Metadata Consulting Ltd

Data Validation

This service validates instance data from database tables, Excel spreadsheets, XML files and JSON files/streams against preset rules and expressions.

Features

  • Real time data validation
  • Validation against a data model and set of rules
  • Validation Reporting and Dashboard
  • Dataset management in real time
  • Storage and Logging of Validation activities

Benefits

  • Data can be validated to a known standard
  • Data Validation reduces errors in operations
  • Clear reporting enables business process improvement
  • Conformance to standards reduces risk of GDPR infringements
  • High Quality data is essential for high quality analytics

Pricing

£5 to £100 per person per month

  • Free trial available

Service documents

G-Cloud 10

533610373241509

Metadata Consulting Ltd

Adam Milward

07590549421

adam@metadataworks.co.uk

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Metadata Exchange - a metadata registry which can hold data models and rules, which in turn can be used for data validation
Cloud deployment model Hybrid cloud
Service constraints Maintenance is normally carried out at times when users are not online, if no such time is found then we can notify users in advance of any planned maintenance. However maintenance is normally fairly transparent to the user, there have not been any occurrences of prolonged downtime to date.
Constraints include the need to specify a set of criteria against which to validate data
System requirements
  • Buyers need to have access to an up-to-date browser
  • The cloud validation service works with uploading excel files

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 1 working day, no response during weekends or UK public holidays, except by prior arrangement
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support No
Web chat support No
Onsite support Yes, at extra cost
Support levels Tier 0 - included in standard pricing
Tier 1 - included in standard pricing
Tier 2 - as part of a support contract starting at £500 per month - varying on number of users.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide a wiki with a number of you-tube tutorials, and videos to help get users up and running
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction They download the data via a set of word, excel, pdf or xml reports
End-of-contract process At the end of the contract the user can download any particular reports, models and data that they need, or renew the contract online.
Use of cloud data validation service, with access to documentation, wiki and tutorials is included in the price of a contract.
Specific consultancy relating to a particular users instance data is not included, but can be purchased as an extra.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile works, since we take care to use a bootstrap/jquery library on the frontend, however it is very awkward and we recommend a large screen for optimal effect and useability
Accessibility standards None or don’t know
Description of accessibility Users are able to build datasets and rules by uploading excel spreadsheets. These can then be used to validate the data against.
Accessibility testing We've not carried out any interface testing for users of assistive technology.
API Yes
What users can and can't do using the API Users can set up the data curation service using a REST interface, and carry out most of the functions of the web interface.
API documentation Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Buyers can commission plugins which can be added to their cloud instance.

Scaling

Scaling
Independence of resources The cloud service for each user is handled by a separate virtual machine, as are the storage mechanisms which are configured using AWS or Azure virtual servers configured for maximum security, flexibility and scale-ability.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach In-house
Protecting data at rest Encryption of all physical media
Data sanitisation process No
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach PDF files, Excel spreadsheets, XML and word documents.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Our service will be available 99.9 percent of the time, excluding scheduled maintenance time - 1 hour per month.
If the service is down for more than 30minutes in a week then we refund 30% of the costs
Approach to resilience It's available on request
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels We use a role based access control system for all services, users have the ability to manage users within there own organisation using the same role based system
Access restriction testing frequency At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We adhere to the gov uk security policy framework. We have a dedicated SIRO, DSO and IAOs who actively manage our security processes. We review our security policies on a quarterly basis to ensure we are compliant and up-to-date.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We are committed to automating as much of our build and test process as possible. We use github (and bitbucket) for source control and have recently moved to “gitflow lite” for release management. Git integrates with JIRA for change management and Zephyr for test management. All JIRA tasks / bugs are linked to epics and stories within the tool to provide traceability. We’ve used a variety of continuous integration servers including Jenkins, Bamboo and Travis. We run codenarc to assess code for consistency and basic security, as well as manual code review for every commit.
Vulnerability management type Undisclosed
Vulnerability management approach We employ an agency to review vulnerabilities and conduct pen testing. We also subscribe to amazon inspector, security focus to remain up-to-date with the latest threats. We aim to patch major security vulnerabilities within 24hrs.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We employ a security agency to monitor our services and conduct regular reviews to monitor potential compromises. We attempt to counter the compromise, whether through enhanced configuration or creating a patch. We aim to respond within a few hours of identification of a potential compromise.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Security incidents are managed by an accredited agency. Their incident management tools integrate with our JIRA bug and task management system. Users report security incidents via our helpdesk this is tracked by us and forwarded to our security agency, who prioritise the incidents, and provide us with incident reports.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5 to £100 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial 28 days free usage for one user in an organization.
All features from the 'mini' version are available to test and use.

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