Incident Communications Platform - Klaxon
Ensure that you never miss a critical alert with Klaxon’s incident communication tool, get instant push notifications to notify your employees, students or tenants of incidents and outages. Get instant views of services that are unavailable, degraded or restored and opt-in only to the notifications that you want to receive.
- Instantly broadcast incident communications to virtually any communication device.
- Easily target communication alerts by location, department, technology or service.
- End-users choose how and when they receive communication alerts.
- Option to force communication for Disaster Recovery and Business Continuity.
- Send communication to multiple channels individually or simultaneously.
- Quick glance incident dashboard to understand incident status.
- Workflow incl incident approvals and reminders to send incident updates.
- End-user training walk through wizard built into the application.
- Full incident reporting suite and audit trail.
- Fully cloud-based, all systems and data hosted in the UK.
- Helps you manage Disaster Recovery and Business Continuity events professionally
- Save time and money managing incidents.
- Puts your end-users in control of the communications they receive.
- Reduce calls to your Operational teams during an incident.
- Full incident history for transparent auditing of incidents.
- Makes it quick and easy to target incident communications.
- Cloud based, so It works when your systems are unavailable.
- Minimise communication noise by only sending notifications to relevant users.
- Take action directly from the app, share that you're affected.
- Provides your end-users with full transparency about incidents.
£0.46 to £0.89 per user per month
- Education pricing available
- Free trial available
Software Cloud Limited
0808 164 0000
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|System requirements||Internet connectivity|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Monday to Friday 9am - 5pm|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||We use a tool called Hubspot which automatically meets these standards|
|Support levels||Support subscription is included in the monthly cost and there is no extra charges.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||All documentation will be provided and demo session can be arranged for key organisation Administrator|
|End-of-contract data extraction||Historical or audit report can be generated for all the event raised by raising a helpdesk ticket.|
|End-of-contract process||There is no other cost at the end of contract.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||Windows|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Mobile users will receive text message or mobile notification from our app for any notification messages.|
|Description of customisation||Most areas of the product are customisable to the customers needs. They are managed from a Administration area of the tool|
|Independence of resources||Klaxon runs in an extensible cloud environment, unaffected other services.|
|Service usage metrics||Yes|
|Metrics types||Klaxon offers a range of audience engagement metrics, as well as a breakdown of SMS and general usage.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Customers can request a data export at any time.|
|Data export formats||
|Other data export formats|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Microsoft's Azure platform guarantees 99.9% availability.|
|Approach to resilience||Klaxon exists in the highly-resilient Microsoft Azure cloud.|
|Outage reporting||Incident notification is Klaxon's specialty. We'll contact you by email, and update the dashboard should problems arise.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||The management supports Two Factor Authentication / Multi Factor Authentication.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials Plus|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||Cyber Essentials Plus|
|Information security policies and processes||
Our data storage and handling takes place within (and from) the Microsoft Azure cloud, a CSA CCM certified environment.
All employees and contractors are vetted and comply with a security policy set out in the employee handbook.
In addition, we are "Cyber Essentials Plus" compliant.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
We manage the development and release process via our integrated development environment. This provides us with a full audit trail of all changes to the Klaxon service.
All platform configuration changes and new releases are subject to our Change Management process and are approved by our Change Advisory Board (CAB).
An information security risk assessment is completed prior to CAB approval.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
The Klaxon service is hosted in Microsoft Azure as an 'App Service'. Microsoft maintains the majority of the environment. We utilise the considerable security tooling built into Microsoft Azure to protect the Klaxon service.
We undertake vulnerability and penetration testing on all new releases and address vulnerabilities before an update is applied.
We also scan for new vulnerabilities regularly and resolve vulnerabilities via our development and change and release process.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
We monitor the Klaxon service constantly for threats and vulnerabilities.
We investigate all information security events including suspected compromises, and manage all confirmed incidents in accordance with our cyber incident policy.
All cyber incidents are treated with the highest priority and are responded to promptly.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Our cyber incident policy provides guidance on the type of incidents that should be reported, who they should be reported to and when they should be reported.
Incidents can be reported to our Service Desk via email or telephone.
Our policy makes it clear that a post-incident report will be issued to stakeholders following an incident.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£0.46 to £0.89 per user per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||We provide a 30-day free trial, with the only functional limitations being on the number of users and user groups.|