Catalyst BI Ltd

Cloud Data Solutions

Fully hosted, secured and serviced hosting environment in Microsoft Azure Cloud as a simple hosted environment, clustered or multi-product solution encompassing the entire Qlik range.
Fully serviced DataRobot Automated Machine Learning environment in the Microsoft Azure Cloud with data management in Snowflake and Microsoft Azure Synapse cloud data warehouse.

Features

• Immediately react to changes in your data with alerting automation
• Automate the creation of data warehouses and managed data lakes
• Automate and ingest real-time data changes from any source system
• Build once and deploy anywhere, built for mobile devices
• Interact via search and natural language processing conversational analytics
• Provide self-service visualisation with fully interactive dashboards you can share
• Standard and customised modular training
• Build and deploy automated machine-learning models, serve scoring and predictions
• Write back to source systems directly from operational analytics applications
• Leverage APIs to customise/embed analytics at the point of decision

Benefits

• Rapid deployment of advanced analytics, deployed in days not weeks
• Fully hosted with no infrastructure or technical overhead
• Access anywhere data insights, available on any device
• Secure environment to safeguarded data with a proven track record
• High availability with 99.9% up-time guarantee
• Easy to use with little or no end user training
• Powerful administration and auditing built in

£500.00 to £5,000.00 a server a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mike.cawthorn@catalyst-it.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

432065331645534

Contact

Mike Cawthorn
07775 636273
mike.cawthorn@catalyst-it.co.uk

Service scope

• Service constraints: Only limited to Microsoft Azure/Qlik constraints and limits will be applicable
• System requirements:
  • Internet Connection
  • End devices need to meet Qlik's minimum requirements

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 09:00 to 17:00 (GMT ), Monday to Friday
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: 1st, 2nd and 3rd Level support are included in the service.; ; Both technical and account managers are provided.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial discussion, documentation and training are provided.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: This will be provided based on the content and size of the data and agreed with the customer, but this can be provided from flat file (CSV,TSV), Excel, cloud storage, cloud warehouse or relational DataBase as a few examples.
• End-of-contract process: This is dependent on the customer but all the necessary data, applications and configuration being able to be exported. After closure all data will be or deleted and the Azure tenant be destroyed included all backups.

Using the service

• Web browser interface: Yes
• Using the web interface: Access to the hosted Qlik services is provided via the secured web interfaces, this is provided via a normal username / password combination. ; ; Logins will be provided by standard Azure AD, Goolge Auth or other standard SAML based access.
• Web interface accessibility standard: WCAG 2.1 AA or EN 301 549
• Web interface accessibility testing: Qlik Sense provides accessibility features to help users interact with Qlik Sense.; ; Default color schemes in Qlik Sense are designed to provide high contrast for users with color blindness, offering keyboard navigation, keyboard shortcuts. You can also use keyboard shortcuts to change between most visualisations and a table view of the data they represent.; ; You can use Qlik Sense with a screen reader to interact with existing apps. You can use the screen reader in the hub, and in a sheet in analysis view.; ; The supported configuration is: JAWS screen reader for Microsoft Windows, and Internet Explorer 11.
• API: Yes
• What users can and can't do using the API: Qlik Sense provides access to all functions of the application via both Client and Server-side API's, both of which are fully documented with examples over multiple frameworks and languages.; ; Use the client side APIs to build visualization extensions and mashups. You can make use of them when embedding Qlik Sense in web applications and when extending Qlik Sense with custom visualization extensions.; ; The server side REST APIs to manage data and configuration information for your site. You can also use them to manage site authentication, session handling and load balancing. They also provide functionality for importing users and groups from external sources.
• API automation tools: Other
• Other API automation tools: Apache JMeter
• API documentation: Yes
• API documentation formats:
  • HTML
  • PDF
  • Other
• Command line interface: No

Scaling

• Scaling available: No
• Independence of resources: Each customer has its own dedicated environment within an isolated tenant so no two customers are using the same environment.
• Usage notifications: Yes
• Usage reporting: Email

Analytics

• Infrastructure or application metrics: Yes
• Metrics types:
  • CPU
  • Disk
  • Memory
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
  • Hardware containing data is completely destroyed
• Equipment disposal approach: In-house destruction process

Backup and recovery

• Backup and recovery: Yes
• What’s backed up:
  • Qlik Configuration
  • All Applications, tasks and schedules
  • Any loaded data
  • Full Virtual Machines
  • Databases
  • App Services
• Backup controls: This can be changed during setup and FOC via a support ticket, if additional backups or increased frequency are required this will be at an additional cost.
• Datacentre setup:
  • Multiple datacentres with disaster recovery
  • Multiple datacentres
• Scheduling backups: Supplier controls the whole backup schedule
• Backup recovery: Users contact the support team

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Hardware is backed by a 99.95% uptime with the end service providing a 99.9% uptime.
• Approach to resilience: Resilience is provided by Microsoft Azure - High Availability & Disaster Recovery services are available.
• Outage reporting: Email Alerts

Identity and authentication

• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: We provide a standard method of minimum access required with access only provided when needed. ; ; Management interfaces are restricted to us as the supplier.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Devices users manage the service through:
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Catalyst are ISO9001 and ISO27001 compliant but not accredited, the Microsoft Azure data centres are accredited to ISO2000, ISO22301, ISO27001, ISO27017, ISO27701, ISO27018, ISO9001, SOC 1,2,3 WCG2.0 a full list can be found here: https://azure.microsoft.com/en-gb/overview/trusted-cloud/compliance/
• Information security policies and processes: Catalyst are ISO9001 and ISO27001 compliant but not accredited, the Microsoft Azure data centres are accredited to ISO2000, ISO22301, ISO27001, ISO27017, ISO27701, ISO27018, ISO9001, SOC 1,2,3 WCG2.0 a full list can be found here: https://azure.microsoft.com/en-gb/overview/trusted-cloud/compliance/

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We use the Microsoft Azure Monitoring dashboard to track our services alongside with manual auditing/logging controls. ; ; Azure allows testing environments which can be assessed for both performance and security prior to release.; ; Changes are logged through our change management system to assess potential risks.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have an independent organisation to perform a monthly vulnerability scan, this report is reviewed with any issues or failures being rolled out to the environment. ; ; Internally we also use a vulnerability scanning platform to scan environments daily.; ; We have a regular 2-week patch cycle for both OS and Qlik product updates.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: All machines utilise Azure Security Center which offers integrated vulnerability assessment with a cloud agent. The agent will report and vulnerability which in turn provides vulnerability and health monitoring data back to Security Center. Our administrators are notified of any vulnerabilities for patching.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a standard incident management process embedded within our support solution.; ; Incident reports are available upon request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Separation between users

• Virtualisation technology used to keep applications and users sharing the same infrastructure apart: Yes
• Who implements virtualisation: Supplier
• Virtualisation technologies used: Hyper-V
• How shared infrastructure is kept separate: Each customer is held within its own Azure tenant, separating data, networks, security and users.

Energy efficiency

• Energy-efficient datacentres: Yes
• Description of energy efficient datacentres: We use Microsoft Azure Data Centers which adhere to the EU Code of Conduct for Energy Efficient datacentres.

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Microsoft Azure hosting and all datacentres are carbon neutral .

Pricing

• Price: £500.00 to £5,000.00 a server a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: This is linked to a proof of concept and can last up to 1 month.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at mike.cawthorn@catalyst-it.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.