DATA-EDGE ANALYTICS LTD

Entity Resolution Driven Data Analysis And Exploitation Service

The service provides a single view of an entity. It resolves entities (organisations/people/objects) from records, at scale, in real time, with full 'explainability'. The system incorporates data transformation, pipelines, ingestion, storage, alerting, entity analysis, graphing and visualisation tools for users. The system feeds downstream analysis systems.

Features

• Real-time Senzing entity resolution
• Entity visualisation analysis and exploitation
• Entity centric learning not record matching based
• Scalable, from 100k to 10s billions of rows of data
• Entity enabled secure knowledge persistence
• Flexible integration orientated data ingest pipelines
• System monitoring performance and diagnostic tooling
• Entity analysis tooling
• Privacy by design
• Works on large scale / billions of rows data

Benefits

• Reduce fraud via discovery of hidden links
• Reduce supply chain risk via discovery of hidden links
• Ease of integration with other systems
• Real-time alerting over incoming data
• Increased proportionality with bulk personal data
• Real time, sub-second updates, queries and active maintenance
• Reduced knowledge capture burden with automated updates
• Real-time identification of relationships across data
• Culturally aware - uses 1bn names to enable name matching
• Singe view across entities, people, organisations, objects

£50,000 to £200,000 an instance a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at william@data-edge.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

108625162892964

Contact

william moore
07725016753
william@data-edge.co.uk

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: The entity resoluton service is designed to fit within a wider system of interest, receiving data flows and providing resolved entities and required insight and analysis to downstream systems. These may be within the provided entity resolution or they may be existing client tools and capabilities. It is client dependent.
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: The service requires specific hardware; the specification of the hardware depends on the data volumes to be processed. The service requires certain datasets to be made available. It is the Buyer’s responsibility to ensure that such data is available (we can advise on the selection and suitability of datasets once the requirements are fully understood.)
• System requirements:
  • Data volumes will determine system requirements
  • Purchase of licence for Senzing ER engine will be required
  • Storage volumes depend on intended data volumes
  • Specific hardware requirements depend on data volumes
  • A low latency cloud set up
  • Local flash on the database
  • Suitable burstable and tier limits
  • Sizing per thread of 1.5GB RAM, min. 6GB per node
  • Elastic Search or equivalent required
  • Approx. 1TB of storage per 50M records.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: This will be dependent on the individual client deployment and classification of the network and wider client organisation.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Operational service availability is dependent on client needs given that data engineering support will generally be required to run the service. ; ; We are able to provide support services within normal working hours, i.e. 0900-1700, Monday – Friday. Due to the highly technical nature of the analytical services, we only offer a blended technical support package that includes all first, second and third line support. Once the buyer’s specific support requirements are understood, we will be able to agree recompense arrangements should support levels not be met.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a mixture of proprietary, open source and Crown-IP applications running on a cloud infrastructure run by either the client or by their cloud service provider. We will manage (install; set up; configure; run; maintain) all entity resolution related services and tools. Full documentation is provided along with training, both system administration and operation as well as end user.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data is stored in non-proprietary formats in an Elastic Search index. We can output data as CSV or JSON. Data will be stored in the Client’s Cloud and will be available at all times. At point of contract termination or for any other reason (e.g. specific policy driven schedules), data will be removed from all stores and from the Senzing engine itself. Removal costs will be born by the Buyer and will be as per the data engineering day rate (see SFIA rate card.)
• End-of-contract process: At point of contract termination or for any other reason (e.g. specific policy driven schedules), data will be removed from all stores and from the Senzing engine itself, All data will be removed from the entity resolution engine, data storage services and analysis tooling, in conformity with the Buyer's data removal and retention policies. Environments will be shut down. A hand over report will be submitted.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • Windows
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: All services and functions are exposed as APIs. There are a variety of API options available within the system, these will depend on the integration options and choices with other client systems and services.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The system is fully flexible and is tailored to the clients individual requirements, this will include data types, volumes, wider integrations and what they do with the system outputs for downstream analysis. We are able to offer users customisation of the visualisation tools, e.g. feature extensions to the graphing, timeline and event calendar user interfaces. Customisation will be undertaken by Data Edge Analytics driven by user's requirements.

Scaling

• Independence of resources: The service is specific to one client and their users. It will be accessed from within their own environment and will therefore not be subject to or impacted by other users from a different client. During the design focus will be placed on estimated the level of client usage and required system performance across the whole service. Our service is hosted on the Buyer's cloud. All provisioning, load balancing etc. is as per the Buyer's cloud's spec.

