Bramble Hub Limited

Bramble Hub 27partners - 27listen

A performance management tool that empowers employees to own their feedback, career and network. 27listen revolutionises the way organisations manage their future in a simple and more effective way.

Features

  • Personal user profiles
  • Positive or development opportunities can be sent to all levels
  • Customised groupings to tailor communication
  • Push notifications
  • Available for iOS and Android
  • Google analytics to analyse and optimise usage and adoption
  • Integration with external platforms, LinkedIn, Yammer and Google Calendars
  • Tutorials walk you through how the app works
  • ADFS (Active Directory Federation Services) sign on
  • Capture 360 degree feedback little and often

Benefits

  • Provide feedback whenever and whereever you are
  • Identify and develop talent faster than ever before
  • HR teams spend less time managing manual processes
  • Encourages and manages the flow of employee feedback
  • Fosters a culture of continuous learning
  • Understand the development needs of employees in real-time

Pricing

£1.60 per user per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 9

188391627536600

Bramble Hub Limited

Roland Cunningham

+44 (0) 2077350030

contact@bramblehub.co.uk

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to The service can provide video support for any intranet, internet site or learning management system
Cloud deployment model Public cloud
Service constraints None
System requirements N/a

User support

User support
Email or online ticketing support Email or online ticketing
Support response times User support is handled 9am-5pm Monday-Friday, excluding UK national holidays.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Users can enter a web chat session with one of our technicians directly from the website. Dependant on availability they have the opportunity to leave a message as an alternative.
Web chat accessibility testing None
Onsite support Yes, at extra cost
Support levels Tiered support contracts are available:

Level 1: Managing the resolution of service issues reported by the customer, where the customer performs the analysis.
Level 2: Assisting the customer with analysis of customer-side issues, and provide recommendations for fix.
Level 3: Assistance with the implementation of changes on the customer side to resolve issues.

Each level is priced according to the number of end-users covered. A technical account manager is also provided.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide any level of service required by the customer. This includes on-site assistance in uploading and customizing the interface, and migrating content from any existing service
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction At the end of the contact term we will extract the content and associated metadata and make it available to the customer via media such as DVD or portable HD
End-of-contract process As above, at the customer's request the content can be delivered on DVD or portable HD.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are no feature differences between the mobile and desktop versions. The service is responsive to different screen sizes across desktop, tablet and mobile
Accessibility standards WCAG 2.0 A
Accessibility testing None
API Yes
What users can and can't do using the API Users can access any content management function through the API. This is including but not limited to uploading content, making content metadata changes, changing access control rules and embedding content in third party services.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service allows for complete customisation through drag and drop templating and styling interfaces. Any page can be fully modified, either by the customer or via our professional services.

Scaling

Scaling
Independence of resources The service is scaled appropriately for the throughput of all users.

Analytics

Analytics
Service usage metrics Yes
Metrics types The service can report video playback information, including the duration of playback on a per-video basis. This information is available per-user or aggregated for the whole service.
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Users can export their data either by downloading it directly (for video files) or exporting the content metadata as XML. The service also provides for content export via the API.
Data export formats Other
Other data export formats XML
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability of the platform Is 99.99%. mozi has no required downtime periods for upgrades etc. In the event unusual maintenance does have to be performed that involves downtime then the customer is informed at least 48 hours in advance. Disaster recovery time is currently 24-48 hours depending on severity. Service credits are available in the event of a breach of SLA, and these vary according to the class of service purchased by the customer.
Approach to resilience This information is available on request
Outage reporting Email alerts are sent in the event of an outage

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels The application supports role-based access controls, which can be managed in an external identity provider such as Google Apps or Active Directory. The user groups in these directories will be used to enforce levels of access, both to the administrative parts of the application (content upload and management) and in the front-end to enforce access control rules for all content items.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach As a provider of hosted applications and data storage, 27partners takes the privacy and security of its customers’ data very seriously. 27partners has a formal, documented, comprehensive, and mandatory information security program comprised of a published and regularly updated security policy covering controls, standards and procedures. The program is monitored and enforced by executive management.
Information security policies and processes As a provider of hosted applications and data storage, 27partners takes the privacy and security of its customers’ data very seriously. 27partners has a formal, documented, comprehensive, and mandatory information security program comprised of a published and regularly updated security policy covering controls, standards and procedures. The program is monitored and enforced by executive management.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The formal Change Control Process governs the application of feature enhancements, security-related fixes and service packs. The requestor, business owners, and/or project sponsor reviews and approve changes prior to introduction into the production environment. Approvals for release into production are based upon Quality Assurance (QA) certification reports.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Software developers are thoroughly evaluated on their application security knowledge during the hiring process and take application security training classes as required to keep abreast of new technologies or techniques when they are adopted in Kontiki products and services. Developers are provided with statistics on the most common vulnerabilities found in their applications along with recommended prevention and remediation measures. As vulnerabilities are discovered, they are reviewed with the developer and practices are adopted to prevent recurrence.
Protective monitoring type Supplier-defined controls
Protective monitoring approach The Operations Team uses a combination of industry standard and application specific monitoring of the application and its associated services to ensure system integrity and security. System access is captured using a number of methods including web and event logs. The application itself has a number of real time monitors and security logs that are used to automatically alert operations personnel of a problem. Operations also maintains an on-call rotation with senior engineering staff available 24 x 7 to address issues. All administrative data traffic is transported over a point-to-point private link or using SSH.
Incident management type Supplier-defined controls
Incident management approach Within four hours of the incident, 27partners will conduct an incident review to determine the nature of the incident and will take all appropriate actions to contain any breach.
The affected customer will be notified within 24 hours.
27partners maintains a formal incident management process that includes IT security breaches (viruses, hacking, etc.) which is current and reviewed annually.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1.60 per user per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial The free version of the service is a fully functional but time limited trial

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