Soft Pauer Global

Acclaim Identity management

The Soft Pauer Acclaim platform enables organizations to manage identity and access challenges in a customer context. Our Customer Identity and Access Management Solution (CIAM) is GDPR Ready and has been proven in startups and in some of the largest, most demanding CIAM deployments in the world.

Features

  • Customer Identity, Access and Engagement platform
  • Cutting-edge technology and enterprise-grade platforms
  • Support provided by certified, security-cleared technicians

Benefits

  • Highly-secure solutions
  • We use UK-based data centres
  • Expert UK-based support

Pricing

£25000 to £35000 per unit per year

Service documents

Framework

G-Cloud 11

Service ID

4 6 9 7 0 3 5 3 1 2 8 4 7 3 5

Contact

Soft Pauer Global

Andy Levis

+441869322533

andyl@softpauer.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
N/a
System requirements
  • Needs to IE11 +
  • Windows, Mac and Mobile

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Within 12 hours, and only available at weekends at extra cost
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Full support until issue is resolved.
Support available to third parties
No

Onboarding and offboarding

Getting started
With a video guide
Service documentation
No
End-of-contract data extraction
Via request, we will ensure full GDPR compliance.
End-of-contract process
Bespoke customization at additional cost, and out of office service support at additional cost

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None
Service interface
No
API
No
Customisation available
No

Scaling

Independence of resources
Our resources are allocated fairly per our products and each user will have a dedicated professional who is able to dedicate their whole attention on providing high service levels.

Analytics

Service usage metrics
Yes
Metrics types
At Additional cost
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
CSV and Gigya dump files
Data export formats
CSV
Data import formats
  • CSV
  • Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.8% target uptime, Users are not refunded
Approach to resilience
Two data centres, and DB replication, daily backups, 7 days a week.
Outage reporting
Optional email alerts and optional access to Nagios.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
We provide an authentication system.
Access restrictions in management interfaces and support channels
IPSEC VPN.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Username or password
  • Other
Description of management access authentication
We provide an authentication service

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
We are about to become Iso 27001 accredited
Information security policies and processes
We have an ISO 27001 template we are developing.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We monitor versions of all third-party software as part of continuous improvement. We run a three-stage deployment process, involving Development, stage and production servers.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Patches are deployed as soon as they can be validated target deployment of patches is within 3 days to production. Nagios monitors patch status of third-party software. We get alerts via infosec alerts from the Developer where appropriate, e.g apache version updates, and Ubuntu security alert system.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We identify potential comprises by intrusion detection via weblogs. Response is within 24 hours, in the case of an actual breach. We alert all parties on event of breach.
Incident management type
Supplier-defined controls
Incident management approach
We have an IP blacklist process for abusive IP's , we provide incident reports via email.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£25000 to £35000 per unit per year
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