AGILYX EMEA LTD

Integration Platform as a Service (iPaaS)

iPaaS is a suite of cloud services enabling development,execution and governance of integration flows connecting any combination of on premises and cloud based processes, services, applications & data within individual or across multiple organisations. AIM (Agilyx Integration Machine) is an Agilyx owned and developed iPaaS system.

Features

• Receive immediate ‘web hook’ events when the source system errors
• Polling file directories (SharePoint, DropBox, SFTP etc)
• Regular schedule (minutes, hours, days, weeks etc)
• Receiving an email, tweet or SMS
• Receiving an API call
• Receiving an EDI document

Benefits

• Streamline business operations
• Improve the efficiency of data management
• Improve customer experience and interactions
• Connect your organisation’s disparate software applications
• Reduce costs

£1,000 to £2,000 a unit

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julie.taylor@agilyxgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

985293108505456

Contact

Julie Taylor
01628 637266
julie.taylor@agilyxgroup.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Any solution that needs to communicate with another solution. these can be external or third party solutions.
• Cloud deployment model: Public cloud
• Service constraints: Solutions requiring integration must have the ability to produce an output.
• System requirements: Fully Managed Cloud Service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We operate a follow the sun support model and typically respond within 1 hour.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide one support level; You will be associated with a Customer Relationship Manager
• Support available to third parties: No

Onboarding and offboarding

• Getting started: The service is deplyed by our in house development team and created for the number of endpoints required by the customer. Offsite training and documentation is supplied.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data is not stored by the service per se, data passes through the services for transformation, mapping and routing purposes. Users can extract their audit data and any stored data via query when desired.
• End-of-contract process: The contract includes base costs, hosting and data storage. The number of endpoints required make the contract variable and the implementation of the product is a separate cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: The service is built on the basis of integrations, therefore, the service can be accessed through API where data is moved from one solution through the AIM to another solution.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The service in itself is based on development, it can be accessed to move data from any one system to any other system, there is development work required.

Scaling

• Independence of resources: Our services uses the latest Microsoft Azure technology meaning every interaction is independent of the next, we user commercially reasonable efforts to make AIM available 99.5% of the time.

Analytics

• Service usage metrics: Yes
• Metrics types: Number of transactions passed/failed and success/failure metrics.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is not usually required, however, users can extract logs via code work if required.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: Agilyx operate an information security program designed to protect Customer Data processed through the Hosting Environment using industry standard policies and technologies.
• Data protection within supplier network: Other
• Other protection within supplier network: Agilyx operate an information security program designed to protect Customer Data processed through the Hosting Environment using industry standard policies and technologies.

Availability and resilience

• Guaranteed availability: Agilyx will use commercially reasonable efforts to make AIM available 99.5% of the time excluding any of the following periods: ; (a) planned downtime; and; (b) unscheduled downtime caused by: (i) circumstances beyond Agilyx’s reasonable control (including, but not limited to: acts of God, acts of government, flood, fire, earthquake, civil unrest, acts of terror, strike or other labour problem, hosting provider failure or delay, issues related to Third Party Integrated Applications, or denial of service attacks); (ii) circumstances entitling Agilyx to suspend access to AIM under the terms of this Agreement; and (iii) the Customer’s or a User’s failure to use AIM in accordance with Agilyx documentation.
• Approach to resilience: Working with MS Azure our data follows all MS Azure resilience protocols. Further information is available on request.
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Access is limited to authorised users only.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA Certification Limited
• ISO/IEC 27001 accreditation date: 15/2/2018
• What the ISO/IEC 27001 doesn’t cover: The scope of this approval is applicable to: The design, development, provision and support of our software products and associated consultancy, technical and managed IT services. Statement of Applicability v2. The scope covers all UK activities, and also include Global activities, hosting, SaaS etc
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: SyberNetSelf Assessed Certification
• PCI DSS accreditation date: 014/01/2017
• What the PCI DSS doesn’t cover: The service is deployed as a hosted service, via our partner SyberNet, who are required to run and maintain it in a PCI compliant environment. Sybernet are currently a Level 2 service provider with less than 300,000 transactions annually and so they complete an SAQ, a Quarterly scan by an ASV (they use Qualys as their Approved Scanning Vendor) and provide an attestation of compliance (AOC).
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The Agilyx global Information Security Policy can be provided upon request. Agilyx is accredited to ISO 27001 Information Security Management.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: AIM Cloud relies on the expert services of Azure, who provided the underlying platform, network connectivity and System software. The Azure platform offers High Availability, Fault Tolerance, and redundancy at all levels, and components are automatically replaced at the end of their lifetimes or when failed - all contributing to the AIM system availability SLA of 99.5% . deployments within Azure allow everyone to benefitfrom their experience of running highly secure and compliant online services
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Deployments within Microsoft Azure allow everyone to benefit from their experience of running highly secure and compliant online services around the globe (such as Microsoft Cyber Defense Operations Centre, a 24x7x365 state-of-the-art cybersecurity and defence facility). AIM Cloud has implemented industry leading anti virus, intrusion prevention system and intrusion detection solutions (IPS IDS). AIM Cloud works with R&D teams to identify, mitigate and share information about known risks. Agilyx uses log monitoring and analyses to identify usage anomalies and exceptions. Software patches are applied during the maintenance window, but security patches are applied immediately.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: AIM Cloud’s end to end service includes hardware and system software, monitoring, management and maintenance of the Agilyx software and environment in Azure. A continuous 24x7x365 monitoring program is in place to detect and resolve infrastructure and application issues in order to meet the Agilyx application availability targets. The monitoring covers solution health, availability and response times. Prioirity 1 alerts generated are handled by Agilyx staff 24/7/365. see also response concerning Incident Management Approach.
• Incident management type: Supplier-defined controls
• Incident management approach: Agilyx will take prompt action to respond to any Security Incident and to prevent the further unauthorized use or disclosure of Customer Data, and/or to correct the issues within AIM (to the extent that AIM gave rise to such Security Incident).

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  The purpose of Aim is to use one system to talk to all solutions rather than many systems all talking to individual solutions in an organisation. Streamlining processes and keeping energy uses low.

Pricing

• Price: £1,000 to £2,000 a unit
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julie.taylor@agilyxgroup.com. Tell them what format you need. It will help if you say what assistive technology you use.