Open Data Portal
The Open Data platform helps transform government organizations from one where data is siloed across thousands of disparate systems to one where all data is in a single place - synchronized with the source systems, and in a structure that allows authorized access to find and use that data.
- Data visualization
- Data reporting
- User permissions
- Data as a service
- Education support
- Instructor-led courses
- Workflow Management
- Robust search experience and data sharing
- Cleaning data by automatically identifying errors and outliers;
- Importing and adding metadata to create strong data governance;
- Administrative Advisory Board and User Group
- Post-implementation support
- Visualizing, filtering and drilling into data.
- Mobile responsive
- Usage analytics
- Data-rich stories and dashboards
- Account Management and Customer Success Management
£200 to £58303 per unit per year
|Software add-on or extension||No|
|Cloud deployment model||Public cloud|
Socrata technology is provided as a Software as a Service solution where all clients are on the latest version of the software. We schedule specific maintenance windows once per month, during which we reserve the option to bring the Socrata platform down for scheduled maintenance and upgrades. These windows include:
On the third Saturday of January, February, April, May, July, August, October, and November, Socrata-powered data sites may be unavailable from 8:00 PM to 9:00 PM EST.
On the third Saturday of March, June, September and December, Socrata-powered data sites may be unavailable from 8:00 PM to Midnight EST.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Tyler D&I offers comprehensive Customer Support to our customers. The Customer Support level will be referenced in the SaaS Agreement or the Order Form. We make specific commitments to supporting our customers with policies in place to define support programs and provide ongoing support. These policies cover our methods and timelines for prioritizing customer issues, addressing product defects, and resolving support requests.
Each Customer Support Request is assigned a priority by Socrata based on the technical severity of the request. The combination of Customer Support Program and Request Priority determines the SLA commitment time frame.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 A|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 A|
|Web chat accessibility testing||N/A.|
|Onsite support||Yes, at extra cost|
Tyler offers comprehensive Customer Support Programs to our customers. We are committed to helping you make your Socrata solution a success. We understand that each organization has unique needs, and our Customer Support Programs are designed to let you choose the right program to meet your team needs. We make specific commitments to supporting our customers with policies in place to define support programs and provide ongoing support.
Support Services/Programs Basic Silver Gold Platinum
Online Support 24x7 24x7 24x7 24x7
Phone Support 12x5* 12x5* 12x5* 12x5*
Online Knowledge Base X X X X
Community Portal X X X
Service Level Agreement X X X
Coaching 30 hrs 75 hrs 150 hrs
Dedicated Support Specialist X
*12x5 defined as: 6:00am - 6:00pm Pacific Time, Monday-Friday, excluding US Federal Holidays ("Business Hours")
Our complete offering of Customer Support Programs can be found at www.support.socrata.com. These policies cover our methods and timelines for prioritizing customer issues, addressing product defects, and resolving support requests.
The Customer Support Program selected will be referenced in the SaaS Agreement or Order Form.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||The “Educate” stage provides a comprehensive Socrata education program (“Socrata Education Program”) by Customer team member role to be completed prior to the start of the implementation. Baseline Socrata Education Program learning paths will be designed for each team member based on their role.|
|End-of-contract data extraction||Upon request, Tyler/D&I will make the SaaS Services available to Client to export Client Data for a period of sixty (60) days following the termination of this Agreement. After such sixty (60) day period has expired, we have no obligation to maintain Client Data and may destroy the Client Data.|
|End-of-contract process||The Socrata SaaS Services includes Socrata’s off the shelf, cloud-based software service and related services, including some support services, as specified under this Agreement. Unless specified in the Order Form, SaaS Services do not include support of an operating system or hardware, support outside of our normal business hours, or training, consulting, or other professional services.|
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||N/A.|
|Accessibility standards||WCAG 2.1 A|
|Accessibility testing||Socrata has worked with public sector partners to ensure that their users employing assistive technology can use the platform.|
|What users can and can't do using the API||
Client can only interact with the SaaS Services as allowed by the current APIs and the Agreement. Client may not use the APIs in a manner that constitutes excessive or abusive usage, or fails to comply with any part of the APIs. Socrata can suspend or terminate Client’s access to the APIs on a temporary or permanent basis. Socrata may change or remove existing endpoints or fields in API results upon at least 30 days’ notice to Client. Socrata may add new endpoints or fields in API results without prior notice to Client.
