Ascendant Solutions

Ascendant Portal

Ascendant Portal combines data sets both public and private to assist with reduction of property fraud and error, identification of liable parties, duration of occupancy and identification of financial vulnerability.
Identify unregistered properties, unlicensed HMOs with listings for rent or sale, values, ownership and occupant changes. Increases New Homes Bonus

Features

  • Property Market Listings Search
  • Consumer Credit Financial Profiling with Vulnerability Indicators
  • Occupancy Trace - Web User Interface
  • Commercial Land Registry Search
  • Commercial Credit Reference Interface
  • Fully Managed / Self Serve - Empty Homes Reviews
  • Fully Managed / Self Serve - Single Persons Discount Reviews
  • Identification of incorrect property use
  • Batch Commercial Portfolio Cleansing

Benefits

  • Keep up to date with occupancy movements
  • Reduce Void properties within authority
  • Identify unlicensed HMO properties
  • Increase revenue from tax base with SPD fraud reduction
  • Identify properties not listed on the VOA
  • Identify Consumer Financial Vulnerability
  • Convert Empty Homes to Occupied Dwellings
  • Self Serve Bulk Automated Data Processing
  • Identify Fraudulent or Invalid SBRR
  • Identify Non-Existent/Phoenix Commercial Entities

Pricing

£0 a licence

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 2 1 8 7 1 6 4 1 7 1 0 2 3 1

Contact

Ascendant Solutions Sam Hanby
Telephone: 07545069683
Email: sam.hanby@ascendantsol.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Hybrid cloud
Service constraints
Planned updates will commence Friday's between the hours of 2000 and 2200 and Servers reboot between 3am and 4am GMT daily to update operating systems, Service may be unavailable during these times.
Planned server maintenance has a 1 month notice period.
System requirements
  • Google Chrome Version 80.0.3987.132 or higher. Or
  • Microsoft Edge Version 44.17763.831.0 or higher. Or
  • Internet Explorer Version 11.1039.17763.0 or higher. Or
  • A modern web browser with Javascript enabled.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday to Friday 8.30am - 5.30pm - Within 60 minutes
After 5.30pm on Friday - Up to 2 hours
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Onsite support
Support levels
Technical support is included within service price.

Level 1 Support - Client Support Manager
Level 2 Support (Initial Escalation) - Technical Director
Level 3 Support (Secondary Escalation) - Managing Director
Support available to third parties
No

Onboarding and offboarding

Getting started
Onsite training is provided on implementation and further sessions available on request.
We also hold Webinars for ad hoc support. The application details use cases for each service and examples for assistance.
Telephone support is available during normal business hours.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Issue a request to Support. Output will be delivered via FTPS or equivalent secure large file transfer protocol.
End-of-contract process
All user accounts will be suspended pending any renewal instructions, data generated during the course of service will be deleted following any compliance period where appropriate.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Minor layout differences for menus and pages to fit the mobile device screen.
Service interface
No
API
No
Customisation available
Yes
Description of customisation
Administrators have the ability to alter user access to access different parts of the service, create, update and delete users.
Specify requirements for 2 Factor Authentication
Reporting is designed to be self serve multi-reuse with user input defined results. Development/Enhancement requests can be submitted via Support@ascendantsol.co.uk

Scaling

Independence of resources
Ascendant currently operate a hybrid cloud solution, the "Best of both worlds" approach. Using Microsoft Azure to handle high value data assets with Transparent Data Encryption (TDE), High Availability (HA) and Geo Replication Failover Groups. Our services in the Public Cloud scale automatically based on demand whilst our Private Cloud can be adjusted manually according to expected requirements in as little as 30 minutes. We intend to leverage more of the Public Cloud in the future as services demand increasing flexibility.

Analytics

Service usage metrics
Yes
Metrics types
Login activity
Page visits
Credit usage (where data supply is provided on a cost per unit basis)
Reporting types
Real-time dashboards

Resellers

Supplier type
Reseller providing extra features and support
Organisation whose services are being resold
Credit Reference Agencies, Land Registry, Companies House, WhenFresh, CLS

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Access through the web service via xslx or csv
Data export formats
  • CSV
  • Other
Other data export formats
XSLX
Data import formats
  • CSV
  • Other

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
0700 and 2000 Monday to Friday excluding Bank Holidays. The service is still available outside of these hours but could be unavailable subject to deployments and maintenance. See maintenance information for reference.
Approach to resilience
Information available on request
Outage reporting
Email alerts
Private dashboard for logged in users

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Management interfaces are only available to predefined users, that hold authoritative roles within their organisation. There are further management controls which are only accessibly by supplier staff.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
05/07/2018
What the ISO/IEC 27001 doesn’t cover
None
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our ISO 27001/2017 compliant Business Management System governs how our information security policies and procedures are set out and regulated. These policies and procedures are available on request from our Data Security Manager.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Ascendant Solutions has a detailed Secure Development Policy in line with our Business Management System, which conforms to ISO 27001 and contains controls assessed to be required as part of regular risk assessment process.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Dedicated infrastructure is updated automatically at high frequency. High value assets are stored off dedicated hardware and managed by Microsoft Azure with all monitoring and security options enabled.
Logging - We log extensive non-personal event data to help identify threats and potential compromises. Cloud services autonomously monitor and notify of events. Application level logs are stored in High Availability Public Cloud resources, replicated and backed up frequently. We retain application logs indefinitely.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Our services and applications log extensive non-personal event data to help identify threats, vulnerabilities.
For cloud services all available additional measures are enabled with monitoring events being catalogued and notifications submitted to administrators on at least a weekly basis and immediately on identification for high risk scenarios.
During a security incident the Data Security Manager will assess the risk posed whilst disabling the risk then restoring service after only remedial action.
The DSM will notify affected users of service restoration and separately notify any users with data affected in the compromise.
We respond immediately on identification of any incident identification.
Incident management type
Supplier-defined controls
Incident management approach
Our applications automatically notify us of unexpected behaviour. We utilise Rate Limiting for sensitive assets and Automated Alerts for highly sensitive assets to service desk personnel.
Our database servers notify personnel of any breach risk event, non breach security risks are assessed during weekly automated threat management reviews with data classification.
All activity, IP addresses and UserIds are logged with offsite storage.
Users Email "InformationSecurity@AscendantSol.co.uk" to report incidents.
Ascendant Solutions provide incident reports via email.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£0 a licence
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Full access to your authority's property data
Full access to Commercial Land Registry Search
Full access to Land Registry Price Paid Data
50 Free Credit Reference Agency Checks for Occupancy / Financial Vulnerability / Debt Recovery
7 Days Access

Service documents