X3 CONSULTING LTD

Data warehouse automation for business reporting

The fastest, most cost-effective way to get accurate, trusted reporting. With smart data connectors, pre-built data models and analytics for Microsoft Dynamics, Sage, SAP and more. Fast connect to any other ERP, CRM, finance application, line of business software or network accessible datasource or file. Compatible with Tableaux, PowerBI, PowerPivot.

Features

• Interface with any ERP application, datasource or file
• Cloud based, robust and scalable.
• Deliver enhanced, financial and operational reporting
• Role based dashboards & user level data security access
• Automate the access, integration and preparation of data for reporting
• Deploys with over 500 pre-built data models and analytics
• Achieve data compliance with reduced IT overheads
• Report on all data sources from one application
• Data warehouse comes with PowerBI and Tableaux connectors
• Automate the issue of standard management report packs

Benefits

• Centralise data warehouse management
• Decrease data ownership costs for both IT and the business
• Improve data accessibility and data access controls
• Easy to use and manage, reducing IT overhead compliance costs
• Secure online availability; anytime, anywhere
• Removes reliance on spreadsheets, no more silo reporting.
• Remove the risk of reporting errors
• Standardise KPI, analytics and performance calculations
• Flexible deployment: on-premise, cloud or hybrid
• Drill into and colour code data for ease of interpretation

£12,000 an instance a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

166660515639733

Contact

Nick Tucker
08450943885
nick.tucker@x3consulting.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Refer to Service Delivery documentation
• System requirements:
  • Compatible with MAC and Windows operating systems
  • Internet connectivity required for device access
  • Integrated VPN user access can be supported. Check on application

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Please refer to the Service Description document for Support SLA details
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Please refer to our Service Description for details on the SLA's for support
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Product deployment requires a review of reporting needs to properly assess the required outputs. Scoping is provided (onsite or remote) together with full support through testing, training and deployment to a live environment. Standard user documentation is available and can be tailored to suit the exact needs of the project (additional fees may apply). Project management is integral to the whole project delivery process along with data migration/import, report design and ongoing application support. Typical installs can take as little as 3-4 days once the scoping/analysis phase has been completed depending on the data sources, customer skills and user learning capability.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be exported for delivery to the customer. A small charge for the time taken to perform the extract is levied.
• End-of-contract process: The contract is for a set minimum term. At the end of the contract the user has the option to obtain a copy of the data held in the software or renew for a further period of use for continued access. A fee relating to the time taken to prepare the data file is levied. ; ; Additional costs will be incurred for the management of the data into a set format at the request of the end user such as for the purposes of import to another application.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• API: Yes
• What users can and can't do using the API: Integration uses several forms of technology which are utilised by the service provider in relation to various security and resource management features. Users can be trained on how to execute calls within the API although this is normally the role of the service provider.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Elements of the application can be customised as part of the configuration for use by the partner to the customer. These relate to depth of data integration for detailed analysis, workflow and automation as well as modelling methods. Users can be trained to be able to take ownership of adding new data sources, creating models etc in the data warehouse. This is a semi-technical activity generally requiring a good knowledge of SQL, data analysis and data profiling.

Scaling

• Independence of resources: Assets are deployed in line with vendor recommendations and applied to each individual customer install. Assets can be increased to improve performance (for additional cost) where for example the customer has unusually large transaction or data volumes. Over-utilisation by other customers doesn't impact the performance experience as the assets provided are a dedicated minimum level specific for your instance. Charges are levied based on the overall data warehouse sizings. Refer to the pricing schedule for more detail.

Analytics

• Service usage metrics: Yes
• Metrics types: We provide information on overall system uptime & performance metrics of the application.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Zap Data Hub

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: For further details on protection of data at rest please refer to the Microsoft published materials for Azure: ; 1: ; http://download.microsoft.com/download/0/D/D/0DD8FB12-6343-4A50-80B2-545F2951D7AE/MicrosoftAzureDataProtection_Aug2014.pdf ; ; as well as ; ; 2: ; https://docs.microsoft.com/en-gb/azure/storage/common/storage-service-encryption
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported using application tools for use in products such as Microsoft Excel and PowerBI (or other visualisation tools if configured), alternatively the data can be retrieved in Excel or CSV format. Data can be "printed" to PDF format - such as dashboards, board/report packs etc
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Microsoft Excel
  • PowerBI
  • Picture (PNG)
• Data import formats:
  • CSV
  • Other
• Other data import formats: Direct Integration

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: Several options for implementation of protection between networks exist and are described in the Services Guide. Some may incur additional charges. Please refer to this document.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Microsoft Azure Storage and Azure SQL Database encrypt data at rest by default. Options are described in the Services Document of the additional data protection services that are available. Note some forms of protection may attract additional charges.

Availability and resilience

• Guaranteed availability: Refer to the Microsoft Azure Terms of Licensing which can be found here:- http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=13655
• Approach to resilience: Details on the datacenter structure and performance can be found here: https://azure.microsoft.com/en-gb/global-infrastructure within which can be found details on the Azure global and regional data centres including the UK South (London) and UK West (Cardiff) data centres.; ; Further information regarding security and resilience can be found here: https://www.microsoft.com/en-gb/TrustCenter/
• Outage reporting: A public dashboard can be found here: ; https://status.azure.com/en-gb/status; ; Specific individual reporting is available via the portal (login required): https://portal.azure.com/#blade/Microsoft_Azure_Health/AzureHealthBrowseBlade/serviceIssues; ; Email alerts can be configured in agreement with the customer subject to notification policies of the customer on recipient emails from 3rd party automated services.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Support access is provided using the same credential requirements as that of a customer user. Interface to the applications is via secure and expiring token access.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Schellman & Company, LLC
• ISO/IEC 27001 accreditation date: 15/06/2020
• What the ISO/IEC 27001 doesn’t cover: UK Service provider interaction with the Microsoft Azure platform.
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 19/06/2020
• CSA STAR certification level: Level 3: CSA STAR Certification
• What the CSA STAR doesn’t cover: UK Service provider interaction with the Microsoft Azure platform.
• PCI certification: Yes
• Who accredited the PCI DSS certification: Schellman & Company, LLC
• PCI DSS accreditation date: 28/03/2020
• What the PCI DSS doesn’t cover: UK Service provider interaction with the Microsoft Azure platform. API interaction with Microsoft Azure PCI services.
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: See Security Management in the Services Guide. Microsoft Azure security is explained in more detail here https://docs.microsoft.com/en-gb/azure/security/fundamentals/overview

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Refer to the Services Guide.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Relevant vendor patches are applied at the earliest point of release in a structure manner. Threats are assessed in the Public Hosted environment and covered with the managed service SLA's. Threat assessments come from the AV vendor, application author and hosting partner .
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Public/Hosted application are 3rd party supplier monitored using industry standard procedures relevant to the type of hosting and choice of platform as part of the managed service delivery.
• Incident management type: Undisclosed
• Incident management approach: Incidents are managed using a web based application to record instances of issues and problems. A service level agreement provides for response times and the incidents are managed on a daily basis for review and update. Reports are provided using a self service ticket portal for authorised support users.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £12,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.