OAKLAND GROUP SERVICES LIMITED

Data Platform Software

We design, build, and manage data platform capabilites using full stack cloud technologies that we customise and optimise to meet our client needs. We are technology agnostic, meaning we are experts across a range of technologies including Azure, AWS, Databricks, GCP, Github, and have experience operating in secure environments.

Features

• Full Stack Data Platform
• Data Ingestion process linked to existing databases via API
• ETL to manage and organise data
• Data Quality Automation
• Single Source of Truth data repository
• Self service data analytics capability
• Predictive modelling based on accurate data sets
• Curated data sets for reporting and analytics
• Visualisations to display descriptive and predictive metrics

Benefits

• Business Insights delivered rapidly and incrementally
• Highly customisable to suit the needs of our client
• Scalable capability utilising benefits of cloud
• Vendor neutral, reducing licensing commitment
• We build on your existing capability and data maturity
• Data Platform links to your business processes for enhanced efficiency

£20,000 to £1,000,000 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@weareoakland.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

339781075324494

Contact

Phil Bent
0113 2341944
tenders@weareoakland.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: The services we build revolve around public cloud constraints (e.g. AWS/ Azure/ GCP) where any service restraint is limited to budget constraints by the client (depending on scaling capability required).
• System requirements:
  • Our Data Platform operates across a blend of cloud software
  • Our Data Platform depends on publicly available cloud hosting technologies

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: As standard we do not cover weekend support, however this can be discussed and options provided.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We provide the following levels of on site support dependent on the nature of the issue:; Principal Consultant/Technical Account Manager: £1,400/ day;; Snr Consultant/Cloud Engineer: £1,200/ day;; Mid Consultant/Cloud Engineer: £1,050/ day;; Jnr Cloud Engineer: £860/day.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We work alongside our clients during the development of the Data Platform capability. Our approach is to 'work with' and 'not to' our clients, meaning we work alongside and upskill them as we build the bespoke service for them. This ensures users become aware of the functionality and how to access the service as it develops. We also provide user documentation and onsite training as needed to ensure our clients gain the full benefit of the capability.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: We work with our clients to set up a tenancy with a major vendor of their own (AWS/ Azure/GCP etc.). We then develop the Data Platform capability to meet their needs. When the contract ends with us, the client owns their data which is hosted by the chosen vendor. ; Should the client end the contract with that vendor, they can extract the data via a number of means, for example cloud-to-cloud transfer, download to local storage. This can be done both manually or via an API gateway as needed.
• End-of-contract process: At the end of a contract with us, we will have delivered a data platform capability in agreement with our clients needs and have provided detailed documentation on how to operate and manage the capability. ; At an additional cost we can also provide a support function to help maintain and support its development as new use cases come to light.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Yes our services can be used on mobile devices. Due to the varied nature of our data platform offering there may be some differences between mobile and desktop services, however core functionality will be provided on mobile services.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Users can use an API to link data from their current databases to transfer them across to the data platform. Through this means we are able to combine multiple data sources, assess them, apply data quality checks, and provide a single source of truth. ; Users are also able to access that single source of truth via APIs to link the trusted data source back to other tools, such as reporting or management tools. ; We will customise the API to meet a clients needs as part of the build we provide.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisation is possible. A key driver to our data platform service is to ensure business value is generated from the service. ; We know that business requriements (use cases) do not stand still, and as a result the data platforms we provide need to adapt to meet the ever changing need. ; We can support users to customise their data platform, or we can provide the training to enable them to make changes to meet their future needs.

Scaling

• Independence of resources: We use public cloud technologies, and as such they are able to scale to meet the needs of our clients. In the context of Government clients, we would draw on existing cloud capabilities available to them to meet the needs of the data capability we've provided.

Analytics

• Service usage metrics: Yes
• Metrics types: We will tailor a Data Platform to meet the needs of our clients. As such we can provide usage metrics in a full variety of formats to meet client needs. ; This can help indicate the RoI of a platform (cost v benefit) and also help generate true business benefit of the capability. ; Service metrics can be provided by all of the options as highlighted below.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Microsoft Azure, AWS, Starburst, DataBricks

