Hubken Group Ltd

Moodle / Totara Learn Learning Management System (LMS)

Moodle and Totara Learn are the leading open source learning management systems. We're the UK's longest serving Moodle Partner and a Totara Platinum partner. Our services enable you to get the best from both systems with reliable technical services and focused implementation and support services.

Features

  • Fully managed and scalable hosting platform
  • Tailored implementation and ongoing support
  • Branded and mobile-ready look and feel
  • Unlimited support for administrators
  • Dedicated account manager and experienced implementation team
  • Team management to monitor staff progression
  • Free upgrades to access comprehensive roadmap of new features
  • Classroom and online event bookings
  • Task automation to minimise routine administration
  • Customisable dashboards for different audiences

Benefits

  • Create engaging and interactive content with the easy course builder
  • Ensure compliance across your organisation with automated, renewable training
  • Automate user management by integrating with your HR system
  • Reduce administration and drive visual impact with scheduled, graphical reports
  • Create structured learning pathways with automated allocation, due-dates and reminders
  • Tailor the user experience with restricted visibility of courses
  • Support blended learning by scheduling classroom or online training events
  • Deliver training at scale with extensive automation

Pricing

£1500 per unit per year

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

9 3 0 4 0 4 2 0 9 3 1 4 1 8 0

Contact

Hubken Group Ltd

Grace Lawrence

0330 660 1111

tenders@hubkengroup.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Planned maintenance: 14 days notice.
Requires modern web browser: Latest Chrome, Firefox, Safari, Edge. Internet Explore 11
System requirements
  • Internet connection
  • Web browser: IE11, latest Google Chrome, Firefox, Safari

User support

Email or online ticketing support
Email or online ticketing
Support response times
P1 Incident - 30 Minutes.
P2 Incident - 1 Hour.
P3 Incident - 8 Hours.
P4 Incident - 8 Hours.
---
Definitions:
P1 incident - Total systems outage affecting whole platform.
P2 Incident - Partial systems outage or intermittent fault affecting a group of users.
P3 Incident - Issue preventing an individual from working.
P4 Incident - Minor issue/annoyance affecting individual or group.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Fully managed hosting platform.
LMS technical management: Installation, upgrades, plugin installation
1st, 2nd, 3rd line support for administrators included.
Implementation support: Training, consultancy, configuration.
Full branding service.
Integrations and customisation.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide a tailored, flexible and focused onboarding service.
Onboarding consists of a blend of training (onsite or online), consultancy and/or configuration blended to meet each client's specific requirements.
We provide helpdesk support for site administrators during and after the onboarding phase.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
All user and course data can be extracted by a site administrator using standard functionality.
Data can be packaged for installation on a suitable server for a nominal fee.
End-of-contract process
On request - All data packaged for download by client - nominal fee applies.
All data deleted from production and sandbox sites and backups.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Responsive layout for mobile devices.
Access to all features.
Service interface
No
API
Yes
What users can and can't do using the API
Extensive API:
--1 Most-used Generals--
1.1 Access
1.2 Data manipulation
1.3 File
1.4 Form
1.5 Logging
1.6 Navigation
1.7 Page
1.8 Output
1.9 String
1.10 Upgrade
1.11 Moodlelib
--2 Other Generals--
2.1 Admin settings
2.2 Analytics
2.3 Availability
2.4 Backup
2.5 Cache
2.6 Calendar
2.7 Comment
2.8 Competency
2.9 Data definition
2.10 Editor
2.11 Enrolment
2.12 Events
2.13 External functions
2.14 Favourites
2.15 Lock
2.16 Message
2.17 Media
2.18 My profile
2.19 OAuth 2
2.20 Preference
2.21 Portfolio
2.22 Privacy
2.23 Rating
2.24 RSS
2.25 Search
2.26 Tag
2.27 Task
2.28 Time
2.29 Testing
2.30 User-related
2.31 Web services
2.32 Badges
2.33 Custom fields
--3 Activity modules--
3.1 Activity completion
3.2 Advanced grading
3.4 Groups
3.5 Gradebook
3.6 Plagiarism
3.7 Question
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Full administrator access to configure standard features.
Service options to:
Integrate with third-party systems.
Customise the branded user experience.
Ability to add plugins.

Scaling

Independence of resources
Scaling resources to meet clients’ expected needs, expandable micro services which can scale up with usage. Dynamic resource allocation across hosting platform. Advanced monitoring of performance. Load balancing and advanced web server and operating system configuration.

Analytics

Service usage metrics
Yes
Metrics types
Support time used. Logins over time, User statistics (Active, suspended, deleted, unused), Count Active users, Live users (On site now), storage allowance usage, page statistics (Visits and average time on page), user visit detailed information (IP, location, visitor type, number of visits, days since last visit, device type, OS, web browser).
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Application native backup format and/or CSV.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Application specific backup format
  • XLSX
  • HTML
  • JSON
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
99.995% excluding scheduled maintenance.

Where the Target Repair Time is exceeded by 1 hour, for each additional consecutive hour a credit of 5% of 1/12th of the then current annual hosting fee shall be due on request for each consecutive hour up to a maximum of 100% of 1/12th of the then current annual hosting fee.
Approach to resilience
Available on request.
Outage reporting
Email alerts.
Public dashboard.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Regularly reviewed role-based permissions rules.
Access restriction testing frequency
At least once a year
Management access authentication
  • Dedicated link (for example VPN)
  • Username or password
  • Other
Description of management access authentication
Active Directory groups.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Our data centre provider is ISO 27001 accredited. Data centres are TIA-942 Tier 3 and approved to hold data up to HMG Infosec IL5.

We have security related documented processes and procedures that all staff are required to follow.

Our operations network has Cyber Essentials Plus certification.
Information security policies and processes
System Administrator -> Infrastructure Manager -> Responsible Director.
Incident review.
Audit programme.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Full logging of LMS configuration changes.
Where appropriate changes are checked in a staging environment prior ro production deployment.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Preventative: Weekly vulnerability scans of hosting platform by a third-party service.
Remedial action ASAP after discovered.
LMS application patches applied ASAP after released by core application developers.
Subscribed to third-party security service. Application developers.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Weekly vulnerability scans by a third-party service.
Move to remedy ASAP when issue is identified.
Incident management type
Supplier-defined controls
Incident management approach
User notifications: By helpdesk, phone or email.
We acknowledge incidents within one working day and will do our best to fully investigate and respond within five working days.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£1500 per unit per year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Full system access
30 days

Service documents

Return to top ↑