Efecte AB

Efecte Cloud Based Service Management

Efecte offers a comprehensive suite of cloud-based solutions, including IT and Enterprise Service Management (ITSM & ESM), Identity and Access Management (IAM), and Conversational IT. With our innovative and scalable solutions, organizations can streamline operations, enhance productivity, and achieve digital transformation goals.

Features

• Incident Management
• Service Request Management
• Identity Governance and Administration(IAM)
• IT Service Management(ITSM/ITAM)
• Problem Management
• Service Catalogue Management
• Change Management
• Enterprise Service Management
• Remote access
• Conversational AI

Benefits

• Service management platform based on true Cloud technology
• Best customer service, performance, and secure data policies
• Quick to implement ITSM ITIL4 ready with 19 certified practices
• Centralized service-desk with a self-service portal
• Certified baselines for ITSM, a no-code technology
• Wide range of integrations offered
• A multi-tenant platform offering comprehensive solutions
• Conversational AI solutions (AI/ML/GPT/NLP) to assist agents and end users
• Visual drag-and-drop workflow builder
• Intuitive embedded graphical reporting engine

£41 to £58 a user a month

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@efecte.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

963473342185271

Contact

Harri Väänänen
+358456443999
sales@efecte.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: The Efecte cloud service is subject to planned maintenance. Such periods are scheduled and communicated to customers before the period. During this period, the service will have one or more hours of downtime within the announced time frame. Maintenance is communicated two weeks before it is conducted in test and production environments. Maintenances contain Efecte version upgrades, platform software upgrades, and security fixes and are executed approximately three times a year.
• System requirements:
  • End-user devices with latest supported browser versions
  • For Private Cloud hosting, Efecte will provide requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Service hours are between 8am-5pm weekdays UK Time (holidays excluded). In addition, Efecte services are monitored 24/7 and guaranteed availability is min 99%. During service hours the Service Level Targets for incidents are measured for Response and Resolution. SLA varies depending on the service level and incident priority. Response time means the time between Efecte’s receipt of an incident until the incident is assigned to a support service personnel or escalated to another support group. Resolution time means the time between Efecte’s receipt of an incident until the incident is resolved or operation restored with a workaround.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: There are three support agreements available for the Efecte service. All provide a minimum availability of 99% with 24/7 monitoring. ; Standard: 99% guaranteed availability (24/7) Service Desk (8am-5pm UK Time) ; Plus: 99.9% guaranteed availability (24/7) Service Desk (8am- 5pm UK Time) ; Premium: 99.95% guaranteed availability (24/7) Service Desk (8am-5 pm UK Time)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We can provide onsite, online and digital/video trainings. There are both public trainings and customer specific trainings that are offered to users, administrators and business roles. Our standard training path includes Administration courses for Efecte Service Management and Self Service Management for which we also offer Certification tests. In addition we have Visual Workflow Management, Advanced Administration courses as well as courses for other products in our portfolio. In addition we can tailor courses based on customers need.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can extract their data at any time, on request, up to 30 days after the contract has ended unless otherwise agreed in the customer contract. Once extracted, Efecte will destroy all remaining data used to provide the service. If a user initiates no extraction, the Efecte service will conclude in 30 days, and all data will be destroyed.
• End-of-contract process: Efecte customers procure user credit rights for Efecte’s proprietary software (user licenses) for an initial given fixed period, a quarter, a year, or multi-year, which is typically 24-48 months. The user licenses provided include full use of the service Efecte’s proprietary software per the terms and conditions of the granted user licenses and related support contract services. After the initial fixed period, the agreement shall renew automatically for a period of 12 months at a time. The contract can be terminated by notifying Efecte at least three (3) months before the end of the then-current fixed period. If licenses are not consumed within the notice period, these are not refunded once the contract has ended.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The end-user UI (self-service) is accessible via mobile browsers. The Agent UI is supported on mobile with restrictions.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Efecte Self Service Interface: Enables end-users to report incidents, create service requests, track their status, and access a comprehensive knowledge base. It includes an AI-driven chatbot for interactive support.; ; Efecte Full Service Interface for Agents: Essential for support analysts and teams, this interface efficiently manages all support processes. It integrates generative AI tools to enhance productivity, streamline workflows, and improve service delivery outcomes.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: As new features are added, accessibility for people with disabilities can be tested through every customer’s QA instance prior to release into Production.
• API: Yes
• What users can and can't do using the API: Efecte REST API is published and is available for developers, vendors, and partners to develop their own integrations. REST API interface may be used to build and operate point-to-point integrations between the Efecte environment and Customer’s other individual information technology environments. Efecte REST API interface may not be used to circumvent or subvert any licensing limitations, including but not limited to employing any software or technique to pool connections or reduce the number of agents or users that access or use the Efecte Cloud Services (also referred to as "virtualization," “anonymizing,” "multiplexing" or "pooling").
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Yes, customizations can be executed using Low/No-code methods. All Efecte request and process templates can be customized to adapt their behavior to suit an organization's practices. The nominated System Administrator will be trained to make further customizations.

