DKAN Open Data Portal
DKAN is the Drupal-based open source open data platform that allows governments to publish data to the public, provide visualizations and data stories and create internal analytics dashboards.
Features
- Publish data through a guided process
- Customize your own metadata fields
- Import data via API/harvesting from other catalogs
- Store data within DKAN or on external departmental sites
- Manage access control & version history with rollback
- INSPIRE/RDF support & user analytics
- FISMA-certified cloud hosting options available
- Integrated CMS & blogs
- Open source code base
Benefits
- Explore, search, add, describe, tag, group datasets via web front-end
- Explore, search, add, describe, tag, group datasets via API
- Collaborate with user profiles, groups, dashboard, social network integration
- Use metadata and data APIs, data previews and visualizations
- Let entrepreneur develop new businesses and markets
- Simplify data access for members of the public
- Increased transparency and accountability
Pricing
£14,814.81 to £74,074.07 an instance a year
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at sales@civicactions.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 11
Service ID
8 7 5 3 3 9 2 2 3 0 7 6 2 5 2
Contact
CivicActions, Inc.
William Ogilvie
Telephone: (202) 415-0947
Email: sales@civicactions.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Public cloud
- Service constraints
- As needed CivicActions schedules downtime for routine maintenance or system upgrades for its Services. CivicActions exercises commercially reasonable efforts to schedule Scheduled Downtime outside of peak traffic periods for each customer.
- System requirements
-
- Internet Connection
- Supported browsers
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Our support desk prioritizes support requests based on priority categories. Category: Critical (Production system is down; or operations severely impacted; or critical security issue). Response Time: 2 Business Hours. Resolution Time: 4 Business Hours. Category: High (Significant disruption of operations; workaround is inadequate; or security issue.) Response Time: 4 Business Hours. Resolution Time: 2 Business Days. Category: Medium (Moderate or low impact on the customer’s business operations with workaround.) Response Time: 12 Business Hours. Resolution Time: 7 Business Days. Category: Low
(Issue is minor, without significant impact.) Response Time: 24 Business Hours. Resolution Time: May vary. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- No
- Web chat support
- No
- Onsite support
- No
- Support levels
-
For all customers, we provide Unlimited Tier 1 Support tickets, plus a set
number of monthly Tier 2 and Tier 3 Support tickets based on the Support Level. Customers may purchase additional managed service hours. Tier 1: Basic help desk resolution and service desk delivery Support for basic customer issues such as solving usage issues and fulfilling service desk requests that need IT involvement. This includes using the standard features of DKAN and assistance resolving or working around known problems. Tier 2: In-depth technical support Support personnel and/or engineers with deep knowledge of the product or service, consult on issue. Tier 3: Expert product and service support Support from the most highly skilled product specialists, may include the creators, chief architects, or engineers who created the product or service. Bronze Support: Unlimited Tier 1 Support requests for 1 individual; 3 Tier 2 or 3 escalations/month. Silver Support: Unlimited Tier 1 support for 3 individuals; 6 Tier 2 or 3 escalations/month. Gold Support: Unlimited Tier 1 support requests for five (5) named individuals; ten (10) Tier 2 or 3 escalations/month. See pricing sheet for support level costs. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- New CivicActions DKAN customers receive online training sessions to get them started, and hold regularly scheduled online check-ins with an account manager who can answer use questions. Complete documentation is available online, and customized trainings and guides can also be provided on an as-needed basis.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- ODF
- End-of-contract data extraction
- Since the DKAN software is open-source, the basic structure of the website can be replicated at any time. At contract end, a complete export of website data can be made available to customers so that they can install a new copy if they so choose. Open data content from DKAN websites is also publicly available at all times via API and JSON, making export of that content easy and automatable.
- End-of-contract process
- All data is transferred to the customer. Customers also have the option of requesting DKAN being installed on their own hosting platform and all of the data migrated for an additional one time cost.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
DKAN uses media queries to create different layouts for optimal mobile,
tablet and web experiences. DKAN is designed "mobile first" to ensure
that mobile uses have the best possible user experience. - Service interface
- Yes
- Description of service interface
- N/A
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- We use the Pa11y continuous integration tool to ensure that DKAN is accessible for users using assistive technology. We test to assure adherence to the latest WCAG and EN 301 549 standards.
- API
- Yes
- What users can and can't do using the API
-
DKAN has a REST API for accessing the catalog metadata and data.
Anonymous users can query the catalog via an API as well as data stored
in the catalog's datastore. Credentialed users can create, edit and delete
site content as well as add, remove, or edit items in the datastore. DKAN
also has DCAT compliant RDF endpoints as well. - API documentation
- Yes
- API documentation formats
- HTML
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
DKAN provides a full administrative interface which allows users to
customize the content and look and feel of the site. Administrators can change page layouts, colors, and add and remove users with a number of different roles. There are a number of modules that can also be turned on or off per request. Some of these modules include "workflow", which creates a review system for new and existing site content. There are also a number of integrations that can be enabled by request including Carto or AWS services for consuming and sharing data. Finally new sections of the site can be added such as a blog or new section, feedback section or other requested site features.
Scaling
- Independence of resources
- DKAN is hosted on Acquia Cloud Enterprise (ACE) which is designed for high availability, with guaranteed 99.95% uptime. ACE is built on AWS services and offers high availability by using multiple AWS Availability Zones (AZ) with redundant servers serving each layer of the technology stack. A load balancer is deployed with a hot standby in a different AZ in the same region. Web servers use a shared network file system (GlusterFS). A scalable database cluster serves the application. DKAN is also available with a hot standby in an alternate region providing live failover capabilities.
