iManage EMEA Limited

iManage Work Productivity Cloud

iManage is the industry’s leading work product management application, empowering professionals to create, manage, collaborate on, govern and secure, all work product from anywhere on any device in a single user experience, turning lost time into productive time.

Features

  • Document Management
  • Email Management
  • Content Organisation
  • Personalised Search using machine learning and data analytics
  • Protection of content in iManage and non-iManage repositories
  • Sharing and Collaboration
  • Smart Worklists
  • Detect sophisticated threats from internal or external actors
  • Smart Timeline
  • Manage and control all records from a single policy

Benefits

  • Suggested email filing keeps you ahead of inbox overload
  • Document timelines, dashboards and analytics
  • Searching across all work product is automatically tuned to you
  • Secure mobile access
  • Seamless integration with the applications you’re already using
  • User designed workflows, navigation and contextual help
  • Organisation policies govern audited document access and sharing
  • Implement need-to-know security enforcement at scale
  • Share securely with internal and external collaborators
  • Reduce the risk of data breaches

Pricing

£60.80 per person per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 3 3 3 0 3 0 0 5 9 2 3 0 8 2

Contact

iManage EMEA Limited

Jenny Hotchin

0203 879 6080

jenny.hotchin@imanage.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Private cloud
  • Hybrid cloud
Service constraints
Nothing material, other than the supported platforms set forth herein.
System requirements
  • IManage Work Desktop for Windows
  • IManage Work Desktop for Mac
  • IManage Work Mobility for iOS
  • IManage Work Mobility for BlackBerry Dynamics
  • Web Browsers and Mobile Operating Systems

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday - Friday:
Priority 1 Errors: 1 Business Hour
Priority 2 Errors: 4 Business Hours
Priority 3 Errors: 6 Business Hours
Priority 4 Errors: 1 Business Day

Cloud Customers have access to support assistance 24 hours per day, Monday - Sunday, 365 days per year, for Priority 1 Errors.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
A customer representative may use the iManage support website to submit a case. A password and ID will be provided to customer representatives.
Web chat accessibility testing
N/A
Onsite support
No
Support levels
Support assistance is available during Business Hours for Cloud Customers. Response Time Objectives for calls submitted outside the coverage window will apply to the next Business Day. In addition, Cloud Customers have access to support assistance 24 hours per day, Monday through Sunday, 365 days per year, for Priority 1 Errors.

We provide a cloud support manager for all customers and a technical account manager may be added for an additional fee.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
IManage provides a cloud onboarding welcome package. As part of the package, the iManage cloud onboarding team provides assistance with the following: (i) implementation stages and checkpoints, (ii) data migration, (iii) go-live preparation, (iv) post go-live responsibilities and (v) iManage cloud support assistance.

iManage also has iManage cloud training and certification that it makes available to its cloud customers.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
IManage provides no less than 90 days for cloud customers to download their data. iManage can also provide the customer with a number of options for the actual extraction of the data.
End-of-contract process
IManage makes the data available for no less than 90 days after contract termination / expiration. If a cloud customer needs additional assistance, such assistance will be provided by iManage professional services, for an additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Other
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
N/A - browser-based
Service interface
Yes
Description of service interface
IManage Work can be accessed using a web browser on any desktop, using mobile phones and tablets, and using the Work panel in Microsoft Outlook with the iManage Work Desktop for Windows desktop application. iManage Work also provides an embedded experience through iManage Work Desktop for Windows with Microsoft Office and Adobe application integrations.
Accessibility standards
None or don’t know
Description of accessibility
IManage Work can be accessed using a web browser on any desktop, using mobile phones and tablets, and using the Work panel in Microsoft Outlook with the iManage Work Desktop for Windows desktop application. iManage Work also provides an embedded experience through iManage Work Desktop for Windows with Microsoft Office and Adobe application integrations.
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
The iManage Work REST APIs enable users to perform operations such as viewing documents, browsing workspaces, and searching for documents on the iManage Work server through the HTTP protocol.

Several operations that are performed through the iManage Desktop client applications can be performed and/or automated using iManage Work REST APIs.
API documentation
Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Customisation is available through the use of our APIs. The extent of the customisations available are set forth in the API documentation. Additionally, further customisation may be available from iManage or a certified partner of iManage.