The APIs may be used to connect the Socrata SaaS Services to Client's hosted or on-premise software applications, but Client is fully responsible for those applications, and the SaaS Services are not contingent on access to or availability of any non-Socrata application.
Socrata does not own any open source code that may be provided with the APIs, and any open source code provided is provided AS IS and is governed by the applicable open source license that applies to such code; provided, that any such open source licenses will not materially interfere or prohibit Client’s limited right to use the SaaS Services for its internal business purposes.
|API documentation formats||HTML|
|API sandbox or test environment||No|
|Independence of resources||The Socrata platform is hosted on Amazon Web Services infrastructure and provides users with an elastic, on-demand experience that automates costly infrastructure (i.e., memory and processor) configuration processes. Our platform is provided as a utility service that can scale to tens of thousands of concurrent users as well as datasets containing millions of records on demand. The shared platform hosts hundreds of thousands of datasets and responds to millions of API calls monthly, and still provides real-time response throughout for visual filter queries on datasets over 100 million rows.|
|Service usage metrics||Yes|
Our platform includes analytics on usage, distribution, and traffic patterns across all assets published, and key metrics can be reviewed by browser type (IE, Chrome, Firefox, etc) and asset type (dataset, visualization, data catalog, etc). Data can also be sliced by time and reviewed for each separate dataset, as well.
The solution tracks the following metrics by default: page views, total datasets, total rows, data rows added/removed, views from web embeds, and snapshots created, as well as data on one’s top datasets (by view traffic), top web referrers, top search terms, number of API requests, downloads by dataset, and more.
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||Another external penetration testing organisation|
|Protecting data at rest||
|Other data at rest protection approach||
Data at Rest Data at rest is encrypted. This includes the following data stores: • Databases • Amazon S3 buckets • Amazon EBS volumes Socrata relies on AWS to manage both the encryption method and key management infrastructure (KMI). AWS uses the industry-standard AES-256 algorithm. Master encryption keys are stored in Amazon Key Management Service (KMS), which uses Hardware Security Modules (HSMs) to protect the security of keys. Decryption of key data on individual EC2 instances is allowed based on IAM policies, where access is granted based on IAM role.
|Data sanitisation process||No|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||
Once a dataset has been loaded into Socrata, it is available for download in a number of different formats:
CSV (Comma Separated Values)
RSS (with GeoRSS information if there is a Location column in the dataset)
All of the above formats are also available for that data in filtered views, and are also available to developers via the Socrata Open Data Consumer API. Geospatial content can be downloaded in the above formats, as well as GeoJSON, SHP, KML or KMZ.
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||
|Other protection between networks||All data in transit is encrypted, using SSL/TLS in browser sessions and/or FIPS 140-2 algorithms depending on the type of connection. The various methods for loading, interacting with, managing, and transferring customer data on the Socrata platform are designed to give a consistent level of assurance of confidentiality while that data is in transit either between services, or to a user of the product itself.|
|Data protection within supplier network||
|Other protection within supplier network||All data in transit is encrypted, using SSL/TLS in browser sessions and/or FIPS 140-2 algorithms depending on the type of connection. The various methods for loading, interacting with, managing, and transferring customer data on the Socrata platform are designed to give a consistent level of assurance of confidentiality while that data is in transit either between services, or to a user of the product itself.|
Availability and resilience
We will use commercially reasonable efforts to maintain the online availability of the SaaS Service for a minimum of availability in any given month as provided in the chart below (excluding maintenance scheduled downtime, outages beyond our reasonable control, and outages that result from any issues caused by you, your technology or your suppliers or contractors, Service is not in the production environment, you are in breach of this Agreement, or you have not pre-paid SaaS Fees for the Software as a Service in the month in which the failure occurred).
