

User support

Email or online ticketing support: Email or online ticketing
Support response times: Incident Reporting (Phone and Email) details for support packages.

Silver (included)
9am - 5pm (UK)

Gold (additional cost)
8am - 10pm (UK)

Platinum (additional cost)
8am - 10pm (UK)
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: Web chat
Web chat support availability: 9 to 5 (UK time), 7 days a week
Web chat support accessibility standard: None or don’t know
How the web chat support is accessible: N/A
Web chat accessibility testing: None
Onsite support: No
Support levels: We have 3 different Support levels; Silver, Gold and Platinum.

Gold and Platinum incur an additional cost. Pricing depends on the number of users and other factors.

Platinum includes a dedicated Support contact.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: At Interact we understand that sometimes a great product alone is not enough, which is why we offer support on every step of your journey.

We offer a range of professional services specifically focused on ensuring your intranet success. These include:

Project Management - Your Project Manager will be your main point of contact guiding you through the lifecycle to launch. Our Project Managers and have years of experience in delivering successful intranets.

Strategy - Our strategists have over 12 years of applying intranet expertise. We will help you successfully plan, structure & launch, also ensuring that there are long term benefits to improved communications, collaboration, & engagement.

Training - We’ll help you to get started on the basics, and you’ll soon know how to build your structures, add content and how to implement social features. You’ll also benefit from the Interact University and our well-established Community.

Lifetime Success - An intranet project doesn’t end at go live. To get the most value, it needs to evolve with the objectives of your business following go-live. Interact offers a selection of Lifetime Success services to ensure your site is a continued success and doesn’t lose momentum.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: Interact will extract all data and provide this to the Customer if required.
End-of-contract process: At the end of a contract Interact can purge all data for customers, there is no extra charge for this service and is available by request.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Interact’s responsive design means your intranet is available on any device with no compromise on functionality or user experience.

We also have a free app available to our customers on Android and iOS . There is also an option to white-label this app if required (additional cost).
Service interface: No
User support accessibility: WCAG 2.1 AA or EN 301 549
API: Yes
What users can and can't do using the API: APIs
Interact consists of three different APIs for varying uses. We make changes to each of these APIs from time to time. Please read these pages carefully.

Profile Sources
The Profile Sources API provides the ability to synchronise user profiles from custom sources. Interact provides out-of-the-box connectors that will 'pull' user profile information from Active Directory and Azure Active Directory. The Profile Sources API allows a third party to 'push' profile information into Interact. Multiple Profile Sources can be defined to manage complex synchronisation from different third parties.

Enterprise Search
Enterprise Search API allows for the creation of new custom entities within the Interact search index. Through the API you can push index records and allow them to be searchable by your end-users. Additionally, you can utilise Interact permissions to determine which users or groups of users can search for the custom entities.

REST API
The REST API provides access to the common core entities within Interact.

Further information can be found here:
https://developer.interact-intranet.com
API documentation: Yes
API documentation formats: HTML
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Interact is a highly configurable service (SaaS) supporting a wide range of options, including the ability to turn off individual apps/features completely if they’re not being used and enabling appropriate features at the page level.

User profiles can have custom data fields associated with them, which can be synchronised from any data source. Pages of content can be configured to contain quizzes, polls, comments, or marked as mandatory for a set of users.

Interact is fully controllable via role based permissions which can be linked to a series of user fields, including location, department, company, teams as well as user specified Security Groups. Interact operates a ‘secure by default’ policy ensuring that access has to be explicitly granted. Additionally, if a user does not have access to a certain part of the system or item of content, then it won’t be visible to the user, ensuring they don’t receive ‘permission denied’ errors across the system.

Finally, Interact has implemented a feature called the ‘Developer Framework’ which allows a power user to add JavaScript to each page enabling full manipulation of the DOM and interaction with Interacts API, or third party APIs.

Scaling

Independence of resources: Interact's cloud service is hosted using AWS (Amazon Web Services).

AWS regularly win awards for their cloud services and are considered the 'best of breed'. Interact uses a wide range of AWS features to ensure that resources are always available for all of our customers. This includes Application Load Balancers, and Auto Scaling Webservers. This means that as demand increases, the resources available to the system increase to meet that demand. This ensures that each user receives the best response times possible.

Analytics

Service usage metrics: Yes
Metrics types: Interact Analytics is a powerful reporting tool that provides invaluable insight into how your intranet is performing. Intelligent insights provided by Interact flag where current issues lie and how you can resolve them, as well as identifying popular content, search terms, and contributors to help build a more effective intranet.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402

Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: This can be achieved via a csv file or web browser.
Data export formats: CSV
Data import formats: CSV

Other
Other data import formats: XML

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability: Interact agrees to provide uptime for the Services of no less than 99.7% availability in any month (excluding scheduled maintenance time).

