Oak Engage Limited

Oak Intranet

Oak is a revolutionary Intranet solution. Designed to maximise user engagement and with unparalleled ease-of-use Oak enhances communication & collaboration, enables knowledge sharing and streamlines administration tasks for any size of organisation.

Features

  • Create and share content: including news, documents or blogs.
  • Quickly design homepages. No technical input required. Drag and drop.
  • Powerful searching: find any content anywhere on the intranet
  • Business social: create communities, share ideas, blog and collaborate faster.
  • Engagement: Involve users with polls, events, even an online magazine.
  • Comprehensive intuitive administration to manage users, groups, permission levels etc.
  • Integration with existing IT, including Microsoft Office & Active Directory
  • Business Apps: Use the holiday planner or configure electronic workflows.
  • Integrate with and search SharePoint content from your Oak intranet.
  • Supports web-browser or DesktopApp and MobileApp on IOS or Android.

Benefits

  • User engagement is radically enhanced improving organisational efficiencies.
  • Employee collaboration is improved, increasing employee satisfaction.
  • Save time with Google-like searches for documents and other content.
  • The intranet can be setup internally, without external consulting costs.
  • No additional technical infrastructure costs required to deploy.
  • No upgrade costs, as new feature are updated automatically.
  • Reduce employee time and costs by automating business processes.
  • Supports flexible work across offices, home or mobile work environments.

Pricing

£0.50 to £5.00 per person per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

7 4 7 0 8 4 3 8 4 9 5 0 4 3 0

Contact

Oak Engage Limited

Nick Daggett

01914601122

nick.daggett@oak.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints None
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our response time targets vary dependent on the severity and impact of the issue addressed by tickets.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels All Oak customers benefit from our highly-acclaimed customer support service included in their Oak service charge.

Customers can call our team of skilled and knowlegable Oak Product Specialists and Consultants during office hours and can submit support items, incident and requests on the Oak Service Desk by email 24 x 7.

Oak's Operations Team are managing and monitoring the perfmance and availability of the Oak platform at all times, but also monitor the Oak Service Desk for any client-raised issues.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started All Oak Intranet customers get a free Test / Training Oak intranet that is populated with sample content.
We provide training at our Training Academy in Durham.
We provide access to our training materials to signed up Oak customers.
We run live weekly webinars on a wide range of topics.
Oak customers have access to Engage, our on-line management platform.
Service documentation Yes
Documentation formats
  • HTML
  • Other
Other documentation formats
  • Oak has in-built context sensitive Help through our Assistance feature
  • Oak include 'Tours' which walk users through key functionality
  • Oak customers can build their own Tours to assist others
  • Oak Engage provides videos on a variety of topics
  • We run regular hosted Oak Interactions, running through key features
  • Oak Interactions include Q&A periods and generate published FAQs
  • Recorded Oak Interaction sessions are available for all Oak customers
End-of-contract data extraction As well as Oak providing copies of the customers databses and files written to a customer-owned Azure storage account at end of contract, the Oak customer can use all Oak functionality to manually extract data or transfer data to external systems.

The Oak Data Framework and API can also be used to port data stored in Oak to other systems.
End-of-contract process As the Contract Termination date approaches, our Client Services Team will advise the customer of this and confirm that the customer wishes their contract to renew.

If the customer does not wish their contract to renew, the customer will need to port any data from Oak to other systems prior to the end of the contract using the Oak API or Data Framework.

If the customer requires additional time to complete their data extraction after the end of their contract, they can request a chargeable temporary contract extension period.

Oak will provide the customer with a copy of their Oak database and all files to the customer, which will be written to a customer-owned Microsoft Azure Storage account once the contract period has ended. Once the customer has confirmed receipt of the data, Oak will delete all copies of the customer's data and all backups that are held on Oak services.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Oak supports access through a compatible web browser from any device, but also has an optional Windows App and the Oak Mobile App which is available for Android and IOS.

The Windows, Android and IOS apps all support push-notifications.

All of the Apps support all Oak functionality.
Service interface No
API Yes
What users can and can't do using the API Oak supports a flexible and secure API layer, where a customer's Oak Administrators are able to create API endpoints each of which is linked to an Oak Capability that accesses or creates Oak data and which have access limited to selected users or user groups. Access to each Oak API endpoint can be restricted to specific ranges of IP address if required. A number of authentication methods are supported.

A client application, once authenticated, can access published Oak API endpoints to access or update data that that endpoint provides.

There is a wide range of Oak Capabilities which are separated into Functional, Data, Reporting, Events and Media groups, each group offering a range of capabilities.

Functional APIs support Business Logic functions such as Create, Update, Delete and Get. Report APIs support aggregated data retreival. Data APIs support accessing data from the Oak Data Framework. Events APIs support streaming events such as Chat and real-time data streaming. Media supports media streaming.
API documentation Yes
API documentation formats
  • PDF
  • Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Oak is highly customisable.

Oak supports a flexible permissions module, which includes configurable User Groups and also provides System Groups, such as 'New Starters', 'Line Managers', 'Office Managers'.

The permissions required to accomplish customisation can be delegated as required.

