Home Connections

Housing Needs Software - Online Registration, Options, Homelessness and Choice Based Lettings

Non profit company providing bespoke social housing SaaS including housing registers, choice based lettings (CBL), direct lettings, integrated mutual exchange, accessible housing registers, options, homelessness and homeless reduction, temporary accommodation, Homefinder UK, Section 5 referrals and smartphone apps. Built-in workflow, e-communications, CRM, fraud detection and document management.


  • Intelligent web based housing needs software platform
  • Modern, accessible, user-controlled website based on responsive design
  • Homefinder UK national mobility service - an add-on or integrated
  • Full communications - email, text, web, letter, phone, web chat
  • Ready made and configurable templates
  • Configurable reports, workflow, controls, settings and comprehensive auditing
  • Document management for customer and staff
  • Inbuilt reports plus business intelligence dashboard and data mart
  • Customer relationship management
  • Integrated Fraud detection software


  • Efficient and low cost housing needs software
  • Software tailored to local needs and configurable by users
  • Customer self-service options generates cash savings for the business
  • Do-it-yourself controls helps the organisation save on software costs
  • Rapid and frequent software development and deployment
  • Integration to third party housing management systems
  • Homefinder UK savings on temporary accommodation costs
  • Mobile platforms facilitate channel shift
  • Flexibility for business customers to repurpose platform
  • Automatic free upgrades to latest version


£420 to £2075 per licence per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

9 4 3 7 1 7 3 3 4 8 2 5 2 3 4


Home Connections

Ninesh Muthiah

07984 884 343


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints None
System requirements
  • Service hosted in Home Connections private cloud
  • Accessible by any standard office device

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response within 15 minutes during working week hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.1 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.1 AA or EN 301 549
Web chat accessibility testing Tested with disabled applicants
Onsite support Onsite support
Support levels Home Connections will provide an account manager to cover business and technical issues for onsite meetings and online support as part of the overall support fee. All tickets are prioritised and dealt with according to the published and agreed service level agreement with each customer. Home Connections technical staff will also support and liaise with third party providers, where required, to resolve issues. Agreed KPIs are monitored and reviewed regularly.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Comprehensive onsite end-user training or train the trainer course at each customer location is provided at start-up. Comprehensive user manuals are provided for every component of the system. Web-ex and remote training is also available together with video user training guides.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction A data extraction or removal plan is set in place at the start of each project and users can extract via our standard data extraction processes.
End-of-contract process Extraction of customer data via standard methods is included as part of the contract. Holding data in Home Connections systems after the end of the contract will be chargeable at standard rates.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service No significant differences.
Service interface Yes
Description of service interface The service interface is a web browser and does not need any installation. It has been tested on all common browsers, including mobile, with no significant differences
Accessibility standards WCAG 2.1 AA or EN 301 549
Accessibility testing Tested with disabled and autistic applicants
What users can and can't do using the API API allows setup of applicant data and property loads and the update of property and applicant profiles and statuses; access property advert information and obtain information about end-user progress through a business process.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation There is a significant degree of customer ability available to the client on all Home Connections services. The following are a few examples of the areas of customisation: Content and themes on websites and e-forms can be edited, created and customised. The configuration settings for advertising, shortlisting and letting can be customised. Status workflows and reporting can be customised.


Independence of resources Home Connections maintains a virtualised platform which allows us to add server and processing capacity as required. Our data centre allows instant scalability of internet bandwidth.


Service usage metrics Yes
Metrics types Service uptime, system responsiveness, system load, ticket response times, KPI performance.
Reporting types
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported into Home Connections via a web service, XML data interface based on a structured XML schema or via a documented CSV interface.

Data can be exported from Home Connections via daily batch updates or real-time webservices.
Data export formats
  • CSV
  • Other
Other data export formats XML
Data import formats
  • CSV
  • Other
Other data import formats XML

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Our internal network is protected by ACL rules and access to this network is limited to an IPsec VPN with limited privileged user accounts.

Availability and resilience

Availability and resilience
Guaranteed availability Service availability is set at 99.99% and monitored on a daily basis. Planned maintenance occurs outside of working hours after notice has been served. Where guaranteed availability levels are not met users are compensated according to proportionate levels of support fee as agreed in the contract.
Approach to resilience Information available on request and is part of the Business Continuity Plan.
Outage reporting Instant updates to customers via email alerts and a public dashboard with further regular status updates as required. Follow up phone conversations with customer account managers will be arranged as required.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels Access to management interfaces is restricted to limited known personnel with strict enforcement of credential updates. Service system access is defined by superusers and managed by a detailed matrix of defined roles and privileges.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • ISO 9001 to cover Quality Assurance
  • ISO27001 Audit May 2017; Accreditation in June 2017

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Home Connections follows the security policies and procedures set out in ISO 27001.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All changes to information systems, software and resources are managed according to a formal change control process ensuring review, test and release in a controlled manner and through life cycle. Changes are risk assessed against potential security impact. Configuration and change approval is documented and audited. Software changes are managed through version control. Users affected by significant change are informed and SLAs updated accordingly. Established procedures are in place for recovering from unsuccessful change.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability scans are run on a regular basis via third party vendors and our internal teams to identify and log all potential threats with detailed reports for management review and action. High scoring vulnerability areas are targeted for improvement in order to continuously reduce the surface area for attack. Patches, updates and fixes can be applied rapidly in line with agile and continuous release processes because of our total control or ownership of all aspects of our information infrastructure and ecosystems.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Software monitoring tools enable continuous and protective monitoring of infrastructure environment and our software ecosystem. Based on accurate auditing logs, regular alerts of potential unauthorised traffic, monitoring of network infrastructure status changes, monitoring of internal activity, temporary connections, session user activity, backup status and critical events management reports are produced regularly to assess and intervene to mitigate newly identified risk areas. Continuous daily monitoring ensures rapid identification and response to risk and incidents.
Incident management type Supplier-defined controls
Incident management approach Our predefined incident management process is described in the BCP. End users are offered multiple channels to report incidents - via phone, mail, text etc. The service desk identifies, prioritises and engages in remedial action and escalates as required. Continuous monitoring generates regular reports and instant alerts. A full incident report after major incidents details the history, symptoms, service desk response, workarounds, longer-term fixes and service upgrade plans.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £420 to £2075 per licence per month
Discount for educational organisations No
Free trial available Yes
Description of free trial One month trial period is available on request via a trial system to cover key aspects of functionality of selected popular services.

Service documents

Return to top ↑