Local and Linked Data Infrastructure Services
Deployment, operation and management of cloud infrastructure to store and deliver metrics broken down by type and geography.
The service manages data and metadata which can be expressed as linked open data with persistent resolvable identifiers. It permits custodians to publish data according to established good practice.
- Metrics storage and reporting
- Standards management
- Linked data repositories
- Persistent resolvable identifiers
- Geographical Information Systems
- Data harvesting and aggregation
- Report templating
- Taxonomy management including SKOS
- Application Programming Interface
- Established model for consistent management of metrics
- Reliable and performs well under load
- Brings consistency to diverse datasets
- Reworks statistics for different geographies
- Supported by an experienced team
£20000 to £320000 per instance per year
020 7737 0263
Most outputs are designed for desktop browsers and the latest version of each web browser is preferred.
Hosting infrastructure can require pre-warming for sudden spikes of traffic.
|Email or online ticketing support||Email or online ticketing|
|Support response times||Two hours during working days Monday to Friday 9:00 to 17:30|
|User can manage status and priority of support tickets||No|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||
We use the Intercom plugin that is tested for accessibility. It includes:
- Screen reader support: the Messenger is accessible via screen readers.
- Keyboard navigation: Every component of the Messenger can be accessed using a keyboard without requiring a mouse or trackpad.
- Colour contrast: all text is clearly visible when using colours with enough contrast, which our designer verifies on configuration.
|Onsite support||Yes, at extra cost|
A technical account manager is assigned to each client organisation. This manager is available for contact at short notice by phone, chat and email throughout the contracted period.
End users are supported by email managed through a ticketing system with support logs subject to review by the client organisation.
|Support available to third parties||Yes|
Onboarding and offboarding
Cloud support services are provided to plan, configure and roll-out a service.
Users are helped getting started with the services via: standard reports which they can go on to customise; a help system; online training sessions with associated PDF materials; email support service; and optional onsite training.
|End-of-contract data extraction||
Via the API or interactive reporting tools.
Optionally a full database dump can also be provided at cost.
The price quoted covers a complete database of metrics and all related metadata; scaleable infrastructure for running the API; a suite of reporting, report writing and other tools that use the API; vocabulary presentation and download tools.
The elastic load-balanced services that grow according to demand are charged according to usage.
Using the service
|Web browser interface||Yes|
|Using the web interface||
Administration users can define new metric types and upload associated data.
End users can: run reports; write reports; query and download data; look up URIs; and run SPARQL queries
Update of some metadata can only be performed by company staff. Standard vocabulary changes are expected to be reviewed by a taxonomist.
|Web interface accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web interface accessibility testing||Automated accessibility testing for AA compliance.|
|What users can and can't do using the API||
A read-only API permits query of all data and most metadata. Metric values can be retrieved as raw values, summaries and values derived via multiple statistical methods.
The API requires a public private key or OAuth key. Metrics available are subject to permissions associated with each key.
Online tools document the API and help programmers construct API calls.
Hosting cannot be configured via the API.
|API automation tools||Other|
|API documentation formats||
|Command line interface||No|
|Independence of resources||
We use load balancing and auto-scaling for our web servers. Databases are scaled to deal with maximum expected loads. We monitor for and block robots that impose an unnecessary load.
We pre-warm servers if expected sudden peaks are expected, eg to coincide with news releases.
|Infrastructure or application metrics||Yes|
|Other metrics||Exception reports with detailed metrics on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||In-house|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||
|Backup controls||Backups are administered by the company under agreement with the client. They are not configurable directly by users.|
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Supplier controls the whole backup schedule|
|Backup recovery||Users contact the support team|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
An SLA entitles the client organisation to a refunds as shown below for non-planned lack of availability:
<98% availability, 5% refund.
<95% availability, 10% refund.
< 92% availability, 15% refund.
<90% availability, 20% refund.
In practice availability is normally well above 99%.
|Approach to resilience||We use Amazon Web Services which sets industry-standard levels of high availability, dependability, confidentiality, integrity and data security.|
|Outage reporting||Monitoring services on both servers and end user tools report anomalies to company technical staff. Customers are alerted by email if an issue impacts on them.|
Identity and authentication
|Access restrictions in management interfaces and support channels||
Most access to done via user name and password with access rights associated with each user and the user's organisation.
Public private keys and OAuth are used for read-only access to non-personal data.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
|Devices users manage the service through||Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||British Assessment Bureau|
|ISO/IEC 27001 accreditation date||20/07/2015|
|What the ISO/IEC 27001 doesn’t cover||N/A|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||We're an ISO 27001:2013 (information security management) certified company and regularly review information security, perform risk assessments and log any security incidents. ISMS training is provided to all staff.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
New installations are subject to penetration testing.
Software upgrades and configuration changes are subject to automated functional, performance and, where appropriate, penetration testing.
Software changes and subject to version control with logged release histories.
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||Firewalls and anti-virus software provide virtual access protection and server hardening techniques are used to ensure only trusted entities are given access, reducing the number of security holes without affecting performance. In-house penetration and load testing ensures potential threats are kept at bay, and other vulnerabilities are assessed according to our information management security policies. Consistent monitoring and immediate reporting provides information on potential threats which are reviewed as issues occur. Patches can be released within 6 hours during normal service hours.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
Amazon handles security of the hardware and infrastructure, and provides heavily customisable firewalls which Porism uses and monitors.
System administrators are alerted automatically 24/7 of abnormal events.
Anti-virus software is installed on our servers by default, and server hardening techniques are used to ensure that only services absolutely required by the systems are enabled by default.
|Incident management type||Supplier-defined controls|
|Incident management approach||
We regularly perform risk assessments and update information security management processes for new products and changes in infrastructure.
Incidents are reported by system administrators to the Head of IT Infrastructure and clients are made aware via routine exception reporting.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||No|
|Price||£20000 to £320000 per instance per year|
|Discount for educational organisations||No|
|Free trial available||No|