IGLU NW LTD

IGLU Classroom

IGLU Classroom is an interactive digital classroom management suite. It offers a highly secure online synchronous learning environment that enables teaching staff to deliver classes remotely in real-time.

IGLU Classroom is tailor-made to meet the needs of the educational sector and fully compliant with CyberEssentialsPlus, GDPR, G-Cloud, and LearningToolsInteroperability (LTI).

Features

  • Real-time digital online classrooms for synchronous learning
  • Live Audio / Live Video Interactive Classrooms
  • Secure content sharing / multimedia sharing and instant messaging
  • Shared digital whiteboard with multi user engagement capability
  • Interactive learning environment to maximise teaching outcomes via remote learning
  • Divide pupils into groups (e.g. by activity, level, for tests/exams)
  • Private messaging and classroom chat for pupil engagement
  • User friendly interface compliant with WCAG 2.0 AA accessibility standards
  • Maximise learner engagement through interactive video conferencing
  • Sophisticated classroom teaching settings and permission controls

Benefits

  • Secure and compliant packet of contingency measures ensuring service continuity
  • Complies with Government Cloud Strategy & Technology Code of Practice
  • Design-led solutions in accordance with the Government Service Manual
  • Teachers able to deliver classes remotely or using blended learning
  • Reduction in time and cost associated with in-person teaching
  • A resource in knowledge transfer, online meetings and workforce upskilling
  • Building resilience into service delivery ensuring consistent learning outcomes
  • Connect pupils to regular classes/teachers in closed classroom environment
  • Robust safeguarding measures ensuring safety in a secure online environment
  • Compatible for use on desktop, laptop and mobile devices alike.

Pricing

£0.01 to £0.03 a user an hour

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at support@iglu.education. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

4 9 6 9 8 8 0 3 3 9 2 2 4 3 1

Contact

IGLU NW LTD Accounts Team
Telephone: +441615196176
Email: support@iglu.education

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
We recommend no single sessions exceed one hundred (100) simultaneous users.

There are no additional constraints on the service however this is highly dependent on the nature of the buyer's requirements. Before commencing work on behalf of a client we actively test limitations and service constraints across the service technologies and architectures intended for use in order to flag and discuss any potential constraints prior to engagement.

Sudden changes in buyer requirements mid-project may necessitate a review of constraints in line with new requirement definitions.

During implementation, any constraints that arise will be mitigated in accordance with the client’s requirements.
System requirements
  • Operating system running latest versions of Google Chrome or FireFox.
  • High-speed internet connection minimum recommended download speed of 1Mbps
  • Minimum recommended upload speed of 0.5Mbps
  • Desktop, laptop or mobile device with minimum of 2GB RAM
  • Desktop, laptop or mobile device with a microphone for audio
  • Desktop, laptop or mobile device with a webcam for video
  • Desktop, laptop or mobile-device with minimum of a dual-core processor

User support

Email or online ticketing support
Email or online ticketing
Support response times
We provide email support to the client and their staff in accordance with our Service Level Agreement and SFIA document.

Telephone and email support is available during regular office hours Monday-Friday 9:00am - 5:00pm.

• Priority 1: Response within 30 minutes, Target Resolution time 4 hours
• Priority 2: Response within 1 hour, Target resolution time 8 hours
• Priority 3: Response within 2 hours, Target resolution time 2 days
• Priority 4: Response within 24 hours, Target resolution time 5 days
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We provide telephone and email support during regular office hours Monday-Friday 9:00am - 5:00pm.

• Priority 1: Response within 30 minutes, Target Resolution time 4 hours
• Priority 2: Response within 1 hour, Target resolution time 8 hours
• Priority 3: Response within 2 hours, Target resolution time 2 days
• Priority 4: Response within 24 hours, Target resolution time 5 days

Every client is assigned an IGLU Account Manager who will liaise with cloud support engineers and the back office development team whenever necessary.

Software training support is chargeable in accordance with our SFIA document and can be held on-site, remotely via webinar and telephone consultation.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Every buyer is allocated an account manager who will support them through the initial three phases of :

- Surveying User Access Requirements
- User-Account Creation
- Initial Setup

Additional remote training is available but may be chargeable.

