CMS for Press Media & Communication
Xalok is a global publishing platform for newspapers, and digital publishers to create and distribute their content.
Created on a multiplatform design to allow publishers extend their brands on digital platforms.
- Live Preview. Editors can set the layout’s pages while creating
- SEO oriented.
- Instant publishing. Editors can publish content instantly
- Drag-and-Drop Management. Add and organize your modules instantly.
- Image cropping. All images are automatically cropped
- Social media integration.
- Publish content from multiple devices
- Edit and create videos, pictures o contents online
- Work online, no needs for loosing information on local
£30 to £65 per person per hour
- Free trial available
|Software add-on or extension||No|
|Cloud deployment model||
|System requirements||Internet connection|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Phone support will be available from M-F covering 8,00am to 5,00pm
For any urgency, a permanent line will be available 24/7.
For any other related issue, there won´t be support on Saturdays and Sundays.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
2nd level support (incidents and general support related to the well functioning of the tool)
3rd level support (urgent services related to the hosting or software disaster)
|Support available to third parties||Yes|
Onboarding and offboarding
Xalok can run customers through a remote or onsite training sessions.
These trainnings take around 3 full days onsite or 5 days remotely.
Additionally, at the submission of the project, a complete training document is given to the client.
|End-of-contract data extraction||At the end of a contract period, the client must notify so to Xalok with 30 days in advance. Then, xalok will facilitate to the client all the information or data requested.|
Licensing, support, maintenance are included.
Additional maintenance is not included
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||N/A|
|What users can and can't do using the API||Information disclosed under request|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||
Customers can customize mostly everything in the plaftform:
-Edition of contents
Additionally Xalok can customize any kind of funtionaly for the customer under request process.
|Independence of resources||Xalok belongs to Hiberus, one of the largest IT consulting and development groups in Spain with more than 900 professionals. Talent demand from specific business units drives recruitment requests. The recruitment team review our 1m+ local talent databases and conduct searches using tools including Linkedin to determine suitability. Interviews are held, understanding interviewee experience chronologically, and specificity of tasks carried out previously. If candidate passes, the hiring Manager tasks the candidate with a technical interview including on-site or remote test execution.|
|Service usage metrics||Yes|
|Metrics types||Google analytics, reports and customizable information|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||As a CSV file extracted from the DataBase|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Information available under request|
|Approach to resilience||
Unit testing performance
Continuous integrations by Automatization test before deploys
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||VPN Private lans User and password Ofuscated URLs|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users receive audit information on a regular basis|
|How long user audit data is stored for||Between 1 month and 6 months|
|Access to supplier activity audit information||Users receive audit information on a regular basis|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Bureau Veritas|
|ISO/IEC 27001 accreditation date||2015|
|What the ISO/IEC 27001 doesn’t cover||N/A|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Comliance: UNE 19601|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Available on request|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Maintenance with all customers. The supplier notifies the customer according to the type of maintenance he has, one way or another.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||We assess threats though Security Detection Tools and Protocols|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Information on request|
|Incident management type||Supplier-defined controls|
|Incident management approach||New Rellic Pingdom|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£30 to £65 per person per hour|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||
Trial free version and demo for a period of 2 weeks.
Included are permissions for just 2 people.
All functionalities are included.