Aspects of Oak that can be customised include:

Branding / colour scheme
Intranet structure - supporting Region, Office, Department, Project, Team and Folder area types.
Primary menu structure
All intranet area home pages
The configuration of individual applets on each home page
The 'Audience' for home pages and home page applets
Additional fields on User Profile and Personnel records
Creation of Business Workflow Processes
Supports multiple Holiday Plan and Working Pattern definitions
Reporting
Data extraction
User import
APIs
Selectable 3rd-party authentication mechanisms to allow Single Sign On (SSO), including a number of OAuth providers (LinkedIn, Facebook, Twitter, Dropbox, etc.), SAML (ADFS, Okta, etc.) also including the option for Oak to act as an Identity Provider.
Functionality 'Tours' for your staff
'Notices' to ensure that important things get noticed
Content Tagging
Management of in-built 'Facts' and 'Quotes' databases
Events
User-configurable integration with SharePoint, ihcluding federated searching
User-configurable intergration with Office 365

Scaling

Scaling
Independence of resources Oak has been designed to

Analytics

Analytics
Service usage metrics Yes
Metrics types Oak provides a wide range of service metric reports.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach As well as extracting data through a wide range of Oak reports, Oak supports the Oak Data Framework.

The Oak Data Framework is designed to support the transfer of data out of and into a customer's Oak intranet under their control, supporting filtering, formatting and aggregation of outgoing data and a range of validation and uploading options for incoming data.

The Oak Data Framework supports accessing elements of the Oak database schema such that automated export of large parts of a customer's data can be accomplished on an automated basis.
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • Power BI
  • Database-writes to a number external database types
Data import formats Other
Other data import formats
  • User data can be imported in Excel format
  • Company structure can be imported in Excel format
  • User data can be integrated from Active Directory
  • Company structure data can be integrated from Active Directory
  • AD integration is accomplished with customer-site installed service

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Target Availability is currently 99.4%, although we expect to increase this in the near future.

Where Availability falls below Target Availability within a calendar month we will extend the service contract based on a Service Extension Calculation.
Approach to resilience Oak runs on multiple web servers connected to multiple database servers, with additional servers dedicated to a number of related application roles.

All data is written using Microsoft Azure Locally-Redundant Storage to at least three different storage devices at the primary Data Centre, and also all completed transations are written to a secondary Data Centre using
Zone-Redundant Storage.

The number of servers dedicated to each application role ensure that service ability is assured and are scaled to meet anticiapted and actual demand.
Outage reporting We will shortly be putting live a dashboard that will be accessible to authorised Oak users.

In addition, at the time of contract initiation we request the name and email address of users who will receive service notifications, which the customer's Oak administrators can then manage moving forward.

Our incident management process includes appropriate checkpoints to initiate communications to appropriate Oak users at each Oak customer.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
Other user authentication Oak supports Single Sign-on through a number of mechanisms, including Active Directory integration, SAML and a number of OAuth providers, as well as supporting a Username and Password if required.

The types of authentication available to users are under the control of the Oak customer's administrators.
Access restrictions in management interfaces and support channels Access to the Oak infrastructure hosted on Microsoft Azure by the Oak Operations Team is limited to only Oak Intranet Limited's IP addresses, so all access to management interfaces acn only be achieved from there.

On-call engineers access Oak Intranet Limited's network if required to access the Oak infrsatructure using a 2FA protected VPN.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 6 months and 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for Between 6 months and 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS Internaltional
ISO/IEC 27001 accreditation date 16/05/2019
What the ISO/IEC 27001 doesn’t cover TO BE ADDED
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Oak Intranet Limited manage Information Security according to ISO27001:2013.

Information Security is driven from The Board and managed by the Information Security Management System Committee.

The ISMS Committee implement policies and procedures to implement the ISMS and make these available to all staff through our own Oak intranet.

All staff are required to view, understand and agree to adhere to guidelines detailed in the company's Information Security training at induction and every six months thereafter.

Our ISMS is subject to ongoing audits and reviews according to a defined schedule.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Oak is developed using a Secure Development Lifecycle using the Microsoft DevOps platform.

From requirements gathering to final release, all work items are designed, developed, tested, integrated, undergoes final integration testing and is rolled out across seperated pre-live environments and is then deployed with full tracability.

As part of the production planning process, the security aspects of the change are assessed and the level of security testing required is assessed and factored into the development process, with external security and penetration testing scheduled prior to release if required.
Vulnerability management type Supplier-defined controls
Vulnerability management approach The Oak service is developed using a Secure Development Lifecycle Process against OWASP guideliness, which takes threat vulnerability into account for all new developments and for all planned changes to the service.

Vulnerability is assessed during the requirements gathering phase and includes appropriate protection during the design phase, before developing functionality and changes using verified tools and validated isolated frameworks, including code reviews and validation against OWASP during the testing phase before integration and release through staged environments.

External security and penetration testing is carried out at least annualy, or for new functionality which affects the threat surface.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Oak runs on Microsoft Azure's platform, which is covered by a wide array of monitoring systems covered by accreditations including CSA Star, ISO 27001:2013, ISO 27017:2015, ISO 27018:2014, ISO 20000-1:2011, ISO 22301:2012 along with appropriate assessments and audits.

In the event that a potential compromise is discovered, we will invoke our Security Incident process, which includes assessing the impact of the incident, communication strategies, containment and mitigation processes, collection of forensic data, hot-fixing, etc.

We provide 24 x 7 Monitoring and Operations Management and response times will be in-lin with risk and potential impact.
Incident management type Supplier-defined controls
Incident management approach Oak is managed using an ITIL-based Incident Management system, with appropriate staff holding ITIL qualifications.

As well as a day-to-day Incident Management process, which is used to handle customer-raised support incidents, including support for events, incidents, work-arounds and problem management, Oak has associated incident management processes to cover Major Incidents and Security Incidents.

Users can report incidents by 'phone, e-mail or through the Oak Service Desk.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £0.50 to £5.00 per person per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial On request we will provide a fully functioning Oak intranet, already populated with demonstration content.

By default the free trial Oak intranet is limited to 5 users and 10 GB of data and is available for three months, although these can be extended if required.

Service documents

Return to top ↑