Data Management Platform
Mammoth Analytics is a self-service platform with powerful tools to transform, analyze and gain insights on complex data without any coding.
We aim to empower technical and non-technical users to improve their data preparation, quality and analysis capabilities with a user-friendly interface.
- Real-time data analysis
- Real-time data mining
- Automated, flexible and transparent data workflows
- Data management without coding
- Comprehensive data preparation and transformation toolkit
- Data sharing and exporting
- Prescriptive alerts (when data meets pre-set conditions)
- Data summarising and representation capabilities
- Remote access
- Data blending and consolidation capabilities
- Reduce data preparation time through automated workflows
- Empower users to manage their data with our non-coding interface
- Centralise your data in one place (APIs, webhooks, blending tools)
- Improve data flow efficiency and timeliness of analysis
- Share the value of data assets by lowering skills barrier
- Get on-demand and personalised data insights for each team/job
- Structure unstructured data, reducing data scientists' efforts
- Visually explore the shape of data
- Improve the quality of data
- Automate data reconciliation
|Software add-on or extension||No|
|Cloud deployment model||
|Service constraints||Our service is available 24/7. However, we inform our users before conducting maintenance or software releases that could interfere with the normal service.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
We provide a 4h response time during U.K. office hours. Questions and tickets posted during non-office hours are answered on the next working day.
Mission critical support is available subject to requirements and may incur additional fees.
|User can manage status and priority of support tickets||No|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||We are evaluating our webchat provider and its accessibility practices with a view to comply with WCAG 2.0 AAA.|
|Web chat accessibility testing||We have not conducted any test with assistive technology users.|
|Onsite support||Onsite support|
Our customer support is divided by:
-Basic support: Our baseline support level includes:
Self-service support via in-app help, tutorials, and documentation. Support for basic customer issues and fulfilling service desk requests that need IT involvement.
Experienced and knowledgeable technicians assess issues and provide solutions for problems that cannot be handled by tier 1.
-Mission critical support: includes all of the above plus a 2-hour response time (UK office hours). This is standard with our Corporate and Enterprise service plans.
-Technical account manager: is provided on demand with our Enterprise Plan.
|Support available to third parties||Yes|
Onboarding and offboarding
In-app, we provide:
-Hints and tips
-Example of use for each feature
On our website and social media platforms, we provide:
-Documentation (on our website, but accessible within the app)
-Customer support (via web chat)
-Use cases and video tutorials.
|End-of-contract data extraction||
Users can download or export their data at any point during the subscription period (while the contract is active).
Our export options include:
Direct download: CSV file.
APIs: users may export their data to other databases or platforms. The export intervals are customisable.
Live CSV: The user can get a link to a CSV which will always be updated with the view's data.
As Mammoth Analytics operates via subscription (under the SaaS model), when the subscription ends, most of the platform's functionalities are restricted. However, we keep the information for 15 days and enable the user to download her data.
Any other requirements come at an extra cost.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
-Desktop service: Full functionality. The user can perform any data manipulation from the desktop and web browser.
-Tablets: Full functionality. The user can perform any data manipulation from tablets and web browser.
-Mobile phones: currently no access. Subject to market demand we may develop a mobile phone interface for appropriate features.
|What users can and can't do using the API||
We have a Python software development kit (SDK), however, this is not generally available (beta ). The API offers full functionality, as an example, users can:
- create datasets
- create views
- apply transforms
- create metrics
- send alerts
- export data.
|API documentation formats|
|API sandbox or test environment||No|
|Description of customisation||We offer professional services for customisation.|
|Independence of resources||We host our service via Amazon Web Services to ensure the continuity of service, no matter how much demand we have. We have the capabilities to manage our processing and storage needs. Our process is automatic and scalable.|
|Service usage metrics||No|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Other data at rest protection approach||Users' data is stored as encrypted files in Amazon Web Services’ servers. This encryption ensures that if the disks where your information lives are isolated and re-mounted elsewhere they cannot be read.|
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||
Users may export data in the following ways:
-Direct download of CSV file
-CSV live link (file updates in real-time as new batches of data are pulled into Mammoth)
-APIs: programmed exports through several APIs connecting to databases and other tools.
|Data export formats||
|Other data export formats||ANSI SQL|
|Data import formats||
|Other data import formats||ANSI SQL|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||
|Other protection within supplier network||
All the data exchange between a client (browser/scripts) and Mammoth is encrypted. The encryption uses Transport layer security (TLS) protocol using Secure hash algorithm (SHA) 256-bit algorithm with a 128-bit encryption key which practically makes reading any data over the network impossible.
