Spinwell Global Limited

Spinwell - GLU

A "NO CODE" Enterprise Integration Platform that;
Is configured by Analysts. No software development, 100% NO CODE
Is Singularly Versatile and Flexible across industries i.e., industry agnostic
Is Secure and sits within clients physical & technical boundaries
Is to HALVE the Time to Market and the Cost of integrating systems.

Features

• Protocol Translation between Initiating Systems and Receiving Systems
• No Code Design
• Analyst Configured integrations via a GUI.
• Deployed by the Client within their ecosystem
• Creates Business Agility and no development
• Parameter Validation on all inbound messages

Benefits

• No development required
• Internal Analyst configuration
• Behind Client Security curtain
• Business Agility
• Automates routine tasks

£3,148 a virtual machine

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pritesh@spinwellglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

442259473964550

Contact

Pritesh Raikundalia
02035102750
pritesh@spinwellglobal.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: ERP and CRM systems; Data storage systems ; Messaging Systems ; Reporting Tools
• Cloud deployment model: Private cloud
• Service constraints: It is a Software as a Service (SaaS). Its pay-as-you-go, pay-as-you-grow cost model ensures minimal upfront cost and eliminates barriers to adoption.
• System requirements: System Agnostic

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times L1 & L2 Less than 45 mins, L3 2 Hours; UK Business hours Mon - Fri 08:30 - 17:00; Weekends are available to all clients at a agreed cost; 24/7 Support is available at an agreed cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: L1 Simple phone enquiries for password reset etc; L2 Config issues and to help onsite client analyst in creating new workflows; L3 Major changes to config or issues resulting from User Analyst changes and required training and report provision on new data sets ; Both an Account Manager (Technical Architect) and Technical Support are provided
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial which is part of the package is carried out by our Technical team and the System is handed over as tested and working. Support and training are provided during this phase so all users are conversant with the offering. ; It is deployed by the Client within their ecosystem i.e. within their operational and security control boundary. This establishes the integrated ecosystem including all connections, transactions and ; orchestrations, previously achieved through tedious, expensive software development. Clients can expose Open APIs to the environment behind which a multitude of Internal and external 3rd Party systems can be integrated. Alternatively, Clients have the ability to create Bespoke APIs to uniquely match the existing APIs of specific Initiating Systems. In this model the need for any changes to those upstream system APIs is eliminated and time to market is accelerated
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The data is live and resides always within the client repositories or databases. ; When the contract is finished the service closes and the data remains where ever it has been allocated ; Stopping the service for automated / time based transfers (live data) requires the client has instigated an new approach
• End-of-contract process: The price is for the product and integration which is based on endpoints that have been designated during the course of the contract or engagement; When the contract is completed and successor arrangements made if required the 'engine' disappears from the dashboard of the Client appointed Analyst. All data remains where it is and under the client custody

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • IOS
  • Linux or Unix
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 A
• Description of service interface: This is a user defined messaging system for changing workflows using endpoints ; The user interface is a custom created for the Users Analyst to describe the data/work flow paths using endpoints using an innovative 'no code' system; Parameters include data fields and time
• Accessibility standards: WCAG 2.1 A
• Accessibility testing: This is a proven product developed via the Fin Tech Business world for fast, efficient and secure data transfer with a very low latency and completely within the client organisation. ; The system has undergone testing and is employed by High Speed High volume commercial financial organisations ; The no code allows the User Analyst to make changes needed by business
• API: Yes
• What users can and can't do using the API: GLU is used to build APIs that any system can consume. It then handles the downstream protocol transformation and associated orchestration logic to route any transactions received by the APIs to the required downstream systems. So in a sense because GLU can be configured to expose any required API those questions would more apply to the downstream system/s being integrated by GLU.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: This is a no code, secure user configurable application for routine and individual data transfers and enterprise integration ; New workflows are requested by the client to their own Analyst who can then configure on the interface the workflow needed; There is no development or external API's required to be developed

Scaling

• Independence of resources: The GLU.Engine performs the required Protocol Translation between Initiating Systems and Receiving Systems. ; Parameter Validation on all inbound messages can be applied so as to filter out spurious messages thus protecting the downstream ; ecosystem.

