Softcat Limited

Skuid (Salesforce managed package deployment)

Skuid allows companies and agencies to build user friendly applications on their existing systems, specifically Salesforce without having to write and maintain custom code. Skuid is 100% native to Salesforce and is delivered as a managed package or an AWS-hosted service.

Features

  • No-code/low-code application development toolkit for Salesforce apps
  • Installed as a Salesforce managed package

Benefits

  • Increase adoption- Customize Salesforce apps

Pricing

£13.26 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 2 0 0 6 9 3 0 6 8 8 8 8 6 6

Contact

Softcat Limited Charles Harrison
Telephone: 01612725766
Email: psitq@softcat.com

Service scope

Software add-on or extension
Yes
What software services is the service an extension to
Skuid for Salesforce connects to Salesforce data source by default, but customers can optionally connect to other data sources such as AWS, Heroku Postgres SQL, Oracle, Microsoft Dynamics, and others as desired.
Cloud deployment model
Public cloud
Service constraints
Skuid for Salesforce runs on Salesforce as a managed package.
System requirements
Skuid for Salesforce runs on Salesforce as a managed package.

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Depending on user defined severity and priority, response time is between 1 - 4 hours. Coverage hours are 9AM-3AM CET from Monday-Friday
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
"Premium Support - 30% of software license ARR
Phone, email and ticket management support from M-F 3am–9 pm ET (9am-3amCET)
Five named contacts with support access to open cases by phone or email** using the
secure case management system
Accelerated response times based on service level goals (SLGs)
Named primary support engineer
Unlimited support cases
Escalation updates, actions, and management calls
Quarterly business reviews
Case management services from named primary Technical Support Engineer

Essential Support - 15% of software license ARR
Phone email and ticket management support from M-F 3am–9 pm ET (9am-3amCET)
Response times based on service level goals (SLGs)
Two named contacts with support access to open cases by phone or email using the
secure case management system
Case management services from a Skuid Technical Support Engineer
Quarterly open and closed case reporting
Assigned support engineer (from pool)"
Support available to third parties
Yes

Onboarding and offboarding

Getting started
"* Remote live training (2-4 days)
* In-person training (2-4 days)
* Online self paced tutorials
* Remote live workshops (2 hours professional services geared toward teaching while building a solution regular webinars)"
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
All customer data is stored in data sources under the control of the customer and/or their partner and not in Skuid and is therefore available at the end of a contract.
End-of-contract process
A paid contract allows per user access to build and run Skuid applications. If a contract term ends and there is not renewal, then access to Skuid will be disabled.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Skuid allows you to develop responsive web apps that can run in a desktop or mobile browser.
Service interface
No
API
Yes
What users can and can't do using the API
"Skuid provides an API to access Javascript objects and functions that can be used to interact with models, components, and other elements of Skuid. These APIs are an essential part of customizing Skuid with code—whether through snippets or custom components.

The Page XML API is a REST API for the development and distribution of Skuid pages. You can access your Skuid page’s XML programmatically through the Page XML API without going through the Page Composer.

Some use cases include:

Integrating your Skuid development process into an existing development workflow
Pushing Skuid pages to target orgs as part of a Continuous Integration/deployment process
Deploying individual pages into a target org. This method allows you to avoid using Page Packs and copying/pasting XML into new pages in the target org.
You can interact with the Page XML API by using your preferred development tool or by using skuid-grunt, a tool designed specifically for extending your development processes to Skuid pages."
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Skuid’s Javascript API can be used for customization such as creating snippets, and building powerful, custom Skuid components. Custom UI styling can also be created to adhere to design systems and custom design specifications. Custom branding is also possible.

Scaling

Independence of resources
Skuid is a managed package that runs on Salesforce. Salesforce provides the multi-tenant infrastructure.

