CDL GROUP HOLDINGS LIMITED

Hummingbird

Hummingbird is a ground-breaking data intelligence solution enabling organisations to unlock sophisticated insight in real time. The ability to extract and harness relevant information is the key to making rapid, informed and sophisticated decisions. Please reference the supporting 'Service definition - Hummingbird' document for further details.

Features

  • Powerful Data analytics
  • real-time data and complex search capabilities
  • Fuzzy logic capabilities
  • Built-in configurable rules engine
  • Scalable
  • Performance on demand
  • Resilient service 99.999 uptime in the past 3 years
  • Market agnostic usage cases e.g. Insurance/finance/retail/marketing/government/Anti-Fraud
  • Ease of integration
  • AWS cloud availability - Always on

Benefits

  • Maximise and understand the value of all of your Data
  • Real-time data and complex search capabilities and speed of results
  • Fuzzy logic capabilities, matching and data confidence, dedupe
  • Built-in configurable rules engine, your rules for your usage cases
  • Scalable, cost effective and improved ROI
  • Performance on demand, upgrade/downgrade in minutes
  • Resilient service 99.999 uptime in the past 3 years
  • Market agnostic usage cases e.g. Insurance/finance/retail/marketing/government/Anti-Fraud
  • Ease of integration, API interface
  • AWS cloud availability - Always on

Pricing

£20,000.00 a licence a year

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at newbusiness@cdl.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 4 4 8 5 8 4 5 6 4 8 1 3 9 7

Contact

CDL GROUP HOLDINGS LIMITED Paul Donohue
Telephone: 0161 480 4420
Email: newbusiness@cdl.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
Any service that requires ability to search data at scale quickly and provide insight to support decisions as part of customer journey. As an example we have deployed into financial services to provide real-time insight into consumer behaviour, fraud detection and provide data enrichment to support decisions by pricing engines.
Cloud deployment model
Public cloud
Service constraints
It is imperative that organisations have the permitted permissions and use cases for data that is to be stored and accessed in Hummingbird, inline with any legal, licensing or governance limitations or agreements.
System requirements
API connection to a endpoint is all that is required.

User support

Email or online ticketing support
Email or online ticketing
Support response times
CDL use ServiceNow for its customer support portal and logging system, which complies with (WCAG) 2.0 Level A accessibility guidelines. Please reference the supporting 'Service definition - Hummingbird' document for further details for support categories, response times and service levels. https://docs.servicenow.com/bundle/london-release-notes/page/administer/accessibility-508-compliance/reference/r_VPAT.html
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
Please reference the supporting 'Service definition - Hummingbird' document for support and SLA details. Hummingbird customers can purchase additional CDL consultancy services, helping customers facilitate and maximise there usage case, implementation, integration and ongoing running of the Hummingbird solution
Support available to third parties
No

Onboarding and offboarding

Getting started
CDL follow an onboarding process that is designed to facilitate a true understanding of the customer use case, from this a program of works and training is agreed within a clearly defined delivery approach. Please reference the supporting 'Service definition - Hummingbird' document for further details
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Please reference the supporting 'Service definition - Hummingbird' document for further details
End-of-contract process
Please reference the supporting 'Service definition - Hummingbird' document for further details

Using the service

Web browser interface
No
Application to install
No
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
REST based API
Accessibility standards
None or don’t know
Description of accessibility
This is not applicable to Hummingbird, the products/services connecting/integrated with Hummingbird need to be considered for there accessibility standards
Accessibility testing
This is not applicable to Hummingbird, the products/services connecting/integrated with Hummingbird need to be considered for there accessibility standards
API
Yes
What users can and can't do using the API
REST based API allows request for search, data enrichment to be sent. The payload returned is the result of the customer insight or data enrichment that Hummingbird has found. For example for a house insurance use case. Address is sent in and Hummingbird returns square footage, made of bricks, slate roof.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Customers of Hummingbird can define the use case, define the data to be ingested and how the data is to be consumed, used and business rules.

Scaling

Independence of resources
We subscribe to the AWS Well Architected Framework. https://aws.amazon.com/architecture/well-architected/

Analytics

Service usage metrics
Yes
Metrics types
Depending on the customer requirements and service of Hummingbird purchased, analytics capabilities are available to derive additional insight relating to usage of data
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Please reference the supporting 'Service definition - Hummingbird' document for further details
Data export formats
  • CSV
  • Other
Other data export formats
JSON
Data import formats
  • CSV
  • Other
Other data import formats
JSON

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
We subscribe to the AWS Well Architected Framework. https://aws.amazon.com/architecture/well-architected/
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Please reference the supporting 'Service definition - Hummingbird' document for further details
Approach to resilience
We subscribe to the AWS Well Architected Framework. https://aws.amazon.com/architecture/well-architected/
Outage reporting
Automated alerting direct to service team.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
We apply the concept of least privilege and RBAC for access control. Supplemented by yearly access control audits
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Alcumus ISOQAR
ISO/IEC 27001 accreditation date
15/05/2018
What the ISO/IEC 27001 doesn’t cover
Nothing - all sites and operations in scope
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
NCC group
PCI DSS accreditation date
22/04/2020
What the PCI DSS doesn’t cover
Databases, corporate network and part of our cloud environment that doesn't deal with payment
Other security certifications
Yes
Any other security certifications
  • Cyber Security Essentials Plus
  • ISO22301
  • ISO27001

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
PCI-DSS (level 1), Cyber Security Essentials Plus, ISO22301. Please reference the supporting 'Service definition - Hummingbird' document for further details
Information security policies and processes
CISO writes and signs-off Information Security policies. these are then validated by the exec committee prior to deployment across the organisation.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
We have an ITIL based change process. Please reference the supporting 'Service definition - Hummingbird' document for further details
Vulnerability management type
Undisclosed
Vulnerability management approach
https://aws.amazon.com/compliance/shared-responsibility-model.
For components under CDL responsibility patching every 30 days for critical vulnerabilities, 90 days for other vulnerabilities.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
IPS, SIEM, NIDS, WAF, DLP - all covered by 24/7 on-call security team with daily log reviews. Please reference the supporting 'Service definition - Hummingbird' document for further details
Incident management type
Undisclosed
Incident management approach
We have an ITIL based incident process. Please reference the supporting 'Service definition - Hummingbird' document for further details

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£20,000.00 a licence a year
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at newbusiness@cdl.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.