Edenhouse Solutions

SAP Hybris Sales Cloud

SAP Hybris Sales Cloud is a flexible, customisable, market-leading customer engagement tool providing a holistic view of the customer across marketing and sales functions, handling interactions across all communication channels, providing a full suite of analytical and automation tools, including data management, and delivers pre-packaged open integration scenarios


  • Account management
  • Lead, Opportunity, Quote, Contract and Order Management
  • In-context social collaboration, social selling, social customer service, social monitoring
  • Sales Performance intelligence
  • Real-time actionable analytics covering the whole solution
  • Integration; ERP, MS Outlook, MS Excel, SAP Lumira and others
  • Opportunity management and insight
  • Sales retail execution and sales performance management
  • Marketing functions include segmentation, planning, campaign management, automation and surveys
  • Inbuilt Machine Learning, Account Deal and Lead Intelligence


  • Full mobile device support including offline and online data access
  • Standard pre-built integration flows for on-premise SAP products
  • REST API and ODATA exposed services for simplified integration
  • Simplified, modern, customisable, personalisable, branded, Fiori-based user interface
  • Integrated SaaS CRM offering marketing, sales, service, and social engagement
  • Scalable in-memory cloud computing, built on high-tech data centres
  • Seamless automatic deployment of major releases every quarter
  • MS Visual Studio shell based software development kit environment
  • Tenanted landscape enabling easy solution and instance management


£37.00 per person per month

Service documents

G-Cloud 10


Edenhouse Solutions

Philip Cartwright

+44(0) 330 058 6020


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Maintenance windows are:

1. Regular Maintenance Windows
Weekly, Sunday 2:00 a.m. to Sunday 6:00 a.m. Local Time. (*)

2. Major Upgrades
Up to 4 times per year from Saturday 6:00 am to Sunday 6:00 a.m. Local Time (*).

SAP will inform Customer reasonably in advance about planned major upgrade scheduling.

(*) Local Time
UTC+2 , Europe (summer); UTC+3, Europe (CET winter)
System requirements
  • Processor: Intel Core2Duo (2.4GHz 1066megahertz front-side bus) or better
  • Memory: 6 gigabytes (GB), or more
  • Network: minimum upstream bandwidth: 2 mbps
  • Network: minimum downstream bandwidth: 2 mbps
  • Network: latency: 200ms or better
  • Best displayed at a screen resolution of 1280 x 768

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Should you choose to proceed with a SAP support agreement with Edenhouse, we manage level 3 incidents under a strict SLA which includes logging a call within 30 minutes, call back to customer within 1 hour and incident resolution times of:
Priority 1: 4hours
Priority 2: 20 hours
Priority 3: 40 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Edenhouse provide support for all SAP products for both technical and functional support. Our support model is time based with time called off in 30 minute increments against an agreed number of days with each day being 7.5 hours. All of our UK based support consultants are senior level with an average of 16 years’ experience across the teams and so we have one charging rate for all consultants as well as a management fee depending on the size and scale of the required model - such as if additional services are request like out of hours support or system monitoring. A named account director and named service delivery manager are assigned to all of our support accounts. Both these individuals perform roadmap planning, and monthly reviews with each of our customers whilst also ensure SLA compliance.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started SAP Hybris Sales Cloud is a self-documenting solution with extensive in-built help, community forums, blogs, wiki entries, SAP YouTube channel for guidance videos, as well as online user guides and administrator guides. A typical implementation will not require additional user documentation, but will include on-site "train the trainer" sessions to key users who coordinate and delivery training to the user base. However, at customer request training can be provided to end users and additional documentation can be provided.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data held within SAP Hybris Sales Cloud may be exported by:
* Mass Data Maintenance functionality
* Open APIs that are standards-based Web Services
* iFlow integration scenarios for standard integration via solutions SAP Process Integration or SAP Cloud Platform
* Reporting, dashboards and analytics
* Excel from all results lists, where permissions allow this,
End-of-contract process As a SaaS based offering SAP Hybris Sales Cloud provide full technical support and maintenance of the systems within their data centres. This includes all upgrades (performed on a quarterly cycle), bug fixes etc. An exit plan will be determined on a case by case basis, with steps and charges discussed and mutually agreed.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Both mobile devices and desktop computers can access the service via the Hybris Cloud application or via a web browser. SAP's latest user interface, the Fiori UI (formerly known as the Responsive UI) dynamically adapts to the screen format and resolution of the device being used to adjust the layout appropriately.
Accessibility standards WCAG 2.0 AAA
Accessibility testing Screenreader support is provided aligned to the ARIA standard. For specific details or if an official statement is required, please contact SAP directly.

SAP's accessibility guidelines and accessibility testing for UI5 (and Fiori applications which are built on UI5) are based on the WCAG standards.

