GARNET8 Collaboration Clouds
An agile, continuously evolving Source System of Record solution, empowering you to build on business value. It provides a collaborative, automated, governed, secure data solution for Multi-Cloud environments. It's an alternative to the layer of cost found within ESB/iPaaS and silos, isolated and disjointed work-flows Spreadsheets create.
- Encryption by default.
- Distributed Architecture allows departments to mirror processes with coherent information.
- Simple, yet extremely powerful tool-kit for building cloud services.
- Low Code builder enables faster time to value.
- Simple tiggers for real-time automation of work-flows.
- Concise data structures allowing you to easily extend informations value.
- Decentralised hierarchical database enabling connected data management and collaboration,
- Decentralised fine grained Information Governance empowering secure, governed collaboration
- 'End-to-End' digitial transformation, providing agility, governance and automation.
- Do more for less.
- Simple low risk, low cost change management.
- Empower more informed decisions based on real-time coherent information.
- Enable faster decisions at a lower cost to tax payers.
- Deliver an agile, low risk, low cost Digital Transformation
- Employees benefit from engaged, proactive, collaboration on high quality information.
- Move front-line employees beyond chasing knowledge to supporting citizens.
- Support seamless, integrated, collaboration and governance across boundaries.
- Build a resilient data-centric, data-driven infrastructure.
- Overcome IT skills shortage, reducing IT costs.
- Harness the power of your data.
|Software add-on or extension||No|
|Cloud deployment model||
|Service constraints||The cloud software is reliant on a Ubuntu Linux Cloud VM or Bare-metal configuration.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Yes, only first line support available at weekend.|
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Level 4 support, configuring, updating systems and fixing patches. This support in £1800 per day plus VAT.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Within the user interface we have click-by-click automated tours. These walk the user through the functionality with tool-tip explanations. This empowers the user to get up to speed faster, with a low cost to the department/organisation deploying the GARNET8 Collaboration Clouds (G8CC) platform.|
|Other documentation formats||
|End-of-contract data extraction||Within Apps you can easily create simple data export string. These string are specific to your needs and makes extracting data simple.|
|End-of-contract process||You extract your data from Apps you have created within the platform. You then notify your hosting provider that your ready to terminate the VM and they will destroy the information within the VM. This makes it incredible simple and secure.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||Linux or Unix|
|Designed for use on mobile devices||Yes|
|Description of service interface||We have both Mobile and Desktop service interfaces, accessible via a web browser (thin client).|
|Accessibility standards||WCAG 2.1 AAA|
|Accessibility testing||We've used postcss-high-contrast to develop the high contrast interface and use attributes defined by browser standards.|
|What users can and can't do using the API||It has an external submit API. This allows information to be submitted from Forms or other services. They create these external handlers within Apps and manage the data structures needed. We don't put limitation on the number of "calls" but they are charged as additional users.|
|API documentation formats||Other|
|API sandbox or test environment||Yes|
|Description of customisation||
You can personalise Apps within the solution using the frameworks low code App builder. These Apps are personalised to suit end user needs and organisation work-flows.
Automated real-time work-flows can be personalised to integrate machine learning, visualisation and integration of other solutions.
Hooks can be created to extend the platforms functionality using multiple languages.
Real-time output streams empowers your organisations to provide visualisation on a complete data set easily.
|Independence of resources||Each service is a unique node that scales laterally, allowing you to control resources. The cloud infrastructure (Hosting service) used will manage the dependant Linux VM and you will need to ask for the hosting services for VM access guarantees. Our phone support can offer advice on this.|
|Service usage metrics||Yes|
|Metrics types||We have a administration dashboard which covers, System information, Memory Usage, System Process Usage, Processes with highest Memory usage, IO input and Output, Total HTTPs request, Scheduler Usage, Errors, Users, Local Apps, Total Database Size.|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||Never|
|Protecting data at rest||
|Other data at rest protection approach||
- Email credentials use Salted/236 sha hash.
- Password uses Blowfish encryption.
- Data blocks have a two stage encryption. Firstly a one-time-pad and then use 256 AES encryption.
- Data blocks use HMAC signature for read verification.
- You can bring your own encryption key (BYOK).
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||Within the data container admin click the "Export" item, select the App to export data from and then select the data range, lastly click export and you will be able to download your exported data.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
|Guaranteed availability||This depends on the cloud infrastructure providers SLAs you have chosen to pair the cloud software with. You can monitor reporting within the Admin interface.|
|Approach to resilience||It uses a laterally scaling/clustering functionality, that provides resilience. The event-driven functionality, means each event is isolated without shared memory. This mean if an event crashes due to bug or denial of service attempt, other events will not be interrupted.|
|Outage reporting||Email alerts.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Governance is defined at a input level for specific users and groups for data blocks. There are four user types within the interface framework. The administration user which access metrics for the platform and has the ability to create users and apps. Data Container Administrators have access to their specific data container, can add users, create apps and information. The third type users can create information. Lastly there are secondary users these can only collaborate on information created.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||GARNET8 Collaboration Clouds is Cloud Software solution that is configured on demand within Cloud Infrastructure that suits your needs. We don't have any access to your data or service, we offer encryption by default within the cloud software, but security and governance of the cloud software is dependant on the cloud infrastructure provider and your organisations needs.|
|Information security policies and processes||Security reporting for the virtual machine GARNET8 provides is done directly to GARNET8 Limited and our internal processes will offer patches within a responsible time. This time depends on the information provided by the reporting organisation.|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Nodes within the network are monitored through the registration process when your create/delete a service. Configuration of your services aren't stored within our infrastructure, due to privacy. All system components within the platform have unit tests, code reviews and we use internal code checking tools. These tools have been developed internally with exceptional knowledge of the language, to monitor for possible security issues.|
|Vulnerability management type||Undisclosed|
|Vulnerability management approach||The solution creates logs and all ports should be closed except ssh 22, 80 (redirecting to 443), 443 and server to server port of your choice, e.g. 5280. Data is serialised when read from ports and we use a strongly typed language for the platform. This means your can't get around the type settings. A function will only allow what it expect otherwise it crashes and uses the event platform to manage this. Patches are deployed through the account admin and easily updated in running cluster.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||Monitoring IP addresses that make requests on paths that don't exist. We also monitor client types that users log in on and if they login from a new device they will be asked to confirm the log in with a string.|
|Incident management type||Supplier-defined controls|
|Incident management approach||Shut down the server, check logs looking at what data they've accessed if any, blacklist the IP address and report any incidents needed by law. Then startup the server and repeat if it happens again.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||Yes|
|Price||£6.95 to £27.95 per person per month|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||The free trial is limited to 60 days, but you get access to the full platform. You are limited by the underlying connectivity to the peer-to-peer network. You can create a cluster of isolated peers for testing or just use a single node.|
|Link to free trial||https://garnet8.co.uk/tour/public-sector/pink-sheet-demo.html|