Exponential-e Ltd

SafeNet Trusted Access - Identity as a Service (IDaaS)

SafeNet Trusted Access is an access management service that combines the convenience of single sign-on with granular access security. By validating identities, enforcing access policies and applying smart single sign-on, organizations can ensure secure, convenient access to numerous cloud applications from one easy-to-navigate console.


  • Fast and easy cloud access through Smart Single Sign-On
  • Rapid time to deployment
  • Simplified cloud access
  • Effective cloud identity management
  • Regulatory compliance
  • Cloud access security
  • Service cost minimization
  • Minimized investment
  • Built in MFA
  • Multi-factor authentication


  • Simple and Fast deployment
  • Intuitive management of access policies
  • Granular access Security
  • Cloud-based delivery offers organizational efficiencies
  • Automated provisioning and administration
  • Protect everything
  • Self-service portals that lower helpdesk costs
  • Subscription-based pricing
  • Lowest TCO in the market
  • Increased user convenience with broad selection of authentication methods

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints STA, and its SSO functionality, works on any standard web browser. Since all web browsers support cookies, STA can be used with any web browser.
System requirements N/A

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 1 hour
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels SafeNet Trusted Access offers customers 5 9’s of uptime: 99.999% availability for access requests and 4 9’s of uptime: 99.99% for the SafeNet Trusted Access management console. Gemalto offers a Standard Support Plan (24 hours x 7 days a week) which is included in the subscription price. This warranty coverage includes options for the return or exchange of products (RMA Services) that do not perform as specified, and also provides certain access privileges to Gemalto Technical Support centers.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started To access the Service, your Provider will contact you to register and set up an Account, a login and Security Credentials for your Account. You are responsible for maintaining the confidentiality of your login details and any activities that occur under your account.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The data only relates to people logging on and accessing their own device. There is no proprietary information held or collected with this service.
End-of-contract process Upon expiration of your initial term, your access to the Service will automatically renew for the same term as initially ordered unless you or your Provider give notice of non-renewal to the other party at least thirty days in advance of the renewal date. You agree to pay the
fee applicable to any such renewal.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Different type of token used.
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing N/A
Customisation available Yes
Description of customisation Customisation of the pin length or the password length is available. Multiple types of tokens available which are inter-operable.


Independence of resources This solution is scalable to 200,000 users. Other users are not effected through additional users logging on.


Service usage metrics Yes
Metrics types 99.999
Reporting types Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold Gemalto

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Read only version of Active Directory or CSV file.
Data export formats
  • CSV
  • Other
Other data export formats Active Directory
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks We deliver the one time password using AS256 encrytption.
Data protection within supplier network Other
Other protection within supplier network Please refer to terms of service for SafeNet Authentication Service and SafeNet Trusted Access.

Availability and resilience

Availability and resilience
Guaranteed availability SLAs, if any, are as communicated to you by the Provider in writing.
Approach to resilience Available on request
Outage reporting Service reports outages via email alerts.

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels Available on request.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 BSI
ISO/IEC 27001 accreditation date 13/4/2018
What the ISO/IEC 27001 doesn’t cover N/A
ISO 28000:2007 certification No
CSA STAR certification Yes
CSA STAR accreditation date 13/4/2018
CSA STAR certification level Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover N/A
PCI certification Yes
Who accredited the PCI DSS certification Blackmores UK
PCI DSS accreditation date 19/3/2019
What the PCI DSS doesn’t cover Hosting Provider – Applications, Storage, Security Services, shared hosting, Online Hosting, Managed Services – System Security, IT Support, Backup, Cloud Services Payment Processes – All payment services
Other security certifications Yes
Any other security certifications CAS(T) NCSC-264868406-1689

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Available on request.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Unknown
Vulnerability management type Undisclosed
Vulnerability management approach Available on request.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We have a SOC service which provides security in depth to protect our customers environments and our own.
Incident management type Supplier-defined controls
Incident management approach Available on request.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)


Price £12219 per instance
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