Tyler Technologies

Open Data Portal

The Open Data platform helps transform government organizations from one where data is siloed across thousands of disparate systems to one where all data is in a single place - synchronized with the source systems, and in a structure that allows authorized access to find and use that data.

Features

  • Data visualization
  • Data reporting
  • User permissions
  • Metadata
  • Data as a service
  • Charts
  • Maps
  • Education support
  • Instructor-led courses
  • Workflow Management

Benefits

  • Robust search experience and data sharing
  • Cleaning data by automatically identifying errors and outliers;
  • Importing and adding metadata to create strong data governance;
  • Administrative Advisory Board and User Group
  • Post-implementation support
  • Visualizing, filtering and drilling into data.
  • Mobile responsive
  • Usage analytics
  • Data-rich stories and dashboards
  • Account Management and Customer Success Management

Pricing

£200 to £58303 per unit per year

Service documents

Framework

G-Cloud 11

Service ID

6 5 3 0 2 5 2 8 7 8 7 1 7 8 6

Contact

Tyler Technologies

John Wright

+447872994154

John.Wright2@tylertech.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Socrata technology is provided as a Software as a Service solution where all clients are on the latest version of the software. We schedule specific maintenance windows once per month, during which we reserve the option to bring the Socrata platform down for scheduled maintenance and upgrades. These windows include:
On the third Saturday of January, February, April, May, July, August, October, and November, Socrata-powered data sites may be unavailable from 8:00 PM to 9:00 PM EST.
On the third Saturday of March, June, September and December, Socrata-powered data sites may be unavailable from 8:00 PM to Midnight EST.
System requirements
  • Internet Browser (Chrome, Firefox, IE)
  • Operating System (macOS, Windows, Linux)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Tyler D&I offers comprehensive Customer Support to our customers. The Customer Support level will be referenced in the SaaS Agreement or the Order Form. We make specific commitments to supporting our customers with policies in place to define support programs and provide ongoing support. These policies cover our methods and timelines for prioritizing customer issues, addressing product defects, and resolving support requests.

Support SLAs
Each Customer Support Request is assigned a priority by Socrata based on the technical severity of the request. The combination of Customer Support Program and Request Priority determines the SLA commitment time frame.

Please see:
https://support.socrata.com/hc/en-us/articles/216962648-Support-Policy
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 A
Web chat accessibility testing N/A.
Onsite support Yes, at extra cost
Support levels Tyler offers comprehensive Customer Support Programs to our customers. We are committed to helping you make your Socrata solution a success. We understand that each organization has unique needs, and our Customer Support Programs are designed to let you choose the right program to meet your team needs. We make specific commitments to supporting our customers with policies in place to define support programs and provide ongoing support.

Support Services/Programs Basic Silver Gold Platinum
Online Support 24x7 24x7 24x7 24x7
Phone Support 12x5* 12x5* 12x5* 12x5*
Online Knowledge Base X X X X
Community Portal X X X
Service Level Agreement X X X
Coaching 30 hrs 75 hrs 150 hrs
Dedicated Support Specialist X
*12x5 defined as: 6:00am - 6:00pm Pacific Time, Monday-Friday, excluding US Federal Holidays ("Business Hours")

Our complete offering of Customer Support Programs can be found at www.support.socrata.com. These policies cover our methods and timelines for prioritizing customer issues, addressing product defects, and resolving support requests.