Pupils and teachers will have access to ample user documentation and video demonstrations to assist in the setup and on-going use.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
  • Video
  • Audio
End-of-contract data extraction
At the end of the contract term, the buyer can request their data extraction (usernames and email addresses) by email to gdpr-request@iglu.education. If not otherwise agreed with the buyer, the data shall be permanently deleted in accordance with GDPR.
End-of-contract process
On termination of the Agreement the Company shall provide the Termination Assistance Services in accordance with the reasonable instructions of the Customer. Except as otherwise set forth in the Agreement, the Termination Assistance Services will be provided at the applicable level of charges then agreed between the Parties for the Services.

Termination of the Agreement shall not affect any pre-existing liability of the Customer or affect any right of the Company to recover damages or pursue any other remedy in respect of any breach of the Agreement by the Customer.

In the event of termination of the Agreement by the Company due to breach of the Conditions by the Customer, the Company shall be entitled to the balance of all payments which would but for such termination have accrued up to the earliest date upon which the Agreement could have been terminated by the Customer in accordance with the Conditions.

Unless otherwise agreed by the Company in writing, Services will be permanently decommissioned 5 days after the date of termination, in which case data will be permanently deleted within 30 days thereafter in accordance with the off-boarding process and as agreed with the Customer.

Using the service

Web browser interface
Yes
Supported browsers
  • Firefox
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
All features of the service are available to use on mobile devices with exception of the 'Screen Sharing' feature.

Pupils can view screens shared by their teacher using any device however teachers are unable to share their screens on mobile devices.

We recommend all teachers who want to use the Screen Share feature to share their screens to connect to the platform on a PC or laptop.

For best results and ease of use we recommend all users to access the service on a tablet, laptop or PC however the service is functional on most modern mobile handsets too.
Service interface
Yes
Description of service interface
The service is accessed through a secure internet browser using Google Chrome or Firefox. The web application is hosted on the cloud and accessed via a front-end interface using username and password authentication.
Accessibility standards
WCAG 2.1 AA or EN 301 549
Accessibility testing
Qualitative testing of the software components has been carried out by test users with substantial disabilities (blind, low vision, developmental, and mobility). All substantial issues discovered were brought to the attention of the developers and addressed.
API
No
Customisation available
Yes
Description of customisation
Buyers can customise the service in a variety of ways.

1. A client can request that IGLU deploys a different service architecture. All additional cloud support services carried out at the request of the client will be charged in line with the SFIA document.

2. A teacher can define the name and settings of their Home Classroom, create additional rooms for auxiliary purposes (e.g. tutor groups, staff meetings, extracurricular activities) and access all teaching controls in one menu button.

Teachers can allow or restrict users from:

• sharing their webcams.
• viewing other users’ webcams.
• enabling their microphones.
• sharing content and participating in classroom chat.
• sending private messages.
• editing class notes.
• viewing the class user list.

Scaling

Independence of resources
Each school has its own dedicated server(s) based on their specific requirements ahead of setup, demand is therefore bounded by the number of users which have already been accounted for in the on-boarding process.

In the event that the school experiences a growth in demand we can scale out (with additional servers) or scale up (by increasing the server size).

Analytics

Service usage metrics
Yes
Metrics types
Number of Registered Users
Number Active Users
Total Hours Used
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
IGLU Classroom servers do not store any local data about users aside from user access control data. Users can email a request to gdpr-request@iglu.host to request their data to be exported. The client accepts to cover any cost associated with such data access requests from their users.
Data export formats
Other
Other data export formats
Email
Data import formats
Other
Other data import formats
Email

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
AWS Security Groups and NACL

Availability and resilience

Guaranteed availability
We supply every client with a standard service level agreement that can be tailored to specific needs and indicators. Expectations are set clearly between us and you. We:
• Provide clear reference to service ownership, accountability, roles and/or responsibilities.
• Present a clear, concise and measurable description of service provision to the Client.
• Match perceptions of expected service provision with actual service support & delivery.

Typical Service Levels from our side include:
• Meeting response times associated with service related incidents.
• Appropriate notification to Client for all scheduled maintenance.

We provide email support to the client and their staff in accordance with our Service Level Agreement and SFIA document.

Telephone and email support is available during regular office hours Monday-Friday 9:00am - 5:00pm.

