datb: kinodb enterprise application platform
A secure, cloud-hosted enterprise development and deployment platform providing support for enterprise applications of all types, including case management, asset management and others. Includes Generic Questionnaire Module and Generic Case Management components as building blocks for clients' own developments.
- Cloud hosted complete development and deployment environment offering unparalleled productivity
- Application defined entirely within metadata model
- Technological implementation handled by server, not developer
- Applications scale from workgroup to enterprise scale and beyond
- Applications deploy to desktop and mobile browsers without change
- Full inbuilt reporting capabilities
- Security model allows disparate user types to use single application
- Full web service (XML, JSON) capabilities as client and server
- Fully managed incremental release process
- Security includes two-factor authentication, SPNEGO and SAML
- Reduction in development and maintenance timescales > 85%
- Applications can scale from workgroup to enterprise scale and beyond
- Systems can be moved between database platforms at any time
- No limit to application size, complexity or data volumes
- Easy integration with services such as Google maps, graphing component
- Ideally suited to extremely rapid development methodologies
- Complete coverage (data, UI, reporting, interfaces etc.) greatly reduces complexity
- No development required to support multiple devices
- Updates to the framework remove technological dependencies, increasing systems' longevity
- Development change impact is easily assessed in the largest systems
£17500 to £50000 per server per year
- Education pricing available
- Free trial available
- Pricing document
- Skills Framework for the Information Age rate card
- Service definition document
- Terms and conditions
020 7923 9239
|Service constraints||Platform can be implemented within client's choice of cloud infrastructure (AWS, Oracle Cloud Infrastructure etc.) or on-premise if required. Underlying database platform be be Oracle, MariaDB or MySQL, with the ability to change platform without change to developed applications. Changes to technical standards (database version, browser standards, security requirements) are implemented via platform upgrades, again removing the need for application changes to maintain technical currency.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Full support service offered during UK business hours and by arrangement at other times.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Datb has been supporting clients across a number of industries since 2002.
We pride ourselves on our responsiveness to client needs and our support arrangements define a set of issue criticalities with associated response times.
We can offer full support of the entire environment (database, applications, OS patching etc.) or support for the kinodb platform alone.
Support for the kinodb platform is included in platform cost; other services are charged at rate card rates or by separate arrangement.
We can tailor support to meet clients' individual requirements for training, mentoring and other activities.
|Support available to third parties||Yes|
Onboarding and offboarding
We can provide on- or off-site training to clients' staff including systems management, user management, configuration and application development.
We maintain training documentation in on-line and PDF formats.
We can assist with data take-on using a variety of techniques such as direct data loading, XML upload or via CSV / XLS data import.
|End-of-contract data extraction||All data is stored in the relational database of the client's choosing. This can be extracted using conventional tools appropriate to the RDMBS used or via web services configured for that purpose.|
|End-of-contract process||All data is stored in the relational database of the client's choosing. This can be extracted using conventional tools appropriate to the RDMBS used or via web services configured for that purpose.|
Using the service
|Web browser interface||Yes|
|Using the web interface||
All platform capabilities are accessed via the web interface.
Management activities (starting, stopping, backups, application and platform maintenance)
User management (creation of accounts, analysis of activities, security configuration)
Application development and management.
|Web interface accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web interface accessibility testing||We use third-party tools (e.g. WAVE http://wave.webaim.org/) to analyse web pages to ensure that all images have appropriate ‘alt’ tags, that there are no contrast errors between foreground and background colours and to ensure pages are clearly legible to partially sighted users and appropriately accessible to screen readers.|
|Command line interface||No|
|Independence of resources||Dependant on selected cloud hosting provider - AWS and Oracle for instance allow the selection of different server configurations to provide differing levels of server compartmentalisation.|
|Infrastructure or application metrics||Yes|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Backup and recovery
|Backup and recovery||Yes|
|What’s backed up||Backups encompass the entire environment (application and data)|
A management console allows configuration of a backup regime as required, with backups typically being encrypted and moved to a separate server.
Clients may maintain control over the backup and associated DR processes or datb can provide this as a part of the service as required.
|Datacentre setup||Multiple datacentres with disaster recovery|
|Scheduling backups||Users schedule backups through a web interface|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||Service availability guarantees will depend on clients' choice of hosting service provider.|
|Approach to resilience||Resilience features will depend on clients' choice of hosting service provider.|
|Outage reporting||Depends on clients' choice of hosting service provider. We would generally expect our platform to be co-located with other client systems within (for instance) AWS or OCI infrastructure and for reporting to be similarly integrated.|
Identity and authentication
|Access restrictions in management interfaces and support channels||
The platform's security model supports the implementation of restrictions in addition to the grants of capabilities to individuals. For instance it may be that a user will be required to provide 2nd or additional security factors when attempting to perform a sensitive operation or access specific types of data. It is also possible to deny such operations / data access when the user is connected other than via a network that is known to be secure.
Specific configuration is to clients' requirements and can be used to restrict the devices / access paths used to manage the platform.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Devices users manage the service through||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||Approachable Certification Limited (10964-ISMS-001)|
|ISO/IEC 27001 accreditation date||23/11/2018|
|What the ISO/IEC 27001 doesn’t cover||Certification covers all of datb's activities.|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Clients' selected hosting service providers will have separate certifications|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||Board-level director responsible for security policy; quarterly review of conformance of all staff with security policy. All staff can raise security exceptions and are expected to do so in the course of their every day activities. All exceptions are reviewed weekly and appropriate mitigations assigned as required.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All changes are made in response to a request for change (RFC) and are reviewed according to our quality management processes. Each change is identifiable as being associated with the RFC that gave rise to it and the developer responsible for the change. Entities (tables, fields etc.) within a kinodb application are fully auditable in terms of all changes made since their initial creation (who, when, in what environment). Changes are propagated from development to master, test & production environments in a fully managed way, ensuring full traceability.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
We subscribe to a threat monitoring & notification service and assess the impact of all threats reported to us. Potential vulnerabilities identified internally are reported using our quality management exception reporting process and reviewed weekly or earlier if critical. Patches are deployed as soon as practicable given the extent and impact of the potential vulnerability.
Hosting services (AWS, OCI etc.) have their own vulnerability management processes in respect of client operational environments.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||
Hosting services (AWS, OCI etc.) have their own monitoring processes in respect of client operational environments.
The application platform monitors all activity and reports on potential intrusion attempts. Our policies define the actions to be taken in the event of a compromise and are compliant with ISO27001.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Internally, incidents are reported via our exceptions reporting process and are reviewed at director level weekly or immediately if required.
Externally, clients can report incidents to us online, by email or telephone.
|Approach to secure software development best practice||Supplier-defined process|
Separation between users
|Virtualisation technology used to keep applications and users sharing the same infrastructure apart||Yes|
|Who implements virtualisation||Third-party|
|Third-party virtualisation provider||Depends on clients' choice of hosting service provider.|
|How shared infrastructure is kept separate||Depends on clients' choice of hosting service provider.|
|Description of energy efficient datacentres||The client-selected hosting provider will have their own mechanisms for adherence.|
|Price||£17500 to £50000 per server per year|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||We are happy to work with potential clients to enable their assessment of the service.|