Scaling

• Independence of resources: The Efecte service is fully managed by Efecte through its European Datacentres and is fully independent of any external resources for delivery of its service. Solution is scaleable and will be monitored and adjusted resource-wise during customer production usage. In private cloud scenarios, Efecte will advise the customer to achieve best possible performance and infrastructure setup for the customer Efecte system. The Efecte service is multi-tenanted and can securely support customers and their many business services.

Analytics

• Service usage metrics: Yes
• Metrics types: Out-of-the-Box the Efecte Service provides multiple reports that can be fully customised and used to create dashboards. As a service management solution there are many different ways to view service metrics: By ITIL process By requests channel By Support Group By Service And more.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: To secure when at rest, the databases run in a private subnet within a Virtual Private Cloud that can only be accessed by the application servers of the Efecte service. This prevents direct access from the internet to the databases. Customer tenants are logically separated on network and virtualization levels. Access management process built on need to know and role-based access control principles. The data in the production database, and backups are stored in Efecte’s European datacentres where the service is hosted.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The ability for users to export data is restricted by role and data can also be exported in read-only different formats, such as images, spreadsheets or static reports in PDF format. If data such as asset lists etc, need to be exported then this can be achieved using CSV or HTML XLS or XLSX.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • PNG
  • XML
  • XLS
  • XLSX
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: HTTPS, SSL, SSH, SFTP, and other secure protocols can also be used.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: TLS (version 1.3), using AES 256 data encryption methods to encrypt the data within the supplier network.

Availability and resilience

• Guaranteed availability: The Efecte Premium Service Level service offers an availability target of 99.95% over a 24x7. The Standard service offers 99%.
• Approach to resilience: High Availability(HA), Private & offline SaaS
• Outage reporting: A service outage is classified as scheduled maintenance when customers with an active service level agreement based on this service offering were notified at least 5 days in advance and the outage occurred during the maintenance window. Notifications are provided through the platform, the Efecte Community and by email. Service outages for scheduled maintenance are not included in the availability calculations. The service is only considered to be unavailable, or down, when two or more users within the customer organization are unable to access the service's core functionality due to the same incident.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: User Federation (Username & Password) SAML OpenID & OAuth 2.0 Two-Factor Authentication (2FA) Multi-Factor Authentication (MFA)
• Access restrictions in management interfaces and support channels: Users of the Efecte service are defined by the roles and responsibilities they are provided during set-up. As a service management solution, one part of this is allocate people and teams to the services they support, so, by definition, someone in IT will not see the requests being made for HR services. Furthermore the role will further restrict the available information relating to a service. A support analyst will only see request information, the system administrator will have access to the audit trails. Once the Efecte service is live there is no direct access to the underlying data.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: KIWA Inspecta
• ISO/IEC 27001 accreditation date: 12/06/2020
• What the ISO/IEC 27001 doesn’t cover: 3rd parties and partners.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Efecte has a information security policy and complementary policies such as a physical security policy and a data classification and handling policy. Efecte leverages many of the compliance and governance protocols controls that ISO/IEC 27001 has, once a Customer'scustomer's instance is live. The auditing procedure, carried out by Kiwa Inspecta / IQNET ensures that Customers data is securely managed in order to protect the interests of the organisation, its employees and the privacy of citizens (as appropriate). Efecte has a dedicated CISO and a DPO, and personnel with specific roles if a process, such as the Incident Management Procedure, is actioned. All policies and documented procedures are available under NDA.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Efecte conforms to a recognised standard, for example ITIL V4. Efecte supports a fully customisable configuration management database (CMDB) and process which is aligned to ITIL best practice. Its purpose will be to capture an organization’s assets with all their technical attributes and financial information, so full lifecycle management can be performed. Similarly, all changes made to the Service, an Organisation's Asset and Configuration Management records, the processes adhere to ITIL and all inter-operate seamlessly.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Network-based scanner is used.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Host-based logs, service logs, infrastructure logs. Log collection and scheduled reviews. Active frequent scanning. CISO-led remedy initiatives, possible 24/7.
• Incident management type: Supplier-defined controls
• Incident management approach: Efecte utilizes ITIL best practice Incident Management process for managing Incidents reported via email/call/portal by the Customer throughout their entire lifecycle. Incident Management aims to resolve any such Incidents in order to restore operation of the Customer’s Efecte Environment as efficiently as possible. Support Services analyze all received Incidents and prioritize them according to the impact and urgency of the Incident, as estimated based on the initial analysis. Communication to customers is done via email and support portal.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  Environmental, Social and Governance (ESG) Report from 2021 can be found from here. https://ml-eu.globenewswire.com/Resource/Download/a90d0907-f3c7-466d-a3fc-ae695a6687a9; Its comprehensive report on Efecte's environmental, social, and governance metrics.

  Equal opportunity

  Environmental, Social and Governance (ESG) Report from 2021 can be found from here. https://ml-eu.globenewswire.com/Resource/Download/a90d0907-f3c7-466d-a3fc-ae695a6687a9; Its comprehensive report on Efecte's environmental, social, and governance metrics.

Pricing

• Price: £41 to £58 a user a month
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The free trial can be activated for 14 days without commitment. It is a full version of the Efecte Service Management and can be used to trial IT Service Management, Identity Access Management, and HR Service Management capabilities.
• Link to free trial: https://www.efecte.com/request-for-a-free-demo

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@efecte.com. Tell them what format you need. It will help if you say what assistive technology you use.