Differentia Consulting

Cloud Hosting for BI Analytics Data Visualisation, Automation, Reporting & Alerting Service

Differentia Consulting provides a managed cloud hosting service for its next-generation SmarterBI platforms for decision-makers to gain more actionable insights from data. Adopting AWS or Azure to offer a multi-cloud platform, that includes identity provision, access and data security provided on Windows infrastructure. Service scales to meet demand.

Features

• Qlik BI Cloud Hosting; QlikView, Qlik Sense, NPrinting hosting services
• Qlik BI Multi-Cloud Deployment; AWS, Azure, OnPremise, Qlik Cloud
• Qlik BI Archiving, backup and disaster recovery
• Qlik BI Compute and application hosting; QlikView, Qlik Sense, NPrinting
• Qlik BI Infrastructure and platform security and identity management
• Qlik BI Platform as a service (PaaS)
• Qlik BI Container Based Service
• Qlik BI Block Storage

Benefits

• Qlik BI Migration to Cloud
• Qlik BI Centralised BI Infrastructure Management
• Qlik BI specialist provider with expertise across multiple software releases
• Qlik BI failure resilient applications across multiple availability zones
• Qlik BI Secure and highly flexible hybrid solution and storage
• Qlik BI specialist solution provider
• Qlik BI monitoring and alerting of entire application infrastructure

£9,000 to £63,000 an instance a year

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@differentia.consulting. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

398259017276895

Contact

Mari Vartiainen
+44 1494 622600
tenders@differentia.consulting

Service scope

• Service constraints: Service is constrained by the platform and software providers' availability and rules e.g. software releases and supported/available hardware configurations. In addition restrictions on geography may apply and should be considered before the commencement of the service to ensure compliance according to the needs of the service.
• System requirements:
  • HTML5 Compliant browser
  • Windows or Container service (Windows or Linux)
  • Identity Provider to access the service

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: 4hr response during work day, next working day. Work week - Mon - Fri excluding Bank Holidays.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Via Microsoft Teams or other cloud-based service.
• Web chat accessibility testing: Per Microsoft/Cisco documentation
• Onsite support: Yes, at extra cost
• Support levels: Depending on the solution and service package implemented, Differentia Consulting offers varying levels of support. Operating under SLA, Differentia Consulting has a support desk of highly experienced and certified engineers who are all UK based. Each support request will be assigned to a single point of contact. In addition to the single support contact, every client is allocated both an account manager and service delivery manager.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The following services form the basis of on-boarding a client. - Assigned Service Delivery Manager. - I S & R M (Initial Scope & Requirements Meeting). Meeting to cover off business and infrastructure requirements. - Training. Project team training needs assessed, and training delivered. - Implementation services delivered remotely or on-site. - Consulting services as required to deliver prototype and production ready applications. Delivered remotely or onsite. - Success management. We work closely with clients to ensure your initial project aims are met. - Annual reviews ensure evolving requirements are met.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: Hard copy (at additional cost)
• End-of-contract data extraction: Where Differentia Consulting has engaged with a client to provision services, off-boarding will begin with a termination of service(s) meeting to agree off-boarding steps, which may include: - Return of data - Deletion of environments (hosting) - Removal of shared storage (access) - Agree ongoing communications - Audit (as required)
• End-of-contract process: Costs would be dependent upon services required (if any). At the end of our engagement, Differentia Consulting will work closely with the client to understand and support the termination process. Services for this would be charged on a time and materials basis, and may include: - Data Extraction charges - Licence charges - Consulting and Technical Services charges - Residual Managed Services charges - Outstanding commitment charges (e.g. hosting fees) All of the above are subject to appropriate notice as per the agreement.

Using the service

• Web browser interface: Yes
• Using the web interface: Users are permitted to complete all operations as if the service was provided OnPremise. Or restrictions can be added where these services are distinct and required to be delivered by the services provider.
• Web interface accessibility standard: None or don’t know
• How the web interface is accessible: The interface is accessible via the identity management system, once configured. Access can be via HTTPS or Daemon offering secure point to point connectivity.
• Web interface accessibility testing: Individual vendors may have completed testing for assistive technology users.
• API: Yes
• What users can and can't do using the API: The services we provide have multiple APIs for low-level functions that enable the solution to be deployed without the need for the prescribed front end. Hence entirely possible to embed API integration for the construct of mash-ups and similar browser-based deployments.
• API automation tools:
  • Ansible
  • Chef
  • OpenStack
  • Terraform
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
• Command line interface: Yes
• Command line interface compatibility:
  • Linux or Unix
  • Windows
• Using the command line interface: CLI is used for system build and system automated services. It is not intended for end-users

Scaling

• Scaling available: No
• Independence of resources: We design the configuration to meet the user requirements, both via virtual machine configuration or elastic cloud. Load balancing and failover services can also be deployed where needed and designating those instances as dedicated.
• Usage notifications: Yes
• Usage reporting:
  • API
  • Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • HTTP request and response status
  • Memory
  • Network
  • Number of active instances
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Qlik, Box, TimeXtender, SecuPi, Inphinity, Tangent Works, Alteryx, CloudFlare

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Data security is discussed with the client and we can offer encryption of all cloud hosted media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Virtual machines
  • Databases
  • Files
• Backup controls: Client to agree on what is backed up and how often in line with their IT policies.
• Datacentre setup: Multiple datacentres with disaster recovery
• Scheduling backups: Users contact the support team to schedule backups
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99.99% uptime. Service credits can be claimed.
• Approach to resilience: Available on request.
• Outage reporting: RSS/Email alerts and internal dashboard

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Other user authentication: Identity provider eg. ZeroTrust, Okta, Oauth, Keycloak
• Access restrictions in management interfaces and support channels: User defined security models are deployed to meet the client requirements.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
  • Other
• Description of management access authentication: Via API
• Devices users manage the service through:
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 18/11/2010
• What the ISO/IEC 27001 doesn’t cover: NA
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus
• Information security policies and processes: ISO 27001 equivalent

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: These are managed by a third party.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Software is provided that automatically assesses applications for vulnerabilities or deviations from best practices, and then produces a detailed list of security findings prioritised by level of severity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitoring and logging is deployable for all services as needed.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a data and information security policy to cover incident management. Users report incidents via our ticketing system. We assess, prioritise, manage and communicate. Incidents are escalated to a dedicated security compliance team. The compliance board meets regularly to discuss and record any incidents. Incident reports are communicated via email.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Other
• Other virtualisation technology used: AWS virtualisation technology
• How shared infrastructure is kept separate: Different virtual private networks (VPC)

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: AWS / Azure - both comply; https://aws.amazon.com/about-aws/sustainability/

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  By adopting an aggregated platform approach to analytics power consumption is reduced compared to on-premise equivalent.

Pricing

• Price: £9,000 to £63,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@differentia.consulting. Tell them what format you need. It will help if you say what assistive technology you use.