O'Reilly Online Learning
O’Reilly online learning is where organizations get answers to solve problems and drive productivity. With unlimited access to over 57,000 books, videos, live online courses, learning paths, certification prep tests, interactive coding, and more—created by industry experts to help you get smarter about AI, operations, data, leadership, and beyond.
Features
- Live coding environments—no installation or configurations required
- Certification guides plus Pearson practice exams to ensure comprehension
- Resource Centers curate content by level from beginner to expert
- Learning Paths for self-paced structured learning to build expertise
- In-depth usage reporting to empower decision makers
- Early Releases and content ahead of trends for competitive advantage
- Live events hosted-in-platform for rich interactive learning
- On-demand access for on and offline learning
- Case Studies learn what worked and what didn’t from others
- Shareable Playlists to save organize and share favorite content
Benefits
- Editorially managed and curated for consistent relevance, quality and coverage
- Gain a competitive edge with content ahead of what’s next
- Trusted content from 200+ publishers, experts and practitioners
- Problem-solving and time-saving tools to boost productivity
- Multiple learning formats to address each learner’s preference
- Support all levels so everyone becomes high performers and experts
- Vast breadth and depth for maximum topic and role coverage
- Personalized learning experiences for engaging and relevant learning for everyone
- Social tools make learning continuous and scalable in your organisation
- Provide your teams the resources used by top tech companies
Pricing
£355.64 a licence a year
- Education pricing available
- Free trial available
Service documents
Framework
G-Cloud 12
Service ID
4 8 7 1 4 8 7 7 7 8 1 6 0 9 0
Contact
O'Reilly Media, Inc.
Camille Sullivan
Telephone: (913) 574-7271
Email: csullivan@oreilly.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- Access is granted on a named-user basis. The Buyer will provide the first name, last name, and email address for each user. Generic ID logins or anonymous logins are not allowed. Platform maintenance windows are communicated in advance in the event downtime is anticipated. We are a SaaS platform. There is no special hardware or configuration needed. All that is required is internet access. Users can access via a desktop browser or the mobile iOS or Android native apps. Content can be downloaded for offline viewing.
- System requirements
-
- User credentials
- Password requirement for users
- Internet connection
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Europe Tel: +44 20 3355 9998
Mon-Fri, 9am–1am, excluding UK bank holidays - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- No
- Support levels
- Your subscription to O’Reilly online learning includes access to a high-quality customer service team that is available via email or phone as well as a Customer Success Manager and Strategic Account Manager available via email, phone, and video conference at no additional charge.
- Support available to third parties
- No
Onboarding and offboarding
- Getting started
- As part of our commitment to your success, we provide a comprehensive 30-day onboarding program composed of scheduled activities and resources led by your dedicated customer success manager (CSM). He/she will work closely with your administrator(s) to schedule online training sessions and launch an initial campaign to support early user adoption and engagement. Your admin(s) will receive their own training and resources found in their Admin Console to learn how to use the Insights Dashboard for in-depth reporting to benefit the organization. O’Reilly also provides a web-hosted onboarding Launch Kit where your admin(s) can readily access onboarding tools to support awareness during their early days with O’Reilly. Materials include customer testimonials, tips to create a learning culture in your organization, and our calendar where users and admins can register for live webcasts on how to make the most of O’Reilly. These aren’t recordings—they’re live experiences, supplemental to your scheduled training with your CSM.
- Service documentation
- Yes
- Documentation formats
- Other
- Other documentation formats
- .xml
- End-of-contract data extraction
- Users can request to have their data sent to them or to have their data deleted.
- End-of-contract process
- Personal data related to the users are either deleted or returned upon request.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- Users can either access via their desktop using SSO credentials or use individual login details to directly log into our companion mobile apps. Content can be viewed and downloaded to the mobile app for offline viewing. The desktop and mobile history are synched for a seamless user experience.
- Service interface
- Yes
- Description of service interface
- We support SSO using SAML 2.0 and can provide federation of search and usage data using open API.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
-
O'Reilly seeks to conform to the WCAG 2.1 AA standard to make its web content accessible for those with a wide range of disabilities. We are continually working to improve the user experience and to keep up with how new technologies and services impact our current coverage. Our Software Development Lifecycle (SDLC) includes WCAG considerations as part of our development practices.
