EDRMSaaS.Cloud

by iCognition Pty Ltd
  • Reseller
Made by:
Microsoft and MicroFocus
For:
  • Audit, risk and compliance
  • Data and analytics
  • Projects and team collaboration

EDRMSaaS.Cloud is iCognition’s Electronic Document and Records Management as-a-service cloud: ultimate information security, user friendly access on any device, and intelligent analytics and governance. Harness the information explosion, secure your content, meet your compliance/regulatory requirements, improve operational efficiency and lower your total cost of ownership with a simple monthly per user cost!

It is Microsoft Azure delivered, cost effective, best of breed performance and highly secure; includes Micro Focus’ proven intelligent compliance engine; and iCognition’s award winning products maximising discovery, access, sharing and collaboration, for both desktop and mobile users:

Microfocus’ Secure Content Management suite - Content Manager, optional ControlPoint & Structured Data Manager;
RM Workspace - ease of access and collaboration;
RM Workflow - dynamic content workflow;
RM Public View - publishing and external access;
RM Federated Search - federated search across multiple repositories;
RM Connector - Connect any line of business application, or SharePoint solution, to EDRMSaaS.

EDRMSaaS.cloud is hosted on Microsoft Azure and is built from the ground up to ensure cybersecurity, including end-to-end encryption and vulnerability management and monitoring. It is designed for mission-critical apps supported by an open ecosystem of partners. Optionally you can choose Microsoft Azure Central for Federal Government (ASD) certified cloud.

    Features

  • Ultimate security: Government certified secure Microsoft cloud for Unclassified and Protected data
  • Compliance and records control: your content, managed to the highest standards
  • Ease of use: iCognition UX interfaces
  • 99.95% 24x7x365 availability
  • Full DR and backup regimes
  • Full help desk services
  • Constant and incremental software upgrade
  • Full range of managed system and records management services
  • Can include Office 365 and Microsoft apps
  • We can identify, migrate and transition content to EDRMSaaS

    Benefits

  • Compliance and records control: your content, managed to the highest standards
  • Increase productivity: maximise discovery, access, sharing and collaboration, for both desktop and mobile users with our suite of powerful solutions.
  • Faster, better decisions: unlock your information by utilising our information analytics to unlock insights.
  • Speed of delivery: Save time and money by leveraging Azure and iCognition services to quickly transition to EDRMSaaS, with the continuity to deploy wherever and whenever you need to.
  • Hybrid flexibility: modernise your desktop apps on your terms, with the option to rollout to the desktop or transition to full cloud functionality using Office 365.
  • Ultimate security: Government certified secure Microsoft cloud for Unclassified and Protected data
  • Designed for mission critical apps: benefit from heightened resilience, hybrid flexibility and direct connectivity.
  • We can identify, migrate and transition content to EDRMSaaS
Free trial available
http://www.edrmsaas.cloud
Minimum price
$20.00 AUD Up front transition fees plus per user per month (paid annually)
Maximum price
$80.00 AUD Up front transition fees plus per user per month (paid annually)
Variables affecting pricing

User numbers
Storage volume
Microsoft Azure Central Government certified secure environment for unclassified and protected data
SQL Server and Micro Focus licences inclusions
SLA requirements
Network connectivity

Education pricing
Eligibility

Universities, TAFEs

Pricing differences

Discount on volume

Not-for-profit pricing
Eligibility

Any not-for-profit

Pricing differences

Discount on volume

Become a registered buyer to purchase this product.

Onboarding and offboarding

Onboarding assistance

A full range of onboarding services are included or optioned in. The service can be a brand new system setup, or a 'lift and shift' of an existing system, including upgrading MicroFocus products, if required.

We can identify, migrate and transition content, including from:
TRIM, Records/Content Manager, Objective or Opentext
Network drives
Exchange
SharePoint, and
Databases.