Where Interact fails to comply with its obligations, we shall issue a service credit to the Customer of an equivalent amount to X% of the annual Subscription Fees. The Credit shall be applied to the account and set-off against a future invoice.
Approach to resilience: This is available on request.
Outage reporting: Interact have a dedicated status page that our customers can check for further details, or subscribe too, to be notified of any issues.

http://status.interactgo.com/

Identity and authentication

User authentication needed: Yes
User authentication: Identity federation with existing provider (for example Google Apps)

Username or password
Access restrictions in management interfaces and support channels: Interact has a full featured permissions system allowing fine granular control of which users can access which parts of the system. Additionally, Interact utilises a ‘secure by default’ policy meaning that permission has to be explicitly granted before a user can access features or content.

Interact also supports the ability to control access via a range of IP addresses. These can be whitelist or blacklist ensuring that users have to be accessing the system from a controlled IP address and within a controlled environment.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: At least 12 months
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: ISOQAR
ISO/IEC 27001 accreditation date: 20/12/2016
What the ISO/IEC 27001 doesn’t cover: Details of what has and hasn't been covered by our ISO certification is present in our Statement of Applicability. This can be viewed on request.
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: Interact Cloud infrastructure is designed and managed in alignment with security best practices including ISO 27001.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Once a change has been requested it's logged and goes through an approval process. Once approved, the change is applied, and goes through several peer review steps, ensuring that the changes comply with our standards and any security concerns are raised and mitigated.
Our Development team are all based in our UK head office and undergo regular security training. A full QA process takes place after this including unit testing, and regression testing.

Interact has a policy of none-breaking changes, ensuring that any changes do not break existing functionality. The change is tracked through the entire lifecycle.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Interact is ISO27001 certified, and implements a Secure Development Life Cycle. Part of this process is to ensure that any application code added complies with our own high standards. Additionally, our dedicated cloud team regularly apply security patches and monitor for security vulnerabilities.

Interact also commissions an independent third party to perform penetration testing every 6 months. This testing incorporates both the application itself, and the cloud architecture covering all aspects of the service.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Interact deploys a series of active monitoring systems. This includes monitoring application response times, hardware health, application errors and Intrusion Detection. The intrusion detection monitors for unusual activity, including unusually high requests, or requests from unusual geographical locations.

Our dedicated cloud team are automatically notified should an alert be triggered and are on call 24/7 to address any issues as quickly as possible. This incorporates a full investigation and the implementation of any changes to the systems that might mitigate risk in the future.
Incident management type: Supplier-defined controls
Incident management approach: In the event of a security incident, an investigation lead will be selected by senior management. They will determine time scales and details with regards to method of communication appropriate to the severity and nature of the incident.

In the event of a loss, unauthorised disclosure of, or access to our customer’s personal data held in the cloud the affected customer(s) must be told, via a phone call as soon as the initial investigation has established the details of the breach and no later than 24 hours after the first report of the breach.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Fighting climate change: Fighting climate change

Our company recognises the need to protect the natural environment. Keeping our environment clean and unpolluted is a benefit to all. We’ll always follow best practices when disposing of waste and our objective is to limit paper usage to an absolute minimum.

Apart from legal obligations, our company will proactively protect the environment. Examples of relevant activities include:•Recycling waste and old computer equipment;•Conserving energy, where we can; and•Occupying ‘green’ office space where it is appropriate and available.
Tackling economic inequality: Tackling economic inequality

Our company is dedicated to protecting human rights. We are a committed equal opportunity employer and will abide by all fair working practices. We’ll ensure that our activities do not directly or indirectly violate human rights in any way.

Our company aims to make donations to local charities and national charities where there is a particular interest or need. Recent examples include a regular program of office charity events including coffee mornings.Historically we have run competitions for charities to enter, where the winners receive free services from us. In addition, we also offer 30% discounts to all charities and not for profit organisations for our products and services.

We are an expanding business and will aim to recruit employees from the local community where possible thereby enhancing employment and reducing commuting costs.We have also assisted local charities that will have a local community benefit.Where possible we will support local suppliers.
Equal opportunity: Equal opportunity

Our company is dedicated to protecting human rights. We are a committed equal opportunity employer and will abide by all fair working practices. We’ll ensure that our activities do not directly or indirectly violate human rights in any way.

Pricing

Price: £7 a user a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: Our free trial version is available for 30 days before it will expire.
Link to free trial: Www.interactsoftware.com

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Interact

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents