X3 CONSULTING LTD

Data warehouse automation for business reporting

The fastest, most cost-effective way to get accurate, trusted reporting. With smart data connectors, pre-built data models and analytics for Microsoft Dynamics, Sage, SAP and more. Fast connect to any other ERP, CRM, finance application, line of business software or network accessible datasource or file. Compatible with Tableaux, PowerBI, PowerPivot.

Features

  • Interface with any ERP application, datasource or file
  • Cloud based, robust and scalable.
  • Deliver enhanced, financial and operational reporting
  • Role based dashboards & user level data security access
  • Automate the access, integration and preparation of data for reporting
  • Deploys with over 500 pre-built data models and analytics
  • Achieve data compliance with reduced IT overheads
  • Report on all data sources from one application
  • Data warehouse comes with PowerBI and Tableaux connectors
  • Automate the issue of standard management report packs

Benefits

  • Centralise data warehouse management
  • Decrease data ownership costs for both IT and the business
  • Improve data accessibility and data access controls
  • Easy to use and manage, reducing IT overhead compliance costs
  • Secure online availability; anytime, anywhere
  • Removes reliance on spreadsheets, no more silo reporting.
  • Remove the risk of reporting errors
  • Standardise KPI, analytics and performance calculations
  • Flexible deployment: on-premise, cloud or hybrid
  • Drill into and colour code data for ease of interpretation

Pricing

£12,000 an instance a year

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 6 6 6 6 0 5 1 5 6 3 9 7 3 3

Contact

X3 CONSULTING LTD Nick Tucker
Telephone: 08450943885
Email: nick.tucker@x3consulting.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
Refer to Service Delivery documentation
System requirements
  • Compatible with MAC and Windows operating systems
  • Internet connectivity required for device access
  • Integrated VPN user access can be supported. Check on application

User support

Email or online ticketing support
Email or online ticketing
Support response times
Please refer to the Service Description document for Support SLA details
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Please refer to our Service Description for details on the SLA's for support
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Product deployment requires a review of reporting needs to properly assess the required outputs. Scoping is provided (onsite or remote) together with full support through testing, training and deployment to a live environment. Standard user documentation is available and can be tailored to suit the exact needs of the project (additional fees may apply). Project management is integral to the whole project delivery process along with data migration/import, report design and ongoing application support. Typical installs can take as little as 3-4 days once the scoping/analysis phase has been completed depending on the data sources, customer skills and user learning capability.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Data can be exported for delivery to the customer. A small charge for the time taken to perform the extract is levied.
End-of-contract process
The contract is for a set minimum term. At the end of the contract the user has the option to obtain a copy of the data held in the software or renew for a further period of use for continued access. A fee relating to the time taken to prepare the data file is levied.

Additional costs will be incurred for the management of the data into a set format at the request of the end user such as for the purposes of import to another application.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
Integration uses several forms of technology which are utilised by the service provider in relation to various security and resource management features. Users can be trained on how to execute calls within the API although this is normally the role of the service provider.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Elements of the application can be customised as part of the configuration for use by the partner to the customer. These relate to depth of data integration for detailed analysis, workflow and automation as well as modelling methods. Users can be trained to be able to take ownership of adding new data sources, creating models etc in the data warehouse. This is a semi-technical activity generally requiring a good knowledge of SQL, data analysis and data profiling.

Scaling

Independence of resources
Assets are deployed in line with vendor recommendations and applied to each individual customer install. Assets can be increased to improve performance (for additional cost) where for example the customer has unusually large transaction or data volumes. Over-utilisation by other customers doesn't impact the performance experience as the assets provided are a dedicated minimum level specific for your instance. Charges are levied based on the overall data warehouse sizings. Refer to the pricing schedule for more detail.

Analytics

Service usage metrics
Yes
Metrics types
We provide information on overall system uptime & performance metrics of the application.
Reporting types
Reports on request

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Zap Data Hub

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
For further details on protection of data at rest please refer to the Microsoft published materials for Azure:
1:
http://download.microsoft.com/download/0/D/D/0DD8FB12-6343-4A50-80B2-545F2951D7AE/MicrosoftAzureDataProtection_Aug2014.pdf

as well as

2:
https://docs.microsoft.com/en-gb/azure/storage/common/storage-service-encryption
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Data can be exported using application tools for use in products such as Microsoft Excel and PowerBI (or other visualisation tools if configured), alternatively the data can be retrieved in Excel or CSV format. Data can be "printed" to PDF format - such as dashboards, board/report packs etc
Data export formats
  • CSV
  • Other
Other data export formats
  • Microsoft Excel
  • PowerBI
  • Picture (PNG)
Data import formats
  • CSV
  • Other
Other data import formats
Direct Integration

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
Several options for implementation of protection between networks exist and are described in the Services Guide. Some may incur additional charges. Please refer to this document.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
Microsoft Azure Storage and Azure SQL Database encrypt data at rest by default. Options are described in the Services Document of the additional data protection services that are available. Note some forms of protection may attract additional charges.

Availability and resilience

Guaranteed availability
Refer to the Microsoft Azure Terms of Licensing which can be found here:- http://www.microsoftvolumelicensing.com/Downloader.aspx?DocumentId=13655
Approach to resilience
Details on the datacenter structure and performance can be found here: https://azure.microsoft.com/en-gb/global-infrastructure within which can be found details on the Azure global and regional data centres including the UK South (London) and UK West (Cardiff) data centres.

Further information regarding security and resilience can be found here: https://www.microsoft.com/en-gb/TrustCenter/
Outage reporting
A public dashboard can be found here:
https://status.azure.com/en-gb/status

Specific individual reporting is available via the portal (login required): https://portal.azure.com/#blade/Microsoft_Azure_Health/AzureHealthBrowseBlade/serviceIssues

Email alerts can be configured in agreement with the customer subject to notification policies of the customer on recipient emails from 3rd party automated services.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Support access is provided using the same credential requirements as that of a customer user. Interface to the applications is via secure and expiring token access.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Schellman & Company, LLC
ISO/IEC 27001 accreditation date
15/06/2020
What the ISO/IEC 27001 doesn’t cover
UK Service provider interaction with the Microsoft Azure platform.
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
19/06/2020
CSA STAR certification level
Level 3: CSA STAR Certification
What the CSA STAR doesn’t cover
UK Service provider interaction with the Microsoft Azure platform.
PCI certification
Yes
Who accredited the PCI DSS certification
Schellman & Company, LLC
PCI DSS accreditation date
28/03/2020
What the PCI DSS doesn’t cover
UK Service provider interaction with the Microsoft Azure platform. API interaction with Microsoft Azure PCI services.
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
See Security Management in the Services Guide. Microsoft Azure security is explained in more detail here https://docs.microsoft.com/en-gb/azure/security/fundamentals/overview

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Refer to the Services Guide.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Relevant vendor patches are applied at the earliest point of release in a structure manner. Threats are assessed in the Public Hosted environment and covered with the managed service SLA's. Threat assessments come from the AV vendor, application author and hosting partner .
Protective monitoring type
Undisclosed
Protective monitoring approach
Public/Hosted application are 3rd party supplier monitored using industry standard procedures relevant to the type of hosting and choice of platform as part of the managed service delivery.
Incident management type
Undisclosed
Incident management approach
Incidents are managed using a web based application to record instances of issues and problems. A service level agreement provides for response times and the incidents are managed on a daily basis for review and update. Reports are provided using a self service ticket portal for authorised support users.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£12,000 an instance a year
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at nick.tucker@x3consulting.com. Tell them what format you need. It will help if you say what assistive technology you use.