Objective Corporation Limited

Objective Connect for Sharepoint

Secure content and process sharing for Digital Government. Objective Connect enables government organisations to securely create workspaces with external partner organisations. With ISO27001 accreditation and hosted in Microsoft Azure UK, many public-sector organisations are using Connect as their only tool for external secure content sharing and collaboration.


  • Information Governance
  • Integration with Common Line of Business Systems
  • Social Collaboration
  • Comprehensive Administration, Auditing & Reports
  • Secure File & Document Management
  • Task & Process Management
  • Native Mobile Apps


  • Connects Multi-Organisational Business Process & Services
  • Maintains Governance Outside of the Firewall
  • Empowers True Digital Transformation
  • Unique & Very Cost Effective Commercial Model
  • High User Adoption
  • Low Cost of Management
  • Minimises the Impact of Change


£1640 per unit per year

Service documents

G-Cloud 10


Objective Corporation Limited

Scott McIntyre

+44 (0)118 2072300


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Microsoft SharePoint
HPE Content Manager
Objective ECM
Cloud deployment model Public cloud
Service constraints Outlined in Objective Connect terms and conditions.
System requirements Any modern browser or Internet Explorer 10+

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Objective Connect support services are based on a self-service SaaS model. Users are invited to self-service via Objective Connect Frequently Asked Questions (FAQs), tutorial videos and Getting Started Guides available via www.objectiveconnect.co.uk.
Users may also request assistance (via https://objectiveconnect.custhelp.com/app/ask) from the Objective Connect Support area of the website.
Objective Connect can be contacted to discuss specific enterprise support requirements.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Objective Connect support services are based on a self-service SaaS model. Users are invited to self-service via Objective Connect Frequently Asked Questions (FAQs), tutorial videos and Getting Started Guides available via www.objectiveconnect.co.uk.
Users may also request assistance (via https://objectiveconnect.custhelp.com/app/ask) from the Objective Connect Support area of the website.
Objective Connect can be contacted to discuss specific enterprise support requirements.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Objective Connect is designed with zero training requirements in mind and most users start using it without any additional help.
Extensive getting started guides, tutorial videos and FAQs are available on http://www.objectiveconnect.co.uk/.
Additional training and workshops can be provided as a paid service.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats Videos
End-of-contract data extraction All documents hosted in Objective Connect can be downloaded at any time.
Audit trail can be exported by administrators to a CSV file at any time.
End-of-contract process At the end of the contract users lose the option to create new secure workspaces and to add new documents to their workspaces. Administrators no longer have access to the administration features of Objective Connect.
Prior to the end of the contract users and administrators can download all documents and audit trails and close all workspaces, which will delete all contents from Objective Connect.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The web application is fully responses and provides the same level of experience on mobile devices.
Additionally there is a native mobile application for iOS devices, which provides full access to the documents and folders hosted in Objective Connect.
Accessibility standards WCAG 2.0 A
Accessibility testing We have plans to perform extensive accessibility tests with a third party within the coming months.
What users can and can't do using the API The API is public and integration with it is described in the API documentation.
All functionality available through the web application is available through the API as well.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Administrators can brand Objective Connect by providing their organisation's logo. This logo is displayed on email notifications and on Objective Connect workspaces.


Independence of resources Objective Connect is a SAAS solution that can scale if required.


Service usage metrics Yes
Metrics types The Objective Connect administration dashboard provides access to the following metrics:
Connections: Connections are the currency of Objective Connect and are calculated by multiplying the number of participants on a workspace by the number of documents on that workspace. Administrators can view connection count on the account, workgroup, user or individual workspace level.
Users: Administrators can view user count on the account and workgroup level.
Reporting types
  • API access
  • Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Audit trails, containing records of all actions on the users' workspaces can be exported as CSV files through the customers' administration dashboard.
Data export formats CSV
Data import formats Other
Other data import formats
  • Users input their infromation manually (such as names, contact details)
  • Data migration can be provided as a paid service

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99,9%, excluding scheduled downtime.
Approach to resilience We run in an active/passive configuration. All main components (jboss, activemq, mysql) have redundant services, so as to remove any single point of failure.
Outage reporting Email alerts, on the login page and on the public Objective Connect website.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels Users require elevated Admin permissions associated with their login.
Access restriction testing frequency Never
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 ACS Registrars
ISO/IEC 27001 accreditation date 31/12/12
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ISO 9001
  • ISO27018
  • Cyber Security Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Customer data is only available to a small number of highly trusted operations personnel which excludes the development and product teams.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All changes to production environments are tracked in an internal ticketing system. Are changes need to be classified and approved by the change advisory board located in UK. All change request are reviewed from the perspective of impact on the operation of the product and the IS 27001 certification.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Objective Connect has a robust monitoring and alerting and intrusion detection systems. Regular patching of applications and services compliant with the following standard is performed:
* ‘Critical’ patches should be deployed within hours
* ‘Important’ patches should be deployed within 2 weeks of a patch becoming available
* ‘Other’ patches deployed within 8 weeks of a patch becoming available
Protective monitoring type Supplier-defined controls
Protective monitoring approach Connect is monitored in a variety of ways, depending on requirements. The main tools used are:

Nagios is the primary source of immediate monitoring responses. It synchronously and continuously polls a number of pre-defined monitoring checks at all times. These checks can be application specific or system-wide.

Graphite / Grafana
Used to continually measure and log specific information for trend analysis.

Log management is critical to monitoring. Some events are only recorded and detected by writing entries to log files.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Administartion Dashboard ref Connections and E-Mail Notification

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £1640 per unit per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial 30 day period for Standard User with 100 Connections. No Connectlink.
Link to free trial http://www.objectiveconnect.com/


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