Analytics

• Service usage metrics: Yes
• Metrics types: Parameter Validation on all inbound messages can be applied so as to filter out spurious messages thus protecting the downstream ; ecosystem.
• Reporting types:
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: GLU Global

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Other
• Other data at rest protection approach: It is deployed by the Client within their ecosystem i.e. within their operational and ; security control boundary. This establishes the integrated ecosystem including all connections, transactions and ; orchestrations,
• Data sanitisation process: No
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: In TOGAF 9.1+, Information Systems Architecture covers both the Application Architecture and the Information Architecture, so these are two deliverables:; ; Application and Integration Architecture describes the applications / components, and their responsibilities, needed to support the Business Architecture and the principles governing their boundaries. Work done by Dalberg would be used as an input for this deliverable.; Information Architecture models the key Information classes the business is interested in, the relationships between the classes, describes the life cycle of typical class instances and the applications responsible for those life cycle changes.
• Data export formats: CSV
• Data import formats:
  • CSV
  • ODF
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: It is deployed by the Client within their ecosystem i.e. within their operational and ; security control boundary. This establishes the integrated ecosystem including all connections, transactions and ; orchestrations,
• Data protection within supplier network: Other
• Other protection within supplier network: It is deployed by the Client within their ecosystem i.e. within their operational and ; security control boundary. This establishes the integrated ecosystem including all connections, transactions and ; orchestrations,

Availability and resilience

• Guaranteed availability: 24x7 Support under contracted SLA
• Approach to resilience: Approach to resilience; -> Flexible Deployment options enable High Availability deployment of integration components behind Load Balancers or Proxies; -> Components can be deployed in micro-service like 'fabric' to mitigate system wide outage; -> Regularly Performance Tested; -> Integration Components are managed by Clients own DevOps teams and thus will fit into any existing HA/DR architecture
• Outage reporting: -> Service Desk based; -> Clients Host and operate their own Integration Components so internal reporting processes will apply with escalations to GLU Support Desk; -> Regular Monthly / Quarterly Account Reviews held with Outage Reports and Root Cause Analysis plus prevention actions taken

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: The GLU policy is based upon ISO 27002 and is structured to include the 11 main security category areas within the standard. ; Access to information and information systems will be driven by business requirements. ; Access will be granted or arrangements made for employees, partners, suppliers according to their role, only to a level that will allow them to carry out their duties.; Access is therefore limited to very few persons (The Analysts) with secure Dual Authentication
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International
• ISO/IEC 27001 accreditation date: 02/11/21
• What the ISO/IEC 27001 doesn’t cover: Hardware design and manufacture
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Security Essentials Plus
• Information security policies and processes: GLU follows as Secure SDLC process to ensure code security; Clients Host and operate their own Integration Components so internal security protocols and architecture practices apply and GLU components will fit into Client security framework; GLU.Ware architecture is uniquely designed to ensure the highest level of Client security as the GLU.Engine (the Integration Component) is entirely in the control

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Through the helpdesk and review meeting feedback any changes or configuration acknowledgements are reported and worked through; to identify the changes and any subsequent impact on configuration or security with client; If agreed, prepare proper documentation for the changes.; Internal review, analysis, and make a decision for the change request.; Make sure that the request is implemented, registered, and communicated.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The GLU Engine sits within the client estate and is therefore secured to the same exacting standards that the client has attained Clients Host and operate their own Integration Components so internal security protocols and architecture practices apply and GLU components will fit into Client security framework; GLU.Ware architecture is uniquely designed to ensure the highest level of Client security as the GLU.Engine (the Integration Component) is entirely in the control of the Client.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Service Desk based; Clients Host and operate their own Integration Components so internal reporting processes will apply with escalations to GLU Support Desk; Regular Monthly / Quarterly Account Reviews held with Outage Reports and Root Cause Analysis plus prevention actions taken
• Incident management type: Undisclosed
• Incident management approach: Service Desk based; Clients Host and operate their own Integration Components so internal reporting processes will apply with escalations to GLU Support Desk; Regular Monthly / Quarterly Account Reviews held with Outage Reports and Root Cause Analysis plus prevention actions taken

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Other
• Other public sector networks: The tool is agnostic

Social Value

• Fighting climate change:

