Azeus UK Limited

VedaDocs

VedaDocs is a mobile content management system that offers enterprise-grade collaborative platform with intuitive user experience of a consumer application suited to the working style of on-the-go information-dependent professionals. With VedaDocs, you get a comprehensive web-based system that offers document & workflow management, searching, and collaboration, all in one platform.

Features

  • Review Room - Share documents in the team workspace
  • Collaboration - Draw on white board, use laser pointer
  • Collaboration - Add shared and private annotations
  • Upload and access files with version history and write-lock management
  • My Briefcase - Tag documents for offline access on mobile
  • On demand In-memory decryption model
  • Remote data wipe option, offline authentication for lost device
  • Audit trail tracking login attempts, file uploads/ dowloads, etc
  • Fine-grained permission controls for individuals/ groups; folders/ files

Benefits

  • Quick exchange of ideas in the team workspace
  • Easily store and find documents using hierarchical folders; free-text search
  • Cross-Platform Support including iPad, Android tablet, Windows PC
  • Protect data with enterprise-grade encryption, authentication and authorisation mechanisms
  • Enterprise Data Integration including SharePoint, Dropbox, LDAP, Active Directory
  • Reduce the use of paper

Pricing

£180 per user per year

  • Education pricing available

Service documents

G-Cloud 9

898703551342904

Azeus UK Limited

Eleanor Jim

020 8004 5937

ukpresales@azeus.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints NA
System requirements NA

User support

User support
Email or online ticketing support Email or online ticketing
Support response times We provide support services through our Azeus Support Centre. Standard support hours from 9am to 5pm, Monday to Friday (excluding bank holidays).

Non-emergency support requests should be sent to a dedicated email address. All support requests are logged and monitored.

In terms of emergency support during these hours, i.e. an issue which is causing disruption to the normal workings of the solution, the customer will be given a dedicated emergency support line number to call.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our response time within Standard support hours is one business day. Critical and major support issues will be responded within shorter response time.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The customer should contact Azeus to express their intent to subscribe to our cloud-based services. Azeus will require the customer to agree with the terms and conditions for our services.

After completing the contract signing and obtaining from the customer the required information, Azeus will prepare the cloud-based instance according to the customer's specifications. Azeus will provide the customer with complete account details, payment information and login credentials to the cloud-based instance.

Registered customer will have the admin facility to manage the set of user accounts within their cloud-based instance. User account creation will be handled by the customer's system administrator.

Service users will be able to pick up how to use the Service right away with the intuitive software design and on screen user-aid. Comprehensive user guides and administration manuals will be provided for more advanced tasks. No particular training is needed.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Built in to the app
End-of-contract data extraction A written request is required. Please refer to end of contract process for more details
End-of-contract process Azeus may destroy or otherwise dispose of any of the customer data in its possession unless Azeus receives, no later than ten business days after the effective date of the termination of this agreement, a written request for the delivery to the customer of the most recent backup of the customer data. Azeus shall use reasonable commercial endeavours to deliver the backup to the customer within 30 business days of its receipt of such a written request, provided that the customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The customer shall pay all reasonable expenses incurred by Azeus in returning or disposing of customer data.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile service mainly facilitates businesses users to provide comment and review documents.

Desktop service provides robust features including administrative functions
Accessibility standards None or don’t know
Description of accessibility NA
Accessibility testing NA
API No
Customisation available No

Scaling

Scaling
Independence of resources We use AWS as our host and the system can scale to meet demand automatically

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Details are available upon request
Data export formats Other
Other data export formats Details are available upon request
Data import formats Other
Other data import formats Details are available upon request

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99%
Approach to resilience Details are available upon request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels As part of the security policies, each individual is given their own account for accessing management interfaces and support channels. Sharing of accounts is prohibited. Access to the cloud infrastructure's management console requires two-factor authentication and only authorized personnel are provided access. Authorized personnel are only provided the access required for them to perform their role and responsibilities. All access, both in management interfaces and in support channels, are reviewed regularly to prevent privilege creep and to ensure obsolete accounts are disabled.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Supplier-defined controls
Information security policies and processes Documented security policies and procedures are in place to ensure the confidentiality, availability, and integrity of the system. We have appointed senior personnel and teams that ensure the proper and total implementation of our security policies and procedures across the entire organisation. Our security policies includes the organizational structure of the organisation's security team and its responsibilities, principles, security incident response procedures, access policies, security vetting requirements, onboarding and offboarding procedures, and data and systems security. A Chief Security Officer is assigned in every office location and is responsible for: ensuring that staff comply with security policies and procedures; protecting customer data or information; and regularly reviewing the effectiveness of security policies and procedures to safeguard against the growing number of threats and their evolving sophistication.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach As part of our configuration and change management procedures, all changes need to be applied and tested in a separate test environment before seeking approval from the change control manager. Approved changes are scheduled at least a week before implementation in production. All changes are requested and tracked in an electronic ticketing system and each change request is assigned a unique identifier for proper tracking and auditing. Vulnerability scans are performed prior to every major release to ensure that any changes have been analysed for potential security impacts.
Vulnerability management type Supplier-defined controls
Vulnerability management approach System Team performs vulnerability scanning on both the application and the infrastructure to ensure the security of the whole system. Web application scans are performed after every major release before the web application is finally released into production. Patch management procedures are in place to ensure that servers are regularly updated with the latest security patches. Critical patches are applied next non-peak window. Any patches undergo testing prior to application to production to ensure no adverse impact on the functionality of the system. System Team also subscribes to security newsletters to stay updated with the latest security vulnerabilities
Protective monitoring type Supplier-defined controls
Protective monitoring approach We have a 24x7 monitoring system and intrusion detection system to identify potential threats and alert all responsible parties for prevention, investigation, and/or remediation. Staff are made aware of security incident handling and reporting procedures. All breaches to information security, actual or suspected, are promptly reported to Chief Security Officers. CSOs will lead the investigations on such incidents and customer representatives will be informed immediately about such breaches. We will tap security experts to work with the Customer's internal ICT team to provide the Customer with any assistance in tracing and resolving security issues that may impact business operations.
Incident management type Supplier-defined controls
Incident management approach An incident ticketing system is in place to provide a guided mechanism for tracking, handling, and documenting system incidents. This ticketing system is configured to follow the policies and procedures for handling and responding to system incidents.Our support team follow pre-defined procedures for addressing common events. Users can report incidents via chat, email, or phone. Responsible parties are required to provide inputs on the corresponding incident's ticket for causal analysis and resolution. Incident reports can be provided to customers upon request.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £180 per user per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