GARNET8 Limited

GARNET8 Collaboration Clouds

Efficiently deliver secure, agile, low risk, low cost, collaborative, end-to-end structured data management systems, saving yourself 'Time and Money'.

Start small and easily scale, supporting change management, empowering your organisation to focus on process needs, creating sustainable solutions to business need. You can support user needs, visualisation and automated work-flows.


  • Customisable work-flows for automation, visualisation and learning.
  • Easily scalable and simple to extend.
  • Simple reuse of infrastructure and knowledge, reducing costs.
  • Seamless reuse of information without compromising security or integrity.
  • Low code framework, supporting faster, efficient delivery of web services.
  • Fine grained information governance, enabling flexibility, GDPR Compliance
  • End-to-End information management capabilities.
  • Seamless data aggregation across systems and boundaries.
  • Joined up collaborative, engaging working environment.
  • UK developed, UK supported by a innovative bootstrapped UK SME.


  • Fast delivery of Joined up services.
  • Proactive data-driven engagement, reducing risk/wastage.
  • Shift investment to open, accessible cloud services, from legacy.
  • Automated engagement increasing productivity and efficiency.
  • Make information simple to visualise and learn from.
  • Simple, fast, agile change management
  • Efficient with focus on low resource costs.
  • Data-driven engagement, freeing staff from chasing knowledge.
  • Connected foundation that supports the big picture needs, customers.
  • Powerful tool-kit to create a automatically caring society.


£2.45 to £15.95 per user per month

Service documents

G-Cloud 10


GARNET8 Limited

Chris Cook


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints The solution runs within Cloud infrastructure that suits your needs and you have management over the infrastructure the solution runs upon. The data within the solution belong to you. It can't be accessed by anyone at GARNET8 or outside your organisations user based, collaborative tagging or key management. The controller and processor responsibilities up GDPR become your responsibility.
System requirements
  • Ubuntu Virtual Machine. (Latest Stable Release recommended)
  • Anti-virus software that suits your organisation needs.
  • Licenses per user per month purchased within GARNET8 accounts website
  • Licenses per external handler purchased within GARNET8 accounts website
  • Minimum VM 1 CPU, 15 GB Storage, 512 MB RAM
  • Sub Domain name, with public IP address
  • Email, mailbox to send notification through.

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Email Support 9:30 - 4:30 Monday - Friday, excluding Bank Holidays.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support No
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Web chat is accessed through the GARNET8 account management interface.
Web chat accessibility testing It support invert low vision visibility and alt tags.
Onsite support Yes, at extra cost
Support levels Level 4 support, configuring, updating systems and fixing patches. This support in £1800 per day plus VAT.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The configuration of a system has 5 simple steps, but we provide a off site configuration or support service.

We can provide on or off site support for the process visualisation, delivery of new customised systems and integration support with visualisation, machine learning and other tools.

We can also provide end of life and termination support.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction Within the customisation of systems users create export functionality. This functionality defines the structure to export information out of the system as the end of the contract.
End-of-contract process End of contract support will come at a extra cost.

Within the contract the ability to create export functionality is built within the solution and doesn't come at any extra cost.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install Yes
Compatible operating systems Linux or Unix
Designed for use on mobile devices Yes
Differences between the mobile and desktop service You can't create Apps within mobile devices. On mobile devices we use a two column design, with information displayed below the title, unlike the desktop interface where we have a three column design with information displayed to the right of the titles.
Accessibility standards WCAG 2.0 A
Accessibility testing Our solution uses style sheets that can be pre-set for individual user needs to support the contract and text sizing specified within
What users can and can't do using the API Users can submit external data to end points from web forms or other applications.

Use of real-time work-flows through our solutions output channels allows organisations to integrate external learning, visualisation and other integrated technologies. These work-flows are built around a data-driven system, that allows flexibility and simplicity.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation You can personalise Apps within the solution using the frameworks low code App builder. These Apps are personalised to suit end user needs and organisation work-flows.

Automated real-time work-flows can be personalised to integrate machine learning, visualisation and integration of other solutions.

Hooks can be created to extend the platforms functionality using multiple languages.


Independence of resources This is a private cloud platform, you maybe affected by the demand upon the product by your infrastructure provider. But, the platform we provide is a standalone system that is run within Cloud infrastructure that suits your needs.


Service usage metrics Yes
Metrics types We have a the administration dashboard which covers, System information, Memory Usage, System Process Usage, Processes with highest Memory usage, IO input and Output, Total HTTPs request, Scheduler Usage, Errors, Users, Local Apps, Total Database Size.
Reporting types Real-time dashboards


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Other
Other data at rest protection approach Within the platforms data management layer, each data object is stored within a encrypted block. These blocks use a salt, one-time pad and a 256 AES encryption when stored.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach When customising their platform, users add a export functionality. This allows users to export all the information they've created when using the platform.
Data export formats
  • CSV
  • Other
Other data export formats
  • Xml
  • Json
Data import formats
  • CSV
  • Other
Other data import formats
  • Xml
  • Json

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network We use a cookie based system, that doesn't allow nodes to connect without the secret cookie.

Availability and resilience

Availability and resilience
Guaranteed availability Your SLAs will depend on your infrastructure provider.
Approach to resilience Within the platform we isolate requests within unique processes, to protect failure and errors bringing down the platforms VM. You will need to discuss with your Cloud IaaS provider how they protect VMs, network access, etc.
Outage reporting You can purchase our ping monitoring service which has email and a dashboard. Due to our solution being a installable service, we don't consolidate that information into a single dashboard. Within our solutions platform we do have a administration dashboard. This dashboard collects and display stats for your specific service. It hold these stats for a specific length of time. The length of time is based on configuration parameters.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels GARNET8 doesn't have access to any information within your system. Your can share information with support, but this will only be standardised log information and internal identifiers of users without name or email details.
Access restriction testing frequency At least once a year
Management access authentication Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We don't have access to the information within your systems, as the tool-kit is deployed within infrastructure that suits your needs and managed by yourselves or a service provide. Key management and a one-time pad is applied to data within the system, this allows the service provide or staff member to access the key, but not decrypt data within your tool-kit.
Information security policies and processes We've provided a solution that abstracts us out of access to information within your system. This means the security policies and processes in passed to the organisation running and processing information using our tool-kit after installation and configuration.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Internally we use Git work flows and unit tests within specific code and interfaces. This allows us to test as we build out the solution. Patches are run through our internal work-flows and are tested against and internal systems developed solely to support our solution.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Logging and error, access and version management is available through your tool-kits administration interface. Code within the tool-kit has version numbers applied and upgrade follow strict visioning. The solution support hot-code swapping and you can manage your versions against a baseline systems.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Within the tool-kits administration interface, we provide tools to monitor, display and work with support to understand issue vectors. This can be logging from attacks from certain IPs or fault within the system due to unforeseen bugs. Our support can work with the information provided, this information is logged on a user defined based and kept for a user defined amount of time.
Incident management type Supplier-defined controls
Incident management approach Security incidence can be reported through a process documented. We can support your incident or you can work with the infrastructure supplier to mitigate the incident from attacking your infrastructure.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • New NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)


Price £2.45 to £15.95 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial Within the free trial you have access to the full service for 10 working days.
Link to free trial


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