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Our clients will be able to access their data via dashboards created as part of the data platform to obtain Business Intelligence. ; Our clients will be able to export bulk data via any means available with the chosen cloud vendor of choice - e.g. manual download, AWS Physical Data Transfer, Azure Data Export Service.
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats:
  • JSON
  • XML
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • JSON
  • XML
  • RDF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: We have a standard set of SLA depending on priority of the nature of the incident raised. These are as follows: Severity S1 - Target Resolution: 8 hours (1 working day); Severity S2 - Target Resolution: 24 hours (3 working days); Severity S3&S4 - Target Resolution: 40 hours (5 working days). SLA resolution times can be adjusted based on the specific support package that is used. The underlying platform SLAs are provided by the specific vendor that supports our Data Platform.
• Approach to resilience: We design resiliency into our data platforms following industry best practice; for example we follow MS Azure resiliency checklists https://docs.microsoft.com/en-us/azure/architecture/checklist/resiliency-per-service
• Outage reporting: Dependent on the need of our client, we would normally set outage reporting via API and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: IAM approach
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register
• ISO/IEC 27001 accreditation date: 25/06/2020
• What the ISO/IEC 27001 doesn’t cover: Nil
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Internally we ensure our Information Security Policies and processes are followed through mandatory training. ; All projects are also reported on weekly, any security incidents are highlighted immediately, triaged by the IS manager and escalated as required. For example this could be escalated for the security team to manage and investigate (including board level support) - further escalation (to third parties e.g. NCSC) would be actioned as appropriate.; Security management (monitoring) is reported to the Board on a monthly basis, and we have a centralised logging and management system in process to manage SIEM across our internal network. ; Where we work in a clients tenancy, we will follow their security management practices as appropriate.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We typically conduct configuration and change managment through 3 separate environments: development, test, and live. ; Only once a product has been developed and tested (including security testing) will it then be introduced into the live environment, to ensure only the benefits of the product are seen without any issues to the live environment. ; We employ robust version control on our products, and ensure each stage of a product's lifecycle is indicated such that full visibility is seen, and should issues occur the ability to quickly revert to previous versions is possible. ; In addition, details of changes are also documented.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Dependent on clients needs, we will conduct vulnerability testing on our products, but as standard will ensure we follow OWASP and industry best practice. ; We utilise Microsoft Defender and Sentinel to monitor and manage vulnerabilities and manage incidents across all the software products we manage and provide. ; Microsoft Threat management and analytics enable us to become aware of threats as they are published and mitigate them promptly, for example through software configuration change or patch management.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We utilise MS Sentinel, MS Defender, and Defender for Cloud to monitor all our systems and services. ; These capabilites allow us to identify potential compromises, stop attacks before they happen, and quickly respond to potential incidents.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Any event that affects the Confidentiality, Integrity, or Availability of Data Platform we support will trigger our incident response cycle: Detect, Analyse, Contain, Remediate/Eradicate, Recover.; The project team responsible for the platform will manage initially, but will draw upon wider resources as needed (security manager, developer team, PR team, Board members etc.) . ; Users are able to report incidents either directly with the project team (by phone or email), via our helpdesk, or by contacting Oakland direct. ; We provide an initial triage report within 24 hrs and a full report within 72 hrs of completion of the incident.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  At Oakland, we embrace our environmental responsibility with our Green Ops framework. Building on Fin Ops principles, Green Ops equips data delivery teams to manage and reduce their environmental impact, and is an action-orientated approach, based on a four-stage lifecycle which enables continuous improvement. 1. Display: use data to build a holistic view of impact 2. Diagnose: analyse intensity areas 3. Decide: craft actionable plans based on diagnostics 4. Deliver: execute and monitor. As a minimum, we will utilize Green Ops for all projects undertaken by Oakland. Green Ops is data-led. We will define clear metrics that attribute environmental impact to data activity (e.g. cloud subscriptions or data projects). We propose these to include, but not be limited to: • Cloud and on-premise resource consumption (compute / storage) • Energy consumption (kWh) • Energy carbon intensity (kg/Co2) • Activity scale (e.g. no. of production solutions and services, total live projects) Supplementing these metrics with more dimensions such as time-periods and user groups will create a granular view of impact. Environmental measures must be analysed and visualised to drive Green Ops execution, either via existing dashboards or standalone reports. If preferred, we can deploy pre-created Power BI Green Ops dashboards which can be rapidly configured. Oakland have built these (and the supporting data platform) as part of our Data Platform Hosting offering.

  Tackling economic inequality

  We ensure our recruitment practices, our culture and the people experience all meet the five principles from the Good Work Plan that will attract good candidates from a diverse range of backgrounds. These include worker satisfaction, good pay, participation and progression, wellbeing, safety and security and voice and autonomy. Values based recruitment, unconscious bias training & fair and consistent recruitment practices. Creating social value through our matched giving scheme and B Corp activities and status.

  Equal opportunity

  We will not tolerate discrimination or harassment, and are committed to promoting equal opportunities in employment. Those who work for us, and anyone applying for a job with us, will receive fair and equal treatment. We ensure, where possible, full access for everyone applying for a vacancy. Decisions about transfers and internal promotions are made, so far as possible, using only objective criteria. We will never victimise anyone who makes a legitimate complaint to us about harassment or discrimination, or who supports a colleague in their complaint. Our futher commitments and aims include: A working environment free from all forms of unlawful discrimination, including victimisation and harassment. A workplace capable of allowing everyone to achieve their greatest potential, and where individuals are willing to give their best. A policy of ensuring employment opportunities are open to all qualified candidates, so that we recruit from the largest possible pool of available talent and recruit the best-qualified staff. A commitment to recruiting based on ability to do the job, that also reflects the multicultural composition of our local community. A commitment to amending our polices and approaches if we think it has become outdated, or circumstances suggest to us that it needs updating. A commitment to protecting staff, wherever possible, from being victimised or treated less fairly if they make or support a complaint in good faith under our policies.

  Wellbeing

  At Oakland, mental health and wellbeing is at the forefront of everything we do and in this ever evolving hybrid world we are constantly looking for ways to support our employees as we adjust to the new ways of living and working. Psychological safety in the workplace is of primary importance and we want our employees to feel safe, valued and heard and secure in the knowledge that they will not be discriminated against for being their true, authentic selves. As part of this support, we also promote diversity and inclusion so everyone feels they can bring their ‘Whole Self’ to work. As a company we make big investments into our wellbeing initiatives and actively engage with our team to allow us to gain their input, improve our benefits and provide the vital support they need to maintain their optimum health and wellbeing. We also have a robust employee assistance programme which includes access to private healthcare, mental health support and therapies and offers a 24 hour support line. We regularly roll out wellbeing training across the business and bring in wellbeing experts to engage with the team and have enlisted Mental Health First Aiders within the organisation. We actively promote healthy lifestyles, positive mental health and share a variety of ways our team can support their own wellbeing and create a healthy work/life balance. We also offer a wide range of company benefits (which include discounted gym memberships and a ‘Cycle to Work’ scheme). We firmly believe that if you look after your staff, your staff will look after you.

Pricing

• Price: £20,000 to £1,000,000 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@weareoakland.com. Tell them what format you need. It will help if you say what assistive technology you use.