O’Reilly is committed to WCAG 2.1 AA and our level of conformance is reflected in our annual VPAT report. The VPAT report is available upon request.
O’Reilly is in the process of rolling out a new front-end design system that uses inclusive design and creates a consistent user experience. The design system is built with an accessibility-first mindset and will be deployed across the entire learning platform throughout 2020 and into early 2021. - API
- Yes
- What users can and can't do using the API
- We support SSO using SAML 2.0 and can provide federation of search and usage data using open APIs.
- API documentation
- Yes
- API documentation formats
- Other
- API sandbox or test environment
- No
- Customisation available
- No
Scaling
- Independence of resources
- Our platform can support millions of users and our uptime rate is best in class at 99%. There is continuous monitoring of the availability of our network and related systems/equipment. Our customers are notified as soon as possible in the event of a site availability issue.
Analytics
- Service usage metrics
- Yes
- Metrics types
- Our Insights Dashboard provides the following metrics: Emerging trends for an overview of topics among your user base. Engagement highlights of the number and percentage of engaged users, content accessed, minutes watched, total searches, and the number of live online training attended. Learning patterns by number and percentage of users demonstrating linear and nonlinear learning behaviors to see which topics employees are using that are tangential to their work and those that they are devoting focus to through immersive and structured learning. Broadening and deepening for topics employees are exploring and those that are a core focus for them.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- Other locations
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Other
- Other data at rest protection approach
-
Data at the device layer is encrypted using AES256
Data at the storage layer is broken up into “data chunks” that themselves are encrypted using AES256
Each “data chunk” is encrypted with its own key. An ACL ensures that only valid cloud services can be used to decrypt a data chunk.
All keys used for this purpose are stored in the GCP Key Management Service (KMS) - Data sanitisation process
- No
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Users can request to have their data sent to them or to have their data deleted.
- Data export formats
- Other
- Other data export formats
- .xls
- Data import formats
- Other
- Other data import formats
- This is not allowed
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- Our platform can support millions of users and our uptime rate is best in class at 99%. There is continuous monitoring of the availability of our network and related systems/equipment. Our customers are notified as soon as possible in the event of a site availability issue. At the customer's request, O'Reilly Media includes SLAs in its subscription agreements.
- Approach to resilience
-
All services are hosted in a Google Data Center.
Data is replicated across the Google Cloud Platform. This Replicated data stays in the United States.
Our services are pentested on a regular basis by a 3rd party company.
All services that are thirty days old are redeployed to production.
Critical services are configured to use Horizontal Pod Autoscaling in the event of a DDoS attack.
Our services and infrastructure are continuously monitored.
Our microservices are deployed using Infrastructure as Code. This allows us to deploy new/additional service resources quickly. - Outage reporting
- We put notices on our platform of any planned or unplanned outages.
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
Access to Platform interfaces are controlled by the customer
Support uses an internal verification process to validate customer requests - Access restriction testing frequency
- At least once a year
- Management access authentication
- 2-factor authentication
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Google Cloud Platform
- ISO/IEC 27001 accreditation date
- 17/04/2020
- What the ISO/IEC 27001 doesn’t cover
-
Please visit this link to see Google’s most recent certificate. There is a detailed list of all the certified components that pertain to the Google Cloud Platform offerings.
https://cloud.google.com/security/compliance/iso-27001 - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- SOC II Type 2 compliance
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- Description required.
- Information security policies and processes
- We have a written Information Security policy. We do not share internal policies and procedures.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
All services are deployed using our CI/CD pipeline.
All services are deployed using Infrastructure as Code.
All code merges are peer-reviewed.
The Engineering Organization receives regular security training. - Vulnerability management type
- Undisclosed
- Vulnerability management approach
- We do regular pentesting; we have a patch management process; critical or high vulnerabilities are patched weekly;
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
-
We use the following applications for monitoring:
Data Dog
Signal Sciences
GCP Security Command Center - Incident management type
- Supplier-defined controls
- Incident management approach
- We have an internal Security Incident response plan. We conduct incident response exercises at least annually.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £355.64 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- The trial version is the same as the paid subscription. The Buyer would not have access to the Admin Console, but usage reports are available during the trial upon request.