Futr. Inside (Staff facing chatbot)
Your organisation runs on all sorts of tools, services and systems, from expenses and holidays, to knowledge sharing and reporting harassment. Eliminate vendor lock-in and costly retraining by plugging your staff into your legacy systems through our light chatbot overlay. Everything they need, on whatever channel they have to hand.
Features
- Conversational interface
- Automation
- Multilingual (over 160 languages) and multi-language detection
- Broadcast
- Emotion and sentiment detection
- Seamless livechat handover
- Data compliance by design
- Multi-channel distribution
- Intelligent queuing
- Full audit trail
Benefits
- Automate repetitive tasks
- Interact with data through conversational dialogue
- Increased accessibility to services
- Targeted content distribution
- Improved compliance
- Improved access to and visibility of data
- Cost reduction
- Improved service delivery
- Improved data consistency and quality
- 24/7 real-time usage
Pricing
£1 a user a month
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 11
Service ID
8 7 0 3 0 5 7 1 6 8 4 4 0 5 6
Contact
Futr AI Limited
Andy Wilkins
Telephone: 07513872409
Email: andy@futr.ai
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- Any service with an API or database connectivity.
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- No
- System requirements
- Internet connectivity
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Instant
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- Support levels are subject to individual service level agreements. We offer these based on availability, capacity and performance with associated tiered penalties should targets not be met.
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- For standard service, users have access to a wide range of online support documentation. For bespoke service, we would engage as agreed.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Export to all standard industry formats, for example, CSV, JSON, XML, Word, Excel, PDF.
- End-of-contract process
- We provide the export free of charge in any of the supported formats as a part of the standard contract.
Using the service
- Web browser interface
- No
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- None
- Service interface
- Yes
- Description of service interface
- Web app and admin chatbot to manage content, settings and broadcasts.
- Accessibility standards
- WCAG 2.1 A
- Accessibility testing
- User acceptance testing.
- API
- Yes
- What users can and can't do using the API
- Users can integrate their own products and services with our AI engine. There are no set limitations. We would discuss access based on the organisation's requirements.
- API documentation
- Yes
- API documentation formats
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
- Content customisation for basic service without any restrictions. Full customisation for bespoke services subject to agreement.
Scaling
- Independence of resources
-
Our standard service is cloud based and the agreements we have in place with providers such as Amazon (AWS) and Microsoft (Azure) include the ability to automatically scale on demand.
Bespoke services would utilise the same architecture unless agreed otherwise.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
Standard service includes, distinct users, questions asked, languages used, daily activity, daily sentiment analysis, interactions per day, most common actions, cost savings, response times, confidence score and channel activity all as standard and real time.
Bespoke service can include any required metrics that can be extracted from the service. - Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- We provide the export on request for the standard service. Bespoke services can include an API that the users can extract their data through.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- Json
- Word
- Excel
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- XML
- Json
- Word
- Excel
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- Service levels are negotiated as part of the standard service with a sliding scale of availability targets. Associated penalties are also negotiable based on the targets and can include both refunds and / or service credits.
- Approach to resilience
-
Our data centre is provided by Microsoft Azure services. This includes real time backup and restoration and automated data recovery for business continuity purposes.
Data is stored in 2 data centres with real-time synchronisation to avoid any localised service disruption. - Outage reporting
- Public dashboard and email alerting as defined in service level agreements
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- We use domain driven authentication through industry solutions such as active directory and we use role based authorisation to manage restricted access.
- Access restriction testing frequency
- At least once a year
- Management access authentication
-
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We do not hold any data outside of the Microsoft Azure platform and utilise their security governance standards. Any partner details are stored on securely protected platforms.
- Information security policies and processes
-
All employees are made aware of their responsibilities in relation to data security management on joining the organisation. Employees are responsible for reporting any data they feel should not be retained or for which access should be restricted to the Data Security Officer (DSO) who is a board member. Failure to do so is a disciplinary offence.
The DSO’s duties include a bi-annual review of any data that has been identified as requiring elevated protection and wherever possible deleting this data. In addition the DSO is responsible for bi-monthly audits of other data held on any platforms to ensure compliance.
An annual technical review is carried out in conjunction with the CTO to ensure the storage mechanisms in use remain suitable and proportionate for any data we are holding.
Our overriding principle is to only hold data where absolutely necessary. All our services are GDPR compliant by design.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
We manage change control following a Gitflow model. We maintain 3 environments, Dev, UAT and Production with a defined release schedule.
Changes are developed in the Dev environment, pushed to UAT for testing and once signed off released to live, Up to 3 previous versions are retained should back out be required. Once the change is released to the live environment the UAT and Dev environments are refreshed to ensure any changes in progress are developed and tested on the latest version.
Changes are assessed for security, accessibility, usability and performance across all supported platforms. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Our platform is built on cloud services and we rely on their advanced security, real time patching and threat assessment.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Our solutions are built on Microsoft Azure and Amazon Web Services. These services provide cutting edge 24/7 monitoring of potential threats.
This includes alerting to any potential vulnerabilities within service architecture and technical vulnerabilities. We receive notification of any identified threats so we can also analyse and understand the actions that have been taken to address them.
Remediation of identified threats is automated and real-time ensuring we are fully protected at all times. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Our third line support is subject to supplier services. Internally we use processes that follow ITIL guidelines including:
Defined response and fix times in a service level agreement
Clear escalation paths with named individuals and timings
Paper forms should IT systems be unavailable
Users are able to report incidents using email, chat or phone
Incident reports are provided from our incident management software.
Secure development
- Approach to secure software development best practice
- Conforms to a recognised standard, but self-assessed
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Police National Network (PNN)
Pricing
- Price
- £1 a user a month
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- We run a free trial for our basic functionality bot which includes FAQ's and broadcasts. This is typically limited to 2 months.
- Link to free trial
- https://futr.ai