Verint Systems Inc.

Engagement Management Professional (Public Cloud)

This solution enables public sector organisations achieve their customer engagement and digital transformation goals. Key aspects include a customer portal, case management, knowledge management, enterprise search, analytics, end-to-end process automation, CRM and social/email support. Delivered as a cost-effective public cloud solution, each tenant's data/services are securely maintained and individually configured.

Features

  • Customer Portal
  • Case Management with Workflow
  • Knowledge Management and Enterprise Search
  • Process Management
  • Reporting and Customer Insight
  • Forms
  • Modern Integration Capability (including REST)
  • Customer Relationship Management (CRM) functionality
  • Live Chat
  • Social Messaging

Benefits

  • Digitally enable processes (including automated integration)
  • Channel shift services to responsive digital / self-serve channels
  • Understand what's working well, what isn't and why.
  • Reduce/eliminate waste (e.g. remove "middle office")
  • Deliver personalised services to customers
  • Optimise point of contact resolution
  • Deliver efficient employee / partner processes through a unified portal
  • Enable processes to support GDPR compliance
  • Allow for social media listening and transaction intake
  • Provide web chat capability

Pricing

£21 per person per month

Service documents

Framework

G-Cloud 11

Service ID

2 8 5 8 0 8 1 3 1 0 6 2 2 8 4

Contact

Verint Systems Inc.

Bob Mann

02890788300

tenders@verint.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None.
System requirements
Supported browser (any modern version)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Customer Designated Employees will have access to Verint technical support personnel through Verint’s standard telephone, email and/or web support services during the support hours applicable to the specific SaaS Services subscribed to by Customer. The contact information for Verint technical support personnel, support hours applicable to the SaaS Services, and Error type classifications and response times shall be provided upon project initiation.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Standard support is for 8am to 6pm, 5 days per week excluding Bank Holidays. Premium support extends this to 24x7x365. Standard support is included in the base level pricing with Premium support provided for the surcharge as documented in the pricing document.

Product support includes: Priority incident queuing; Software Updates and feature packs; Software patches; HotFixes; 24 x 7 access to the Verint web portal including access to product documentation; access to the Verint Community portal; remote access and diagnosis; defined incident response.

Service issues are assigned a priority from P1 to P4 depending on severity. Each priority has a defined target response time as follows: P1 - 2 hours; P2 - 4 hours; P3 - next business day; P4 - second business day.

In addition to getting access to the Verint Community, support customers get invited to regular product update webinars and our annual user conference.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onboarding services are included within the pricing for the services provided (refer to the pricing document). This is for commissioning: additional work to assist you in configuring required processes and integrations can then be performed either by the client or Verint through additional services at the SFIA rates. A video tutorial is available at no additional charge with the service as a primer for the configuration of processes on the service. A range of additional training courses are available, if required, for business and technical users at the SFIA rates provided. Comprehensive product documentation and product videos are available. Users can also access the Verint Online Community to receive advice, guidance and process collateral from Verint and their worldwide customer base.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
Microsoft Word
End-of-contract data extraction
Following a formal and authenticated request for the data, a full extract of user data will be provided within 10 days of service termination (or earlier by special arrangement).
End-of-contract process
At the agreed termination date, all access to the service will be removed. Unless previously agreed, this date will also trigger the extract and transfer of user data, assuming this is required. The costs of this data extraction and the subsequent purging of that data (from both production and backup environments) will be dependent on data volumes and will be scoped and reasonably charged for at the SFIA rates appropriate.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None. A responsive design and the use of html5 componentry within Forms allows usage on a variety of mobile and desktop devices, with context specific rendering according to the device type used.
Service interface
No
API
Yes
What users can and can't do using the API
The solution provides an extensive capability to access configured processes within the Process Management component using SOAP/REST APIs which in turn can drive a comprehensive range of CRM/Case management activities throughout the service. This capability allows for full interoperability of the service with legacy applications and data sources, subject to secure access (via SSL support).
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The service allows clients to configure case, process, workflow, forms and knowledge search components through supported configuration interfaces. This includes the configuration of integrations to client or cloud third party systems using modern web service techniques (e.g. REST). These configurations can be performed by business-level staff for simpler aspects and IT-level staff for more complex configurations and integrations.

Scaling

Independence of resources
The solution is provided on the Amazon Web Service which allows for elastic scaling of resources to scale with demand automatically.

