SBRI Innovation Platform with Brightidea
A Small Business Research Initiative (SBRI) innovation platform based on a UK hosted/supported instance of BRIGHTIDEA, the global corporate Innovation Process Management Platform used by AXA, BT, CISCO, NEILSON. Tailored by Tenshi for UK SBRI (pre-commerical trials) it includes: Ideation, Challenges, SME engagement, competitive procurement and pre-commerical trials.
- Discuss - Initiate Employee, Citizen, SME Engagement
- Solve - Solve a Specific Problem
- Optimize - Improve a Business Area
- Hack - Build Prototypes
- Incubate - Develop Opportunities
- Pitch - Run Internal Shark Tanks
- Monitor - Track Evolving Trends
- Understand - Facilitate Design Research
- Suggest - Consider Any Idea
- SBRI process templates
- Digital service transformation
- engagement with SME's
- SBRI and pre-commercial procurement
- open innovation platform
- ideas management
- community engagement
- challenge management
- Customers: AXA, BT, CISCO, DELL, MERCK, NEILSON, PEARSON,
£15000 per licence per year
- Education pricing available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
1 million users, 99.9% availability, 24x7, UK hosted.
|Email or online ticketing support||Email or online ticketing|
|Support response times||Within 1 -2 working days|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Online 24x7 support, including access to cloud support engineer, is included in the price.
UK phone 9-5 can be provided at extra cost. Cost is dependant on the size of the account.
Onsite support is available at extra cost, on a per day basis or annual basis.
Onsite support can include: how to use the software; how to implement innovation management; setting up and running of specific innovation challenges.
|Support available to third parties||Yes|
Onboarding and offboarding
There is a wealth of online training and documentation available that is included in the cost of the product.
There is an onsite starter pack at extra cost to provide further assistance to those clients wanting to customise the solution heavily.
|End-of-contract data extraction||CSV exports|
|End-of-contract process||Buyers can export all data and ask that their system be archived or deleted.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
The full product can be used on a mobile with a suitable browser.
Mobile Apps (Android & IOS) form part of integrated innovation management process and are configurable by the user to perform specific tasks within the workflow.
|What users can and can't do using the API||Read and write data to Brightidea application|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||
Buyers can adjust interface branding themselves.
The software is an innovation process management system with the ability to configure any combination of activities to meet a specific innovation requirement.
The users can specify without supplier involvement the whole running of the process including the features available to users in the mobile apps.
Single sign on is available without supplier support or with supplier support for more complex requirements.
|Independence of resources||
Brightidea uses AWS with 2 configured data centres on Internet backbone for fast global access. Load balancing across 3 London data centres or the European region or Globally across 5 continents and 21 countries as required.
Capacity planning maintains 30% utilisation. CPU, Storage Memory and Network utilisation threshold alerts. Upgrades for servers, storage and network planned accordingly. New major clients are carefully tracked. Able to provision additional capacity within minutes. Full instrumentation of all URLs tracks actual server response times. Over 1,000,000 users, several clients with over 100k users, 99.9% availability.
|Service usage metrics||Yes|
|Metrics types||All innovation KPIs and Metrics|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||BrightIdea Inc. the leading corporate innovation process management platform provider|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Physical access control, complying with SSAE-16 / ISAE 3402|
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Exporting a CSV file.|
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
Availability and resilience
Our SLA is 99.5% availability.
We achieve 99.9 availability, we have over 1 million users, we have geographically separate disaster recover, we have elastic capacity to easily scale with demand and we have 100's of clients, including some of the worlds largest organisations.
|Approach to resilience||We use Amazon Web Services Cloud Infrastructure with redundant power, fully meshed tier1 IO connectivity with multiple internet providers, redundant internet, firewall and load balancers, automatic fire detection and suppression, independent zones in each region (e.g. UK), SOC1, SOC2 and ISO 27001|
|Outage reporting||Outage newsletter|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Two factor authentication all staff, all access logged and audited, encrypted VPN for all admin access, No network connectivity between corporate and Virtual Private Cloud, session validated for each request including IP matching.|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||AWS: EY Certify Point|
|ISO/IEC 27001 accreditation date||11/11/2016|
|What the ISO/IEC 27001 doesn’t cover||Onsite Support|
|ISO 28000:2007 certification||No|
|CSA STAR certification||Yes|
|CSA STAR accreditation date||11/11/2016|
|CSA STAR certification level||Level 2: CSA STAR Attestation|
|What the CSA STAR doesn’t cover||Onsite support|
|Who accredited the PCI DSS certification||AWS: Coalfire Systems Inc.|
|PCI DSS accreditation date||11/07/2016|
|What the PCI DSS doesn’t cover||Onsite support|
|Other security certifications||Yes|
|Any other security certifications||
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||
|Other security governance standards||SOC1 Type II, SOC2 Type II, PCI DSS Certified, Cyber Essentials PLUS|
|Information security policies and processes||Governance processes, reporting structure, ISO 27001|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Our processes is externally assessed to SSAE-16.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Our processes is externally assessed to SSAE-16.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Our processes is externally assessed to SSAE-16.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||Our processes is externally assessed to SSAE-16.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£15000 per licence per year|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Full functionality, limited time period.
|Link to free trial||Www.tenshi.co.uk/contact/|