Analytics

Service usage metrics
Yes
Metrics types
As a managed package on Salesforce, service metrics may be obtained through the Salesforce analytics tools. Custom solutions can also be developed for customers to report on service metrics.
Reporting types
  • API access
  • Regular reports

Resellers

Supplier type
Reseller (no extras)
Organisation whose services are being resold
SKUID

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Skuid does not store any customer data, all data is resident on Salesforce servers.
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Skuid does not store customer data. Skuid stores meta data for applications.
Data export formats
Other
Data import formats
Other

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Skuid is dependent on Salesforce to provide the hosting infrastructure (hardware and software) as well as the operational, availability and security policies, processes and procedures for Skuid for Salesforce. All customer data is wholly resident on and is processed by Salesforce's infrastructure.
Data protection within supplier network
Other
Other protection within supplier network
Skuid is dependent on Salesforce to provide the hosting infrastructure (hardware and software) as well as the operational, availability and security policies, processes and procedures for Skuid for Salesforce. All customer data is wholly resident on and is processed by Salesforce's infrastructure.

Availability and resilience

Guaranteed availability
"Skuid for Salesforce runs 100% natively on Salesforce and is entirely dependent on Salesforce to provide the hosting infrastructure (hardware and software). Salesforce does not have a stated SLA but provides status of services here: http://trust.salesforce.com/trust/status/. Skuid for Salesforce does not have a stated SLA but provides status of services here: https://status.skuid.com/.
"
Approach to resilience
"Skuid for Salesforce is 100% native managed package on the Salesforce Platform. Skuid relies on Salesforce for all infrastructure.
"
Outage reporting
"Service status related information for Skuid on Salesforce is available via an online dashboard and portals managed by Salesforce (http://trust.salesforce.com/trust/status/) and an online dashboard managed by Skuid (https://status.skuid.com/).
"

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
"Admin functions are restricted by Salesforce permission sets.
"
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
See below
ISO/IEC 27001 accreditation date
See below
What the ISO/IEC 27001 doesn’t cover
As a 100% managed package on the Salesforce platform, Skuid for Salesforce inherits all Salesforce Certifications as stated here: https://compliance.salesforce.com/en.
ISO 28000:2007 certification
Yes
Who accredited the ISO 28000:2007
See below
ISO 28000:2007 accreditation date
See below
What the ISO 28000:2007 doesn’t cover
"As a 100% managed package on the Salesforce platform, Skuid for Salesforce inherits all Salesforce Certifications as stated here: https://compliance.salesforce.com/en.
"
CSA STAR certification
Yes
CSA STAR accreditation date
See below
CSA STAR certification level
Level 1: CSA STAR Self-Assessment
What the CSA STAR doesn’t cover
"As a 100% managed package on the Salesforce platform, Skuid for Salesforce inherits all Salesforce Certifications as stated here: https://compliance.salesforce.com/en.
"
PCI certification
Yes
Who accredited the PCI DSS certification
See below
PCI DSS accreditation date
See below
What the PCI DSS doesn’t cover
"As a 100% managed package on the Salesforce platform, Skuid for Salesforce inherits all Salesforce Certifications as stated here: https://compliance.salesforce.com/en.
"
Other security certifications
Yes
Any other security certifications
SOC 2 Type 2

Security governance

Named board-level person responsible for service security
No
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Skuid maintains a SOC 2 Type 2 on Skuid for Salesforce.
Information security policies and processes
All policy enforcement is the responsibility of the Senior Director Technology Operations.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Design, development, review, testing, deployment. Full change management process available on request.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Threats are assessed on an ongoing basis via Github/Quay vulnerability monitoring, DAST, static code analysis, and various online resources such as US-CERT and NVD. Remediation timetable is determined by severity of the issue as it pertains to Skuids particular environment.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring is the responsibility of Salesforce.
Incident management type
Supplier-defined controls
Incident management approach
Skuid maintains an incident management policy and related process which includes: Defined reporting lines for internal and external users, steps for discovery, triage, working the issue and root cause analysis. Full policy and process available on request.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£13.26 a user a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full capabilities for a limited time
Link to free trial
https://appexchange.salesforce.com/appxListingDetail?listingId=a0N30000009wyDjEAI

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at psitq@softcat.com. Tell them what format you need. It will help if you say what assistive technology you use.