GB Group plc

GBG Investigate

Award Winning GBG Investigate offers a Data as a Service delivery platform with over 1 billion data assets, linking people, places and businesses. We can gain greater insights into people and their behaviours whilst linking back to the largest independent source of data available.

Features

• Intuitive user interface and search tools
• Largest view of UK population data, dating back 23 years
• Consolidates multiple data sources to a single view of individuals
• Returns results in sub-second speed
• Links indivduals together through shared data such as email addresses
• Shows neighbours and cohabitees of an individual with contact information
• Validate telephone numbers and email addresses to confirm if live
• Links an individual's online and offline identity using social media
• Locates individuals at new and previous addresses and businesses
• Open Source Intelligence portal

Benefits

• Prevent fraud and criminal activity
• Locate and contact individuals quickly and responsibly
• Find connections between individuals that other sources may not find
• Interrogate an individual's online identity using social media
• Quickly build a picture of an individual and their connections
• Reduce workforce training and keystrokes to improve efficiency
• Confirm an individual's status

£15,525 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bid.Management@gbgplc.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

175496386656611

Contact

Rhys Davies
01244 657333
Bid.Management@gbgplc.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The systems consuming GBG Investigate must be able to connect to HTTPS/Port 443.
• System requirements:
  • HTTPS/Port443 Connection
  • Compatible Browser
  • Valid Licensed Credentials

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Upon receipt of email the sender will receive an instant automated response with ticket number. All support issues are categorised in accordance of priority and are detailed in the Terms & Conditions.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 08:00 to 20:00 UK time, 7 days per week (excluding Christmas Day)
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Online documentation; Online training; Onsite training
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: User data isn't stored within Investigate.
• End-of-contract process: To be discussed with the client

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: API provided access to most functionality available through the Portal. ; Some exceptions will exist such as producing PDF reports.
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Via the API the service can be blended into your own applications

Scaling

• Independence of resources: Capacity planning and management are part of the GBG Investigate Service provision. The usage and consumption of resources is regularly monitored and additional infrastructure can be introduced should usage approach capacity.

Analytics

• Service usage metrics: Yes
• Metrics types: Self Service reports are available for administrators
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Via PDF reports or CSV file
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: User types in Search Criteria

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Target Availability is 98.5%
• Approach to resilience: Available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Available on request
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 07/05/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: The GBG Information Security Policy combines the development, delivery, management and maintenance of secure infrastructure and applications, in support of GBG Identity Management offerings, and specifically Verification and Assurance. Within GBG, the Chief Information Security Officer (CISO) has overall accountability for Information Security and it is the responsibility of the CISO to make the appropriate provisions for establishing controls to ensure adherence to the GBG Information Security Management System. The CISO also provides the Senior Leadership Team and GBG Board with an Information Security review at the end of the financial year. The Chief Regulation Officer (CRO) chairs the quarterly Internal Controls Board, and is the main document signatory for GBG. The CRO is also head of GBG’s Legal team, who are responsible for ensuring compliance to all relevant legislation.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Available on request
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Available on request
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Available on request
• Incident management type: Supplier-defined controls
• Incident management approach: Processes are in place.; Available on request

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  At GBG our Environmental, Social and Governance Strategy (ESG) – Environment, Everyone and Ethics – reinforces our commitment to embed a sustainable and ethical approach in everything we do. It represents what makes us unique and provides the framework to drive action on the most impactful and important areas.; As part of GBG’s participation on the G-Cloud14 Framework, we have a Social Value Action Plan that is updated annually, demonstrating our commitments to meeting PPN06/20. ; GBG commits to offering equal opportunities across our global workforce, achieved through our employment, training, and career development policies and practices, promoting equality of opportunity regardless of gender, sexual orientation, age, marital status, education, disability, race, religion or other beliefs including ethnic or national origin.; Everyone in our team has access to opportunities to learn, develop skills, grow their careers and progress. Through our training platform ‘be/developed’, we offer a broad range of power skills and job specific learning opportunities, updated regularly, promoting an inclusive and diverse culture. The platform is available to all GBG team members, including part-time and contractors, who are required to complete mandated training courses. We partner with different training providers globally to provide a mix of specialist and professional development for our team.; Influencing the behaviour of our staff and the communities we work in is imperative to GBG’s mission as an organisation. Examples include:; 1. Demonstrating our commitment to Equality and Diversity.; 2. Support LGBTQ+ team members, encouraging a culture of belonging and acceptance.; 3. Tackle barriers to entry that many people experience, especially women in the technology sector.; 4. GBG is a gold sponsor of Women in Identity’s flagship research, the ID Code of Conduct.; GBG’s ESG commitments can be found here: Environmental, Social and Governance | Investors | GBG (gbgplc.com)

Pricing

• Price: £15,525 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Included: Subject to client requirement; Not Included: Subject to client requirement; Limited Time Period: Typically 4 weeks

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Bid.Management@gbgplc.com. Tell them what format you need. It will help if you say what assistive technology you use.