Everest Media Ltd

Product/Service Marketing Platform

Our platform provides a ready made online portal which allows products and/or services to be listed and presented to users, allowing users to subscribe or sign up to them.
It includes a product catalog, a landing page builder and a sophisticated catalog system and integrates with almost any existing system.


  • Bespoke design with fully customisable templates
  • Highly-available with 99.99% uptime
  • Easy-to-use landing page builder
  • Fully mobile optimised
  • Build with SEO best practice in mind
  • Secure checkout process
  • Integration options allow subscription, e-commerce or free products
  • Wide variety of reporting options, including Google Analytics integration
  • Easy to use back-office with customisable roles and permissions
  • Sophisticated media library with dynamic resizing, focal point, and more


  • Create, publish and manage content from multiple devices
  • Marketing teams can create landing pages in minutes, without IT
  • Manage your product catalog, orders and users in one place
  • Focus on marketing, without worrying about uptime, or performance
  • Easily track performance across any channel
  • Ensure brand consistency by using approved assets and page elements
  • Manage the flow from idea to launch in one platform
  • Store and present media securely and consistently
  • Ensure compliance by using a GDPR-compliant solution


£15000 to £65000 per instance per year

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11


Everest Media Ltd

Samuele Armondi



Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints None.
System requirements Internet access

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Our support team is available between 8:45 and 17:15 on English working days. Within these hours, we aim to respond to all issues within 30 minutes.

Outside these hours, we respond to critical incidents within 3 hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels You will be assigned a Project Manager (PM) who will be your port of call for any queries and support. If the issues requires more technical support, the PM will connect you to a support engineer.

Support via phone and email is included at no extra cost. It is provided during the office hours of Monday-Friday, 8:45 am-17:15pm UK time.
The severity of any issues reported affects the response time. If an issue has critical priority, we aim to respond to you within 30 minutes and resolve the issue in two business hours.

We provide on-site training and support at a rate of £675 / day plus expenses.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We run an initial onboarding phase which includes building the necessary environments (production, staging, live), securing access to them via IP whitelisting and gathering the requirements for the bespoke front end build.

As part of the onboard, we provide training via user documentation and run two webinars: one for content editors and one for administrators. At an extra cost we can provide on site training.

The documentation is available for future reference via our support portal.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction This is performed by our team as part of the end-of-contract process. A request is logged via the ticketing portal, confirmed with relevant stakeholders and executed within 72 business hours.
End-of-contract process The contract price includes data extraction for up to 600,000 records and certification that the environments, data and backups have been deleted.

Requirements outside of this would be agreed as part of a formal Exit Plan, executed as a separate Statement of Work and charged on a time and materials basis at a rate of £675 per day.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The back-office interface is fully responsive, so the layout will adapt to the screen size available. Because of the limited screen space available, some more advanced reports do not display as well as they do on a desktop browser.

The end user interface is fully responsive and functionality is the same across desktop and mobile. The mobile interface is optimised for mobile users in line with best practice.
Service interface Yes
Description of service interface The service interface will be designed and implemented in line with the buyer's requirements. A basic layout is provided out of the box, but this needs to be customised to match the buyer's branding, audience and goals.
Accessibility standards WCAG 2.1 AAA
Accessibility testing This would be carried out as part of the implementation phase.
Customisation available Yes
Description of customisation Buyer's can customise content in all areas of the site including homepage, product pages, checkout pages and so on. They can modify text content, images, text styles, page layout, colours and other attributes by using a visual editor.

Buyers can also customise all product details, including associated images, pricing information, descriptions, and so on.

Buyers can customise landing pages by changing component configuration. They can modify text content, images, text styles, page layout, colours and other attributes by using a visual editor.

All modifications are tied to security roles.

Further modifications and customisations can be carried out by our Professional Services team as part of the onboarding phase.


Independence of resources Depending on buyer requirements, the service can be provisioned into a standalone, dedicated environment.

For shared environments, we set limits on the amount of resources any one instance is allowed to consume. If we see those limits being hit, we automatically scale up our hardware allocations and work to understand the nature of the increase and how to respond to it.

We also operate a sophisticated real-time monitoring solution that allows us to capture and block any malicious traffic quickly, minimising the impact on bona-fide users.


Service usage metrics Yes
Metrics types We provide the following metrics, which can be filtered by date:
Number of page views
Number of sessions
Number of orders (and/or value)
Total number of products in catalog
Orders by geographical spread
Reporting types
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Reports allow users to export data to CSV. Further data exports can be requested as support tickets, although they may be subject to additional charges.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We guarantee 99.99% uptime. For any day where we don't hit our SLA, we reduce the price by a factor calculated as follows:

Actual uptime: >=90%
Reduction: 10%

Actual uptime: >=80% <90
Reduction: 20%

Actual uptime: >=60% <80
Reduction: 30%

Actual uptime: <60%
Reduction: 100%
Approach to resilience This information is available on request.
Outage reporting We publish a dedicated dashboard for each service instance, showing status, announcements and uptime trends.

We also send out email notifications if there are any announcements.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Support channels are secured by TLS and 2 factor authentication.

Management interfaces are secured by TLS, IP whitelisting and username/password.
Access restriction testing frequency At least once a year
Management access authentication
  • Username or password
  • Other
Description of management access authentication IP Whitelisting

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for Between 6 months and 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach All our systems operate from datacenters which are ISO 27001 certified. They also regularly perform penetration testing and publish compliance reports.

Our internal network is kept separate from our services, and is protected by physical firewalls and commercial anti-virus products. All data is backed up daily.

We use ITIL change management processes to ensure security governance.
Information security policies and processes All our systems operate from datacenters which are ISO 27001 certified. They also regularly perform penetration testing and publish compliance reports.

Our internal network is kept separate from our services, and is protected by physical firewalls and commercial anti-virus products. All data is backed up daily.

We use ITIL change management processes to ensure security governance.

Staff are provided with a range of policies and procedures to adhere to, and compliance is the Managing Director's responsibility.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We follow ITIL change management standards, which include an impact assessment step and a log of activity.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We regularly review threat information from vendors, data centre providers and the wider community.
Where critical vulnerabilities are identified, we deploy patches within 24 hours.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We monitor application logs in real time, and use anomaly detection algorithms to identify possible suspicious activity.
Where any such activity is identified, it is investigated immediately and an appropriate response put in place.
Incident management type Undisclosed
Incident management approach We have pre-defined processes fo common incidents, which include investigation steps, response steps and communication templates.

Users can report incidents via the ticketing portal, and incident reports are provided via email.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £15000 to £65000 per instance per year
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We offer access to a demo version of our platform for 14 days.

Service documents

pdf document: Pricing document pdf document: Terms and conditions
Service documents
Return to top ↑