Experian

Experian Data Management with Link SCV

Link SCV is an innovative, scaleable and flexible Single Customer View solution which encapsulates a series of matching routines that identify unique individuals in unique households and assigns persistent record keys to all of the data sources which it processes.

Features

  • Link numerous datasets to create a single customer view
  • Cleanse and Standardise name and address information
  • Access Experian’s name, alias & address 'Knowledgebase'
  • Rapid Implementation; system typically live within 4-6 weeks
  • Scalable; no limit on input data sources
  • Available as a SaaS, bureau or fully hosted solution
  • Benefit from Experian’s data enrichment capabilities
  • Tailor outputs to link with third party systems
  • Full consultancy support to ensure value and efficacy
  • Risk-averse approach to data management

Benefits

  • Link disparate datasets for improved operational intelligence
  • Cleanse and improve the quality of data
  • Significantly reduce the cost to serve and enable digital transformation
  • Better understand & forecast demand and need at hyperlocal levels
  • Significantly improve services to the customer and streamline transactions
  • Identify vulnerabilities and opportunities for early interventions
  • Identify and mitigate potential fraudulent transactions
  • Vastly improve and reduce the cost of communications and engagement
  • Reduce reliance on legacy systems towards a single CRM
  • Enable better, truly customer-centric decision making

Pricing

£6,000 to £180,000 a licence

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at damian.kenny@experian.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

4 9 7 3 2 2 7 4 1 0 2 1 0 8 1

Contact

Experian Damian Kenny
Telephone: +44 (0) 7976 702247
Email: damian.kenny@experian.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No
System requirements
None

User support

Email or online ticketing support
Email or online ticketing
Support response times
Experian’s Helpdesk is available during the hours of 9am – 6pm, Monday through Friday. The Helpdesk operates an ITIL-based problem and incident management system for issue and query resolution, where all inbound communications are tracked, monitored and a priority score appended depending on severity. Our Helpdesk will acknowledge all inbound communications within two hours with the clear majority of all queries being resolved therein, or within 48 hours. A four-tier escalation process is in place to ensure all queries are resolved to a satisfactory level within good time.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
On initiation, a specialist consultant will be assigned to develop and tailor the service to meet your needs; ultimately creating a Scoping Document that will provide significant detail on the structure, format, location and procedures of all relevant data and will become the basis on which key project-related decisions are made. This consultant will be available throughout the duration of the license agreement.

Additional support is provided through dedicated account management support and a helpdesk, using email, telephone and face-to-face communication.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
On initiation, a specialist consultant will be assigned to develop and tailor the service to meet your needs, running a full and detailed scoping exercise. This exercise usually takes around 2 to 5 working days.

Our solution is based on a semi-automated bureau service, requiring no training.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
There is no need to extract any data from any system at contract end. Any data processed through this solution will become the property of the client.
End-of-contract process
At the end of the contract all input/output feeds will cease processing and any data transfer systems will be shut down. This is an automated process requiring no manual intervention. There are no additional fees for project closure.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Our Link Single Customer View solution is designed to be flexible and scalable. At the project outset our consultants will work with you to scope your exact requirements, availability of data, frequency of inputs/outputs etc and any requirements for data enrichment.Users can add/remove data feeds and enrichment elements at any point and all output data structures can be tailored to suit the requirements of local systems.

Scaling

Independence of resources
In capacity planning, consideration is given to increased demand over time and fluctuating peaks and troughs in demand, identified through understanding concurrent users, types of users, types of activity undertaken, seasonal activity, etc. In this way, it is be possible to plan for capacity management rather than having to react, when unanticipated situations arise. In addition, database administrators continually monitor activity and performance and will take the steps necessary to ensure that the service received is of the highest possible quality.

