Xiatech Consulting Ltd

Single Data View Platform

The Single Data View platform is a cloud-based Managed Service delivering:

1. Real-time, event-based integration between systems
2. Real-time 360 degree Single View of Data
3. A suite of real-time reports and dashboards

The platform uses best of breed technology to create an elastically scalable, highly resilient, data encrypted solution.

Features

  • Real-time Event-based Integration Platform as a Service (IPAAS)
  • Real-time Single View of Data (360 Single Version of Truth)
  • Real-time Reporting & Analytics with pre-built reports and dashboards

Benefits

  • Real-time 360 degree view of all your data (Golden Record)
  • Very low Total Cost of Ownership
  • Can be implemented in under three months
  • Out of the box connectors providing plug and play capability
  • Can integrate any system or data-format, even the old ones
  • Elastically scalable and highly resilient in the cloud
  • Highly secure and GDPR-ready
  • Uses the latest Cloud technology to drive the platform
  • Continuous improvement and weekly releases
  • Microservices-based - can pick up the events AND the data

Pricing

£5000 to £25000 per licence per month

  • Education pricing available

Service documents

G-Cloud 11

541791868443076

Xiatech Consulting Ltd

Jonathan Summerfield

0789 986 0396

info@xiatech.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints The system is only constrained by your imagination and creativity.
We can integrate any system and provide the data in real-time to other applications, as well as our Reporting and Analytics service.
System requirements
  • Some projects require the procurement of a database license
  • Some projects require the procurement of a reporting tool license

User support

User support
Email or online ticketing support Email or online ticketing
Support response times The speed of our response to any questions or issues depends on their severity and the support package taken. For those customers on the 24x7x365 support package, top priority (highly urgent) issues we can respond within 30 minutes and look to provide a workaround within 4 hours.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support Web chat
Web chat support availability 24 hours, 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible We use Whatsapp messenger for Web chat support, which uses end to end encryption.
Web chat accessibility testing None. All our web chat is performed by humans.
Onsite support Onsite support
Support levels For all our clients we provide support 24x7x365 alongside an Account Manager, a First Line Support contact and Cloud Support.

The Support Services are part of our Managed Service (along with Operations, Maintenance, Monitoring and Break-fix) and therefore are covered within the monthly Managed Service fee.

When we receive a support request, the issue is triaged and assigned a priority according to the Business-related severity.

For an information request, the issue is typically dealt with within 30 minutes.
For support incidents, they are dealt with as follows:

1. For priority 1 incidents we respond within 30 minutes, provide a workaround within 4 hours and a complete fix within the next sprint cycle (typically one week).
2. For priority 2 incidents we respond within 2 hours, provide a workaround within 4 hours and a complete fix within the next sprint cycle.
3. For priority 3 incidents we respond within 16 hours, provide a workaround within 4 hours and a complete fix within the next sprint cycle.
4. For priority 4 incidents we respond within 5 days, provide a workaround within 4 hours and a complete fix within the next sprint cycle.

These Service Level Agreements can be adapted for different needs
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Our platform is implemented through our Professional Services team. The initial engagement involves a Discovery process to understand the system landscape and the business context as well as the requirements.

Following an implementation we onboard the users through a series of data exploration workshops and training courses, as well as training the BI champions and assisting the users to become self sufficient in the creation of reports, dashboards and analytics
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Our Single Data View platform is provided through an ongoing Managed Service contract. All data is exposed via a Data Lake through which all data is constantly available to users at any point.
It is unusual for a Managed Service of this nature to not be renewed.
However, should the Managed Service contract expire then all data can be extracted via the Data Lake which we can assist with.
End-of-contract process The Single Data View contract includes unlimited use of the following on a Managed Service:

Real-time Event-based Integration Platform as a Service (IPAAS)
Real-time Single View of Data (360 Single Version of Truth)
Real-time Reporting & Analytics with pre-built reports and dashboards

There are three components to the costs:

1. Professional services to implement the platform.
2. Monthly managed service fee (includes all support, maintenance, monitoring and operations)
3. Hosting fee (based on data volumes)

At the end of the professional services contract the Managed Service takes over for the length of the contract. At the end of the contract, the service is terminated or the contract is extended.

