MPA (Mentor Productivity Accelerator App)
The Mentor Productivity Accelerator MPA is a cloud based mobile and browser accessed multimedia B2B app. Clients can securely distribute and report on consumption of critical content, insights and solutions (video, audio, interactive documentation) to their community, stakeholders, partners and in order to increase and sustain user productivity and performance.
- MPA app enables secure distribution of content to mobile communities.
- MPA app supports all commonly used browsers and device types.
- MPA content can be selectively distributed to stream or download.
- The Management Console controls who sees what and when.
- The Management Console controls user additions / deletions.
- The Management Console allows prioritisation and organisation of content.
- The Management Console reports on who saw what and when.
- The MPA app allows access to content organised by 'channels'.
- MPA users receive notifications, can rank content and be quizzed.
- The MPA app can include links to multiple distributed URL's.
- MPA enhances user productivity by 'putting knowledge in their pockets'.
- MPA content can be consumed on or offline, anytime, anywhere.
- MPA is quick and simple to install, manage and use.
- MPA scales from 50 to 10,000 plus users.
- MPA extends and adds value to CMS systems and processes.
- MPA enhances management and team communication at all levels.
- Content can be precisely targeted at groups and individuals.
- Individual users can access MPA on multiple devices and types.
- Native apps take advantage of all new smart device technology.
- MPA is Enterprise ready with 24 x 7 support options.
£2 per person per week
- Education pricing available
- Free trial available
Mentor Group Limited
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
|Service constraints||Native apps for Blackberry or Windows Phones are not currently supported.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Standard support level is by end of next business day. Different support levels are available if required by separate agreement (for example for 'super users or named 'administrators'.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
First level support will be provided by the Console Manager administrator within the buyers organisation or by a buyer appointed third party support / services organisation.
Second level support will be provided by Mentor Group direct to either the Console Manager administrator or to a buyer appointed third party support / services organisation.
Third level support will be provided by Mentor Group if an issue is not resolved by second level support within 48 hours of receiving a support request from First level support.
There are no incremental charges associated with either First, Second or Third level support services.
Technical account managers are available as needed.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Buyers will have access to comprehensive Management Console training by Mentor Group, who offer this service onsite or virtually (online). In either case Mentor will update all buyers with a comprehensive and ongoing Management Console playbook and telephone support.|
|End-of-contract data extraction||All data can be extracted to CSV files at the end of contract by the buyer assigned Management Console Manager. Alternatively, Mentor Group can be instructed to do the extraction on the buyers behalf.|
|End-of-contract process||The service will terminate upon instruction from the customer and all data will be extracted and or erased. The buyer can accomplish this via their Management Console or they can instruct Mentor Group to execute on their behalf. All data can be extracted to CSV at the end of contract.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Mentor MPA has been designed and built with the ambition of providing a uniform user experience whether using iOS, Android, Windows PC or Apple Mac devices using either apps or browsers.|
|Description of customisation||
The MPA can be customised, or not, for every deployment. These customizations can include:
#'s of channels
Users cannot customise the App - only the Management Console manager/admin can customise changes to the App.
|Independence of resources||Mentor Group currently utilises Amazon Web Services Elastic Compute model. This facilitates auto scaling features to ensure user demand is met at all times. MPA apps are served by separate infrastructures for each of our clients with dedicated virtual hardware to ensure consistency of performance with segregation of service instances. A multi-tenant version is also available.|
|Service usage metrics||Yes|
Service usage can be measured and reported via the Management Console. There are a range of standard reports that show various data and usage types such as:
Practice area compliance.
Custom reporting options are also available to the Management Console administrator.
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Personal Data is managed by the buyer assigned Management Console administrator.
Buyer content is uploaded to the app by the Management Console administrator.
The Management Console administrator manages which users see what content, when. This includes specifying whether particular content is viewable only by groups of users or individual users, or downloadable or both,
|Data export formats||CSV|
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Utilising the Amazon Web Services data centres, Mentor Group offers a 99.99% uptime SLA on the underlying physical infrastructure and MPA service, which is further supported by resilient failover.|
|Approach to resilience||Resilience is inbuilt by design. With load balancers, dual servers, Elastic Compute on top of Amazon Web Services highly resilient servers, the solution has been designed to be resilient from its inception.|
|Outage reporting||Should there be a service outage, Management Console administrators will be advised via email with an estimate of the fix time. By separate agreement a phone call can be included. Communication will be (by default) every 30 minutes unless otherwise agreed. Administrators can then contact their users by their communication preference. Mentor Group's policy is that it does not directly communicate with MPA users, unless exceptionally requested to do so, by the Management Console administrator.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
The Console manager/admin is the only person(s) who are able to deactivate and activate users.
The App is built to ensure content can be distributed to Regions, Countries, Territories, Groups and Job roles. Each piece of content is assigned to one or more of these areas on a hierarchical basis.
For example, a piece of content can be sent to everyone in the UK or it can be sent to a specific team such as a regional or specific functional team, or down to an individual subscriber.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||2-factor authentication|
Audit information for users
|Access to user activity audit information||You control when users can access audit information|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||You control when users can access audit information|
|How long supplier audit data is stored for||Between 1 month and 6 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||NCSC Check certified|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||MPA is NCSC check tested.|
|Information security policies and processes||
The standard reporting structure that is followed is as follows (note, Mentor Group has the flexibility and capacity to customise processes on a case by case basis).
1) End user to Management Console administrator.
2) Management Console administrator to Mentor Group Client Support.
3) Mentor Group Client Support to Mentor Chief Technical Officer.
4) Mentor Chief Technical Officer to Hosting provider.
If required, Mentor Group can exceptionally, either permanently or temporarily, have access to the buyers Management Console, in which case a two factor authentication process is followed to communicate and manage encrypted password access control to named, authorised individuals in Mentor Group.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Mentor Group has formal configuration and change management processes that are overseen by the office of the CTO. Utilising leading toolsets eg JIRA and Trello, all customer configurations are managed on a 24x7 basis. Any changes are planned, agreed and authorised via a weekly status meeting/process. All are subject to risk assessment from a customer impact and security standpoint. Progress is tracked on a daily basis using a 'RAG' dashboard accessible to authorised personnel only. An escalation process is in place that allows for incremental 'ad hoc' meetings should any of the stakeholders consider it time sensitive and necessary.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||The services are monitored 24x7 by a remote team who assess and detect threats both proactively and reactively. Patches are recommended and then passed through a Change Advisory Board (CAB) for implementation once impact is known. The office of the CTO provides oversight and authority for the CAB.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Mentor Group has a 24x7 monitoring team which is accountable for monitoring all customer services, their status and any security impact. Threats are responded to depending on severity. High risk vulnerabilities are reported to the office of the Chief Technical Officer within 30 minutes.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
The monitoring team have pre-defined processes for all 'common' events, consistent with providing support for multiple large Enterprise class customers.
Users (Management Console administrators) report incidents via phone or email.
All incidents are logged, assigned unique incident numbers and a severity level. Closure occurs by mutual agreement with customers. All incidents are reviewed by the office of the CTO on a daily basis.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£2 per person per week|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||Mentor Group offers a 30 day trial using a unique but non customised / personalised multi-tenant version of the service (though it is still secure). It is not limited in terms of number of users, amount of content or numbers of devices.|