Analytics

Service usage metrics
Yes
Metrics types
Service metrics can be supplied in accordance with user-specific requirements. These will be confirmed during the initial scoping consultation.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
This is included within the functionality of the solution, with input records subsequently output, as specified by the user, once cleansing, matching and appending (where applicable) has taken place.
Data export formats
  • CSV
  • Other
Other data export formats
Other delimiters and fixed length.
Data import formats
  • CSV
  • Other
Other data import formats
Other delimeters and fixed length.

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
Experian does not have a standard service level agreement and this is reflected in our pricing. If a client requires an SLA, then Experian would need to scope the specific requirements to be covered, and then amend pricing appropriately
Approach to resilience
This information is available on request.
Outage reporting
Email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Not applicable
Access restriction testing frequency
At least once a year
Management access authentication
Other
Description of management access authentication
Available on request

Audit information for users

Access to user activity audit information
No audit information available
Access to supplier activity audit information
No audit information available
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
DNV GL Business Assurance Ltd
ISO/IEC 27001 accreditation date
20/12/2016
What the ISO/IEC 27001 doesn’t cover
Everything is covered
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
Trustwave
PCI DSS accreditation date
28/10/2016
What the PCI DSS doesn’t cover
Everything is covered
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Experian have a comprehensive Global Security Policy based on the ISO27001 standard which covers: Organisation and Management; Information Security; Asset Classification; Physical and Environmental Security; Communications and Operations Management; System Access; Systems Development and Maintenance; Compliance; Personnel and Provisioning; Business Continuity Management; Third Party Management. The policy is owned by Experian's Executive Risk Management Committee which is an executive level body, and which assumes ultimate responsibility for Experian's risk position. Information security is a key component of the risk management framework. Experian management supports security through leadership statements, actions and endorsement of the security policy and implementing / improving the controls specified in the policy. The policy is available to all Experian employees and contractors on the intranet. Changes to the policy are announced on the company's intranet and followed up with training and awareness programmes. New hires are required to undertake computer-based information security and data protection training, and this is repeated on at least an annual basis. Compliance to policy is overseen by internal audit.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Experian have a change management policy which is underpinned by processes and procedures based on ITIL best practice. This is a mature process. We use a service management tool that integrates change management, incident management, problem management, configuration management and knowledge management. Our change management policy, process and procedures are regularly audited by independent auditors. Formal risk analysis is employed using an approved information risk analysis methodology as a part of the project analysis phase for developments/changes. Security requirements for the system are identified and continue to be considered throughout the life of the product.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Servers and PCs are built to a documented secure standard, which includes anti-virus and malware defences. Information assets have a defined patching schedule, determined by the system's criticality and the level of threat the patch is mitigating. Experian actively monitors the threat environment and checks the effectiveness of security controls by reviewing both free and paid for sources of threat information, including; public information, major vendor feeds and also receiving information from specialist closed group mailing lists. The overall process is also plugged into an automated patch and fix strategy, underpinned with a technology infrastructure to deliver corrective updates.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Monitoring processes and tools are in place to manage alarms generated by security related alerts and these are fed into the incident management process. Experian has a formally documented risk based incident management process to respond to security violations, unusual or suspicious events and incidents. In the event an incident occurs a team of experts from all relevant areas of Experian are gathered to form an incident response team, who manage activities until resolution. The incident response team are available 24/7 to resolve any incident. Out of core hours the dedicated incident hotline is routed to the command centre.
Incident management type
Supplier-defined controls
Incident management approach
The incident management process incorporates a number of participants and contributors, including: Global Security Office - who facilitate and coordinate activities under the business security coordinator's guidance; Business Security Coordinator - a representative of the impacted business area, responsible for coordinating resolution activities; Incident Response Team (IRT) - IRT is made up of a membership that are empowered to make key decisions surrounding the actions to be taken to reduce impact, control actions, and impose corrective activities. A client report would be created, including: high level overview; facts; overview of events; actions taken.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£6,000 to £180,000 a licence
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at damian.kenny@experian.com. Tell them what format you need. It will help if you say what assistive technology you use.