The Access Platform
For global education providers who want to recruit more numerous and diverse students, The Access Platform enables student-led content and conversations online, providing a more personal and authentic experience to potential applicants, creating a sense of belonging before arriving on campus, whilst saving staff time and reducing risk.
- Chat enables prospects to have chat conversations with student ambassadors.
- Content enables user-generated content generation directly from students.
- FAQ helps create authentic, student answers to common questions
- Analytics gives insight on what prospective students care about
- CRM integration
- Safeguarding features like automated keyword detection
- Reporting and Student Ambassador Management Tools
- Content Schedule for automated user-generated content creation.
- Optional data collection fields from prospective students
- Mobile app and website widgets.
- Content: Easy and automated user-generated content creation
- Content: Fast one-click publishing to social media and websites
- Content: Reduce risk with separate creation and publishing process
- Chat: Safe and transparent peer-to-peer chat conversations
- Chat: Free lead generation from social media and website.
- Chat: Build relationships with prospective students globally.
- FAQ: Easy editing and publishing tools to improve content.
- FAQ: Easy written content generation from students
- Mobile App: Collaborate with your student ambassadors from anywhere
- Reporting: Easy and fast oversight and student ambassador management
£4000 to £20000 per licence per year
The Access Platform
+44 (0) 20 3026 4663
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
During business hours, typically within 5 minutes.
On weekends, typically within 1 hour
During the hours between 10pm-7am GMT, typically within 9 hours as we don't currently have 24-hour support.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||Our web chat is supported by Intercom. We've worked with a specialist company in order to comply with WCAG 2.1 AA.|
|Onsite support||Onsite support|
|Support levels||We provide account management and onboarding at no additional cost. Support is provided at both technical and non-technical levels.|
|Support available to third parties||Yes|
Onboarding and offboarding
We do an onsite Implementation Session for UK customers.
We do an online Implementation Session for non-UK customers.
We provide online training resources and videos for different groups of users.
|End-of-contract data extraction||We are a Data Processor, our customers are the Data Controller. Customers can extract their data at any time by downloading it from the dashboard or via an API integration.|
Our contracts have an annual licence model.
If a customer wishes to not renew, we ensure they are extracted all of their data from the service, removed any widgets on their website, communicated appropriately with stakeholders and then we delete all of their data from our system.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Our widgets (hosted on universities' websites) are responsive for mobile devices, including tablets. Separately, we have a mobil app for student ambassadors, but they engage with the service in a different way to admin users, who access the dashboard through a browser.|
|Description of service interface||
Mobile app for ambassadors.
Dashboard website for admin users.
Widget on university website for prospective students.
|Accessibility standards||WCAG 2.1 AA or EN 301 549|
|Accessibility testing||We've worked with a 3rd party to test that our service is WCAG 2.1 AA compliant.|
|What users can and can't do using the API||We allow API integration to CRM for the automated transfer for user data.|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||Input branding preferences like a logo and colours. Further customisations are available using CSS overrides.|
|Independence of resources||We use autoscaling website and application server clusters and CDN technologies to ensure our service scales automatically to cope with spikes in demand.|
|Service usage metrics||Yes|
|Metrics types||We report on all key metrics around service usage both at the aggregated level across the whole service and the individual Ambassador level.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||CSV or API integration to CRM.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
99.9% availability over the contract period.
If we are less than 99.5% available for 3 months in a row, a customer can terminate their contract.
|Approach to resilience||
We use Amazon Web Services which is a highly reputable IaaS provider with a proven track record of availability.
We have certified AWS Solutions Architects in the team and expert advisors to ensure we architect our environment following appropriate best practices. We use PaaS services like the Elastic Load Balancer, Autoscaling, S3, SES etc to help us make our architecture resilient against single points of failure.
|Outage reporting||Email alerts are sent to customers in the event we experience downtime with a full incident report.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||All management interfaces require a username and password to authenticate. We place a minimum length and complexity requirements on passwords. Users must authenticate with our system in order to access support channels.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We follow industry best practice for security include ISO27001. We have a strategic advisor specifically to help us with the security and health of our tech stack. We conduct quarterly penetration testing to ensure we don't introduce any new vulnerabilities as we enhance the service.|
|Information security policies and processes||Our service incorporates 'privacy by design' principles. Only one developer has access to the production database, and all technical staff undergo data protection training. We have security sessions and 'refreshers' each quarter, and a personal at board level accountable for information security. We have a reporting process for infractions.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||We have a quality assurance process that includes both manual and automated testing and dedicated members of staff. All development work goes through this process, and is tested against a test plan that includes compliance with our own security and data protection policies in line with CCM and ISO27001. Our product management team monitors all parts of our platform through the five-stage lifecycle.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||We use monitoring tools such as New Relic and PM2 to assess the stability and security of our services around the clock. Security threats are triaged, with 'yellow' threats being patched within 24 hours and 'red' threats immediately. Our standard security release cycle is once per week.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||All traffic and requests are logged using New Relic and PM2 and we monitor for unusual activity. If a compromise is detected, the relevant system is disabled or limited immediately while investigation takes place. If our system has been compromise, we work on a patch immediately.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||We have a disaster management policy and a support policy that cover all incidents on the service. Users can report incidents via web chat, bug tracking tools, by email or on the phone. We give an initial report within one hour with a prognosis. We provide reports at least once every 24 hours during the response process. We write a full written report after the incident has been resolved.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£4000 to £20000 per licence per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||We can offer a free trial on a case by case basis where there are specific success criteria that are necessary as part of the procurement process.|
|Link to free trial||Theaccessplatform.com (request a demo)|