Availability SLA - 99.9%
Credit: 3% of monthly fee for each full hour of an outage that adversely impacted Client's access or use of the SaaS Services (beyond the warranty).
Maximum amount of the credit is 100% of the prorated SaaS Service Fees for such month, or $1,800.00, whichever is less, and the minimum credit cannot be less than $100.00.
|Approach to resilience||This is available upon request.|
|Outage reporting||Socrata will report scheduled maintenance windows, outages or other events affecting Client on Socrata’s support site at www.support.socrata.com.|
Identity and authentication
|User authentication needed||No|
|Access restrictions in management interfaces and support channels||
Socrata users can have roles on a domain which define the types of actions they can perform for all datasets on the domain, as well as high-level operational control of the domain itself. Examples of these actions include importing data, adding features, or managing users.
The set of roles are Viewer, Editor, Designer, Publisher, and Administrator. Socrata users also have permissions per datasets -- which define the types of actions that someone is able to perform on a specific dataset. Examples include editing a dataset, viewing a dataset, and publishing a dataset.
|Access restriction testing frequency||At least once a year|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||FedRAMP Moderate based on NIST 800-53 Rev4|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||Other|
|Other security governance standards||“FedRAMP Moderate” (NIST 800-53r4)|
|Information security policies and processes||The Socrata Platform/SCGC is currently audited and currently certified as “FedRAMP Moderate” (NIST 800-53r4). The platform has successfully passed its audit for the past 3 years. Continuous monitoring is in place, and while no major incidents have occurred, there are weekly scans and monthly federal reporting for minor corrections. Beyond the formal annual audits, there is a regime of weekly scanning in conformance to U.S. federal standards, and a monthly “CONMON’ report is filed with the FedRAMP PMO, and is available for review.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||Socrata maintains a baseline system image of Ubuntu Server 14.04 LTS for all services within the operating environment. The base Ubuntu image is comparatively hardened/stripped of nonessential services to start: no services are installed by default, and a minimal set of packages necessary to run come installed. Socrata installs new instances of physical and virtual machines within the production environment using pre-seeding and as part of the installation automatically applies package security and reliability updates. The pre-seed system installs OpenSSH, common UNIX build tools, Ruby, and Opscode Chef for further configuration management|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||
Socrata performs regular monthly scans using a vulnerability scanners such as Nessus, and Burpsuite, all findings are recorded and triaged for review.
We perform risk assessments that conform to NIST SP 800-30. These assessments are performed annually at a minimum, and updated to reflect substantive changes to the environment throughout the year.
We annually contract with a reputable professional services firm to perform a ‘white-box’ penetration test of our platform. These tests attempt to gain access to the Socrata system by enumerating and attempting to exploit vulnerabilities in the platform.
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Socrata’s engineering and systems administration staff keep up to date on hardware and software vendor announcements concerning flaws. Socrata systems are automatically monitored for OS vendor patches and any out-of-date packages triggers alerts in a continuous monitoring system. As a secondary check, weekly vulnerability scans are performed using Nessus and any vulnerabilities, outdated software, or other flaws identified by these scans are submitted as work items.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
Socrata maintains a Standard – Contingency Planning and Incident Response, as well as an Incident Response Process, and an Information System Contingency Plan, which are all tightly aligned, as Socrata views incident response to security threats as part of the contingency planning process.
These documents include response procedures covering: identification, notification activities, personnel roles, and required actions. These documents are provided to all employees at the time of hire, and made available on an internal shared drive.
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£200 to £58303 per unit per year|
|Discount for educational organisations||No|
|Free trial available||No|