  Fighting climate change

  Environment Policy ; Move towards carbon neutral behaviour patterns and to actively promote a more environmentally friendly organisation. will only use environmentally sound resources and discourage wasteful or any action which directly harms the environment and take into account environmental issues in its overall performance. ; ; Energy: our goal is to reduce our energy consumption for two reasons, 1) the direct impact that it has on the business, 2) overall cost to the business. Spinwell Global will ensure that all lighting and computer hardware will be switched off outside of normal working hours. Any computer hardware that we use is highly efficient , screen savers are in place should computers be left unattended for a period of time. ; ; Waste: We aim to minimise waste material wherever possible. Ultimately we envisage and encourage paperless office working environment, and as such we discourage any unnecessary printing. Any paper waste that is produced is recycled using the local collection service. We also encourage staff to buy unpackaged products where possible. ; ; Transport: We aim to have all employees travelling to and from work by use of either public transport, pedestrian access, or by bicycle. Where staff are required to attend client meetings, public transport is strongly encouraged where possible. Where public transport is not available, staff will be permitted to use the most environmentally friendly vehicle transport available. ; ; Goods & Services: Spinwell Global aims to work with our supply chain and clients to ensure our environmental policies are aligned as closely as possible. ; ; All Spinwell Global staff will take direct responsibility to uphold the Environmental Policy set out to ensure a more sustainable place of work. To consult regularly with The Carbon Trust (UK) to ensure we are doing everything we can to minimise our impact on the environmental, both locally and as a global organisation.
• Covid-19 recovery:

  Covid-19 recovery

  Certificated staff training on Covid Awareness ; Our Company structure was designed on remote working pre Covid and proved resilient both during the epidemic and on ongoing to date ; Currently waiting to receive ISO 45003 certification
• Tackling economic inequality:

  Tackling economic inequality

  Spinwell pay above national minimum salary and provide a living wage to all employees; We have focused on there being no gender wage pay gap; We are location agnostic and have staff working from Northern Scotland to the South Coast and from Essex to Lancashire; We do not penalise staff working from home with any reduction of finance or status ; Our staff are selected on suitability not where they live or were brought up and paid equally as the work dictates the same salary and incentives; Our staff have a very open demographic so spending within the local community is equally ecumenical and without a bias for religion, creed or colour
• Equal opportunity:

  Equal opportunity

  We recognise the business benefits and opportunities of having diverse community of employees, who value one another and realise the contribution they can make to achieving Spinwell Global Limited’s vision. Our internal figures: ; • 46% of the Spinwell Global Limited Team identify as women ; • 54% of the Spinwell Global Limited Team are part of the BAME community ; • 8% of the Spinwell Global Limited Team identify as LGBTQIA+ ; As a company we want our employees to feel confident that we listen to their opinions and support causes close to them. ; We continually to improve in all areas of equality and diversity to ensure that we are compliant, but also guarantee that equality and diversity remains at the core of what we do. ; Using our Management (CRM) system we are able to receive candidate information and create reports on all relevant information relating to the Equality Act 2010, Equal Opportunities Policy and Gender Policy. Monitoring ethnicity / Minority data; Encouraging applicants from minorities utilising existing partnerships with minority groups to ensure we promote and present roles to audiences appropriately.; Reduce unconscious bias ; All Spinwell processes, training and supply are predicated around our adherence to best practice in all government and HMRC legislated areas. All staff are required to keep up-to-date with training on all company policies and legal and regulatory requirements, this is monitored at bi-annual staff review meetings. This includes Equality, Diversity and Inclusion training along with unconscious bias training alongside a variety of courses promoting positive social change. ; All members of the Spinwell team participate in a regular interactive inclusion and diversity training programme.; At Spinwell Global Limited we seek to address the lack of gender-inclusive wording by using gender-bias decoder technology.
• Wellbeing:

  Wellbeing

  Spinwell Global take an active multithreaded approach to providing and maintaining genuine wellbeing within the workplace. ; We provide access to our HR system for all staff which monitors and checks that all steps initiated are closely monitored for effective application and early indicative needs for intervention or help; Our most recent step and to enable consistency in our approach was to apply for ISO 45003:2021; Occupational health and safety management — Psychological health and safety at work — Guidelines for managing psychosocial risks ; Along with the stated aims of the standard we provide camera based assessment of staff seating and use of display equipment and the correct guidelines for office working from home which is part of the HR Training and is certified and part of their HR record; High levels of discretionary effort; Improved recruitment, retention and diversity; Enhanced worker engagement; Increased innovation; Legal compliance; Reduced absence from workplace stress, burnout, anxiety and depression

Pricing

• Price: £3,148 a virtual machine
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at pritesh@spinwellglobal.com. Tell them what format you need. It will help if you say what assistive technology you use.