Acquia Inc

Acquia Journey

Acquia Journey is a customer journey orchestration software that provides a visual journey map and intelligent tools to unify customer data, monitor their activity, and deliver best-next actions and offers in real time, across multiple channels.

Features

  • Real-time, virtual graph engine
  • Integration between marketing technologies
  • Analyzes and acts on customer profile information
  • Automated performance of "next best action"
  • Real-time analytics dshboard
  • Email individualization
  • Web individualization
  • Testing (i.e. multivariate, A/B, data simulations)

Benefits

  • Marketing resource and cost savings
  • IT resource and cost savings
  • Increased conversion rates
  • Increased brand loyalty
  • Unified marketing technologies and user data
  • Gain insight into online customers' habits and preferences
  • Ability to target users across all channels

Pricing

£72460 per licence per year

Service documents

G-Cloud 11

600899434506866

Acquia Inc

Jasmijn Cordewener

+44 (0) 755 444 7169

jasmijn.cordewener@acquia.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Can standalone, but Drupal is required for full Lift functionality.
System requirements
  • Drupal
  • Modern browser
  • Modern operating system

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Responses vary based on urgency. Support SLAs are applicable 24x7, support is available on a 24x7 basis.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Onboarding for Acquia Journey includes a new product introduction call (performed remotely) to ensure the Customer has accounts and links to documentation and to schedule on-site training.

On-site training consists of a two day meeting for Marketing and Marketing IT that includes a demonstration of the product, a facilitated meeting to the use of Acquia Journey for communication between Marketing and IT, and technical training for Journey implementers to implement predefined journey jumpstarts.

Onboarding concludes with up to two weeks of on-demand implementation assistance to reach the point where the journey jumpstarts could go live.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Onboarding for Acquia Journey includes a new product introduction call (performed remotely) to ensure the Customer has accounts and links to documentation and to schedule on-site training.

On-site training consists of a two day meeting for Marketing and Marketing IT that includes a demonstration of the product, a facilitated meeting to the use of Acquia Journey for communication between Marketing and IT, and technical training for Journey implementers to implement predefined journey jumpstarts.

Onboarding concludes with up to two weeks of on-demand implementation assistance to reach the point where the journey jumpstarts could go live.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data can be mass exported from Redshift to S3, or an API can be used to selectively export data.
End-of-contract process No additional cost at end of contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility There is accessibility testing and guidelines we follow, including WCAG, as we design and develop, but we can’t formally say that these have been tested against WCAG compliance guidelines, at this point.
Accessibility testing There is accessibility testing and guidelines we follow, including WCAG, as we design and develop, but we can’t formally say that these have been tested against WCAG compliance guidelines, at this point.
API Yes
What users can and can't do using the API Acquia Journey’s APIs enable marketing technologists to integrate marketing and ad technology.

Drupal, the CMS used with Lift, fully supports the creation and use of APIs to access content. In addition to regular output modes, Drupal content can be output in any number of other formats, including as a feed or a web service. Drupal Services allows for easy seamless integration with any RESTful or traditional SOAP web service, which includes accessing content and CRUD functionality. These APIs can be customized to expose only desired or allowed content, to require authorization for content access, and allow for omni-channel consumption of content. Drupal can also utilize web services to access external content and integrate it such that it lives on a separate database but appears to be native content to the end user.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation Users control access permissions, in other words, who can customize the service. Custom integrations, content types, and workflows are some of the customizable features.

Scaling

Scaling
Independence of resources Performance scales with spikes in traffic, and protects the eCommerce system from internet traffic for increased system performance.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach This is done through templates and/or APIs.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • CSV
  • XML
  • Serialized PHP array
Data import formats
  • CSV
  • Other

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks AWS, our hosting provider, is responsible for encrypting VM images during transport.
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Availability SLAs are for Acquia Cloud, which is a requirement to operate Acquia Journey. Lift doesn't come with a guaranteed availability SLA.
Approach to resilience For Acquia's cloud platform that supports this service: At the Internet-facing tier, a software-based load balancer is deployed with a hot standby in a different availability zone in the same region. The load balancer distributes load across multiple web servers, which are also distributed across multiple availability zones. Acquia's expert operations team adds additional web servers to the resource pool as needed. The load balancer continuously monitors the web servers, and if a server becomes unavailable, it removes it from the pool of hosts serving the site. Web servers use a shared network file system (GlusterFS) so that all files are kept in sync and redundant to each other At the database layer, a scalable database cluster serves the site with active and passive database servers in multiple availability zones. The active master database server continuously updates the passive master database using MySQL replication. In the event of a failure of the master database, the passive database becomes primary through a DNS-based failover.
Outage reporting For outages, customers can subscribe to the Acquia Status page by email, SMS messaging, or RSS/Atom feeds. You can subscribe to individual components, individual incidents, or all notifications. This enables you to get only the updates that you feel should be appropriate for your site.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Acquia has baseline access security requirements. Access controls can be configured by customers for increased security.
Access restriction testing frequency Never
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information No audit information available
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes - SOC 1
- SOC 2
- HIPAA
- PCI-DSS
- ISO 27001
- FedRAMP

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Acquia utilizes an agile change management process. System changes are managed by the Acquia engineering team who use a single server in each environment which is configured as the configuration management server. Changes are grouped into sprints. System changes are tracked in a change management ticketing system and required to be tested and approved prior to being implemented into the production environment. Version control software is in place to help ensure that code changes are tracked and can be rolled back as needed. Changes are assessed for potential security impact.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach At the Operating System and LAMP stack layers, Acquia employs a third-party vulnerability assessment platform, Rapid7, to perform authenticated host-based vulnerability scans against a representative sample of Acquia server types. The vulnerability scans are run weekly and reported to Acquia's security and operations teams. Vulnerabilities are reviewed, identified, and categorised by the Acquia security team, which assigns and prioritises reported vulnerabilities and documents mitigation steps to be implemented by the Acquia operations team.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Acquia uses OSSEC, an open-source, host-based Intrusion Detection System (IDS), which performs log analysis, integrity checking, and time-based alerting. Action is taken immediately if a compromise is identified. All affected or potentially affected customers are notified immediately of the incident.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Acquia has a formally documented Incident Response Plan that describes discovery, investigation, escalation, containment, notification, and documentation processes of security incidents. Upon initial notification that a Security Incident that has occurred, or is in progress, and is customer impacting it is the responsibility of Support team to notify the customers who are likely to be affected by the incident. Regular updates will be sent depending on the nature of the incident and as determined during the incident declaration stage.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £72460 per licence per year
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Terms and conditions pdf document: Modern Slavery statement
Service documents
Return to top ↑