GARNET8 Limited

G8CC: Multi-Cloud Source System of Record solution

An agile, continuously evolving Source System of Record solution. It empowere you to build on business value. It provides an integrated, collaborative, automated, governed, secure data solution for Multi-Cloud environments. It's allows you to secure share and connect distributed structured data.


  • Encryption by default.
  • Distributed Architecture allows departments to mirror processes with coherent information.
  • Simple, yet extremely powerful tool-kit for building cloud services.
  • Low Code builder enables faster time to value.
  • Simple tiggers for real-time automation of work-flows.
  • Concise data structures allowing you to easily extend informations value.
  • Decentralised hierarchical database enabling connected data management and collaboration,
  • Decentralised fine grained Information Governance empowering secure, governed collaboration
  • 'End-to-End' digitial transformation, providing agility, governance and automation.
  • Do more for less.


  • Simple low risk, low cost change management.
  • Empower more informed decisions based on real-time coherent information.
  • Enable faster decisions at a lower cost to tax payers.
  • Deliver an agile, low risk, low cost Digital Transformation
  • Employees benefit from engaged, proactive, collaboration on high quality information.
  • Move front-line employees beyond chasing knowledge to supporting citizens.
  • Support seamless, integrated, collaboration and governance across boundaries.
  • Build a resilient data-centric, data-driven infrastructure.
  • Overcome IT skills shortage, reducing IT costs.
  • Harness the power of your data.


£49.95 to £49.95 a person a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

1 4 9 8 3 2 3 6 2 5 7 6 1 9 7


GARNET8 Limited Chris Cook
Telephone: 07500889110

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
Service constraints
The cloud software is reliant on a Ubuntu Linux Cloud VM or Bare-metal configuration.
System requirements
  • Ubuntu Linux VM.
  • Public Cloud IP Address, Sub Domain and configured DNS.
  • GARNET8 Account, to create

User support

Email or online ticketing support
Email or online ticketing
Support response times
Yes, only first line support available at weekend.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Level 4 support, configuring, updating systems and fixing patches. This support in £1800 per day plus VAT.
Support available to third parties

Onboarding and offboarding

Getting started
Within the user interface we have click-by-click automated tours. These walk the user through the functionality with tool-tip explanations. This empowers the user to get up to speed faster, with a low cost to the department/organisation deploying the G8CC platform.
Service documentation
Documentation formats
Other documentation formats
  • Click by click interactive tour within the user interface.
  • You can also find these tours within our website.
End-of-contract data extraction
Within Apps you can easily create simple data export string. These string are specific to your needs and makes extracting data simple.
End-of-contract process
You extract your data from Apps you have created within the platform. You then notify your hosting provider that your ready to terminate the VM and they will destroy the information within the VM. This makes it incredible simple and secure.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
Linux or Unix
Designed for use on mobile devices
Differences between the mobile and desktop service
Within the mobile interface information open below the feed information, in the desktop (Larger Screen) version it open to the right of the feed. The App builder within the mobile interface has three separate sections with navigation at the top, the desktop version display them in a line. Writing Javascript for input triggers is more difficult within mobile version, due to screen size.
Service interface
Description of service interface
We have both Mobile and Desktop service interfaces, accessible via a web browser (thin client).
Accessibility standards
Accessibility testing
We've used postcss-high-contrast to develop the high contrast interface and use attributes defined by browser standards.
What users can and can't do using the API
It has an external submit API. This allows information to be submitted from Forms or other services. They create these external handlers within Apps and manage the data structures needed. We don't put limitation on the number of "calls" but they are charged as additional users.
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
You can personalise Apps within the solution using the frameworks low code App builder. These Apps are personalised to suit end user needs and organisation work-flows.

Automated real-time work-flows can be personalised to integrate machine learning, visualisation and integration of other solutions.

Hooks can be created to extend the platforms functionality using multiple languages.

Real-time output streams empowers your organisations to provide visualisation on a complete data set easily.


Independence of resources
Each service is a unique node that scales laterally, allowing you to control resources. The cloud infrastructure (Hosting service) used will manage the dependant Linux VM and you will need to ask for the hosting services for VM access guarantees. Our phone support can offer advice on this.


Service usage metrics
Metrics types
We have a administration dashboard which covers, System information, Memory Usage, System Process Usage, Processes with highest Memory usage, IO input and Output, Total HTTPs request, Scheduler Usage, Errors, Users, Local Apps, Total Database Size.
Reporting types
Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
- Email credentials use Salted/236 sha hash.
- Password uses Blowfish encryption.
- Data blocks have a two stage encryption. Firstly a one-time-pad and then use 256 AES encryption.
- Data blocks use HMAC signature for read verification.
- You can bring your own encryption key (BYOK).
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Within the data container admin click the "Export" item, select the App to export data from and then select the data range, lastly click export and you will be able to download your exported data.
Data export formats
  • CSV
  • Other
Other data export formats
  • Json
  • Xml
Data import formats
  • CSV
  • Other
Other data import formats
  • Xml
  • Json

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
This depends on the cloud infrastructure providers SLAs you have chosen to pair the cloud software with. You can monitor reporting within the Admin interface.
Approach to resilience
It uses a laterally scaling/clustering functionality, that provides resilience. The event-driven functionality, means each event is isolated without shared memory. This mean if an event crashes due to bug or denial of service attempt, other events will not be interrupted.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Governance is defined at a input level for specific users and groups for data blocks. There are four user types within the interface framework. The administration user which access metrics for the platform and has the ability to create users and apps. Data Container Administrators have access to their specific data container, can add users, create apps and information. The third type users can create information. Lastly there are secondary users these can only collaborate on information created.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
G8CC is Cloud Software solution that is configured on demand within Cloud Infrastructure that suits your needs. We don't have any access to your data or service, we offer encryption by default within the cloud software, but security and governance of the cloud software is dependant on the cloud infrastructure provider and your organisations needs.
Information security policies and processes
Security reporting for the virtual machine GARNET8 provides is done directly to GARNET8 Limited and our internal processes will offer patches within a responsible time. This time depends on the information provided by the reporting organisation.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Nodes within the network are monitored through the registration process when your create/delete a service. Configuration of your services aren't stored within our infrastructure, due to privacy. All system components within the platform have unit tests, code reviews and we use internal code checking tools. These tools have been developed internally with exceptional knowledge of the language, to monitor for possible security issues.
Vulnerability management type
Vulnerability management approach
The solution creates logs and all ports should be closed except ssh 22, 80 (redirecting to 443), 443 and server to server port of your choice, e.g. 5280. Data is serialised when read from ports and we use a strongly typed language for the platform. This means your can't get around the type settings. A function will only allow what it expect otherwise it crashes and uses the event platform to manage this. Patches are deployed through the account admin and easily updated in running cluster.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Monitoring IP addresses that make requests on paths that don't exist. We also monitor client types that users log in on and if they login from a new device they will be asked to confirm the log in with a string.
Incident management type
Supplier-defined controls
Incident management approach
Shut down the server, check logs looking at what data they've accessed if any, blacklist the IP address and report any incidents needed by law. Then startup the server and repeat if it happens again.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)


£49.95 to £49.95 a person a month
Discount for educational organisations
Free trial available
Description of free trial
The free trial is limited to 60 days, but you get access to the full platform. You are limited by the underlying connectivity to the peer-to-peer network. You can create a cluster of isolated peers for testing or just use a single node.
Link to free trial

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.