Analytics

• Service usage metrics: Yes
• Metrics types: The provision of service metrics will be defined by the client. Comprehensive metrics are provided for all aspects of the system and are an essential feature to understand how the system is performing (for fault finding and resolution aspects) as well as how it is being utilised from a user perspective.
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This is fully configurable and dependent on each specific clients requirements. The entity resolution service is intended to integrate within a wider client architecture so moving data out of the system is a key requirement. This will either be through data pipelines to other downstream analysis tools or through specific user requested exports such as CSV or JSON.
• Data export formats:
  • CSV
  • Other
• Other data export formats: Json
• Data import formats:
  • CSV
  • Other
• Other data import formats: Data will be transformed as required from the original format.

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLAs will be determined with the client. We are offering cloud ready analytics services. Our SLA will define the operational support required for the provision of analytical capability, not from the perspective of the host infrastructure (which will be supplied by the Buyer / their Cloud service provider.) As the Buyer may have specific use cases that require varying levels of operational service, we'd look to define these on a case by case basis. Recompense and remedy will, therefore, be determined once operational service levels have been agreed
• Approach to resilience: This will be dependent on the client's data centre agreements and contracts.
• Outage reporting: Service outage reporting will be determined by the client as the system is fully configurable.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: This will be determined by the client and dependent on their security and assurance posture. It will also depend on the size and nature of the deployment.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: The service will be deployed onto a client's network and will therefore be governed by the client security policies and processes. Data Edge will ensure that these processes will be adhered to and where where potential issues are identified, will raise these and discuss them fully with the client during the planning and deployment phases of an engagement. Security policies and processes are an important area as the environments where the service is deployed are likely to be high assurance and classification areas with specific security policies and processes. These will be especially pertinent for the deployment and support of the service from low to high classification network.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All components are versioned and tracked. All components are subjected to static code analysis as well as vulnerability scans at regular intervals. ; Data Edge will work closely with the client to ensure alignment on configuration and change management processes. The service is deployed onto a client's environment and integrates closely with a variety of client services and systems. Data Edge will therefor adhere to the requirements and expectations of the client, given the specific nature of the environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: DEA utilise Trivy for the scanning of all containers. Patches are then carried out as agreed with clients and as per their specific requirements. requirements. This will depend on the nature of the environment, its classification and the methods of accessing the environment as they will usually be a high assurance/security classification and not readily accessible from the internet. Assessment and action is determined by the public CVE scoring of identified threat.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Trivy used to continuously scan container registries and notifications are automatically sent to internal company comms channels. Critical's and High vulnerabilities are prioritised or where fixes are not available, mitigations are put in place. Updates will then be sent through to the client environment though this will depend on client specifics given the high assurance and classification nature of these.
• Incident management type: Supplier-defined controls
• Incident management approach: The service has a series of pre-defined processes for incident management. This will be client / service specific and defined with the client during the planning and implementation phases. Due to the level of integration with other client systems, delineation of responsibilities, activities and actions will be pre-agreed with the client. This is also due to the restricted access and high assurance levels of the networks where the system is deployed. Training provided by Data Edge on the service/system will focus on how users report incidents and how these will be dealt with by the client and Data Edge.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Other
• Other public sector networks: Other OS and above government networks

Social Value

• Social Value:

  Social Value

  • Covid-19 recovery
  • Tackling economic inequality
  • Wellbeing

  Covid-19 recovery

  An important use case for the system is for fraud detection and prevention. The service has been successfully used to identify fraud and misuse of public money. This includes grants and government loans in the immediate aftermath of Covid-19.

  Tackling economic inequality

  This service is designed to enable the integration and incorporation of a wide variety of new and emerging technologies. It is designed in an open way to enable rapid integration of these new technologies and enable a customer to have control and choice as to how these are integrated. This enables new and disruptive technologies to be integrated into the wider system of interest and client ecosystem. This assists in the creation of a diverse supply chain to deliver the contract including new businesses and entrepreneurs, start-ups, SMEs, VCSEs and mutuals. It also directly supports innovation and disruptive technologies throughout the supply chain to deliver lower cost and/or higher quality goods and services.

  Wellbeing

  Data Edge Analytics Ltd are a fully remote SME. Data Edge do not have a formal office and recruit from across the whole of the UK. ; A key focus for Data Edge Analytics Ltd is enabling flexibility and inclusion within their workforce both, permanent and contract, through fully flexible working patterns, a flexible working culture and 100% remote working. Considerable effort is out into assessing mental and physical well being, including ensuring a sufficient blend of face-to-face contact and virtual contact. This ensures this relatively new way of working and operating works for both data Edge as a company as well as its employees, contractors and customers.

Pricing

• Price: £50,000 to £200,000 an instance a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  ODT

• Terms and conditions

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at william@data-edge.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.