Each customer account is assigned a separate database of its own with its password. Databases are stored as files in encrypted volumes on AWS. Disks are isolated, and if re-mounted elsewhere they cannot be read. The decryption keys are part of the isolated production deployment inaccessible to anyone other than individuals authorized by our security council.
Availability and resilience
|Guaranteed availability||If the service is interrupted, customers will be charged up to the proportion of time the service was running properly within the month.|
|Approach to resilience||
Our deployments are on Amazon web services (AWS). This means you get all the benefits of world-class compliance programs on physical data center, network, and storage security. The AWS infrastructure puts strong safeguards in place to help protect the privacy of data.
AWS’s security measures are verified by independent auditors who ensure that specific security controls are in place and are functioning correctly. AWS has achieved ISO 27001 certification for IT security techniques, and have been validated as a Level 1 service provider under the Payment Card Industry’s Data Security Standard. AWS undergoes annual SOC 1 audits.
|Outage reporting||We report outages via email and via in-app messages.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Login process generates an API token. The token is specific to the user who has logged in and gives the user controlled access to authorised data. Tokens can be made to expire after few minutes of inactivity in a browser or can be to stay longer if the user chooses ‘Remember me’ on login. Users can log in from any number of devices. Mammoth would send you periodic report on devices and activities. Mammoth also show account activity in the bottom bar of the application.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||Between 6 months and 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||Between 6 months and 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
We have a Security Council which controls the keys, defines and approves security policy and ensures compliance and best practices towards maintaining a secure data environment at Mammoth. It continuously reviews the organizational practices in the following areas:
-Application and interface security
-Audit assurance and compliance
-Business continuity management
-Change control and configuration management
-Data security and information life-cycle management
-Encryption and key management
-Identity and access management
-Infrastructure and virtualization security
-Interoperability and portability
-Mobility and security
-Security incident management
-Threat and vulnerability management
|Information security policies and processes||
All access to the production servers is controlled and monitored by the Security Council. A very small number of authorized users can access these servers with due permission from the council. Access keys are replaced periodically.
Our Security Council controls the keys, defines and approves security policy and ensures compliance and best practices towards maintaining a data secure environment at Mammoth. Security council continuously reviews the organizational practices
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||The software source components are managed through a stringent three-tier version control process using GitHub. The defects are tracked through Defect control software and are closely tied to the version control process. Every change mandatorily goes through an intensive testing process before acceptance into the production version. The code is reviewed extensively for security-related issues based on established coding guidelines.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
Our threat assessment measures:
-Self-assessment through log monitoring
-Subscription to security bulletins of all libraries and operating system resources used
-Patching the servers within hours of discovering the threat
We get information regarding potential threats from:
-github notifications on based on source scans
-Other sources as identified
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Identification of potential compromises:
-Identifying any kind of access anomalies
Response to potential compromise:
Our Security Council has a well-defined process for the same and usually, fixes are deployed within hours of detection.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Incident capture: Incidents are captured from various probes with a special lookout for any unusual activity. Regular monitoring activity on the infrastructure is performed by a team trained for analyzing security breaches.
Incident reporting: Incidents involving any user data breach are classified as such and we notify the user to take corrective actions with clear guidance on damage risk mitigation advice for the customers.
Users can report incidents through all of out communication and support channels (web chat, email, in-app help centre, etc.)
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£25 per licence per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
We offer a 15-day free trial which grants access to the platform's full functionalities.
If the trial is started with the Starter Plan, no additional users can be included in the account (the Plan might be changed during the subscription period).
|Link to free trial||https://mammoth.io/pricing|