PretaGov Limited

Vaultmatix File Sharing and Collaboration Platform

PretaGov's new generation File Sharing and Collaboration Platform saves users time by ensuring files are easy to find, access and share. All information is in one centrally managed library, ensuring single source of truth. Our solution empowers non-technical administrators by providing total control over who has access to which content.

Features

• Our File Sharing /Collaboration Platform enables self-service through flexible signposting.
• Our File Sharing and Collaboration Platform offers highly customisable layouts.
• Our File Sharing and Collaboration Platform enables robust fine-grained access-control.
• The Platform's user access control panel provides content permission reporting.
• File Sharing and Collaboration Platform includes secure file sharing links.
• Our File Sharing and Collaboration Platform provides secure team workspaces.
• Our File Sharing and Collaboration Platform includes white label portals.
• Our platform enables content to be linked from multiple locations.
• Our File Sharing and Collaboration Platform provides government grade security.
• Each workspace includes news, events, and discussion tools.

Benefits

• Our File Sharing and Collaboration Platform saves time researching information.
• Our File Sharing and Collaboration Platform saves time producing information.
• Admins can swiftly and efficiently guide users to files/content.
• Admins can manage who has access to which content.
• Our File Sharing and Collaboration Platform facilitates easy, secure file-sharing.
• Our platform facilitates easy collaboration internally and with third parties.
• A centrally managed library ensures users have the latest information.
• Self-service frees up valuable IT support, saving time and money.
• The File Sharing Platform meets the needs of remote/distributed teams.
• Access our File Sharing and Collaboration Platform using any device/anywhere.

£737.50 to £8,292 a unit a month

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at virginia.choy@pretagov.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

977719546428314

Contact

Virginia Choy
07985731861
virginia.choy@pretagov.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: PretaForm can be embedded into websites and intranets.
• Cloud deployment model: Community cloud
• Service constraints: PretaGov carries out planned maintenance and provide 7 days notice to clients of scheduled maintenance windows.
• System requirements: Standard browsers such as Chrome, Microsoft Edge or Explorer, Firefox

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority 1 response within 1 hour, ; Priority 2 response within 4 hours, ; Priority 3 response within 7 hours.; ; After hours, priority 1 support is offered as an add-on service.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: PretaGov SaaS support includes:; - Support with troubleshooting, problem-solving and software bugs; - A help desk system where issues can be submitted by email or phone. ; - 24x7 after-hours support (as an upgrade option). ; - Advice on custom work. ; - 24x7 monitoring for outages with rapid rectification. ; - Upgrades of the PretaForm product. ; ; PretaGov SaaS Maintenance Service: ; Under this service, your PretaGov cloud architecture will receive regular analysis, tuning, maintenance, check-ups and security software updates. ; ; Support and maintenance costs are included with the PretaForm SaaS fee.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Our training sessions for your software or digital service typically range from half a day to a full day, depending on the complexity of functionalities. You'll receive guidance from both your PretaGov project manager and the lead developer, who have been deeply involved in your project since its inception, possessing a comprehensive understanding of every aspect. They'll provide easily comprehensible, concise documentation for you and your team. These resources will serve as handy 'reminders' for occasional tasks, always accessible to you. To optimise training costs, we advocate for a 'train the trainer' approach, wherein we'll typically train up to six members of your team per session. For larger groups, we may divide the training into smaller sessions to maintain an ideal trainer-to-trainee ratio
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: All content can be extracted in raw format from the database (into JSON) if requested and via an API if it needs to be migrated to another platform.
• End-of-contract process: PretaGov Software as a Service includes access to the software, government security standard fully managed hosting, support and maintenance. Additional costs include any professional services. There are no fees to terminate the contract, just one month's notice must be provided.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: PretaGov SaaS comes with inbuilt responsive design so it is optimised for mobile devices and desktops. The mobile version will include all the features of a desktop version but re-sizes content including media like videos, etc and fix them according to the size of mobile device.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: We rely on the API provided by the open-source platform used (Drupal, Plone Volto...)
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: We will work with the buyers to define the requirements and permissions around customisation of the themes, admin settings, form rules and publication workflows.

Scaling

• Independence of resources: PretaGov solutions designed to automatically scale with increased hardware. Our cloud hosting supplier provides APIs to create new cloud services. This process is tied to usage monitoring and increases servers as needed. Similarly the servers can be switched off to scale down when demand drops. PretaGov will actively monitor usage and performance. We increase capacity when necessary within the limitations of the hosting partner to ensure optimal performance. We also carry out regular maintenance activities to optimise performance. On request we can set up each hosting account individually with no shared resources between clients

Analytics

• Service usage metrics: Yes
• Metrics types: PretaGov solutions have Google Analytics/Momoto support built-in. This allows tracking the form filling process as a Google Analytics funnel to get statistics on success and visualisation of where users drop out of the form filling process.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Via API integration into backend systems.; Downloading of .CSV, PDF, XML, HL7 and other formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • .CSV importable into Microsoft Excel
  • PDF
  • HL7
  • XML
  • Any other open format can be scripted.
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • Email
  • XML

