The Other Media Limited

Justnow.io Data Visualisation

Justnow.io for business intelligence resides in the background as part of the ambient environment inside your key service areas of marketing, retail or sales. Cause and effect events are captured and flagged on a series of screens in a way that simplifies your data, and integrates your organisational thinking.

Features

  • Real-time visualisation of disparate data sources
  • Access to a wide range of data sources and API's
  • Web-enabled access for large scale publication
  • Shared business intelligence throughout the organisation
  • Analytics tools developed using Open Source frameworks
  • Wide variety of charts and screens showing key data insights
  • Combine data sets to visualise your information as required
  • Big data reduced to manageable data views
  • Automatic data collection from identified sources
  • Full data lake in the Cloud

Benefits

  • Real-time data insights
  • Event driven reporting and data highlighting
  • Competitor reporting and intelligence
  • Enables data based decision making
  • Encourages integrated team-working and collaboration
  • Flexible, and rapid reporting tool
  • Real-time actionable intelligence
  • Highly intuitive data interpretation
  • Empowers team members to make informed strategic decisions
  • Instantly visualise very large data volumes

Pricing

£650 to £1150 per virtual machine

  • Education pricing available

Service documents

G-Cloud 9

355631462445712

The Other Media Limited

Matthew Jeoffroy

020 7089 5959

matt.jeoffroy@othermedia.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints No
System requirements None

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Ticket response time is within 1 hour
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Priority: 1
Definition of priority: Critical failure; Website inoperable or no e-commerce transactions possible
Time to respond: Within 15 mins
Estimated time to resolve: 80% typically resolved within 4 hours

Priority: 2
Definition of priority: Visible issue but not a critical failure
Time to respond: 1 hour
Estimated time to resolve: 80% typically resolved by next sprint release within 2 weeks

Priority: 3
Definition of priority: Non urgent work
Time to respond: 1 hour
Estimated time to resolve: 80% typically resolved by next general software release within 1 months
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started There are 3 ways to help users get started on the system.

1. Onsite training where we like to keep the groups small to make the most impact, and ideally for us to 'train the trainer(s)'
2. Accompanying documentation that should be used during the training and then used for reference afterwards
3. Help desk, where users can either call or create a ticket in JIRA for assistance
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Data can be provided as XML, CSV, or as a SQL database dump.
End-of-contract process At the end of the contract the client data will be handed over, and if migration is required to a new service then this will be specified, agreed and planned in for completion. If assistance is required to be given to a new system provided then this will be done as required.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The service can be purely responsive (same content on desktop and mobile), or it can be adaptive (different content on mobile devices), with both versions using the same template layout, common stylesheets, and common code base.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing The interface has been tested using the following technologies: the JAWS screen reader, Lightening Express for screen magnification, screen readers, and speech input with Dragon Naturally Speaking. In each case testing was carried out in a laboratory setting, with the participant being asked to perform a series of tasks while being observed and filmed. Different screen versions were shown, with the same task required to be completed so that comparisons could be made. Tracking software was used so that the user session could be recorded and replayed for further evaluation.
API No
Customisation available Yes
Description of customisation What can be customised - colours and font sizes
How users can customise - via a settings option within the interface
Who can customise - all logged in users

Scaling

Scaling
Independence of resources Service performance is guarenteed through allocation of virtual machine resources that have been determined with the client during on-boarding. Each client has an optimal performance window (memory and CPU usage), and if usage approaches the SLA then the allocation will be increased to ensure that user service remains consistent.

Analytics

Analytics
Service usage metrics Yes
Metrics types User access, traffic, popular pages, time spent logged in, last log in, number of posts, number of files, time on site
Reporting types Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users are able to export items that that have added into the system, i.e. posts, via XML, CSV, and SQL data dump. This data is restricted to only what they have added, and they will not be able to export other users data unless it is a comment that has been made on a post.

Typically system administrators would export data rather than individual users, and this is achieved via XML, CSV, or SQL data dump as above, but can be achieved on a company rather than individual basis.
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Unavailability up to and including 4 hours consecutively in any calendar month: 1 day's Service Credits;

Unavailability greater than 4 hours but less than 8 hours, consecutively in any calendar month: 5 day’s Service Credits;

Unavailability greater than 8 hours but less than 16 hours, consecutively in any calendar month: 10 days' Service Credits; and

Unavailability equal to or greater than 16 hours, consecutively in any calendar month: 1 month's Service Credits.
Approach to resilience Available on request
Outage reporting Email, SMS, API

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels User permissions within the system determine the level of access to management interfaces and support channels. This is in addition to the system access that is put in place for all users, i.e. IP lockdown and physical entry.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards Other
Other security governance standards Cyber Essentials
Information security policies and processes Information identified as sensitive which has been collected, and not generated, as part of business activities should only be collected if there is a very specific reason to do.

Any information identified as sensitive must be stored only within environments that are secured by user access control policies. Those access control policies must take into account that the system they govern contains such sensitive information.

Sensitive information must always be encrypted during transmission, for example using HTTPS or SSH. Where possible, the data should be used only within the system or location it is stored. Downloading data for offline processing should be avoided wherever possible as it introduces additional risks that must be considered.

The collection, storage and transmission of financial information are heavily regulated. All systems involved must have a System Specific Security Policy that meets the identified PCI requirements.

The Commercial Director must approve all System Specific Security Policies.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All service components are tracked and versioned in a code repository. Prior to deployment code is peer-reviewed, code audited, put through QA on local, development, and continuous integration servers before it is able to be deployed to production machines. As part of the QA process each service component is 'hardened' to ensure compliance and security, with any public facing systems being regularly penetration tested.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Our service is monitored 24 x 7 using a range of tools such as New Relic, Pingdom, Cactii, as well as IDS services from our data centre provider. As soon as vulnerabilities are announced, (either through our datacentre provider, software provider, or security bulletins that we subscribe to), then we will plan a fix - immediate for pervasive and immediate threats, and prioritised for less critical issues that have been flagged, but typically within the next software cycle.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Our service is monitored 24 x 7 using a range of tools such as New Relic, Pingdom, Cactii, as well as IDS services from our data centre provider. As soon as vulnerabilities are announced, (either through our datacentre provider, software provider, or security bulletins that we subscribe to), then we will plan a fix - immediate for pervasive and immediate threats, and prioritised for less critical issues that have been flagged, but typically within the next software cycle.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Incidents typically follow patterns and we have pre-defined response types for each. Incidents are registered in our ticket tracking system (JIRA), either directly by the client or indirectly by the account manager when the client has called the office. If an incident is noted by a member of Other Media it will be registered in the same way. Incident reports follow a standard template with the details provided by the client being captured and included on this form, and all responses recorded alongside. This report is then saved as PDF and emailed to the client.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £650 to £1150 per virtual machine
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