Analytics
- Service usage metrics
- Yes
- Metrics types
- DKAN uses Google Analytics for metrics. Clients are provided full access to the Google Analytics dashboard. An analytics dashboard can also be enabled in the catalog upon request.
- Reporting types
-
- API access
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Staff screening not performed
- Government security clearance
- None
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- European Economic Area (EEA)
- EU-US Privacy Shield agreement locations
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Physical access control, complying with another standard
- Other
- Other data at rest protection approach
-
DKAN's hosting provider complies with the following security and
privacy standard's: SOC 1 (SSAE No. 16 and ISAE No. 3402); SOC
2; ISO 27001 certification; FedRAMP; FISMA; CSA STAR (Cloud
Security Alliance Security, Trust and Assurance Registry); EU cookie
regulations - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Anonymous users can query the catalog via an API which allows them to export the full catalog metadata. Anonymous users can also save files added to the system and can save data from the datastore which is also available via API. Additional file types can be added per request.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- JSON
- XML
- RDF
- XLS
- Data import formats
-
- CSV
- ODF
- Other
- Other data import formats
-
- JSON
- XML
- RDF
- XLS
- Any file type can be uploaded
Data-in-transit protection
- Data protection between buyer and supplier networks
- TLS (version 1.2 or above)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- DKAN on Acquia includes 24x7 infrastructure and application monitoring with guaranteed 99.95% uptime SLA.
- Approach to resilience
-
DKAN is hosted on Acquia Cloud Enterprise (ACE) which is designed
for high availability, with guaranteed 99.95% uptime. ACE is built on
AWS services and offers high availability by using multiple AWS
Availability Zones (AZ) with redundant servers serving each layer of the
technology stack. A load balancer is deployed with a hot standby in a
different AZ in the same region. Web servers use a shared network file
system (GlusterFS). A scalable database cluster serves the application. DKAN is also available with a hot standby in an alternate region providing live failover capabilities. - Outage reporting
- Our hosted DKAN provides 24x7 monitoring. If there is any kind of outage that will be reported immediately to the client via email. Our support is available 24 hours a day by phone.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
DKAN uses Drupal-based permissions and authentication systems.
Administrators can create new users, or can allow new users to request
access. Users are typically defined with standardized permissions
roles: Anonymous users (not logged in, can view and search published
content); Content Creator (authenticated user, can add certain content
types); Editor (authenticated user, can create and edit content within
their site group); Site Manager (authenticated user, can manage admin
functions and other users), Administrator (can access all site functions).
The primary customer support channel requires a login and password;
users can create their own, or submit questions by email. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- No audit information available
- Access to supplier activity audit information
- No audit information available
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Schellman & Company, LLC
- ISO/IEC 27001 accreditation date
- 06/02/2018
- What the ISO/IEC 27001 doesn’t cover
- The certification covers the hosting infrastructure for the catalog. It does not cover the DKAN application itself.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- Yes
- CSA STAR accreditation date
- 12/1/2013
- CSA STAR certification level
- Level 1: CSA STAR Self-Assessment
- What the CSA STAR doesn’t cover
- The CSA STAR certification covers the Acquia cloud hosting infrastructure. The DKAN application is not covered.
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- NIST SP 800-53 Rev. 4
- NIST SP 800-63 Rev. 3
- NIST SP 800-171 Rev. 1
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
- We have defined and documented common security controls based on NIST SP 800-53 (Federal), NIST SP 800-171 (non-Federal), and the new NIST Cybersecurity Framework. The CivicActions development, operations and management teams are trained in these common controls.
- Information security policies and processes
- Specific client needs may append to CivicActions commons control baselines (based on NIST standards). Reporting through the CivicActions security office to the customer's information security officer.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- DKAN is hosted on Acquia using Amazon Web Services (AWS) data centers; Amazon maintains service agreements with the hardware and software manufacturers in use in its data centers, which is necessary to achieve ISO 27002 and SAS70/SSAE16 audit certifications. DKAN on Acquia uses custom APIs and central management tools to provision hosting clusters, attach storage volumes, and install software and dependencies. Acquia also uses these central management tools to manage OS and platform configurations and to apply security patches. DKAN is audited via OWASP Zed Attack Proxy to ensure application security.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
DKAN is hosted on Acquia. Acquia obtains vulnerability information
from a variety of sources including US-CERT, the FBI, threat intelligence feeds, and vendor announcements. Upon receipt of this information, Acquia determines the criticality, risk, and applicability of the vulnerability, and takes necessary action to resolve it. In addition,
vulnerability scans are performed on a monthly basis to identify any
new vulnerabilities. A third-party penetration test is also performed
on an annual basis. Patching of these vulnerabilities is performed
based on the scan results and the Acquia triage and review. The DKAN application is audited periodically using Owasp Zed Attack Proxy. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
- DKAN on Acquia features extensive security event logging and monitoring program. This includes many custom alerts and dashboards within the Security Information and Event Management (SIEM) system. These alerts and dashboards are specific to the platform and the threats customers face. The security, operations, and engineering teams proactively monitor these alerts and dashboards to look for specific (anomalous) events. The DKAN application has separate logging and monitoring with alert for high resource utilization. Potential compromises are assessed immediately. Incidents are responded to within 24 hours.
- Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
- Yes, we have a written incident response plan. User's can report incidents through email. We provide reports through email.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £14,814.81 to £74,074.07 an instance a year
- Discount for educational organisations
- No
- Free trial available
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at sales@civicactions.com.
Tell them what format you need. It will help if you say what assistive technology you use.