• Priority 1: Response within 30 minutes, Target Resolution time 4 hours
• Priority 2: Response within 1 hour, Target resolution time 8 hours
• Priority 3: Response within 2 hours, Target resolution time 2 days
• Priority 4: Response within 24 hours, Target resolution time 5 days
Approach to resilience
Information is available on request.
Outage reporting
We use a third party incident management platform which delivers real-time notifications and emails to the technical team and business managers ensuring critical incidents are never missed.

Email alerts from account managers as a response to incidents reported via customer support tickets.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Granular user access control system is being used where we are able to define fine grain user policies and roles and assign users to those roles. Only authenticated users who have admin privileges can use the management interface.

Our hosting provider's administrator account is protected using a virtual MFA (Multiple Factor Authentication).

In accordance with our password policy, all IGLU Administrator accounts are secured with a strong password (minimum length 8 characters, minimum one lower-case letter, minimum one upper-case letter, minimum one digit, minimum one special character). Passwords are changed regularly for security.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials : 2020
  • ISO 27001 Self-Certification July 2020

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Essentials 2020

https://drive.google.com/file/d/1XF7sMCUXeI2su9uUTJDQSkjskSxBABeg/view?usp=sharing

ISO/EIC 27001

https://drive.google.com/file/d/1TVqNP45qQk0oRg_g1F3AztiYwiwCjRAG/view?usp=sharing
Information security policies and processes
Our company is made up of two key directors who are responsible for implementing all policies and security protocols. We maintain full information security policies internally in areas such as:

Remote Working - Internal policies cover the use of public Wi-Fi, accessing sensitive information in public places, storing devices securely, anti-malware/anti-virus protection, updating devices regularly and applying identified security patches among other things.

Password Creation and Management - Password hacking is among the most common causes of data breaches alongside errors of human judgement. We mitigated this threat by creating an internal password policy that outlines specific instructions for creating and protecting passwords.

Portable Media - IGLU employs a Cloud First approach in-line with industry best practices. All our services and any data pertaining to the business remain on the cloud thus protecting our systems from risks associated with portable media.

Acceptable Use - IGLU employees are given access to cloud storage via a secure collaborative working environment (CWE) . Device access is limited to the scope of their work and can be restricted as necessary.

The only personal data we collect from users are their names and email addresses thus reducing the blast radius and attack surface.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All components of IGLU Classroom are continuously assessed from technical and operational perspectives. We track the software code with a version control system (GIT), and the system configuration with both AWS CloudFormation and Packer for infrastructure, and AWS Systems Manager for operations management. We use MD5 and SHA1 systems for integrity checks as a process for tracking and assessing potential security impact.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
IGLU Classroom performs regular vulnerability tests on our entire infrastructure using a vulnerability assessment system (QualysGuard), as well and manual penetration tests, which assess the system from both external and internal perspectives. All identified vulnerabilities are investigated, assessed for technical and business impact and classified according to priority level, as high, medium or low. IGLU aims to deploy mitigation patches for ‘high’ priority level within two hours of assessment, and within two weeks for ‘medium’ and ‘low’ priority cases.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
All application logs are recorded in a centralised location and are monitored and configured with AWS CloudWatch Alarms, which notifies the system administrators. We've enabled CloudTrail on our AWS account to monitor specific actions and alert system administrators of potential irregular activity. All identified incidents are investigated, assessed for technical and business impact and classified according to severity level, as high, medium or low. IGLU aims to respond to incidents of ‘high’ severity level within two hours of assessment, and within two weeks for ‘medium’ and ‘low’ severity cases.
Incident management type
Supplier-defined controls
Incident management approach
Our internal incident management process is broken down into a number of stages:
- Detect (from a system or external agent)
- Record (date and time, means of detection, manifestation, description)
- Classify (severity level)
- Notify (stakeholders)
- Investigate/Restore (technical exploration and resolution)
The client notifies incidents via the ticketing system, email or phone support. Employees and contractors report any incidents directly to the technical team. IGLU produces a report for each incident in accordance with RCA guidelines as well as any information collected in ticketing reports.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0.01 to £0.03 a user an hour
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at support@iglu.education. Tell them what format you need. It will help if you say what assistive technology you use.