Verint Systems Inc.

Engagement Management Professional (Public Cloud)

This solution enables public sector organisations achieve their customer engagement and digital transformation goals. Key aspects include a customer portal, case management, knowledge management, enterprise search, analytics, end-to-end process automation, CRM and social/email support. Delivered as a cost-effective public cloud solution, each tenant's data/services are securely maintained and individually configured.

Features

  • Customer Portal
  • Case Management with Workflow
  • Knowledge Management and Enterprise Search
  • Process Management
  • Reporting and Customer Insight
  • Forms
  • Modern Integration Capability (including REST)
  • Customer Relationship Management (CRM) functionality
  • Live Chat
  • Social Messaging

Benefits

  • Digitally enable processes (including automated integration)
  • Channel shift services to responsive digital / self-serve channels
  • Understand what's working well, what isn't and why.
  • Reduce/eliminate waste (e.g. remove "middle office")
  • Deliver personalised services to customers
  • Optimise point of contact resolution
  • Deliver efficient employee / partner processes through a unified portal
  • Enable processes to support GDPR compliance
  • Allow for social media listening and transaction intake
  • Provide web chat capability

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints None.
System requirements Supported browser (any modern version)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Customer Designated Employees will have access to Verint technical support personnel through Verint’s standard telephone, email and/or web support services during the support hours applicable to the specific SaaS Services subscribed to by Customer. The contact information for Verint technical support personnel, support hours applicable to the SaaS Services, and Error type classifications and response times shall be provided upon project initiation.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard support is for 8am to 6pm, 5 days per week excluding Bank Holidays. Premium support extends this to 24x7x365. Standard support is included in the base level pricing with Premium support provided for the surcharge as documented in the pricing document.

Product support includes: Priority incident queuing; Software Updates and feature packs; Software patches; HotFixes; 24 x 7 access to the Verint web portal including access to product documentation; access to the Verint Community portal; remote access and diagnosis; defined incident response.

Service issues are assigned a priority from P1 to P4 depending on severity. Each priority has a defined target response time as follows: P1 - 2 hours; P2 - 4 hours; P3 - next business day; P4 - second business day.

In addition to getting access to the Verint Community, support customers get invited to regular product update webinars and our annual user conference.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Onboarding services are included within the pricing for the services provided (refer to the pricing document). This is for commissioning: additional work to assist you in configuring required processes and integrations can then be performed either by the client or Verint through additional services at the SFIA rates. A video tutorial is available at no additional charge with the service as a primer for the configuration of processes on the service. A range of additional training courses are available, if required, for business and technical users at the SFIA rates provided. Comprehensive product documentation and product videos are available. Users can also access the Verint Online Community to receive advice, guidance and process collateral from Verint and their worldwide customer base.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Microsoft Word
End-of-contract data extraction Following a formal and authenticated request for the data, a full extract of user data will be provided within 10 days of service termination (or earlier by special arrangement).
End-of-contract process At the agreed termination date, all access to the service will be removed. Unless previously agreed, this date will also trigger the extract and transfer of user data, assuming this is required. The costs of this data extraction and the subsequent purging of that data (from both production and backup environments) will be dependent on data volumes and will be scoped and reasonably charged for at the SFIA rates appropriate.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service None. A responsive design and the use of html5 componentry within Forms allows usage on a variety of mobile and desktop devices, with context specific rendering according to the device type used.
API Yes
What users can and can't do using the API The solution provides an extensive capability to access configured processes within the Process Management component using SOAP/REST APIs which in turn can drive a comprehensive range of CRM/Case management activities throughout the service. This capability allows for full interoperability of the service with legacy applications and data sources, subject to secure access (via SSL support).
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The service allows clients to configure case, process, workflow, forms and knowledge search components through supported configuration interfaces. This includes the configuration of integrations to client or cloud third party systems using modern web service techniques (e.g. REST). These configurations can be performed by business-level staff for simpler aspects and IT-level staff for more complex configurations and integrations.

Scaling

Scaling
Independence of resources The solution is provided on the Amazon Web Service which allows for elastic scaling of resources to scale with demand automatically.

