Astun Technology Ltd

Enterprise Metadata for iShare

Get INSPIREd and Enterprise Metadata for iShare is an INSPIRE compliant service for Metadata Discovery, View and Download Services. It enables iShare users to meet their INSPIRE Phase 1 publishing and delivery obligations and their need for Enterprise Metadata within their organisations without having to implement any additional technology locally.

Features

• INSPIRE compliant service
• Dedicated customer portal in our hosted GeoNetwork environment
• Virtual CSW end points for Metadata Publishing and Enterprise Metadata
• Compliant service for Metadata Discovery (searching), View and Download Services
• Automated initial Metadata Creation directly into GeoNetwork
• Automated addition of metadata for new database tables
• Automated update of metadata for existing database tables
• Enterprise wide use with support for Non-Spatial Datasets
• No need to implement any technology locally
• Enterprise Grade Support

Benefits

• Cloud based metadata service
• Uses GeoNetwork like most of the world's spatial data infrastructures
• Full support for UK Gemini metadata standards
• Metadata Publishing provides full UK Location Programme compatibility
• Serve metadata to data.gov.uk or other standards compliant portals
• Allows the power of metadata to be harnessed by iShare
• Ensures that data is managed and discoverable across your organisation
• Provides real business value and business efficiency
• Automated Metadata Creation and Update, saving time and resources

£1,250 a unit a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@astuntechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

877625563584693

Contact

Astun Technology Sales Team
01372 744009
sales@astuntechnology.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: IShare in the Cloud and existing on-premise implementations of iShare
• Cloud deployment model: Community cloud
• Service constraints: Most planned maintenance will be undertaken without interrupting service availability however in the event that this is not possible downtime will be scheduled and agreed with the customer in advance.
• System requirements: IShare 5.6+ for Enterprise Metadata Option

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Astun provide the support service during normal working hours, which are between 0900 and 1700 GMT, Monday to Friday, excluding Bank Holidays.; ; The response times for calls logged by the customer are set out in the accompanying Astun Digital Services Terms & Conditions document.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: First line support is provided via a permanently staffed Service Desk with second and third line support by consultancy and development teams for fault diagnosis and resolution. Customer access to web based Service Desk provides real time ticket management and correspondence on all customer tickets.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: On receipt of a purchase order Astun Technology will provide access to a customer specific upload location in the Cloud hosted environment and details of how to upload initial datasets to the Get INSPIREd service.; ; Astun provide onsite training for administrators and user documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: In the event that the customer terminates the service they can download their metadata from the service in a XML file format that should be compatible with alternative GEMINI2 metadata catalogues. Customers should extract a copy of their data before their contract expires.
• End-of-contract process: On receipt of a written request to terminate the iShare in the Cloud service and subject to there being no unpaid charges outstanding, Astun will delete all datasets stored within Get INSPIREd and remove all metadata entries.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Users of the service comprise of (i) data custodians who use the service for maintaining metadata; (ii) data users who view metadata through third party services such as data.gov.uk. Operations in the scope of (i) are done on the desktop; those in (ii) may be mobile compatible according to service used.
• Service interface: Yes
• Description of service interface: Astun’s Get INSPIREd and Enterprise Metadata for iShare are based on GeoNetwork, the leading open source standards-compliant metadata catalogue, which is used by the majority of the world’s spatial data infrastructures.
• Accessibility standards: None or don’t know
• Description of accessibility: For more information on GeoNetwork interface, please see Appendix A of the Service Definition.
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: Get INSPIREd for iShare is delivered by OGC compliant protocols.
• API documentation: Yes
• API documentation formats:
  • HTML
  • Other
• API sandbox or test environment: No
• Customisation available: No

Scaling

• Independence of resources: Resource monitoring of the service.

Analytics

• Service usage metrics: Yes
• Metrics types: Customers can obtain metrics from Support.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Customer can download their metadata from the service.
• Data export formats: Other
• Other data export formats: XML
• Data import formats:
  • CSV
  • Other
• Other data import formats: Via direct entry into Metadata catalogue

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Get INSPIREd is hosted on a high availability cloud infrastructure with a failover backup hosted in a different geographic region for maximum resilience.; ; Internal availability testing indicates availability in excess of 99.6%; ; Response times for map rendering are typically less than 1 second at the server.; ; The services are continually monitored with automated messages sent to several staff in the event of a deterioration or failure.
• Approach to resilience: Get INSPIREd for iShare is hosted within the Amazon Web Services environment (AWS). ; ; The entire cloud environment is backed up to a second geographic availability zone to provide additional resilience in the unlikely event that the primary availability zone becomes unavailable.
• Outage reporting: Astun set up a series of alarms to monitor the customer's cloud service. These alarms are triggered if any pre-set limits to system resources are reached (e.g. disk space). This enables Astun to address the majority of issues before any potential outage.; ; We also use our GeoHealth check system to monitor servers and ensure they are up and working.; ; The customer is informed of any potential problems by email or phone.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to management interfaces are restricted to login in via remote desktop over a dedicated VPN between customer network estate and the virtual private cloud environment dedicated to the customer. Access by Astun is also over VPN.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Dedicated link (for example VPN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We are currently working towards ISO 27001.
• Information security policies and processes: Astun has a formal Information Security Policy that provides a framework for the management of information security within our business processes. We are also Cyber Essentials Plus accredited. ; ; Get INSPIREd Enterprise is hosted on Amazon Web Services (which is ISO 27001 accredited). ; ; Operational customer data is stored or processed within MEF (Metadata Exchange Format) Version 2.0.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes to all Astun components are managed and tracked through their lifetime via a centralised bug-tracking, issue-tracking and project-management software application (JIRA) and associated private code repository (BitBucket) managed under source control. The software is built through a repeatable build process and after passing formally defined test cases is tagged to a specific version number at the point of release. Only released software is deployed to the customer virtual private cloud environments. Potential security impacts are assessed via a process of peer review.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Information on potential threats is continuously assessed through review of key online resources (release notes, security articles etc) for all third party components (operating systems, databases, frameworks etc). Penetration testing of the full system (including Astun components) is undertaken by independent third parties on all significant software releases. Whilst patch releases are routinely issued on a monthly basis, key security vulnerabilities are patched and released as soon as Astun become aware of them, irrespective of the stage in the release cycle.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: All cloud servers are set up with alarms that monitor key system resources on the server itself allowing the detection of compromises such as denial of service attacks. In addition external monitoring services are set up to make routine periodic requests to the servers (typically every 15 mins), to check that they remain responsive, and send out alerts if any servers are unavailable. Incidents are responded to as soon as we become aware of them. Logging is enabled on the servers to provide an audit trail of potential compromises for subsequent investigation.
• Incident management type: Supplier-defined controls
• Incident management approach: Security related incidents are categorised as a Priority 1 within our Service Desk system, and allocated to third line support personnel (developer) for immediate investigation and resolution. Users are able to report such incidents via the Service Desk (phone, email and web form), which is routinely monitored throughout the working day by first line support staff. Contemporaneous notes are taken during the incident and recorded against the service desk ticket, which provides a detailed report of the incident itself. Key performance indicators are also published from the Service Desk System and routinely reviewed by management on a weekly basis.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £1,250 a unit a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The scope of the trial will be by agreement.; ; The customer may be required to pay for the services required to set up the trial.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@astuntechnology.com. Tell them what format you need. It will help if you say what assistive technology you use.