Cygnetise

Cygnetise - Authorised Signatory Management

Cygnetise makes the process of managing and sharing Authorised Signatory Lists efficient and easy. Thanks to our real time, user-friendly blockchain application, we help a wide range of organisations to save time and reduce costs while increasing control and security of their data.

Features

  • Three step process to quickly upload your authorised signatory lists.
  • Simple and easy to use web based application
  • Ability to distribute your ASL's real time to anyone
  • Edit and remove signotories quickly and simply.
  • Encrypted data maintains security.

Benefits

  • Quickly update ASL
  • Dynamic links for real time sharing of lists with counterparts
  • Abiltiy to easily add or remove signatories from multiple lists
  • Access lists anytime and from anywhere.

Pricing

£120 to £1200 per unit

  • Free trial available

Service documents

G-Cloud 10

101827814709782

Cygnetise

Steve Pomfret

07901856603

steve@cygnetise.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements Internet access.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 24hrs
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Support costs no extra.

We would provide an primary contact for support.

Tickets can be raised directly against us using software embedded in the application.

Issues can be raised separately via email or telephone.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The application is incredibly simple. We have online user guides for the various functions that we provide.

We can provide onsite or online training if necessary.
Service documentation No
End-of-contract data extraction As per GDPR regulations we provide portability whereby users can extract their data in a csv format.
End-of-contract process Our subscription is annual. There are no other additional costs. If the subscription is not renewed there are no costs.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service No differences
Accessibility standards None or don’t know
Description of accessibility There are no constraints
Accessibility testing No interface testing of this kind.
API No
Customisation available No

Scaling

Scaling
Independence of resources We have multiple instances of the app processing requests. Where necessary we create extra instances to cope with demand

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach There is a button on the application that allows user to export any data in the system in a csv format.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability We have a standard level of SLA with our cloud provider.

https://aws.amazon.com/compute/sla/

Details of refunds users might expect is within our Terms and Conditions
Approach to resilience Data is stored with a cloud provider (AWS). We back-up the database every week and can restore the data back to that point if there is any issue.
Outage reporting The service should be running always.

If we had reason to bring the service down for any reason we would alert all the clients via email.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Our management interface is restricted by a username/password authentication.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Independent penetration test by an external firm (ZeroDayLab)

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified No
Security governance approach Both ourselves and our developers have an IT security policy/Information security document.

The documents are read by all company employees.
Information security policies and processes Both ourselves and our developers have an IT security policy/Information security document.

The documents are read by all company employees.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We have a staging (pre-production) environment that all changes are made in first.

These changes go through a testing cycle that is,

- Unit testing (by the developers)
- Functional testing (by our business analysts)
- Regression testing (some automated some manual)

Once the change has passed all 3 sets of test it is included in the next release.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We use a third party to perform penetration testing periodically to our platform. They will mimic potential attacks (DDOS, cross site scripting etc) and ensure that we are not vulnerable to them.

Any security release/patches that are required are testing via our Staging environment (pre prod)
Protective monitoring type Supplier-defined controls
Protective monitoring approach If a potential compromise is found we have the ability to lock accounts to prevent any further damage.

Once uncovered we would respond to such incidents immediately.
Incident management type Supplier-defined controls
Incident management approach Users report incidents either via email directly to our support email address or via zendesk which is built within the application.

Our reporting back to the users is periodic and via email.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £120 to £1200 per unit
Discount for educational organisations No
Free trial available Yes
Description of free trial We currently offer a 2 month free trial.

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