GARNET8 Limited

GARNET8 Collaboration Clouds

An agile, continuously evolving Source System of Record solution, empowering you to build on business value. It provides a collaborative, automated, governed, secure data solution for Multi-Cloud environments. It's an alternative to the layer of cost found within ESB/iPaaS and silos, isolated and disjointed work-flows Spreadsheets create.


  • Encryption by default.
  • Distributed Architecture allows departments to mirror processes with coherent information.
  • Simple, yet extremely powerful tool-kit for building cloud services.
  • Low Code builder enables faster time to value.
  • Simple tiggers for real-time automation of work-flows.
  • Concise data structures allowing you to easily extend informations value.
  • Decentralised hierarchical database enabling connected data management and collaboration,
  • Decentralised fine grained Information Governance empowering secure, governed collaboration
  • 'End-to-End' digitial transformation, providing agility, governance and automation.
  • Do more for less.


  • Simple low risk, low cost change management.
  • Empower more informed decisions based on real-time coherent information.
  • Enable faster decisions at a lower cost to tax payers.
  • Deliver an agile, low risk, low cost Digital Transformation
  • Employees benefit from engaged, proactive, collaboration on high quality information.
  • Move front-line employees beyond chasing knowledge to supporting citizens.
  • Support seamless, integrated, collaboration and governance across boundaries.
  • Build a resilient data-centric, data-driven infrastructure.
  • Overcome IT skills shortage, reducing IT costs.
  • Harness the power of your data.


£6.95 to £27.95 per person per month

Service documents


G-Cloud 11

Service ID

6 1 0 3 1 4 0 0 3 5 0 2 5 7 5


GARNET8 Limited

Chris Cook


Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
Service constraints The cloud software is reliant on a Ubuntu Linux Cloud VM or Bare-metal configuration.
System requirements
  • Ubuntu Linux VM.
  • Public Cloud IP Address, Sub Domain and configured DNS.
  • GARNET8 Account, to create

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Yes, only first line support available at weekend.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Level 4 support, configuring, updating systems and fixing patches. This support in £1800 per day plus VAT.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Within the user interface we have click-by-click automated tours. These walk the user through the functionality with tool-tip explanations. This empowers the user to get up to speed faster, with a low cost to the department/organisation deploying the GARNET8 Collaboration Clouds (G8CC) platform.
Service documentation Yes
Documentation formats Other
Other documentation formats
  • Click by click interactive tour within the user interface.
  • You can also find these tours within our website.
End-of-contract data extraction Within Apps you can easily create simple data export string. These string are specific to your needs and makes extracting data simple.
End-of-contract process You extract your data from Apps you have created within the platform. You then notify your hosting provider that your ready to terminate the VM and they will destroy the information within the VM. This makes it incredible simple and secure.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Linux or Unix
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Within the mobile interface information open below the feed information, in the desktop (Larger Screen) version it open to the right of the feed. The App builder within the mobile interface has three separate sections with navigation at the top, the desktop version display them in a line. Writing Javascript for input triggers is more difficult within mobile version, due to screen size.
Service interface Yes
Description of service interface We have both Mobile and Desktop service interfaces, accessible via a web browser (thin client).
Accessibility standards WCAG 2.1 AAA
Accessibility testing We've used postcss-high-contrast to develop the high contrast interface and use attributes defined by browser standards.
What users can and can't do using the API It has an external submit API. This allows information to be submitted from Forms or other services. They create these external handlers within Apps and manage the data structures needed. We don't put limitation on the number of "calls" but they are charged as additional users.
API documentation Yes
API documentation formats Other
API sandbox or test environment Yes
Customisation available Yes
Description of customisation You can personalise Apps within the solution using the frameworks low code App builder. These Apps are personalised to suit end user needs and organisation work-flows.

Automated real-time work-flows can be personalised to integrate machine learning, visualisation and integration of other solutions.

Hooks can be created to extend the platforms functionality using multiple languages.

Real-time output streams empowers your organisations to provide visualisation on a complete data set easily.


Independence of resources Each service is a unique node that scales laterally, allowing you to control resources. The cloud infrastructure (Hosting service) used will manage the dependant Linux VM and you will need to ask for the hosting services for VM access guarantees. Our phone support can offer advice on this.


Service usage metrics Yes
Metrics types We have a administration dashboard which covers, System information, Memory Usage, System Process Usage, Processes with highest Memory usage, IO input and Output, Total HTTPs request, Scheduler Usage, Errors, Users, Local Apps, Total Database Size.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach - Email credentials use Salted/236 sha hash.
- Password uses Blowfish encryption.
- Data blocks have a two stage encryption. Firstly a one-time-pad and then use 256 AES encryption.
- Data blocks use HMAC signature for read verification.
- You can bring your own encryption key (BYOK).
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Within the data container admin click the "Export" item, select the App to export data from and then select the data range, lastly click export and you will be able to download your exported data.
Data export formats
  • CSV
  • Other
Other data export formats
  • Json
  • Xml
Data import formats
  • CSV
  • Other
Other data import formats
  • Xml
  • Json

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability This depends on the cloud infrastructure providers SLAs you have chosen to pair the cloud software with. You can monitor reporting within the Admin interface.
Approach to resilience It uses a laterally scaling/clustering functionality, that provides resilience. The event-driven functionality, means each event is isolated without shared memory. This mean if an event crashes due to bug or denial of service attempt, other events will not be interrupted.
Outage reporting Email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Governance is defined at a input level for specific users and groups for data blocks. There are four user types within the interface framework. The administration user which access metrics for the platform and has the ability to create users and apps. Data Container Administrators have access to their specific data container, can add users, create apps and information. The third type users can create information. Lastly there are secondary users these can only collaborate on information created.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach GARNET8 Collaboration Clouds is Cloud Software solution that is configured on demand within Cloud Infrastructure that suits your needs. We don't have any access to your data or service, we offer encryption by default within the cloud software, but security and governance of the cloud software is dependant on the cloud infrastructure provider and your organisations needs.
Information security policies and processes Security reporting for the virtual machine GARNET8 provides is done directly to GARNET8 Limited and our internal processes will offer patches within a responsible time. This time depends on the information provided by the reporting organisation.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Nodes within the network are monitored through the registration process when your create/delete a service. Configuration of your services aren't stored within our infrastructure, due to privacy. All system components within the platform have unit tests, code reviews and we use internal code checking tools. These tools have been developed internally with exceptional knowledge of the language, to monitor for possible security issues.
Vulnerability management type Undisclosed
Vulnerability management approach The solution creates logs and all ports should be closed except ssh 22, 80 (redirecting to 443), 443 and server to server port of your choice, e.g. 5280. Data is serialised when read from ports and we use a strongly typed language for the platform. This means your can't get around the type settings. A function will only allow what it expect otherwise it crashes and uses the event platform to manage this. Patches are deployed through the account admin and easily updated in running cluster.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Monitoring IP addresses that make requests on paths that don't exist. We also monitor client types that users log in on and if they login from a new device they will be asked to confirm the log in with a string.
Incident management type Supplier-defined controls
Incident management approach Shut down the server, check logs looking at what data they've accessed if any, blacklist the IP address and report any incidents needed by law. Then startup the server and repeat if it happens again.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)


Price £6.95 to £27.95 per person per month
Discount for educational organisations No
Free trial available Yes
Description of free trial The free trial is limited to 60 days, but you get access to the full platform. You are limited by the underlying connectivity to the peer-to-peer network. You can create a cluster of isolated peers for testing or just use a single node.
Link to free trial

Service documents

Return to top ↑