Epiq Systems Ltd

Epiq Connect

Epiq Connect is an integrated workplace management system that provides operational efficiency by establishing a web-based office services request portal to create, request and effectively monitor and track tasks throughout their life cycle. Inbound package management and tracking functions provide accountability and visibility beyond carrier delivery status updates.

Features

  • Office services request portal
  • Improve process communication and workflow
  • Process visibility and accountability
  • Real-time dashboards and reporting
  • Automate scheduled and planned tasks
  • Copy, print and scan services requests
  • Supplies, facilities, tech support, conference rooms, reception, records services requests
  • Courier, distribution mail, equipment, in-out fax services requests
  • Inbound package management and delivery
  • Digitalisation

Benefits

  • Standardise service request options
  • Service request status visibility
  • Management access to service request queues
  • Service status updates via automated emails

Pricing

£29,500 to £151,152 an instance a year

Service documents

Framework

G-Cloud 12

Service ID

8 8 6 8 8 0 4 3 2 1 4 3 5 5 4

Contact

Epiq Systems Ltd Sandeep Patel
Telephone: 020 7367 9173
Email: contracts@epiqglobal.com

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Inbound package management and delivery.

Additional workflows may require evaluation, consideration, and client investment costs to develop workflows outside of the standard elements.
Cloud deployment model
Private cloud
Service constraints
Additional workflows may require evaluation, consideration, and client investment costs to develop workflows outside of the standard elements.
System requirements
  • Collaborate to provide available Single Sign on using CAS SAML2
  • Collaborate to provide user recipient list
  • Google Chrome, MS Edge, MS Windows 10, Apple OS
  • Internet connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response typically within 1 business hour of submission.

Current support is between 8 a.m. and 8 p.m. Eastern Standard Time (EST). Adjustments may occur based on contract agreement circumstances.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
On boarding – Epiq coordinates web-based conference calls for web-based training, configurations and support needs. On-site support may be arranged for negotiated fees and costs.

Off boarding - Epiq coordinates web-based conference calls for web-based training, configurations and support needs. On-site support may be arranged for negotiated fees and costs.
Support available to third parties
No

Onboarding and offboarding

Getting started
Online training is part of the offering. Onsite training may be considered for additional costs and would be part of the negotiation process.

Documentation is available and provided for training and reference purposes.
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Microsoft Word
End-of-contract data extraction
This office services solution tracks jobs submitted. Data related to these past jobs and performance activity would not typically be valuable post end-of-contract for data extraction. Should this information be relevant, an extraction may be arranged at a cost to be determined based on time to extract and transmit to the customer.
End-of-contract process
Access to the SaaS system for the customer would be terminated at the end of contract. Any data extraction requests will be evaluated and costs associated with effort and content may be negotiated where applicable.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Services request portal renders similar experiences using mobile and desktop browsers.

A separate mobile app is utilised for office services staff to manage and fulfill scheduled/planned tasks, package delivery and completed reprographics project material delivery.
Service interface
No
API
Yes
What users can and can't do using the API
Content related to an API may be considered to enhance data movement from one application to Epiq Connect. This may be determined during fact-finding project work.
API documentation
No
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Epiq has designed and configured the system to align with best practices for office services. Customisations may be discussed, reviewed and included based on cost and other variables. Customisations would be conducted by Epiq, not the client.

Scaling

Independence of resources
System and software uptime is 99.95%. A single hardware failure is mitigated by a Fabric Controller which manages resource allocation, automatically failing-over to a different machine or cluster. Hardware management is transparent to the customer. Major system updates or fixes will be targeted outside of business hours or during low access timeframes. Azure cloud maintenance is not perceptible to client users. All databases use the Azure Point-in-Time restore service. This real-time backup provides the ability to restore a database to a previous state. In addition, SCLogic conducts weekly full database backups stored geo-redundantly in case of a data centre failure.