Transition-in services can include:
Design & Solution workshop
Cloud Architecture Documentation
Service Desk provisioning
Azure Provisioning
If required:
Copy existing TRIM/RM/CM Dataset to cloud
TRIM/RM/CM Upgrade
Training and Configuration
Desktop rollout assistance
Project team support for transition
Basic Connectivity and CM testing
Develop Test Plans, Test Cases and Data
DR Testing, including developing a DR Test Plan
Support Client with UAT

Capacity Testing and Penetration Testing can be included as options.

We can also integrate your business systems, such as your CRM or Case Management, to EDRMSaaS using our range of connectors in order to capture and manage vital information across your business.

Decrease your existing internal storage footprint, lower the cost of managing your data, and reduce the cost of software licencing. Also provide better visibility of your information and make searching more efficient, thus saving money in responding to requests for information.

Offboarding assistance

Included as part of the service will be a transition-out plan that has:
• The lead time and schedule for provision to the client of its data.
• The format in which that data can be made available.
• Options for migrating the existing service (including configurations, BCS, security and access model and all records and content) to an alternate provider to ensure continuity of service.

The transition-out is then a defined as best it can without knowing the detail of the target system. iCognition will then undertake contractually to provide all reasonable assistance in the event of a transition out.

The Transition-out cost is a factor of:
Balance of Licences + Margin over original contract period, if applicable
Balance of platform spin up fees over original contract period
Data Migration fees to new platform
Platform fees during transition out

Availability and support

Guaranteed availability (excluding scheduled outages)

Standard SLA is:
• 99.9% availability
• RPO/RTO is less than 1 minute/4 hours
• Service desk 8:30-1700 EST
• Australian datacentres
• Production, Test/Training environments
• DR Site
• Annual upgrades (excludes integrations)
• Monthly maintenance activities
• Backups – geo-redundant
• IDOL titles and document content indexing
• ADFS Authentication
• Managed disks for document store, IDOL and database
• Load balancer
• Web Application Firewall
• 4 static IP addresses
• Storage for Document Store
• Log retention for 6 months

Options can include Microsoft Azure Central, Cirrus ITIL-based service desk support, MS SQL Server licences, iCognition products, VPN, internet connection, IDOL in DR, integration testing or integration upgrades, penetration and capacity testing.

Client can BYO SQL Licences, or we can migrate the database to Postgres for free licencing.

Support options available
  • Phone
  • Email
  • Online
  • Onsite
Which options come at additional cost

Onsite support post transition. Additionally we can include additional cost support options to include higher SLAs, integrations support, configuration support, records management support, and other catalogue items.

Support levels, availability hours (AEST) and whether additional costs are involved

Standard SLA is 99.9% availability, help desk 8:30-1700 EST using the following response times:
• Within 4 hours (during business hours) for issues classified as Critical priority
• Within 24 hours (during business hours) for issues classified as Major priority
• Within 5 business days for issues classified as Normal priority
• Within 14 days for issues classified as Low priority

Additional cost items are:
• extended hours support
• after hours support
• 24 hour support
• faster response times
• integrations support
• configuration support
• records management support
• training support

Reporting and analytics

Metrics reported

Standard metrics that are reported monthly includes:

Capture and Processing Activity
• Record Growth
• Licence Usage
• Unique Logins Per Day (Average)
• Content Manager Error Notifications
Availability
• YTD Uptime
• YTD Downtime
• OVERALL and YTD AVAILABILITY Calculation
Storage Used
• Production File Store
• Production Database
• DEV/UAT Database
• Total Data Allocation Usage
Incidents

Reporting types
  • Real-time dashboard
  • Regular reports
  • Reports on request
  • Other
Other reporting types

Infrastructure dashboard for iCognition staff that can provide real time detail.

Outage reporting
  • Email alerts
  • SMS alerts
Usage reporting
  • Email alerts
  • Other
Other usage reporting

Monthly reporting and account meetings play a vital part of the service.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username and password
  • Two-factor authentication
  • Identity federation with existing provider (eg. Google Apps)
  • Dedicated link (eg. VPN)
Other user authentication

Environment

Cloud deployment model
  • Other cloud model
Other deployment model

Microsoft Azure and Microsoft Azure Central.

