Umbraco Cloud Add-ons
Umbraco Cloud Add-ons are principally centred around two products namely Umbraco Forms and Umbraco Courier
Features
- Umbraco Forms
- Umbraco Courier
Benefits
- No setup required, can be managed within the service
- Little learning required
- Usabe in any situation on a variety of devices
- Fulfils the requirement with the Kentico Cloud CMS solution
Pricing
£0 to £1,000 an instance a month
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at craig.johnson@ultimedia.agency.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 11
Service ID
3 5 1 8 9 1 5 2 8 0 7 3 5 3 5
Contact
Ultimedia
Craig Johnson
Telephone: 07507399473
Email: craig.johnson@ultimedia.agency
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Can be used with a variety of content management systems
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- Microsoft technology stack for add ons
- System requirements
-
- Can be used with a variety of browsers
- PC's, MAC, smartphone and tablets
User support
- Email or online ticketing support
- Yes, at extra cost
- Support response times
- 08:00 to 18:00 Monday to Friday (excluding weekends and UK Bank Holidays) response is 1.Critical - Response 1 hour, Restoration 4 hours 2.Urgent - Response 1 hour, Resolution 5 days 3.Non-Urgent - Response 4 hours, Resolution 20 days. Extended and 24x7 is also available with similar response times at extra cost
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Umbraco provides 24x7x365 monitoring and operations support for all of our Cloud customers through a dedicated global managed services team. If there is an incident our managed services team will work within our customer’s environment to resolve the issue and provide a resolution without our customer’s involvement. Cloud customers additionally receive Developer Support as part of their cloud subscription.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Training is available for technical and user access to the service and full documentation sets are provided in PDF
- Service documentation
- Yes
- Documentation formats
-
- ODF
- End-of-contract data extraction
- Downloads can be arranged from SQL Server databases
- End-of-contract process
- End of contract, the user will receive an extension offer and if that is not taken up the service will be terminated.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Only differences are in presentation. All data is repurposed.
- Service interface
- No
- API
- Yes
- What users can and can't do using the API
- Umbraco Add-ons provide a variety of API's, using the API provided through .NET libraries, RESTful services and JavaScript (for UI extensibility). For Azure environment the add-on should be installed through Visual Studio by the partner.
- API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Add-ons can be customised to varying levels and degrees by the user organisation and by partners in conjunction with the users.
Scaling
- Independence of resources
- Extra virtual machines can be switched in without affecting the user service
Analytics
- Service usage metrics
- Yes
- Metrics types
-
With Umbraco add-on's, for the Cloud, service metrics vary, but can include the following ...
Infrastructure or application metrics
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
Reporting types
- Through an API
- Real-time dashboards - Reporting types
- API access
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Umbraco
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- Other locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
- Other
- Other data at rest protection approach
-
Data-at-rest protection
Physical access control, complying with another standard - Data sanitisation process
- No
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Through the use of the API programmatically to a CSV.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- Group and Corporate level provide 99.7% availability. Enterprise level provides 99.9% availability
- Approach to resilience
- Microsoft Azure SDKs for BLOBs, Service Bus, and Entity Framework have built-in support for transient faults handling and retry policies.
- Outage reporting
- Umbraco provide a public dashboard service, together with email alerts of any outages
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Limited access network (for example PSN)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- User access within management interfaces is restricted by authentication and service design. Administrator permissions are allocated to companies accordingly. Management interface protection is in place.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- No
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Approach to secure software development best practice
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
- Change management tracking is performed and impact assessments of changes are produced and acted upon
- Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
- Vulnerability assessments are regularly produced in conjunction with Episerver regular vulnerability monitoring. Mitigation strategies are produced, implemented and mitigation timescales determined.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Events are continually monitored and reported upon to identify potential compromises, strategies devised and implemented within a mitigation timescale.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Pre-defined processes are in place for common incident management events. Users report incidents via a ticketing system and timescales determined for mitigation and resolution.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £0 to £1,000 an instance a month
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Fully functional for a limited period.
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at craig.johnson@ultimedia.agency.
Tell them what format you need. It will help if you say what assistive technology you use.