Wired Marketing are a full service email marketing agency providing an enterprise level ESP solution featuring drag and drop email template building tools, reporting suite, automation, surveys and landing pages backed up with pro-active account management and agency services such as email template design and strategic email planning services.
- real time email and website analytics reporting
- enterprise email marketing (ESP) platform
- creative email solutions - email template design and managed services
- lifecycle and behavioural email marketing automation suite
- creation of dynamic and customisable landing pages
- surveys and forms tool to measure responses of survey answers
- data segmentation and data management tools
- API interlinking into CRM and ERP systems
- Lead generation and brand awareness campaign email marketing tools
- secure remote login into UK based SAAS system
- creation and sending of email marketing campaigns
- real time visibility on interaction with your marketing content
- tracking of legal marketing requirements like unsubscribes
- track survey results with graphical reports and data insight
- drag and drop tools to create email automation and templates
- online SAAS system accessing marketing and data on the move
- full account management and UK based support
- API integrations allow you to easily manage your data
£250 per licence per month
WIRED MARKETING LTD
0845 467 5234
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
The email and marketing automation platform can also tie into other systems via an API integration:
Systems include CRMs and ERP solutions such as Salesforce and Microsoft dynamics.
|Cloud deployment model||Private cloud|
|Service constraints||No as long as the buyer has access to an internet connection and latest browser versions there are no restrictions or limitations.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||24/7 for urgent or emergency issues and general support and account management 9am to 5.30pm GMT|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
With all clients we provide phone, email and support desk support 24/7 for urgent or emergency issues. We also provide full account management and general support 9am to 5.30pm Monday to Friday. This is as standard.
For larger clients looking for full dedicated account management and onsite support and strategic advice at an extra cost should this be required.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||With all users there is an option of online training completed via a screenshare system compatible with departments IT restrictions or onsite training. This training covers the full system including features, functions, data management, and marketing strategy suggestions. We also provide an option for onsite training at the clients offices or the client can come to our offices should they wish. The training is undertaken by a trained member of staff in our training team and can be done to the whole team at the same time or to individuals one at a time dependent on the client requirements. There is also a full help and knowledge base within the system that is fully documented with screenshots and account managers and support team are there to help at any point if any questions arise after the training.|
|End-of-contract data extraction||Users with authorised data export permissions can export the data at any point in the system should they require. When the contract ends we undertake a full export and off-boarding process to make sure the client has all data and marketing assets accessible.|
All clients are required to give notice of their cancellation 30 days before the end of the contract. An account manager then works with the client to export sensitive data from the platform in a usable format, including any reports and contact data.
The account is then locked, after closing the account remains on backup for 12 months following if requested by the client. Full deletion can be processed by written request from the client.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||No|
|Accessibility standards||None or don’t know|
|Description of accessibility||The platform is web based; audio descriptions and captions are not provided, however use of colour is provided to highlight actions taken, titles are at least font size 20 and body font size can be increased with no reduction in functionality. The platform contains drag and drop canvases which require mouse strokes to populate content. The platform timeouts after 1 hour, which can be accepted by clicking enter; the platform is in line with error prevention and suggestions, labels or instructions, consistent identification, navigation, on focus, on input, language of page, heading and labels, multiple ways, link purpose, page titled.|
|Accessibility testing||Tests continually take place with each patch update, approximately every two weeks, to ensure the platform moves towards common accessibility standards. With every update we work to improve and work towards these standards.|
|What users can and can't do using the API||
The API code library can be viewed online at http://apiconnector.com. A user can create a secure connection with username and password to connect to Wired in the software platform itself. Guidance is and will be provided on doing this either in the help area or via an account manager. The API code is controlled by the client so changes and restrictions can be made at any point.
The API can be written in REST or SOAP API. API usage is limited to 2000 calls per hour, and requires the creation of an API user (please note additional calls can be added if required). You can create API users by logging into your account and going to the My account area. Please note that these APIs always use UTC dates and times.
There are no other limitations and full support will be provided to assist clients with the integration.
|API documentation formats||
|API sandbox or test environment||Yes|
|Description of customisation||
The Core Platform / software system cannot be customised however the system allows for full customisation of email templates, landing pages, surveys and any other marketing assets or data.
This is generally done via a drag and drop editor which allows for quick adjustments. Alternatively if the client wishes too they can access the source code to make adjustments to the marketing assets should they wish.
|Independence of resources||
We use secure data centers within the UK or EU. All hold a broad set of industry standard accreditations such as ISO27001, ISO9001 and List X.