Scaling

Independence of resources
The iManage cloud is capable of petabyte scale, including automatic scaling and self-healing, with multiple, redundant, synchronised data centers. Additionally, we offer multi-tenant architecture with logical and physical data isolation.

Analytics

Service usage metrics
Yes
Metrics types
IManage provides a SLA for the availability of the cloud service. iManage also provides reporting on user counts / storage levels (upon request).
Reporting types
  • API access
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
We use encrypted SAN storage.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
IManage provides no less than 90 days for cloud customers to download their data. iManage can also provide the customer with a number of options for the actual extraction of the data. Currently, there are approximately 40 products available to assist with import/export.
Data export formats
  • CSV
  • Other
Other data export formats
In the format in which it's stored in the service
Data import formats
  • CSV
  • Other
Other data import formats
Any electronic file type as defined by customer

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.9%

Service Credits are provided pursuant to the following table (percentages are based on the monthly fee or 1/12th of the annual fee):
Less than 99.9% but not less than 99.0% - 10%
Less than 99.0% but not less than 98.0% - 25%
Less than 98.0% but not less than 95.0% - 50%
Less than 95.0% - 100%
Approach to resilience
Available upon request.
Outage reporting
There is a notification page on the iManage support website. This page can be subscribed to by users so that they receive an email alert.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels
IManage enforces an access control policy based on least privileges principles.

iManage maintains an authorisation management system.
All iManage Personnel accessing systems containing Customer Data have a separate, unique username.
iManage restricts access to Customer Data solely to iManage Personnel who have a need to access the Customer Data or as otherwise required by applicable Law.

iManage uses industry standard practices to identify and authenticate all iManage Personnel who attempt to access iManage network or information systems.
Where authentication credentials of iManage Personnel are based on passwords, iManage requires that such passwords meet minimum requirements for length and complexity.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Schellman & Company, LLC
ISO/IEC 27001 accreditation date
28 March 2018
What the ISO/IEC 27001 doesn’t cover
IManage general administration (i.e., non-cloud)
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • ISO 27017
  • ISO 27018
  • ISO 22301
  • SOC 2 Type 2 (All Trust Principles)
  • SOC 2+
  • SOC 3

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
IManage maintains a written information security management program designed to protect Customer Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. The ISMS may be updated from time to time based on changes in applicable legal and regulatory requirements, best practices and industry standards related to privacy and data security.

iManage uses commercially reasonable and appropriate methods and safeguards to protect the confidentiality, availability and integrity of Customer Data. iManage adheres, and at all times will adhere, to information security practices at least as protective of Customer Data as identified in ISO 27001 and ISO 27017 (or substantially equivalent or replacement standards) or other generally accepted authoritative standards (e.g., SSAE 16, SOC2).

iManage maintains written policies and procedures that address the roles and responsibilities of iManage Personnel, including both technical and non-technical personnel, who have access to Customer Data in connection with providing the Cloud Services. All iManage Personnel with access to Customer Data receive annual training on the ISMS. iManage ensures that access rights are revoked for all iManage Personnel immediately upon the termination of their employment, contractual or other relationships with iManage.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
We have a cloud-gating process to ensure availability, confidentiality and security of changes we make to the service.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
IManage uses reasonable efforts to ensure that the Cloud Services operating systems and applications that are associated with Customer Data are patched and otherwise secured to mitigate the likelihood and impact of security vulnerabilities in accordance with iManage’s patch management processes and within a reasonable time after iManage has actual or constructive knowledge of any critical or high-risk security vulnerabilities. iManage conducts vulnerability testing on a monthly basis. We get our information from contracted third parties and public resources.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We have a SIEM tool that helps us monitor for security events. We also have an escalation process to respond to such events, wherein response time is dependent on severity of the event.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have a customer support team that accepts reports on incidents. We also have an operations monitoring team that checks for anomalies. If there is a confirmed incident, the operations team manages it to closure. Customers are informed if necessary by the support portal.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£60.80 per person per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Access can be given a site for an agreed period, in order to prototype the solution as part of the sales cycle once the requirements have been identified

Service documents

Return to top ↑