MeetingSphere GmbH

Managed Meeting Center Server (G-Cloud)

MeetingSphere is a collaborative meeting solution that helps deliver the required outcomes of the meeting in time. Managed Meeting Center Server (G-Cloud) is the cloud offering for UK government organisations. The server is deployed in two-tiers of dedicated instances of Amazon AWS Ireland.

Features

  • Supports any meeting or workshop process. Online or face-to-face.
  • Personal flat-fee for unlimited concurrent meetings and participants.
  • Bainstorm workspace with anonymity and theming. Highlighting with sticky dots.
  • Discussion workspace for discussing multiple topics. Anonymously or by team.
  • Rating workspace with all customary rating methods. Multi-criteria analysis.
  • Presentation workspace for crisp scalable slide shows. Interactive feedback channel.
  • Complete and unbiased push-button documentation (Word). Export to Excel.
  • Agenda templates for easy reuse and sharing of best practice.
  • Easy collaboration between Facilitators (Co-facilitation).
  • Web conference included (voice & screen sharing).

Benefits

  • Run full-fledged workshops online.
  • Make business meetings productive.
  • Engage participants. Everybody can contribute - anonymously if required.
  • Establish priorities. Analyze utility. Measure and manage consensus.
  • Facilitate full disclosure for results that carry.
  • Runs on any device (Computers, iOS and Android devices).
  • Create the Word report by mouse-click.
  • Reuse agendas and manage best meeting practice.

Pricing

£41510 per server per year

Service documents

G-Cloud 11

776733064150688

MeetingSphere GmbH

John Turner

+49 40 6891 4578

g-cloud@meetingsphere.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No.
System requirements
  • Computers must run Chrome, Firefox, Edge, Safari or IE 11
  • IPads and iPhones require Safari 11 (iOS 11 or later)
  • Android devices require the Chrome or Firefox browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 4 hours on weekdays.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Support is included for technical issues such as access to the service or functionality of a software feature. Technical support does not include consulting on facilitation processes or meeting design.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The appointed administrator receives 90 minutes online training which includes a walk through the administrative options.
Licensed users (users who can run meetings and workshops) are supported in context by extensive and in-depth online help and how-to videos.

Online and on-venue training is available at extra cost.

Participants do not require any training or onboarding.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Facilitators typically download the automatic report (the minutes) of a meeting or workshop directly after it has ended. This contains all content.

Storage of meetings on the meeting center serves the limited purpose of easy in-system re-use of content and meeting agendas. Facilitators can save both the content and the agendas of their meetings to disk.
End-of-contract process At the end of the subscription period - unless instructed to the contrary - MeetingSphere maintains the Managed Meeting Center Server for a grace period of 90 days during which the subscription can be renewed. After the grace period, the deployment, its database and all backup files are deleted irrevocably. The customer's administrator is warned/informed of these successive steps repeatedly by email.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile service is functionally identical with the desktop service, except for active screen sharing not being supported on mobile devices.

The layout is responsive, meaning that workspaces will look different on a phone.
API Yes
What users can and can't do using the API The meeting center supports SSO (SAML 2.0)
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Center administration can (1) control access and authentication requirements, use restrictions etc. (2) brand the login page, holding screen, meeting report.

Scaling

Scaling
Independence of resources The Managed Server runs with generously allocated dedicated resources. Systems trigger an alarm when over 45 % of resources are used. This hardly ever happens.

Analytics

Analytics
Service usage metrics Yes
Metrics types Host and participant log ins and new meetings created in last 180 days.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Leaders and Facilitators typically download the automatic report (the minutes) of a meeting or workshop directly after it has ended. This contains all content. They can also export the content of individual workspaces to Excel or text.