Our data centers are connected to the internet with redundant internet links and bandwidth can be easily upgraded on requirement. There is redundancy at every component and service level, as well as spare capacity and we can scale our servers on demand. Therefore we can run for prolonged periods even after experiencing major component failures. We make use of leading cloud providers and content distribution networks to host our email images.
|Service usage metrics||Yes|
|Metrics types||There are a number of usage metrics available within the system related to both actual user metrics as well as marketing campaign metrics. User metrics are service usage based as well as user auditing for security which can be provided on request. With the marketing usage metrics this will provide a breakdown of all campaign and data held within the system and campaigns sent out including delivery rates, open and click through rates, suppressions and social / website activity to name a few. This can all be viewed via the platform and via API calls.|
|Supplier type||Reseller providing extra features and support|
|Organisation whose services are being resold||DotDigitalGroup|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Users can export their data through a number of routes in the system. They login and then can go to the contacts, reports, surveys or template areas and simply select export all or the selected data / reports they wish to download. This will then provide them with a CSV file of the data locally (this process assumes the user has been given permission to export).|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||Legacy SSL and TLS (under version 1.2)|
Availability and resilience
For Cloud Services, we guarantee that when two or more role instances are deployed, at least one role instance will have connectivity at least 99.95% of the time.
The following Service Levels and Service Credits are applicable to Customer’s use of Cloud Services:
MONTHLY UPTIME PERCENTAGE SERVICE CREDIT
< 99.95% 10%
< 99% 25%
Please also see:
https://azure.microsoft.com/en-gb/support/legal/sla/cloud-services/v1_4/ for more information.
|Approach to resilience||Our infrastructure is protected by firewalls and all management access requires two-factor authentication. Virus scan technology is implemented throughout our infrastructure. We commission annual independent third party security assessments. An ongoing vulnerability scanning and management program is in place. Machines are built from approved hardened images, and verified in third party security assessments. A monthly patching cycle is in place to ensure the latest security updates have been applied. We have restore points for critical data and these are taken every 5 minutes. Backup data is securely kept at same geographic regions, yet sufficiently distant to ensure data is not lost in the event of a disaster, whilst complying with local data protection regulation. We employ skilled information security and data privacy specialists in our team to ensure security is always a priority. EU Model Contracts are in place, as well as subcontractors processing data. Role based permissions are used to control staff access to systems and data. Management access to infrastructure is tightly controlled, and employs multi-factor authentication protection. Intrusion Detection Technology is in place.|
• a public dashboard
• an API
• email alerts
• account manager call and email to the client
We also provide a scheduled maintenance calendar of upcoming planned improvements affecting the platform.
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Access control policy is a component of overall policies and undergoes a formal review and update process. Access to assets is granted based upon business requirements and with the asset owner’s authorisation. Additionally:
• Access to assets is granted based upon need-to-know and least-privilege principles.
• Where feasible, role-based access controls are used to allocate logical access to a specific job function or area of responsibility, rather than to an individual.
• Physical and logical access control policies are consistent with standards.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Less than 1 month|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||Less than 1 month|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||BSI Group|
|ISO/IEC 27001 accreditation date||22/02/2017|
|What the ISO/IEC 27001 doesn’t cover||The following is covered by the certification: infrastructure, development, security and engineering services/systems, operations and support for the following services: Compute: Virtual Machine, Batch, Service Fabric, Cloud Services, RemoteApp Networking: Virtual Network, Load Balancer, Application Gateway, VPN Gateway, Traffic Manager, Express Route Storage: Storage (blobs, queues, files, disks, tables, cool and premium), StorSimple, Backup, Site Recovery Web + Mobile: App Service (including for Web, Mobile, API), Media Services Databases: SQL Database, DocumentDB, Redis Cache, Data Factory Intelligence + Analytics: HDInsight, Machine Learning, Stream Analytics, Data Catalog, Data Factory, Power BI Internet of Things: IoT Hub, Event Hubs, Stream Analytics, Machine Learning, Notification Hubs Enterprise Integration: Biztalk Services, Service Bus, API Management, StorSimple, Data Factory Security + Identify: Key Vault, Azure Active Directory, Active Directory Gateway and Evolved Secure Token Service, Access Control Service, Azure Active Directory Connect Health, Active Directory Device Registration, Identity and Access Management (including Sync Fabric, Cloud Password Single Sign-On, Self-Service Group Management, Self Service Password Reset), Multi-Factor Authentication, Rights Management Service Management and Security: Microsoft Azure Portal, Azure Resource Manager, Log Analytics, Automation, Backup, Site Recovery, Scheduler, Traffic Manager, Microsoft Cloud App Security Mobile Device and Application Management: Intune Azure Supporting Infrastructure Services. Please see: https://www.bsigroup.com/en-US/Our-services/Management-system-certification/Certificate-and-Client-Directory-Search/Certificate-Client-Directory-Search-Results/?searchkey=company%3dMicrosoft%2bAzure&licencenumber=PII%20648972|
