ComSkills
ComSkills is a cloud-based software as a service platform offering a template for government departments to easily create customised video e-learning and online training services for their office-based and remote working employees. The platform gives access to online training videos, training support materials, access to live webinars & online exams
Features
- Train office based and remote workers
- Create customised video e-learning lessons, tests & exams
- Hosted cloud service with 24/7 support
- Weekly technical backup of full service
- Accessible on PC, laptop and mobile
- Reports on progress - lessons completed, tests passed
- Flexible rights and permissions - Sys Admin to content editor
- Service security
- Easy to use and highly intuitive
- See an example Comskills service at https://comskills-ukraine.co.uk/
Benefits
- Rapidly upskill your workforce with video e-learning
- Create customised learning and development based on best practice
- Allow 24/7 accessibility - your workforce can learn at home
- Improve productivity
- Reduce training costs
- ComSkills is low cost to create and maintain
- Easy to update
- Scalable cloud service
- Embedded webinar software also allows live training
- ComSkills is a resource that can be continually accessed
Pricing
£20,000 to £40,000 a licence a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
7 0 5 8 3 0 2 1 4 7 6 3 7 5 9
Contact
Andy Black Associates Ltd
Andy Black
Telephone: 07881 314570
Email: andy@comskills.co.uk
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Hybrid cloud
- Service constraints
- No
- System requirements
- N/A
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Monday to Friday - 09.00 to 17.00 - 4 hour response to questions
Other times 8 hour response to questions - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support accessibility standard
- None or don’t know
- How the web chat support is accessible
- Facebook Messenger
- Web chat accessibility testing
- None
- Onsite support
- Yes, at extra cost
- Support levels
-
Support and maintenance is included in the ComSkills service
All client sites are monitored 24/7 x 365
Specific support calls are handled by a technical account manager from 09.00 to 17.00 UK time, outside of these hours support is provided by cloud support engineer - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- ComSkills is an online training platform. At registration, users access an online User Guide to assist them and have a contact form to send questions.
- Service documentation
- Yes
- Documentation formats
- HTML
- End-of-contract data extraction
- Each individual user has the ability to delete all their data from the service.
- End-of-contract process
-
As a real world example, look at https://comskills-ukraine.co.uk/
The build included creating:
40 x 20-minute online training videos on strategic communication
Lesson support materials – PDF’s & links to relevant information
Access to video conferencing for live training via webinars
Online quizzes & online certified exams
One off cost £25k, plus £5k annual support and maintenance
Any additional work after launch charged at £800 per day or for an agreed fixed fee
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- No
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Editor rights and permissions can be given to key selected client users. This allows them to edit, add content. Modify menus.
Editor rights and permissions do not allow access or modifications to the technical elements of the service.
Scaling
- Independence of resources
- The cloud service is fully scalable and also uses a CDN to improve performance
Analytics
- Service usage metrics
- Yes
- Metrics types
- Progress of each registered user as they complete lessons, take exams
- Reporting types
- Regular reports
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with another standard
- Encryption of all physical media
- Scale, obfuscating techniques, or data storage sharding
- Data sanitisation process
- No
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Service has button for each individual user to export or delete their data
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
-
99% guaranteed service availability
Failure to meet 99% service levels may result in proportinate refund from annual support and maintenance fee - Approach to resilience
- ComSkills uses a tier 1 UK hosting service that provides SSL certificates, malware scanning, PCI-DSS compliance and includes 1 Tbps+ DDoS protection as well as brute force login protection and email scans.
- Outage reporting
- Email alert
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- Access to the ComSkills technical backend, reporting, user profiles and hosting Control Panel with the support ticket system is only available to ComSkills system administrators.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- ComSkills only has 2 system administrators who have access to our service control panel held by our hosting provider. A VPN and https connection are always used by the system administrators when accessing our hosted servers. In addition strong passwords are used and regularly on all services.
- Information security policies and processes
- ComSkills only has 2 system administrators and both are directors of ComSkills. Our security policies and processes have evolved during our 30 year experience in tech. We always use VPN's, we have malware and virus scans on our email servers, we always use tier 1 hosting services, we have up to date anti-virus software on PC's , we use strong passwords that are regularly changed on all services, we also use code obfuscation on all web services we manage and encrypt content as standard operating processes
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
The ComSkills service is run on WordPress and uses the LearnDash learning application with 18 additional plugins.
WordPress security updates are automatically installed by our hosting provider. Other WordPress updates, updates to LearnDash and the 18 plugins are controlled by our system administrators. We only use plugins that are well reviewed and have a large install base - as these plugins are updated we normally wait a few days and monitor community forums to assess potential security issues before we update. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- ComSkills uses WordPress hosted at specialist WordPress tier 1 hosting service provider who provides SSL certificates, malware scanning, PCI-DSS compliance, 1 Tbps+ DDoS protection as well as brute force login protection and email scans. WordPress security updates are automatically done by the hosting service provider. In addition ComSkills uses htaccess, Akismet, blocks access to readme.html, license.txt, and wp-config-sample.php files, disables directory browsing of all folders and subdirectories and remove WordPress generator meta tag showing its version and sensitive information. We monitor WordPress hacker forums to gather info on potential threats.
- Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- Malware, spam, hackers and security breaches are a 24/7 security concern. By default our hosting provides security to keep us safe against harmful web attacks. Our hosting includes SSL certificates, malware scanning, PCI-DSS compliance, 1 Tbps+ DDoS protection as well as brute force login protection and email scans. In addition, WAF examines each HTTP request for SQL injection, Trojans, cross-site scripts, routing, and many other types of attacks. Our hosting provider operates this 24/7 and performs each inspection in less than one millisecond.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
Users can report incidents or problems via email or Facebook Messenger. If we have an issue to do with hosting we have 24/7 UK in-house support from our hosting provider using our Account Control Panel with support ticket system. The support ticket system allows us to contact our hosting service provider with any queries and get a faster resolution to any hosting related queries.
If the incident does not involve hosting, we will contact the user by email to clarify the incident and examine the service to identify and test solutions to the incident and then send a report
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £20,000 to £40,000 a licence a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Up to 5 individuals from a potential buyer can access a current live Comskills service for one month
- Link to free trial
- https://comskills-ukraine.co.uk/