Analytics

Analytics
Service usage metrics Yes
Metrics types We provide a 99.9% uptime availability level which is monitored and used to measure service quality.
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach In addition to the end of contract process described above, a range of data is available for download (e.g. form XML, search results export as CSV/PDF/Excel etc).
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats
  • Ad hoc data import (file upload widget)
  • Process Management data ingestion (rules based)

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability of the service is 99.95%, assured by contractual commitment and an agreed Service Level Credit regime applicable to the specific SaaS service in use.
Approach to resilience Provided through a combination of load balancing, duplication of servers, virtual servers and other techniques.
Outage reporting Outages will be notified via our Customer Community: users can subscribe to this to receive proactive notifications.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication "Users" access the system via username or passwords, optionally over a VPN. For citizens/customers accessing processes associated with the service, a range of authentication capabilities are available including Identity Federation (e.g. Gov.UK Verify) using SAML and/or OAUTH. 2 factor authentication can be supported through additional customisation. The system is open and flexible to allow support for other forms of authentication (e.g. 2-factor or Public key) if required - additional services would be required.
Access restrictions in management interfaces and support channels Through userid and password to configuration and support interfaces.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 IQNet and Standards Institution of Israel
ISO/IEC 27001 accreditation date Verint: 01/02/2017.
What the ISO/IEC 27001 doesn’t cover Hosting services by Verint's hosting partner, Amazon Web Services are 27001-accredited (with accreditation dates of 15/12/2017 (for Amazon Web Services).
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Verint manage the risks that have a potential to impact Verint’s SaaS solutions through:
Formal information security programs; Pre-employment screening ; programs; Regular participation in standards audits to validate certifications and compliance; Systems monitoring and log reviews; Routine preventative maintenance; Threat detection and mitigation systems; Adherence to rigid processes and procedures; Regular reviews and vulnerability testing of the SaaS solutions; Implementation of industry best practices; Incorporation of security in our software designs; Resilient and redundant systems design; Broad legal protections secured through partner contracts. Active ISO risks are centrally tracked and assigned an owner, who is responsible for addressing them and reporting on the status until the risk has been mitigated. An identified risk is never reviewed in isolation from other mitigating controls. Once all controls are taken into account, a full picture of the actual risk is defined and used for determining the corrective actions.

Verint's hosting partner for this public cloud offering (Amazon) are also 27001 compliant.

Verint and its hosting partner continuously monitor for new vulnerabilities or changes that may expose its SaaS solutions to new risks. If identified, risks are addressed according to the aforementioned mechanisms and process.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach A change configuration board is maintained and consulted for all service changes to the public cloud solution.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Verint monitor all relevant vendor and security alert mailing lists for updates on operating system and supporting application vulnerabilities. Each alert is categorised according to a defined schema and advice on how to best handle each vulnerability is supplied to production teams. The three categories of vulnerabilities are: Irrelevant - not patched; Relevant noncritical - patched as part of the normal patching cycle; Critical - Verint initiates the Critical Vulnerability Process which may result in the vulnerability being patched immediately, depending on operational impact and apparent risk of server compromise. This category of vulnerabilities are typically patched inside 48 hours
Protective monitoring type Supplier-defined controls
Protective monitoring approach Verint maintains Intrusion Detection Systems at its network borders, and runs daily network scans to detect anomalous server network configurations. Information from these systems is combined with a centralised log repository that allows Verint system administrators to analyse the data as a whole and detect correlations and patterns within the data.

If an anomaly is detected and confirmed as a security incident, the Security Incident Response Plan is followed, which includes notification of impacted customers and full remediation of the issue.
Incident management type Supplier-defined controls
Incident management approach When the Security Incident Response Plan is initiated, the following activities occur: 1) The Customer Response Team consults the Security Incident Identification Guide; 2) Once the impact of the incident has been identified, impacted customers are notified; 3) A response plan to remediate the issue is written; 4) The Lead System Administrator and Support Manager oversee actions from the plan to make sure they are carried out; 5) An incident closure report is written, that documents all of the actions taken and their result; 6) The reports are supplied to impacted customers; 7) The incident is closed.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £21 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Access to a demonstration level version of the service on a special request basis. Access will be limited to an agreed number of users for a mutually agreed period.
Link to free trial Not publically provided.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