Microsoft Azure Central is a mission-critical cloud for Unclassified and Protected data, designed for Government and highly-regulated organisations. This includes:

* Security and compliance certified by the Australian Government (ASD) for Unclassified and Protected data
* Australian-owned, secret-accredited facilities of Canberra Data Centres

Software add-on or extension

Yes, but can also be used as a standalone service

Add-on or extension to

Delivered on Microsoft's Azure and Azure Central services, using MicroFocus Content Manager as the core, supplemented by iCognition products RM Workspace & RM Workflow. An existing MicroFocus TRIM/Records Manager/Content Manager systems can be 'lifted, shifted and upgraded' to create this core, or a brand new system can be set up.

API

rest

What users can and can't do using the API

Both a REST and non-REST API is available that exposes 98% of the product's funcitonality

Compatible API automation tools

Micro Focus’ Business Value Dashboard (BVD) for Content Manager is an option. BVD is a special Micro Focus ‘package’ of OpsBridge that visualises records management through a business lens. It extends the reporting capabilities of Content Manager, and provides real time insight to quantify compliance, combining IT and non-IT metrics.

Connected government networks
  • GovDC
  • GovLink
  • AARNET
  • ICON
Web interface
Yes
What users can and can't do using the web interface

There are two web browser interfaces available. The standard interface is RM Workspace, and the MicroFocus Web Client is also available as an option.

RM Workspace is a multi-award winning collaborative digital workspace underpinned by MicroFocus' compliance and governance platform. Users get on with the job while records management ‘just happens’. It is aimed at general end users for document management, collaboration and end user records control.

RM Workspace provides a proven user experience that increases EDRMS user adoption, decreases training and support costs, and increases productivity though access and collaboration. RM Workspace meets WCAG 2.0 level AA accessibility compliance, and is a user friendly, intuitive and accessible workspace that is easy to use and fast to learn. The design is the result of a user experience (UX) design process, providing multiple discovery and navigation methods, as well as effective, satisfying and useful functionality. It provides direct access to documents that the users are allowed access to according to security rules in Content Manager.

It is high value for money collaborative workspace and EDRMSaaS interface, allowing fast and effective sharing, workflow and collaboration. It is fast and easy to deploy, easily captures information, provides multiple discovery mechanisms, and allows personalisation.

Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application for users to install
No
Designed to work on mobile devices
Yes
Differences in the mobile and desktop functionality

RM Workspace has a responsive design that adjust to tablet and mobile device use. The standard MicroFocus mobile device app is also available.

Accessible to WCAG 2.0 AA or above

All

How the product or service scales

Scales with user intervention (manually)

Locations

Whether users can control where their data is stored, processed and managed in Australia
Yes
Locations where user data is stored, processed and managed

In Australia by default

Whether the seller operates their own data centres
No
Whether third parties are involved in storing, processing or managing buyer data
Yes
The third parties involved

Microsoft Azure

User data

Data import formats
  • Comma-separated values (CSV)
Data export formats
  • Comma-separated values (CSV)
  • XML
Whether there are restrictions on users accessing or extracting data
Yes
The restrictions on users accessing or extracting data

Unless a VPN is set up, data extraction requires a special login to allow access to data extraction services. Some limited cut and paste functions from application to Excel are available.

Whether users can access audit information about activities and transactions
Yes
The maximum time audit information data is stored

Depending on configuration, application audit data can be stored and maintained for the duration of the contract

The maximum time system logs are stored

Depending on configuration, system logs can be stored and maintained for the duration of 6 months

Approach to secure data disposal

Data is shredder deleted, and media can be destroyed, depending on contract requirements.