|ISO 28000:2007 certification||No|
|CSA STAR certification||Yes|
|CSA STAR accreditation date||29/06/2016|
|CSA STAR certification level||Level 2: CSA STAR Attestation|
|What the CSA STAR doesn’t cover||The following is covered by the certification: infrastructure, development, security and engineering services/systems, operations and support for the following services: Compute: Virtual Machine, Batch, Service Fabric, Cloud Services, RemoteApp Networking: Virtual Network, Load Balancer, Application Gateway, VPN Gateway, Traffic Manager, Express Route Storage: Storage (blobs, queues, files, disks, tables, cool and premium), StorSimple, Backup, Site Recovery Web + Mobile: App Service (including for Web, Mobile, API), Media Services Databases: SQL Database, DocumentDB, Redis Cache, Data Factory Intelligence + Analytics: HDInsight, Machine Learning, Stream Analytics, Data Catalog, Data Factory, Power BI Internet of Things: IoT Hub, Event Hubs, Stream Analytics, Machine Learning, Notification Hubs Enterprise Integration: Biztalk Services, Service Bus, API Management, StorSimple, Data Factory Security + Identify: Key Vault, Azure Active Directory, Active Directory Gateway and Evolved Secure Token Service, Access Control Service, Azure Active Directory Connect Health, Active Directory Device Registration, Identity and Access Management (including Sync Fabric, Cloud Password Single Sign-On, Self-Service Group Management, Self Service Password Reset), Multi-Factor Authentication, Rights Management Service Management and Security: Microsoft Azure Portal, Azure Resource Manager, Log Analytics, Automation, Backup, Site Recovery, Scheduler, Traffic Manager, Microsoft Cloud App Security Mobile Device and Application Management: Intune Azure Supporting Infrastructure Services. Please see: https://downloads.cloudsecurityalliance.org/star/certification/STAR-658377-Microsoft-Azure.pdf|
|Other security certifications||Yes|
|Any other security certifications||UK Cyber Essentials PLUS|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
All employees must sign an NDA ensuring there is no misuse of internal or client data. We abide by the following policies: data protection, password protection, internal email policies, clean desk, internet usage, removable media and risk assessment. The management team are responsible for enforcing, training and testing employees on these areas, and spot checks are completed to ensure compliance.
Additional training is given annually and upon request to employees who would require it.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Four stages are used during the change control process once an Originator raises a request: an Evaluator assesses the issue including reporting issues, new developments or enhancements, who then passes the work to the Project Management team. The team complete the work and notifies any other affected parties and passes the project to the Verifier. This team then performs agreed-upon verification steps including security checks, and passes the project to the Modifier who installs the changes and updates traceability information and updates the originator and project manager.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
Workers who discover a weakness or vulnerability in the information security measures must not discuss this with anyone other than Information Security Manager or Internal Audit Manager.
Wired acknowledge receipt of all reported vulnerabilities with its products or services within seven days. We provide a detailed response to the reporting party within ten days from the time the report was received. We also endeavour to contact the reporting party every seven days while a patch or fix is being developed, and it must endeavour to resolve the vulnerability within thirty days, or as soon as is possible.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
We use Microsoft Antimalware that provides real-time protection to help identify and remove viruses, spyware, and other malicious software across the server. Alerts are generated when known malicious or unwanted software attempts to install itself or run on the system. When malware is detected, Antimalware automatically responds to delete or quarantine malicious files and clean up malicious registry entries.
Microsoft also provides a distributed DDoS system as part of the continuous monitoring and penetration-testing processes, which uses standard detection and mitigation techniques such as SYN cookies, rate limiting, and connection limits to protect against DDoS attacks.
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
In order to facilitate a recovery regardless of type or duration of disaster, we implemented multiple recovery strategies. These strategies are categorised into three levels, designed to provide a recovery solution matched to the duration of the emergency condition.
You will be notified by the account management team of a confirmed incident, and clients can securely report incidents to their account manager who will escalate this to a security team member. The security team produce monthly MI that is presented to the operations board. This includes such things as number of incidents/investigations, patches and anti-virus coverage compliance.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£250 per licence per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||The Free trial version lasts 14 days and provides access to the full system excluding the landing page builder module. The only restriction is that the trial you are limited to 500 free email sends.|
|Link to free trial||https://www.wiredmarketing.co.uk/trial.html|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|