Dajon Data Management Ltd

Electronic Document Management & Enterprise Automation

DRS is a comprehensive browser-based platform for Document Management and Process Automation. this includes Document Management, Web Forms, Process Design, Workflow Automation, Analytics, and Management tools that seamlessly integrate into your existing business applications and programs. DRS transforms and automates your business processes.

Features

  • Web Browser-based platform for EDM and Process Automation
  • DRS uses common index fields to link together related documents
  • Real time Analytics and Management tools
  • DRS is a fully integrated set of functional modules
  • Uses forms technology to increase efficiency and workflow
  • Simple drag-and-drop interface to build workflow
  • WET SIGNATURE Allow users to sign Iforms from digital devices
  • Use any mobile device to view documents
  • ILINK - Provides seamless integration with core business applications
  • Allows data to pass between existing ODBC compliant Databases

Benefits

  • Convert paper to web forms
  • Mobile ready and responsive
  • Supports Electronic signatures
  • Integrates into all accounting application such as Sage
  • Instant Access to Information
  • DRS focuses on process improvement to automate tasks
  • Access your data and processes from any internet enabled device
  • Build workflows with no technical background required
  • Have information integrated throughout the organisation
  • Increase efficiencies in every department within one software

Pricing

£40 to £1550 per user per month

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

8 0 2 2 1 3 3 3 0 9 4 5 2 0 3

Contact

Dajon Data Management Ltd

Damien Andrews

02077323223

damien@dajon.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Microsoft SharePoint
Cloud deployment model
  • Private cloud
  • Hybrid cloud
Service constraints
None
System requirements
  • Microsoft Windows 2012 and above
  • Microsoft SQL 2012 and above

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 1 working day.
Within 4 hours for urgent requests.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
WCAG 2.1 AA or EN 301 549
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The four areas of support are:
Consultative: Daily or project rate dependent on scope of works etc. average cost per project £5000.00
Training: This would have been agreed at the beginning of the project. Training days start at £1100 per day. Remote telephone/email support part of the maintenance agreement. On-site Support daily rate of £1100 per day.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
With each installation we provide onsite consultation and training.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Objects stored in the database are stored in a file repository that can be accessed through the file server. Identifying the files can be easily done by accessing the SQL database that stores the file location and associated indexes for the respective file. We will work with the client to extract the data efficiently and effectively.
End-of-contract process
The standard contract includes extraction of data to either CSV files or the format in which data was held within the system. Additional costs are incurred when data is to be imported into other systems.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The interface on mobile devices are adapted for a better user experience.
Service interface
No
API
Yes
What users can and can't do using the API
API access is only applied by Dajon for the users to avoid any potential compromise or disruption to service.
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Look and feel of the interface can be customised at system level by administrators, certain layouts can be customised at a user level.

Scaling

Independence of resources
Usage is scaled automatically or with user intervention

Analytics

Service usage metrics
Yes
Metrics types
Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
DocuPhase

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Users can export their data from within the web interface.
Data export formats
  • CSV
  • Other
Other data export formats
XML
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Tier 3: 99.98% uptime
Tier 4: 99.99% uptime
Approach to resilience
Available on request
Outage reporting
Public dashboard
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Available on request
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
QMS
ISO/IEC 27001 accreditation date
12/05/2016
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
BS 10008

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Access Control Policy
Anti-bribery policy
Anti-Piracy Policy
Backup Policy
CCTV Policy
Clear Desk and Clear Screen Policy
Complaints and Grievance Policy
Cryptographic Controls Policy
Data Protection Policy
Disciplinary Policy
E-Mail & Internet Acceptable Usage Policy
Hand Held Scanner Policy
Hiring Policy
Information Exchange Policy
Information Sensitivity Policy
Laptop Policy
Leaving Policy
Network Systems Monitoring Policy
Password Policy
Remote Access and Mobile Computing Policy
Secure Development Policy
Security Policy (at the beginning of the ISMS Manual)
Security Incident Reporting Policy
Social Networking Policy
USB Memory Sticks Usage Policy
Virus Protection Policy

Training and refresher training are provided to all staff to ensure all policies are followed.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
All assets are audited and tested through its lifetime, any changes are tested and documented before live deployment. For changes that affect configuration, this is tested and approved before live deployment. Changes that may affect security are tested on a test platform with penetration testing before deployment.

A change log is used to log down all changes made, whenever possible any change or patch insertion is tested prior to loading on the live system. Change management requests are strictly by approval only.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
All services are deployed on a restrict all then allow-based service to reduce any potential threats. Patches are deployed on a test platform and tested upon release. Once it has passed the test platform, it is then deployed on the live service. Potential threat information is received from credible sources including software manufacturer such as but not restricted to Microsoft, hardware manufacturer such as but not restricted to HP and from threat detection sources such as but not restricted to Trend Micro.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Any identified discrepancies are notified to the technical team immediately for immediate action. This is monitored 24 hours a day, 7 days a week for resolution.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
A pre-defined process for common events is prepared in the form of a management information report. Users report incidents via e-mail or phone, which is then escalated to the appropriate management personnel to respond.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£40 to £1550 per user per month
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