WIZUDA

Managed File Transfer

The Wizuda MFT solution provides a centralised hub through which data transfers are automated and managed securely and compliantly giving full end-to-end accountability. From real-time streaming to scheduled transfers, Wizuda MFT ensures your data gets to where it needs to be, when it needs to be, and within SLA timeframes.

Features

  • Enterprise-wide visibility of all transfers through one centralised platform
  • Automate data transfers, from real-time streaming to scheduled
  • All industry standard transfer protocols included
  • Transfer options include; compression/decompression, file renaming, archiving, deletion
  • Guaranteed file delivery with HA & automated load balancing
  • Locate and fix issues fast with Wizuda’s ‘Health Check’
  • Full End to End Encryption
  • Data Anonymisation module
  • Option to link DPIAs to transfers
  • Full authorisation workflows, audit trails and compliance reporting

Benefits

  • Get real-time visibility of your data transfers
  • Locate and fix transfer issues fast
  • Meet SLAs and avoid financial penalties
  • Reduce your risk of cyber-attack
  • Pass audits more easily
  • Reduce your risk of data breach

Pricing

£25,000 an instance a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at danielle.cussen@wizuda.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 8 4 8 4 9 3 3 2 8 4 1 9 6 1

Contact

WIZUDA Danielle Cussen
Telephone: +353863809790
Email: danielle.cussen@wizuda.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
For the public cloud there is 99.9% uptime.
System requirements
  • Microsoft IE, Edge, Chrome, Mozilla Firefox or Safari
  • Microsoft Windows

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLAs are defined in the Terms and Conditions
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
There are 4 categories of support from mission critical to non critical, each with specific KPI response times and target resolution times as agreed and defined in the contract.

Support is offered as standard Mon - Fri during UK business hours. Other options such as on-site and 24x7x365 are available on request at an additional cost.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Training is provided as standard with every purchase of Wizuda MFT. Training can be provided remotely or on-site and can be provided to Administrators and specific user groups.

Full documentation is provided as standard.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
All data can be extracted by Wizuda or the customer when the contract ends.
End-of-contract process
At the end of the contract the system will become read only for an agreed period, during which data can be extracted, prior to it being securely decommissioned.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Wizuda MFT is optimised to work on all mobile devices.
Service interface
No
API
Yes
What users can and can't do using the API
1. Receive an authentication token
2. Upload files securely
3. Create users
4. Receive Health Check notifications and alerts
5. Report on files transferred
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Customisation of language, logos, and colours available.

Scaling

Independence of resources
Wizuda MFT is automatically load balanced ensuring that the service is available and efficient at all times.

Analytics

Service usage metrics
Yes
Metrics types
Wizuda MFT includes extensive reporting around user activities, all file transfer operations, CPU and memory usage. Wizuda's Health Check ensures all source and target hosts are available and automatically alerts specified users of any host or transfer issues.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
User information can be exported using the REST API. Reports can be downloaded in HTML or CSV format. Files can be downloaded using one of the supported file transfer protocols. FTP/FTPS/SFTP/HTTPS.
Data export formats
  • CSV
  • Other
Other data export formats
  • HTML
  • PDF
  • JSON
Data import formats
  • CSV
  • Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Wizuda MFT has 99.9% uptime. Credits for unplanned downtime are determined on a case by case basis for each specific customer and service provided.
Approach to resilience
Available on request.
Outage reporting
Planned outages are communicated via email and unplanned downtime is notified via public website.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Other user authentication
Local user accounts, LDAP
Access restrictions in management interfaces and support channels
Wizuda MFT can restrict access by locking down IP addresses that can access the application. Individual user accounts can also be locked from using the application after a specific number of failed login attempts.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Description of management access authentication
Local Accounts, LDAP

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Certification Europe
ISO/IEC 27001 accreditation date
01/07/2016
What the ISO/IEC 27001 doesn’t cover
All aspects of the service, employees and processes engaged in providing the service are covered. Any aspects outside of that are not included.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
ISO 27701

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Wizuda are ISO27001 certified, with a mature ISMS comprised of relevant, adhered-to policies & procedures (P&P) by all staff. The ISMS is owned by the Company's Chief Information Security Officer who reports directly to the Board.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Wizuda provides release, version and change management in accordance with our strict ISO27001, ISO22301 and ISO 27701 controls.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Our software development and release processes include regular penetration testing using Appcheck, a leading security scanning platform designed and built by UK based CREST and CHECK accredited leading penetration testing experts to deliver against our requirements. Trusted by companies such as Microsoft, Skype, Adobe, Capita and others, this software and service provides an all-encompassing testing solution enabling us to conduct regular penetration tests throughout the application life cycle from development to production, with the benefit of rapid remediation and re-testing, giving us peace of mind that our products are secure and data is not compromised.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Wizuda uses security assessment tools natively provided by the cloud provider to monitor threats to resources hosted in public cloud environments.
Incident management type
Supplier-defined controls
Incident management approach
Incidents are reported to a dedicated management team and managed in line with our incident response procedures. These procedures are in accordance with the GDPR and include analysis of the incident and regular communications right through to resolution with the customer, and all relevant parties throughout the stakeholder chain, including the Wizuda DPO.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£25,000 an instance a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at danielle.cussen@wizuda.com. Tell them what format you need. It will help if you say what assistive technology you use.