Backup and recovery

What is backed up

Supplier controls what is backed up

How often backups are performed

Supplier controls frequency

How users recover backups

Users contact the support team

Data protection

Data protection between buyer and supplier networks
  • Private network or government network
  • TLS (v1.2 or above)
  • Legacy SSL and TLS (under v1.2)
  • IPSec or TLS VPN gateway
Data protection within the supplier's network
  • TLS (v1.2 or above)
  • Legacy SSL and TLS (under v1.2)
  • Other
Other data protection within the supplier's network

Bitlocker drives, SMB 3, TDE optional.

Data protection at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-18/ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data protection at rest

Bitlocker drives, SMB 3, TDE optional.

Who controls encryption keys

Supplier controlled

Security standards

Data centre security standards

Managed by a third party

ISO/IEC 27001:2013 certification
Yes
Who accredited the ISO/IEC 27001:2013 certification

BSI

When the ISO/IEC 27001:2013 certification expires
19/06/2019
What the ISO/IEC 27001:2013 certification doesn't cover

Microfocus Content Manager and RM Workspace, RM Workflow

ISO/IEC 27017:2015 certification
No
ISO/IEC 27018:2014 certification
No
CSA STAR certification
Yes
Who accredited the CSA STAR certification

BSI

When the CSA STAR certification expires
19/06/2020
CSA STAR level

Level 3 – CSA STAR Certification

What the CSA STAR certification doesn't cover

Microfocus Content Manager and RM Workspace, RM Workflow

PCI DSS certification
Yes
Who accredited the PCI DSS certification

Coalfire Systems, Inc.

When the PCI DSS certification expires
19/06/2020
What the PCI DSS certification doesn't cover

Microfocus Content Manager and RM Workspace, RM Workflow

SOC II certification
Yes
Who accredited the SOC II certification

Deloitte

When the SOC II certification expires
19/06/2020
What the SOC II certification doesn't cover

Microfocus Content Manager and RM Workspace, RM Workflow

IRAP assessed

Yes, successful at stage 1 and stage 2

Certified by the Australian Signals Directorate (ASD)
Yes
Australian data security classification certification
  • Unclassified DLM
  • Protected
Further information about security assessments

https://www.asd.gov.au/infosec/irap/docs/CCSL-Microsoft-Azure-Consumer-Guide.pdf

Security practices

Approach to secure software development best practice

Supplier-defined process

How often the supplier conducts penetration testing

At least once a year

The supplier's approach to penetration testing
  • Performed by another external penetration testing organisation

Separation between users

Virtualisation used to keep users sharing the same infrastructure apart
Yes
Who implements the virtualisation technology

A third party

Third party providing virtualisation

Microsoft Azure

Technologies used to provide virtualisation
  • Hyper-V
Approach to separating different organisations on the same infrastructure

Microsoft Azure uses Fabric for virtualization. Separation is achieved through separation of domains, separate server infrastructure, virtual disks, and separate databases. We do not share Microsoft Azure VMs between clients/organizations. Each client has their own independent environment, firewalls, domain, storage, compute, memory and networking

Operational security

Configuration and change management processes

A recognised standard, for example CSA CCM v3.0 or SSAE-18/ISAE 3402

Configuration and change management approach

ITIL change management practices are used. Additionally, Microsoft Azure has it's own CCSL/IRAP adherence along with compliance to ISO/IEC 27018 and certification for ISO27001.

Vulnerability management processes

Supplier-defined process

Vulnerability management approach

Microsoft Azure includes Azure Security Center for unified security management and monitoring, including vulnerability management. Security center provides the recommended processes. For more details refer: https://www.qualys.com/public-cloud/#azure

Protective monitoring processes

Supplier-defined process

Protective monitoring approach

Microsoft Azure includes Azure Security Center for unified security management and monitoring. Security center provides the recommended processes. For more details: https://www.qualys.com/public-cloud/#azure

Crisis and incident management processes

Supplier-defined process

Crisis and incident management plan

We follow the SIRP process of:
* Identification
* Triage
* Containment
* Eradication
* Recovery
* Retrospective
Incidents are triaged in 3 impact categories, each with a different response level:
Severity 1, Severity 2 and Severity 3.

How often access controls are tested

At least every 6 months