CloudStore is a secure web based file sync, store and share solution that allows:
- Document collaboration between teams, colleagues, clients and suppliers
- File back-up from your local computer to a secure remote storage area
Find out more: https://www.delladene.com/cloudstore.html
- Store: elastic data storage which can be expanded as required.
- Share: Securely share files with client or colleagues.
- Back-up: Windows and MacOS is securely synchronised and backed-up
- Versioning and Roll-Back: Roll back to older versions of files
- Audit: Keep track of who, when and what has changed
- Robust-Permissions: control who can view, edit, delete, download and more
- Workflow Engine: allowing for traceable repeatable process ensure quality
- Secure links: Upload & Download document and files via "sharelinks"
- Quick Searching: high-speed searching of files and even content
- Open: CloudStore™ provides a raft of easy to use integrations
- 99.9% availability to the service outside of maintenance window
- Access online or offline
- Accessible from multiple devices Windows, MacOS, iPad, iPhone and Android
- Set share Link pass-wording and expiry
- Configure your own workflows to ensure repeatable quality
- Always on the latest version no upgrading
- Telephone and email (human) support
- Up and running in only a few minutes
- Flexible pricing model
£10 per user per month
- Education pricing available
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Any solution that requires additional storage or document management for example: Project Portfolio Management, ERP and Business Process Management etc...|
|Cloud deployment model||Hybrid cloud|
Schedule maintenance period will be performed weekly Saturday between 9pm-12am GMT as needed
Emergency maintenance for critical issues and security fixes (if required) performed daily between 9pm-10pm GMT
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Standard Email and Telephone Support:
Monday-Friday 9:00am-5:30pm (Excluding UK bank holidays)
Response time within 2 hours during support hours.
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Telephone & Email support is included.
Online Web Support: £60 per/hour
Onsite end-users support engineer: Day rate £600 per/day + expenses
Advanced Support engineer: Day rate £800 per/day + expenses
|Support available to third parties||Yes|
Onboarding and offboarding
The solution is very simple to set-up customers receive a credit for 4 hours instructor led online admin and train the trainer training.
If further training is required for on-boarding we provide additional support including:
- Online instructor lead training (training limited to 20 attendees) sold in 1 hour increments @ £100 per hour.
- Onsite training £1600 per/day minimum + travel expense. (customer is responsible for adequate facilities, classes limited to 25 attendees.)
|End-of-contract data extraction||
Files and documents can be downloaded as individual files or packages zip files through the web app.
Alternatively customers can use the client agent to extract all files to an offsite storage device.
Customer must provide written notice of contract termination within 30 days prior to end of contract term.
Once termination has been acknowledge the customer has a minimum of 30 days to remove all data before the customer account is deactivated all customer related data is delete.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Mobile apps allow browsing, search and sharing files
Web apps provides full functionality of the app
|Accessibility standards||None or don’t know|
|Description of accessibility||
Delladene takes accessibility seriously, CloudStore integrates with the Windows and MacOS systems and environments (see supported platform) as such the solution is fully compatible with operating systems assistive technology without the need for additional testing.
Web App Basic functionality including:
Viewing, Opening, Selecting Cabinets, Folders, Files Devices, Groups and Users are all accessible via keyboard or assistive technology.
Web App Advanced System administration and configuration set-up of the environment is not support through assistive technology
The service is tested to work with assistive technology such as:
Support for magnifying capabilities provided by Web browsers (within the supported list of browsers.)
The system has been tested with Apple VoiceOver within the Web Application and the use of Apple iOS VoiceOver accessibility to navigate the Applications.
Assistive technology has not been tested with Android as of the date of this application.
|What users can and can't do using the API||API is designed for user provisioning such as account and user management|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||
Users can customise the following areas:
- System Personalisation
- Custom fields and entities
- Customer Workflows
- Customise user experience by managing features
|Independence of resources||Application is designed for linear scalability. Storage and compute resources are monitored and capacity is increased based on activity.|
|Service usage metrics||Yes|
|Metrics types||Storage Charts by: User and Cabinets|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Other data at rest protection approach||All documents are stored with AES256 encryption|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||In-house destruction process|
Data importing and exporting
|Data export approach||
Files and documents can be downloaded as individual files or packages zip files through the web app.
Alternatively customers can use the client agent to extract all files to an offsite storage device
Audit history can be downloaded as CSV files
|Data export formats||
|Other data export formats||
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||Other|
|Other protection within supplier network||
Applications are hosted in a secure data centre restricted to named authorised personnel.
Data centre access is restricted via bio-metric authentication and is monitored 24/7 by data centre personal and video surveillance.
Servers are hosted within locked cages.
Availability and resilience
99.9% Target Service Availability.
SLA is measured outside of the Scheduled Maintenance or Emergency Maintenance.
Delladene CloudStore SaaS uses and external monitoring service to check system availability every 5 minutes, twenty-four (24) hours per day, seven days per week. If the application is not available the monitoring service immediately notifies operations.
SLA(%) = Total number of successful monitor cycles/total number of planned monitor cycles. ( outside of emergency or schedule maintenance outage)
In the event of a service availability, the Customer is entitled to a specific number of days of credit of fees based on the annual fees paid and each credit if equal to 2 days. Any credits issued to Customer will be applied towards the next billing period applicable to Customer.
|Approach to resilience||Information available on request under mutual NDA|
|Outage reporting||Email alerts to designated administrator|
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||Single Sign On via SAML 2.0|
|Access restrictions in management interfaces and support channels||
User permissions and groups used to restrict access.
Support access can be restricted by application administrator
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI Group|
|ISO/IEC 27001 accreditation date||01/08/2017|
|What the ISO/IEC 27001 doesn’t cover||Restricted to cover the delivery of co-location and network infrastructure as defined by management and in accordance with the Statement of Applicability version 1.3, dated July 20th, 2017.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||Yes|
|CSA STAR accreditation date||January 19th, 2018|
|CSA STAR certification level||Level 1: CSA STAR Self-Assessment|
|What the CSA STAR doesn’t cover||Data store and back-up is covered by AWS CSA Star Self-Assessment.|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||To be disclosed under NDA|
|Information security policies and processes||To be disclosed under NDA|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Changes are approved by management and reviewed. The review includes impact assessment, including operational and security concerns, approach, testing, user acceptance and documentation.
After approval , the change is forwarded to the SaaS operations to be implemented.
All changes are logged and an audit trail is maintained.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Vulnerability Threat assessment is based on the following sources:
- External security bulletins i.e. US-CERT and The National Cyber Security Centre
- Regular Third-party Penetration tests
Vulnerability Threats are assessed based on the CVSS scoring and based on the impact to the service appropriate action taken
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Potential compromises are identified via periodic scans of firewall and server access logs and which reviewed to detect and prevent malicious activity.
Malicious activity is assessed for severity and appropriate action is taken in a timely fashion
|Incident management type||Supplier-defined controls|
|Incident management approach||
We use DEVOPS tools to execute pre-defined processes such as regular system updated and product releases.
Users report incidents through the support ticketing system
Incident reports are provided via email
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£10 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Full feature functional trial
Time limited to 14 days (optional extension at account manager discretion)
|Link to free trial||https://cloudstore.delladene.com|
|Pricing document||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|