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We guarantee 99.95% availability.; ; Where PretaGov does not meet the same Service Level under the Service Level Agreement for each month in a consecutive six (6) month period, the Customer shall be entitled to treat such failure as a substantial breach for the purposes of compensation. Compensation is detailed in our service credit table.
• Approach to resilience: We provide redundant frontend services and application servers and a replicated database layer in different availability zones when request. We rely on the resilience provided by the underlying hosting provider and core platform used for the cloud software. Our engineers guarantee an additional layer of support for all requests.
• Outage reporting: We report service outages via our ticketing system. Additional reporting methods can be used on request.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: The PretaGov Cloud SaaS products are powered by the Plone CMS (www.plone.org) which provides fine-grained control over access and modification of the service. ; ; Access to content includes the ability to define groups of users. Access rights and permissions can be granted to any combination of groups, individual users, as well as to Anonymous (not logged in) users of the site.; ; Plone CMS’s fine grained control allows administrators to provide restricted access to others in the organisation, through the use of roles and groups and folder specific roles.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We are Cyber Essentials certified
• Information security policies and processes: PretaGov maintains, and annually updates, a comprehensive Information Security Management System documentation, which details employee’s responsibilities toward all types of assets, management’s role, training, confidentiality of client data and acceptable use of resources, and more. All staff must review and sign this policy during on-boarding. Staff review our ISMS regularly.; ; PretaGov information security program for its SaaS Solutions depends at the highest level on policies governing various aspects of PretaGov SaaS Operations – including specialised policies and procedures governing practices such as incident response process, change management, and backups.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: PretaGov maintains and follows formal change management processes. All changes to the production environment (network, systems, platform, application, configuration, including physical changes such as equipment moves) are tracked and implemented by our technical team. ; ; All deployments into production or change to the production environment (network, systems, platform, application, configuration, etc.) must be submitted to, reviewed and approved by the CTO prior to implementation.; ; Promotion of code from engineering into production is controlled by the change management process, and the SaaS Operations team manages all deployments into the production environment. Testing, other than deployment validation, is prohibited in the production environment.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: The PretaGov platform uses community open source software and stays up to date with vulnerability information for each part of the platform. The platform uses Plone at the application layer which has a history of minimal security vulnerabilities. When a vulnerability to Plone is discovered and a patch is made available, the fix is applied within 48 hours based on our SLA. Other critical vulnerabilities are patched within 14 days, important patches are applied within 30 days.; ; PretaGov tracks details of each security vulnerability so that it can schedule and then deploy fixes when they are made available.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: PretaGov uses server intrusion detection and security vulnerability scanning to detect and monitor suspicious activity. The servers are monitored at all times so that an audit trail of activity can be logged. Alerts are sent when suspicious activity or significant events are discovered.; ; PretaGov platforms include a monitoring system which collects data trending data around performance, errors, system usage etc. This detail is covered in our standard service level agreements. PretaGov responds within an hour to such incidents.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: PretaGov has developed a robust Security Incident Response Process (“SIRP”) to address events related to PretaGov SaaS Solutions in an efficient and timely manner. The SIRP process describes how the team is deployed, documents the criteria for incident severity, defines the investigation and diagnosis workflow, details documentation and reporting requirements, and establishes contact information.; ; PretaGov monitors their servers 24 by 7 and notifications are sent to on-call staff if the monitoring solutions detect any issues with the platform. A support hotline, web and email ticketing system are in place to report issues. Reports are given on an hourly basis.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  PretaGov has a a ‘Equal Opportunity’ policy which is made available to all staff on their induction with the company. Our hiring practices do not discriminate against any of the nine protected characteristics, including age, gender, race, and disability. As we are a remote working company, our employment and onboarding interviews are fully accessible—with candidates asked to specify any accessibility requirements they may need. We are committed to supporting disabled employees with any reasonable adjustments they require, including: -Assistive technology, -Non-medical assistive support, such as ergonomic chairs, desks, and mice & keyboards, -Flexible working hours in order to accommodate their needs within the scope of our operations. Requests for reasonable adjustments are voluntary and confidential, and we will work closely with any employee who requests them to provide the support and accommodation necessary to enable them to fulfil their role. PretaGov has a multicultural workforce, with employees from a range of races, religions, and other protected characteristics under the Equality Act 2010. 25% of our currently employed staff is female, such as our Co-Founder and CEO, Virginia Choy. PretaGov support all staff to undertake upskilling training to ensure that their technological expertise is up to date at all times. We encourage and facilitate staff attendance to conferences relevant to our work. This would include support for accessibility requirements, travel, and any necessary equipment therein. With our turnover falling below the £36 million threshold, the Modern Slavery Act (2015) does not apply to PretaGov. We have, however, established an Anti-Slavery Policy which is upheld at all times, and published on our website. By staying in close contact with all staff, including our subcontractors, senior board members aim to be at all times actively aware of any potential risk of Modern Slavery.

  Wellbeing

  The wellbeing of PretaGov staff is at the forefront of our company ethos. In line with MAC 7.1 of the Social Value Model, senior staff ensure regularly fortnightly meetings with our team to incite feedback, investigate grievances, and overall check their mental and physical wellness. Prior to the Covid-19 pandemic, our team would organise regular company lunches, dinners, and other social events in order to promote positive morale and colleague relationships. Though we have changed the way we work, our team meets online through the mediums of Slack Huddle and Google Meets. During the Covid-19 pandemic, to ensure the wellbeing of our staff, PretaGov established a ‘Work From Home’ policy which came as a response both to government legislation, as well as internal concern for our workforce’s health. In addition to this, we have adopted flexible working hours for all staff in order to provide a better work/life balance. Senior staff are open to negotiations in terms of adjusted work schedules in order to allow our team quality time with their families, improved personal schedules, and to attend mental/physical health check-ups. In the past, PretaGov has facilitated staff attendance to business-relevant conferences across the world. As a part of the Open-Source Community making use of Plone CMS, PretaGov are involved in community integration through involvement with other Plone contributors. Networking with the wider Plone community helps our staff to collaborate in the codesign and delivery of our services, as well as getting to know other individuals who share the same passion for software development.

Pricing

• Price: £737.50 to £8,292 a unit a month
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at virginia.choy@pretagov.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.