The most important accessibility features for UI5 are:
•Screenreader Support
•Keyboard Navigation
•High Contrast Theme

However, SAP internal guidelines and standards do not exactly correlate the WCAG levels (A, AA, AAA) . For specific details or if an official statement is required on which parts of the WCAG standards are covered, please contact SAP directly.
What users can and can't do using the API SAP currently provides 168 Web Service APIs to enable the standard integration of on-premise, cloud-based, and third-party solutions with SAP Hybris Cloud. These services are listed at the following URL along with all associated documentation, and are too numerous to list here - http://help-legacy.sap.com/saphelp_sapcloudforcustomer/en/PUBLISHING/IntegrationServices.html. Sandbox testing is via the customer's test tenant provision, included as standard in the customer agreement with SAP.
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation User interface can be corporately branded by an administrator.
Role-based authorisations determine the screen layouts, views and access for each user, as defined by an administrator.
Fields, screens, components and objects can be extended (standard)and created (bespoke) by a developer using the software development kit (SDK) based on Visual Studio shell.
New fields can be created, existing fields can be relabelled and hidden by an administrator or authorised key user.
Administrators and/or key user can create data sources, reports, report views and selections based on standard and bespoke business objects.
An administrator or a developer can create and amend PDF output documents using a plug-in for Adobe LiveCycle Designer.
User interface can be personalised by end users, such as resizing and reordering results columns, saving search queries and setting these as the default query for a particular view.
End users may add additional fields to results lists and so on through personalisation, where the fields have been made available by an administrator


Independence of resources Combined with virtualisation, decoupling hardware from the operating system and applications, multi-tenancy occurs when many customers are served on one instance. Virtual machines (VMs) share the hardware environment, and one system can accommodate more than 100 tenants. Using adaptive computing, virtual machines are not shut down to be rescaled or updated, and changes can be made while they are running applications, with minimal downtimes. To enable this, a new VM is prepared and the application is simply “moved” to the new VM. Moving and rescaling VMs dynamically enables resource independence from the demands of other customers using the same service.


Service usage metrics Yes
Metrics types Service usage metrics are as follows:
User Subscriptions: Current month and last 6 months
User Interactions by Day
User Interactions by Hour
User Login by IP Address and Performance
Usage by Screen
Screen Usage Trend
Screen Adoption By User
User Logon Activity
API Usage Statistics
SOAP API Usage Statistics
OData API Usage Statistics
System Availability: Average Availability by month
System Availability: Downtime Details (instances)
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra support
Organisation whose services are being resold SAP SE

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Users can export data from the solution in a number of ways:
* All results lists in the solution enable the export of the results to XLSX format, where the user authorisations permit this action
* Key business objects such as customers/accounts and opportunities provide the ability to export a summary to PDF format
* Business analytics enable flexible reporting that can be exported to CSV or XML format, or printed (including to file)
* Administrators can export data sets using the in-built migration tools, to XML format
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • XML
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability System availability SLA is 99.5% system availability during each calendar month for production versions.

Credits are 2% of Monthly Subscription Fees for each 1% below 99.5% System Availability, not to exceed 100% of Monthly Subscription Fees
Approach to resilience SAP data centres have the following features to ensure continuity of service:
* Redundant additional power network in case of power outage
* Backup batteries and generators
* Redundant additional coolant systems in case of coolant system failure
* Redundant additional internet connection to guarantee connectivity
* Data stored in backup location to save-guard against natural disasters and malicious attacks
Outage reporting Where there is a service outage, all affected customers will receive email updates from SAP to their nominated IT representative for each of their affected systems. Details included are the system affected, the date/time of the incident start and when it was resolved, a description of the original issue, details of the root cause, problem resolution and corrective action being taken to prevent repeat occurrences.

A public dashboard is also available at https://wiki.hybris.com/display/c4crelease/Service+Availability which shows the current status of the SAP data centres specifically for Hybris Cloud (Germany, USA, Australia, China) along with service statuses for print, email, network and general availability services. A data centre specific history of recent issues is also displayed.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access is restricted using assigned business roles and organisational management assignment.

Restrictions are contextual (e.g. users can see data relating to them, their team, their territory; managers can see data relating to their team members) and can be restricted at different levels:

* Screen access (work centres and views)
* Fields can be write, read-only or restricted
* Actions (e.g. escalating a ticket, exporting specific data to Excel )

Additionally, page layouts and the model rule editor enable setting attributes including visibility of screen sections or specific fields by business role or data (e.g. hide field "x" for complaint tickets).
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Assessment Bureau
ISO/IEC 27001 accreditation date 26.02.2016
What the ISO/IEC 27001 doesn’t cover The scope for Edenhouse Solutions ISO27001 accreditation is SAP Support, Enhancements and Projects. What is currently out of scope and therefore not included are the following areas
Key management – we do not have a policy on the protection of cryptographic keys as we currently do not use these.
Working in Secure areas – We currently have no procedures for working in secure areas as Edenhouse do not have any secure area working currently.
Secure development policy – Rules for the development of software are not in place as Edenhouse does not currently develop software.
Restrictions on changes to software packages. Currently no procedures in place as we do not develop software.
All of the above would be reviewed and policies created should they come into scope for Edenhouse.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards ISO 27002
BS 10012
Information security policies and processes We have our own ISO 27001 Accredited Information Security Policy which we are happy to share.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We align our change management processes to the customer's requirements, however, for internal changes we have a Change advisory Board to review all change requests and approval is only given from the CAB to proceed with any change.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We have an Annual Vulnerability check and based on the findings from that check we create tasks to eliminate any found vulnerabilities.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Our Data Centre have a Network Operations centre which continuously monitor our network and communication lines. We also have internal monitoring where we run an average of 5 million tests per month.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We align ourselves to ITIL incident management processes and use SAP CRM toolset for the incident life cycle.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No


Price £37.00 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial This is a free trial of the software limited to 30 days.
Link to free trial https://www.sapstore.com/solutions/99026/SAP-Hybris-Sales-Cloud%2C-starter-edition?campaigncode=CRM-XY18-NAC-GMC13_NAEV


Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