Simply put, we ingest your data in real-time from an unlimited number of data sources, cleanse the data, apply various rules (dedupe, merge etc) and then make it available for consumption to subscribing systems.
One of the consuming systems is our data lake on which we provide analytics and dashboard tooling such as Tableau or Power BI. As part of the service we build dashboards to your requirements and train you to become self service

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Our platform exposes our Data Lake to use for Reporting and Analytics purposes.
We allow the provisioning of most standard Commercial or Open Source reporting tools to connect to our Data Lake. Therefore any differences between mobile and desktop report access is mainly down to reporting tool providers themselves and not due to a feature of our platform.
We enable most tools to connect so this can vary across reporting tools
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing We rely on our partners at Tableau and Microsoft to carry out interface testing and we are satisfied that the above accessibility standards are met.
API Yes
What users can and can't do using the API We can expose our integration platform as an API, REST-based service of similar. This will allow any system to integrate to our platform via the API to provide or receive data. No changes can be made to our underlying infrastructure or platform via the APIs.
Users can work with us to establish their own APIs or connect their own APIs to our platform
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation We provide a Single Data View platform.
At the core of our platform is a set of standard integration components, a data repository and a data lake. Our Single Data View platform is then required to be configured to integrate to varying systems and the data sources. Therefore each connection to and from the system landscape sometimes needs to be adapted to fit the needs of the systems.
Every implementation of the SDV platform also needs to be configured to the data needs of the recipient organisation and as such, we often require some minor amendments to our central canonical data model .
Lastly, in addition to our standard out of the box reports and dashboards, we are continuously providing new reports at the request of our clients.
Our clients' users can create their own set of reports as well, in the spirit of becoming self sufficient. Other than the creation of reports, users cannot adapt the SDV platform themselves although we do offer the ability for users to create their own APIs or connect our platform to their APIs.

Scaling

Scaling
Independence of resources Each implementation for each client/user is independent of one another and therefore resources are isolated and ringfenced. In addition we make use of cloud based resources to ensure that there is no conflict.

Analytics

Analytics
Service usage metrics Yes
Metrics types We provide a dashboard of the operational monitoring of the entire SDV service - at an application, integration and infrastructure level. This dashboard is readily available to view online or through a PDF document
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Users can export their data from their source systems to make it available to the SDV platform to consume via any format - CSV, XML, JSON etc
The SDV allows users to export data via any standard reporting tool or through exporting data out of the Data Lake via SQL
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • JSON
  • REST
  • XML
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • JSON
  • XML
  • REST-based services
  • APIs
  • JMS etc

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection between networks We can use any available secure method to connect between networks
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network We use various tools and techniques to protect and encrypt data such as a third party provider, HashiCorp Vault

Availability and resilience

Availability and resilience
Guaranteed availability Our availability is subject to the cloud providers on which we run our Single Data View platform. We use both AWS and GCP to host our platform, both of whom provide 99.99% and 99.9% respectively. Xiatech aim to follow suit with the same SLAs and provide a service credit facility should we fall below that level.
Approach to resilience Our availability is subject to the cloud providers on which we run our Single Data View platform. We use both AWS and GCP to host our platform, both of whom provide high levels of resilience which Xiatech adopt within the platform setup. We publish our SLAs and the resilience is intended to mirror those target levels both through load balancing, failover and Disaster Recovery.
Outage reporting We publish a dashboard for each client showing the service performance in real-time, including the data being passed through our Integration Platform. Any outages are published through this dashboards and we follow this up with Service emails to provide ongoing status.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels All user access is secured via authentication. No data can be accessed via a human readable format - only access via APIs with the relevant privilege levels are acceptable. Data is held at rest in an encrypted format.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Xiatech adopt AWS and GCP security standards within the SDV platform setup and therefore inherit the relevant Security by Design compliance. Xiatech don't have their own certification but rely on the cloud providers on which the platform is hosted to provide the high standards of security compliance required.
Information security policies and processes We follow industry best practices in relation to InfoSec, including ensuring we are GPDR-ready and incorporating the relevant processes from ISO 27001 and 27002

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We use best of breed technology for our configuration and change management processes including the use of Source control, version control, defect tracking and incident resolution. Tools such as Jira, Confluence and GitHub allow us to effectively manage our development, configuration and change management processes
Vulnerability management type Supplier-defined controls
Vulnerability management approach The Xiatech Single Data View platform adopts all the best practices from our hosting partners, AWS and GCP as well as from our technology partners such as Couchbase. Any patches we deploy are thoroughly tested and QA'd before release.
We regularly perform threat-based analysis and use our technology partners to inform us about any potential threats.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We adopt various monitoring tools to understand the health, security and stability of our platform. Tools from HashiCorp, Cloudwatch, New Relic and Pager Duty are used to alert us to any issues on the platform.
We respond to all issues within 30 minutes, 24x7x365.
Any compromises that we are alerted on, we would immediately notify our clients and look to resolve any incidents via our agreed SLAs according to our internal Triage process.
Incident management type Supplier-defined controls
Incident management approach All incidents are treated in a standard way according the Service Levels:
1. Incident notified via a call, email, trigger or alert
2. Support agent on duty analyses the incident and decides whether first line can resolve
3. If 2nd or 3rd line support are required, the incident is triaged and assigned a severity/priority according to the business criticality agreed up front.
4. Response times, work-arounds and permanent fixes are resolved within the timelines agreed with the SLAs
5. Incident management report is created and circulates

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £5000 to £25000 per licence per month
Discount for educational organisations Yes
Free trial available No

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