The Customer Support Program selected will be referenced in the SaaS Agreement or Order Form.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started The “Educate” stage provides a comprehensive Socrata education program (“Socrata Education Program”) by Customer team member role to be completed prior to the start of the implementation. Baseline Socrata Education Program learning paths will be designed for each team member based on their role.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Upon request, Tyler/D&I will make the SaaS Services available to Client to export Client Data for a period of sixty (60) days following the termination of this Agreement. After such sixty (60) day period has expired, we have no obligation to maintain Client Data and may destroy the Client Data.
End-of-contract process The Socrata SaaS Services includes Socrata’s off the shelf, cloud-based software service and related services, including some support services, as specified under this Agreement. Unless specified in the Order Form, SaaS Services do not include support of an operating system or hardware, support outside of our normal business hours, or training, consulting, or other professional services.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service N/A.
Service interface Yes
Description of service interface Administrative panel for roled users to manage, curate, and publish.
Accessibility standards WCAG 2.1 A
Accessibility testing Socrata has worked with public sector partners to ensure that their users employing assistive technology can use the platform.
API Yes
What users can and can't do using the API Client can only interact with the SaaS Services as allowed by the current APIs and the Agreement. Client may not use the APIs in a manner that constitutes excessive or abusive usage, or fails to comply with any part of the APIs. Socrata can suspend or terminate Client’s access to the APIs on a temporary or permanent basis. Socrata may change or remove existing endpoints or fields in API results upon at least 30 days’ notice to Client. Socrata may add new endpoints or fields in API results without prior notice to Client.

The APIs may be used to connect the Socrata SaaS Services to Client's hosted or on-premise software applications, but Client is fully responsible for those applications, and the SaaS Services are not contingent on access to or availability of any non-Socrata application.

Socrata does not own any open source code that may be provided with the APIs, and any open source code provided is provided AS IS and is governed by the applicable open source license that applies to such code; provided, that any such open source licenses will not materially interfere or prohibit Client’s limited right to use the SaaS Services for its internal business purposes.
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available No

Scaling

Scaling
Independence of resources The Socrata platform is hosted on Amazon Web Services infrastructure and provides users with an elastic, on-demand experience that automates costly infrastructure (i.e., memory and processor) configuration processes. Our platform is provided as a utility service that can scale to tens of thousands of concurrent users as well as datasets containing millions of records on demand. The shared platform hosts hundreds of thousands of datasets and responds to millions of API calls monthly, and still provides real-time response throughout for visual filter queries on datasets over 100 million rows.

Analytics

Analytics
Service usage metrics Yes
Metrics types Our platform includes analytics on usage, distribution, and traffic patterns across all assets published, and key metrics can be reviewed by browser type (IE, Chrome, Firefox, etc) and asset type (dataset, visualization, data catalog, etc). Data can also be sliced by time and reviewed for each separate dataset, as well.
The solution tracks the following metrics by default: page views, total datasets, total rows, data rows added/removed, views from web embeds, and snapshots created, as well as data on one’s top datasets (by view traffic), top web referrers, top search terms, number of API requests, downloads by dataset, and more.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach Data at Rest Data at rest is encrypted. This includes the following data stores: • Databases • Amazon S3 buckets • Amazon EBS volumes Socrata relies on AWS to manage both the encryption method and key management infrastructure (KMI). AWS uses the industry-standard AES-256 algorithm. Master encryption keys are stored in Amazon Key Management Service (KMS), which uses Hardware Security Modules (HSMs) to protect the security of keys. Decryption of key data on individual EC2 instances is allowed based on IAM policies, where access is granted based on IAM role.
Edit
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Once a dataset has been loaded into Socrata, it is available for download in a number of different formats:
CSV (Comma Separated Values)
XLS
XML
JSON
RDF
RSS (with GeoRSS information if there is a Location column in the dataset)
All of the above formats are also available for that data in filtered views, and are also available to developers via the Socrata Open Data Consumer API. Geospatial content can be downloaded in the above formats, as well as GeoJSON, SHP, KML or KMZ.
GeoJSON
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • XML
  • JSON
  • RDF
  • XLS
Data import formats
  • CSV
  • Other
Other data import formats
  • TSV
  • XLS
  • OpenXML
  • SHP
  • GeoJSON
  • KML
  • KMZ

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks All data in transit is encrypted, using SSL/TLS in browser sessions and/or FIPS 140-2 algorithms depending on the type of connection. The various methods for loading, interacting with, managing, and transferring customer data on the Socrata platform are designed to give a consistent level of assurance of confidentiality while that data is in transit either between services, or to a user of the product itself.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network All data in transit is encrypted, using SSL/TLS in browser sessions and/or FIPS 140-2 algorithms depending on the type of connection. The various methods for loading, interacting with, managing, and transferring customer data on the Socrata platform are designed to give a consistent level of assurance of confidentiality while that data is in transit either between services, or to a user of the product itself.