Analytics

Service usage metrics
Yes
Metrics types
We provide a 99.9% uptime availability level which is monitored and used to measure service quality.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
In addition to the end of contract process described above, a range of data is available for download (e.g. form XML, search results export as CSV/PDF/Excel etc).
Data export formats
  • CSV
  • Other
Other data export formats
XML
Data import formats
  • CSV
  • Other
Other data import formats
  • Ad hoc data import (file upload widget)
  • Process Management data ingestion (rules based)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Availability of the service is 99.95%, assured by contractual commitment and an agreed Service Level Credit regime applicable to the specific SaaS service in use.
Approach to resilience
Provided through a combination of load balancing, duplication of servers, virtual servers and other techniques.
Outage reporting
Outages will be notified via our Customer Community: users can subscribe to this to receive proactive notifications.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication
"Users" access the system via username or passwords, optionally over a VPN. For citizens/customers accessing processes associated with the service, a range of authentication capabilities are available including Identity Federation (e.g. Gov.UK Verify) using SAML and/or OAUTH. 2 factor authentication can be supported through additional customisation. The system is open and flexible to allow support for other forms of authentication (e.g. 2-factor or Public key) if required - additional services would be required.
Access restrictions in management interfaces and support channels
Through userid and password to configuration and support interfaces.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
IQNet and Standards Institution of Israel
ISO/IEC 27001 accreditation date
Verint: 01/02/2017.
What the ISO/IEC 27001 doesn’t cover
Hosting services by Verint's hosting partner, Amazon Web Services are 27001-accredited (with accreditation dates of 15/12/2017 (for Amazon Web Services).
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Verint manage the risks that have a potential to impact Verint’s SaaS solutions through:
Formal information security programs; Pre-employment screening ; programs; Regular participation in standards audits to validate certifications and compliance; Systems monitoring and log reviews; Routine preventative maintenance; Threat detection and mitigation systems; Adherence to rigid processes and procedures; Regular reviews and vulnerability testing of the SaaS solutions; Implementation of industry best practices; Incorporation of security in our software designs; Resilient and redundant systems design; Broad legal protections secured through partner contracts. Active ISO risks are centrally tracked and assigned an owner, who is responsible for addressing them and reporting on the status until the risk has been mitigated. An identified risk is never reviewed in isolation from other mitigating controls. Once all controls are taken into account, a full picture of the actual risk is defined and used for determining the corrective actions.

Verint's hosting partner for this public cloud offering (Amazon) are also 27001 compliant.

Verint and its hosting partner continuously monitor for new vulnerabilities or changes that may expose its SaaS solutions to new risks. If identified, risks are addressed according to the aforementioned mechanisms and process.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
A change configuration board is maintained and consulted for all service changes to the public cloud solution.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Verint monitor all relevant vendor and security alert mailing lists for updates on operating system and supporting application vulnerabilities. Each alert is categorised according to a defined schema and advice on how to best handle each vulnerability is supplied to production teams. The three categories of vulnerabilities are: Irrelevant - not patched; Relevant noncritical - patched as part of the normal patching cycle; Critical - Verint initiates the Critical Vulnerability Process which may result in the vulnerability being patched immediately, depending on operational impact and apparent risk of server compromise. This category of vulnerabilities are typically patched inside 48 hours
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Verint maintains Intrusion Detection Systems at its network borders, and runs daily network scans to detect anomalous server network configurations. Information from these systems is combined with a centralised log repository that allows Verint system administrators to analyse the data as a whole and detect correlations and patterns within the data.

If an anomaly is detected and confirmed as a security incident, the Security Incident Response Plan is followed, which includes notification of impacted customers and full remediation of the issue.
Incident management type
Supplier-defined controls
Incident management approach
When the Security Incident Response Plan is initiated, the following activities occur: 1) The Customer Response Team consults the Security Incident Identification Guide; 2) Once the impact of the incident has been identified, impacted customers are notified; 3) A response plan to remediate the issue is written; 4) The Lead System Administrator and Support Manager oversee actions from the plan to make sure they are carried out; 5) An incident closure report is written, that documents all of the actions taken and their result; 6) The reports are supplied to impacted customers; 7) The incident is closed.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£21 per person per month
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Access to a demonstration level version of the service on a special request basis. Access will be limited to an agreed number of users for a mutually agreed period.
Link to free trial
Not publically provided.

Service documents

Return to top ↑