Facts and Dimensions Ltd

Private Facts and Dimensions Azure SQL Databases

Do you have lots of structured/unstructured CSV, Excel, PDFs, Word docs etc with data you need in a SQL Database? Eg monthly board reports, internal datasets, etc.

We process them and put the data into your own Azure Database.

Features

  • Data from your internally produced files
  • Directly query the data via OLEDB, ADO.NET, ODBC, etc.
  • Fully secure access
  • Access original source data and see audit trail.
  • Your own customisable cloud database to access the data
  • Any structured/unstructured data can be done, PDFs, Excel files, etc

Benefits

  • Enjoy highest possible confidence in the quality of the data
  • Same version of the truth as other users
  • Up and running in <5minutes
  • Data loaded within 1 business day, longer if really unusual
  • We can quickly create a database for any sector
  • No data too messy and changeable

Pricing

£30000 per licence per year

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

4 3 1 6 3 7 0 5 0 3 2 5 8 5 6

Contact

Facts and Dimensions Ltd

Filipe McManus

07985143916

digitalmarketplace2020@factsanddimensions.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Service is supplied via Azure SQL Database. However we can supply an Azure MySQL or an Azure PostgreSQL version if required.
System requirements
Software to access a database (eg Excel, MSSQL, Access, etc)

User support

Email or online ticketing support
Email or online ticketing
Support response times
99% within 4 hours between 8am and 6pm business days.

Mostly within minutes.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Unlimited email, telephone, onsite, screen-share, forum support

Customers will always deal with one of the company experts. Commonly called "Tier 3".

Online forum.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
1: Onsite or screen-share training, 2hrs.
2: Onsite or screen-share setting up access to the Azure SQL Database.
3: User manual.
4: Forum with additional info.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
Data is all held in an Azure database that only us and the customer can access. They can extract all the data using SQL. If the user wants to host the Azure SQL database instead of us they can.
End-of-contract process
The user can take a copy of their database before we delete it.

Using the service

Web browser interface
No
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Users get their own Azure SQL Database. In it they can:

1: Link to tables in the Facts and Dimensions Azure databases.
2: Create views.

Users from there will create their own tools/reports/dashboards linked to the Azure database

Scaling

Independence of resources
Azure Elastic Database manages the demand across all user databases in the pool. As more users come online Azure allows instant scaling.

Analytics

Service usage metrics
Yes
Metrics types
Azure provide detailed logs of all queries run on the databases. The user can ask to see them.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Data is stored in Azure. It is backed up nightly. It is also geo-replicated.

In case of Private Facts and Dimensions service, user sends files encrypted with a password to our IP restricted SFTP service. We extract the data for loading into their SQL database, encrypted using ENCRYPTBYPASSPHRASE.
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data can be exported using any common database connection method, e.g. ODBC (Excel, Access), SQL SSIS, SQL Linked Server, etc.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
Any
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Any
  • You supply the data as is and we process it

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
Users connect directly to their own SQL Azure Database which is also limited to their own IP address. They have no access to the underlying SQL Server.

In case of Private Facts and Dimensions service, the user submits their password protected files via secure SFTP. We extract them and process the data and apply encryption using ENCRYPTBYPASSPHRASE so data sits in our database encrypted. User uses DECRYPTBYPASSPHRASE when querying their data
Data protection within supplier network
Other
Other protection within supplier network
Using Azure's SQL Database security. Users connect directly to their Azure SQL Database using their own unique SQL Auth username and password. Plus connections is restricted by IP address.

Availability and resilience

Guaranteed availability
Azure website quote: "We guarantee at least 99.9% of the time customers will have connectivity between their Web or Business Microsoft Azure SQL Database and our Internet gateway.". We also use geo-replication for further availability resilience.
Approach to resilience
The data is processed inhouse and uploaded to our Azure database. The inhouse copy is backed up offsite.
The Azure copy is backed up nightly, it is also mirrored on the Azure UK South site and geo-replicated to the Azure UK West site.
Outage reporting
Forum update and email alert.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
Restricted by customer's IP address
Access restrictions in management interfaces and support channels
As per DSPT, SIRO manages all logins. Each user has access to the areas that they require for their work. Access is reviewed monthly. Limitations include access via company recognised IP addresses and username and password.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Username or password
  • Other
Description of management access authentication
IP Restriction

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Data Security & Protection Toolkit (DSPT)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Data Security & Protection Toolkit (DSPT) – All National Data Guardian’s (NDG) data security standards have been met (https://www.dsptoolkit.nhs.uk)

Note: DSPT is the successor to IGT.
Information security policies and processes
Our policies and processes are as per DSPT

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Each user database comes with a view to show changes to table definitions.

If a change to a table could affect users' queries (i.e. changes other than additional columns), then a change proposal is made on the forum for users to comment on with a time set for when the change will be made. If necessary customers can access a beta copy to assess impact.

History of table definitions are recorded.

Changes are assessed for potential security impact, if applicable.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Using Azure Advanced Threat Detection.

Any fixes/patches are deployed within 24hrs. None necessary to date.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
On Azure, we use Advanced Threat Protection.

On forum and email we check the logs at least once per month.
Incident management type
Supplier-defined controls
Incident management approach
We manage incidents as per DSPT.

We have a monthly Business Operational Planning meeting where incidents, not already raised, are discussed. Incidents are recorded in our incident log.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • NHS Network (N3)
  • Health and Social Care Network (HSCN)

Pricing

Price
£30000 per licence per year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
You can access our Public Facts And Dimensions service to get an idea of what it is like to access data via Azure.

Service documents

Return to top ↑