Analytics

Service usage metrics
Yes
Metrics types
Typical metrics are related to office services staff utilisation, service level agreement compliance targets, volumes of materials consumed to produce jobs, inbound package volumes received, scheduled sweeps and planned tasks, facilities services completed. Content may be provided in dashboard charts/detail, scheduled reports or on request.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
SCLogic

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Typically, this solution is used to provide service requests with end-user inputs. Data is not typically exported by users.
Data export formats
  • CSV
  • Other
Other data export formats
PDF
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Data and the database are encrypted both in transit and at rest. Single Sign On is available (using CAS and SAML2) and may be coordinated to synchronise user login accounts. The system may also have non-SSO accounts, with username and passwords. Passwords are hashed and salted at rest and masked on entry. Role based access is utilised for groups of users providing or limiting access to use and function.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Data and the database are encrypted both in transit and at rest. Single Sign On is available (using CAS and SAML2) and may be coordinated to synchronise user login accounts. The system may also have non-SSO accounts, with username and passwords. Passwords are hashed and salted at rest and masked on entry. Role based access is utilised for groups of users providing or limiting access to use and function.

Availability and resilience

Guaranteed availability
System and software uptime is 99.95%. Service Level Agreements (SLAs) will be reviewed and negotiated based on each client account relationship, expectations and other variables, and will be integrated into the agreement. Capturing and reporting SLA compliance and possible penalties if any SLAs are missed will be reviewed and targeted for reporting objectives.
Approach to resilience
System and software uptime is 99.95%. A single hardware failure is mitigated by a Fabric Controller which manages resource allocation, automatically failing-over to a different machine or cluster. Hardware management is transparent to the customer. Major Epiq Connect system updates or fixes will be targeted outside of business hours or during low access timeframes. Microsoft Azure cloud maintenance is not perceptible to client users. All databases use the Azure Point-in-Time restore service. This real-time backup provides the ability to restore a database to a previous state. In addition, SCLogic conducts weekly full database backups. These are stored geo-redundantly in case of a data centre failure.
Outage reporting
Service outages may be reported via email or telephone.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
Single Sign On is the primary user account method using CAS and SAML2. Additionally, username and password account management with various password policy options is available.
Access restrictions in management interfaces and support channels
System administration occurs via a separate Management Console application as well as user account, passwords and roles.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Schellman
ISO/IEC 27001 accreditation date
17/12/2019
What the ISO/IEC 27001 doesn’t cover
Microsoft Azure certification.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
12/02/2018
CSA STAR certification level
Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover
Microsoft certified by BSI.

https://servicetrust.microsoft.com/Documents/ComplianceReports?command=Download&downloadType=Document&downloadId=301f9fdf-50e8-46a1-b3b5-ef3587f68e9b&docTab=4ce99610-c9c0-11e7-8c2c-f908a777fa4d_ISO_Reports
PCI certification
No
Other security certifications
Yes
Any other security certifications
https://azure.microsoft.com/en-us/blog/microsoft-azure-leads-the-industry-in-iso-certifications/

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Microsoft’s Azure environment carries virtually every security and compliance certification and attestation available in cloud computing. Azure holds a CSA STAR (Security, Trust & Assurance Registry) Certification. For more information visit the Azure Trust Center https://www.microsoft.com/en-us/trustcenter/cloudservices/azure

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Development is coordinated based on product plans, Epiq requests and client suggestions. SCLogic and Epiq do not externally publish a product roadmap. Current/future development initiatives include:

a. Broadening the functionality of the Services Portal, particularly the service request and dispatch functionalities
b. Enhance API publication (recipient in/out, update, add package(s), query package(s))
c. Expand Advanced Relationships and Trigger capability for Carrier API Integration
d. Improve SLA measurement and reporting
e. Enhance GPS Location Tracking
f. Mobile OS enhancements
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Systems are monitored and potential threat detection processes would trigger deeper investigation and activities as standard operating procedures. Speed to deploy patches would vary depending on the specific need and instance.
Protective monitoring type
Undisclosed
Protective monitoring approach
Systems are monitored and potential threat detection processes would trigger deeper investigation and activities as standard operating procedures. Speed to deploy action would vary depending on the specific need and instance.
Incident management type
Undisclosed
Incident management approach
Systems are monitored and potential threat detection processes would trigger deeper investigation and activities as standard operating procedures. Speed to act on incidents would vary depending on the specific need and instance.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£29,500 to £151,152 an instance a year
Discount for educational organisations
No
Free trial available
No

Service documents