Kanto Elect

Kanto Elect

Kanto Elect better meets the needs of electronic and paper balloting and scrutineering services than existing suppliers. Using new, proprietary software and a strong technology focus, Kanto provides more a secure, robust, transparent, customisation, and effective scrutineering and balloting service, delivered with greater customer care at a lower cost.

Features

  • Bespoke ballots created with multiple options via the online dashboard
  • Fully designable, customisable ballot papers and online interface
  • Positional randomisation of choices on all ballot papers
  • Secure voter data upload via an encrypted portal
  • Ballots papers printed securely with anti-fraud counter-measures included
  • Real time ballot management via online interface
  • Unique coding system, allowing truly blind counting by computer
  • Computer capable high speed counting if needed
  • Accurate and clear reporting to facilitate effective scrutineering

Benefits

  • Customer-focused, value-driven approach with a competitive pricing model
  • Extensive choice of additional features allows bespoke ballot creation
  • Potential positional advantage removed through candidate randomisation on each paper
  • Real-time management of the balloting process allows effective ownership
  • Real-time opportunities to increase participation levels and reach thresholds
  • Robust online and real-world security to guarantee democratic integrity
  • Blind counting to remove unconscious/conscious bias and human error
  • Automated counting allows most appropriate voting system to be used
  • Clear, verifiable records allow effective independent scrutineering
  • Counting capacity can be quickly increased into millions per day

Pricing

£0.70 per unit

Service documents

G-Cloud 10

709566354712087

Kanto Elect

Thomas Borwick

02077769000

Thomas@kantoelect.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints The online user portal requires access to any modern browsers on a desktop computer or laptop.
System requirements
  • Access to a desktop computer or laptop
  • A modern internet browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 1: The service is inoperable - Response time: 1 hour. Resolution: 4 hours
2: Problem with minor effects to the service - Response time: 2 hours, Resolution 2 days.
3: Minor problem, but does not affect the overall use of service - Response: 1 Day. Resolution: 5 Days
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), 7 days a week
Web chat support accessibility standard WCAG 2.0 AA or EN 301 549 9: Web
Web chat accessibility testing Our web chat is accessible on our website which appears as a widget for all visitors
Onsite support Yes, at extra cost
Support levels Our service includes, as standard, comprehensive one to one support with a technical account manager both over the phone as well as through our web chat services. We work with you to understand your problems fully and resolve in a timely manner. We can also provide 20 hours of additional onsite support for a cost of £1000
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide an onscreen user tutorial for new users which guides clients through the getting started process. Our webchat and over the phone service is also available to new clients for further support and queries. We also provide optional onsite training at an additional cost.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction All collected data will be sent to the client in a CSV (Excel spreadsheet) format. This will be password protected and the client will be responsible for ensuring all data is safely handled thereafter. It is then the client’s responsibility to confirm they have received all the data required from the Kanto Elect server. User data is held for 30 days for which they are still able to request this data via email after which point it will be destroyed.
End-of-contract process At the end of the contract the user is provided with a final report outlining key performance indicators from their ballot. There is no charge for the off-boarding process.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility Implemented screen reading technology
Accessibility testing Implemented screen reading technology
API Yes
What users can and can't do using the API Users can customise the aesthetic presentation of the ballot
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Users can customise the aesthetic presentation of the ballot

Scaling

Scaling
Independence of resources Kanto uses scalable AWS web servers meaning that as demand increases our capacity to meet increasing demand is automatically adjusted upwards and every user is segregated from each other.

Analytics

Analytics
Service usage metrics Yes
Metrics types We offer users the ability to visualize their election data in easy to read, real time, graphs.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach At any point during the use of the service users are able to extract their data in an encrypted format.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% up time with 1 day credit per hour of unplanned downtime as stipulated in our terms and conditions.
Approach to resilience We use a series of AWS clouds with backup data clouds.
Outage reporting We report all non planned outages with automated emails.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels The chief administrative user is able to create other administrative users with full access rights. Only the chief admin has the power to terminate the account or other other admins access. Only designated members of Kanto staff have access to support channels.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 The British Assessment Bureau
ISO/IEC 27001 accreditation date 13/03/2017
What the ISO/IEC 27001 doesn’t cover All business areas are fully covered by our ISO27001 certification.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Kanto adheres to ISO27001 standards - a system, based on a business risk approach, to establish, implement, operate, monitor, review, maintain and improve information security. Any non-conformance issues are highlighted and corrective action plans implemented.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach All changes are carefully reviewed and tested in development environments. We also have a stipulated change management policy which sets out how we address the security impact of change.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach Following the ISO framework we carry out regular internal audits, risk assessments, and management reviews to continually assess and improve our information security.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Following the ISO framework we carry out regular internal audits, risk assessments, and management reviews to continually assess and improve our information security.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We have an incident management plan that is implemented upon such instances as a user reported incident. We action the plan and detail steps taken in a report which can be shared with clients if requested.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £0.70 per unit
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