Availability and resilience

Availability and resilience
Guaranteed availability We will use commercially reasonable efforts to maintain the online availability of the SaaS Service for a minimum of availability in any given month as provided in the chart below (excluding maintenance scheduled downtime, outages beyond our reasonable control, and outages that result from any issues caused by you, your technology or your suppliers or contractors, Service is not in the production environment, you are in breach of this Agreement, or you have not pre-paid SaaS Fees for the Software as a Service in the month in which the failure occurred).

Availability SLA - 99.9%
Credit: 3% of monthly fee for each full hour of an outage that adversely impacted Client's access or use of the SaaS Services (beyond the warranty).

Maximum amount of the credit is 100% of the prorated SaaS Service Fees for such month, or $1,800.00, whichever is less, and the minimum credit cannot be less than $100.00.
Approach to resilience This is available upon request.
Outage reporting Socrata will report scheduled maintenance windows, outages or other events affecting Client on Socrata’s support site at www.support.socrata.com.

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels Socrata users can have roles on a domain which define the types of actions they can perform for all datasets on the domain, as well as high-level operational control of the domain itself. Examples of these actions include importing data, adding features, or managing users.
The set of roles are Viewer, Editor, Designer, Publisher, and Administrator. Socrata users also have permissions per datasets -- which define the types of actions that someone is able to perform on a specific dataset. Examples include editing a dataset, viewing a dataset, and publishing a dataset.
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications FedRAMP Moderate based on NIST 800-53 Rev4

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards “FedRAMP Moderate” (NIST 800-53r4)
Information security policies and processes The Socrata Platform/SCGC is currently audited and currently certified as “FedRAMP Moderate” (NIST 800-53r4). The platform has successfully passed its audit for the past 3 years. Continuous monitoring is in place, and while no major incidents have occurred, there are weekly scans and monthly federal reporting for minor corrections. Beyond the formal annual audits, there is a regime of weekly scanning in conformance to U.S. federal standards, and a monthly “CONMON’ report is filed with the FedRAMP PMO, and is available for review.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Socrata maintains a baseline system image of Ubuntu Server 14.04 LTS for all services within the operating environment. The base Ubuntu image is comparatively hardened/stripped of nonessential services to start: no services are installed by default, and a minimal set of packages necessary to run come installed. Socrata installs new instances of physical and virtual machines within the production environment using pre-seeding and as part of the installation automatically applies package security and reliability updates. The pre-seed system installs OpenSSH, common UNIX build tools, Ruby, and Opscode Chef for further configuration management
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Socrata performs regular monthly scans using a vulnerability scanners such as Nessus, and Burpsuite, all findings are recorded and triaged for review.
We perform risk assessments that conform to NIST SP 800-30. These assessments are performed annually at a minimum, and updated to reflect substantive changes to the environment throughout the year.
We annually contract with a reputable professional services firm to perform a ‘white-box’ penetration test of our platform. These tests attempt to gain access to the Socrata system by enumerating and attempting to exploit vulnerabilities in the platform.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Socrata’s engineering and systems administration staff keep up to date on hardware and software vendor announcements concerning flaws. Socrata systems are automatically monitored for OS vendor patches and any out-of-date packages triggers alerts in a continuous monitoring system. As a secondary check, weekly vulnerability scans are performed using Nessus and any vulnerabilities, outdated software, or other flaws identified by these scans are submitted as work items.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Socrata maintains a Standard – Contingency Planning and Incident Response, as well as an Incident Response Process, and an Information System Contingency Plan, which are all tightly aligned, as Socrata views incident response to security threats as part of the contingency planning process.
These documents include response procedures covering: identification, notification activities, personnel roles, and required actions. These documents are provided to all employees at the time of hire, and made available on an internal shared drive.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £200 to £58303 per unit per year
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