Facilitators can also save meetings (agendas with content) to disk in MeetingSphere's msmf-format.
Data export formats
  • CSV
  • Other
Other data export formats
  • Docx
  • Xlsx
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability MeetingSphere commits contractually to 99.9% uptime on a monthly basis, excluding regularly scheduled maintenance times or Force Majeure Events. If in any Account Period this uptime commitment is not met by Meetingsphere and customer was negatively impacted, Meetingsphere shall provide, as customer’s sole and exclusive remedy, a service credit equal to the number of minutes the Subscription Service was unavailable during that Account Period. If the service failed for a consecutive 4 hours, a full day shall be credited.
Approach to resilience We follow industry best pactice under Amazon AWS's shared responsibility model. Details are available on request.
Outage reporting Our service is continually monitored via AWS-supplied and other mechanisms. AWS supplies a dashboard. Responses are triggered via APIs and email alerts to MeetingSphere's response team.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Management interfaces fall into three categories: 1. The management interface of the AWS service is protected by username, password and an AWS-supplied token device. 2. Privileged access to productive MeetingSphere systems can only occur via a bastion server which can only be accessed from a defined set of IP addresses and 2-factor authentication. 3. Privileged access by users (customer-appointed administrators) can be limited to separate user accounts with 2-factor authentication or SSO.
User support requests which involve access to customer systems or information are only accepted in writing (email) and verified via a separate channel, e.g. call back.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other
Description of management access authentication Restriction by source IP address.

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We are currently in the process of certification to ISO 27001.
Information security policies and processes MeetingSphere follows a security awareness and training policy which defines basic and role-based training requirements.
MeetingSphere's information security policy follows the ISO 27k standards.
MeetingSphere's information security team ensures compliance by a variety of measures verify compliance to this policy through various methods, including but not limited to, business tool reports, internal and external audits, and feedback. The Infosec team leader reports to the CTO who is responsible for security and reports to the CEO.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Amazon AWS is certified to comply with SSAE-16 / ISAE 3402. Under AWS' shared responsibility model, MeetingSphere maintains under automated configuration control a current baseline configuration of the information system. The configuration is reviewed annually and on significant change. Older configurations are retained should a rollback be required. Configurations are based on a deny-all permit by exception policy which extends to software permitted to execute on the system. Changes to the configuration are assessed for risks and require approval by the Infosec team leader after testing in the staging network.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Amazon AWS is certified to comply with SSAE-16 / ISAE 3402. Under AWS' shared responsibility model, MeetingSphere routinely scans of its systems for vulnerabilities with an industry standard vulnerability scanner employing the latest definitions and signatures based on i.a. the NIST vulnerability database and the CWE list. 'Critical' and 'Important' Patches are deployed immediately, 'Low' patches within the day. MeetingSphere subscribes to various sources of security feeds including US-Cert and Microsoft's Security Bulletin.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Amazon AWS is certified to comply with SSAE-16 / ISAE 3402. Under AWS' shared responsibility model, MeetingSphere employs automated log analysis, continuous configuration monitoring and integrity scanning to identify security incidents. In the event of a suspected breach, the incident response team is alerted directly by email and SMS text for a verification of the incident. Further measures depend on the attack type and vector and the severity rating of the incident which is based on the functional and information impact, the appropriate containment, eradication and recovery strategy and required notifications.
Incident management type Supplier-defined controls
Incident management approach Amazon AWS is certified to comply with ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402. Under AWS' shared responsibility model MeetingSphere operates an incident response policy and set of incident response plans for external and removable media, attrition, web, email, impersonation, improper usage or loss/theft of equipment.
Users report incidents by email to a specific email address.
The user's main or designated contact is informed of all security breaches which impact or threaten the function or integrity of their deployment including the findings of impact analysis and measures (to be) taken to contain, eradicate and recover from the breach.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £41510 per server per year
Discount for educational organisations No
Free trial available Yes
Description of free trial The trial is limited to 14 days and includes the full online workshop functionality for Leaders/Facilitators (the person who can plan and run meetings and workshops) and participants. The meeting report is cut-off after 10 line items per tool. The export of content is cut off after 10 line items.
Link to free trial Www.meetingsphere.com

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