NUIX TECHNOLOGY UK LIMITED

Nuix Digital Investigation Solution (SaaS)

Nuix specialises in transforming massive amounts of data – including emails, social media, communications and human-generated content – into actionable intelligence.

Nuix's investigative software and Natural Language Processing engine provide a ‘non-technical’ view, empowering investigators to understand its content, context and connections to search, filter, visualise, comment and report.

Features

• Supports analysis of 1000's of different file formats and sources
• Review data from endpoints, mobile devices, email and cloud sources
• Automate repetitive tasks and share configurable workflows across projects
• Allows 'technical' and 'non-technical' users to collaborate
• View documents in their native form alongside all available metadata
• Visualise and analyse communication across networks of connected individuals
• Review, tag, redact and report in one simple workflow
• Customise project security with case, group and item-level permissions
• Simple and intuitive search interface
• Full audit trail and forensic integrity

Benefits

• View all data sources in a single application
• Better collaboration between 'technical' and 'non-technical' teams
• Reduce time from submission to review
• Make an early case assessment and avoid expensive reviews
• Simplify review through a common interface for multiple data types
• Full audit trail
• Simplifies disclosure
• Scalable to reduce case backlogs
• Improve efficiency by using deduplication

£10,000 an instance a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk.gov@nuix.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

457259569921070

Contact

Neil Thomas
+44 203 934 1600
uk.gov@nuix.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: Full details of supported data types and system capabilities available on request. Service constraints detailed as part of agreed Service Level Agreement
• System requirements:
  • HTML 5 compatible web browser
  • Minimum 5Mbit internet connection

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times to be defined in customer specific service level agreement.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support level to be defined in customer specific service level agreement.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Customer Success Managers (CSM's) and Subject Matter Experts (SME's) are available to assist with customer deployment, workflows and training (at cost); ; Full technical documentation available in request
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: At the end of the contract, access to the solution will cease. Costs relating to extraction, archiving of customer data are negotiated at the start of a contract and depend on the volume of data and complexity of the case(s).
• End-of-contract process: Decommission costs are agreed at the start of a contract and depend on the volume of data and complexity of the case(s).

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Admin portal allows superusers to create and manage cases and users. As well as report and manage data held within the platform.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: The third party used for WCAG assessment of Nuix products employs people who need assistive technology.
• API: Yes
• What users can and can't do using the API: Customers are able to create and manage cases, ingest and process data using the API
• API documentation: Yes
• API documentation formats: Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Dashboards can be created by users to give appropriate business intelligence information.; Custom searches can be input and saved by users for others to access.; Tags/bookmarks can be defined by users to appropriately categorise material identified during their review.; Workflows can be customised to allow the automation of specific tasks - including; bulk search and tagging, OCR'ing, redaction; bulk item exclusions, etc

Scaling

• Independence of resources: The underlying cloud infrastructure is scaled appropriately to reflect number of users, customers and cases made available on the system. Each customer deployment can be a separate instance with access to dedicated resources. User based licensing model will ensure that hardware can be scaled to meet predicted demand.

Analytics

• Service usage metrics: Yes
• Metrics types: Depending on the implemented solution we are able to provide metrics on:; -Volume of data ingested; -Database sizes; -Active user accounts.; ; In addition, all user activity is tracked meaning full audit logs can be provided on request.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: Users are able to export data from the system in a number of ways, depending on implemented solution and the user's priviliges.; ; Nuix supports native file export as well as bulk exports, load file exports and rendered pdf exports. Bulk exports and load file exports are highly configurable, allowing users to specify subsets of data to be exported with customisable manifests in various formats.; ; User priviliges for exports are fully configurable by administrators,
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Native
  • PDF
  • Concordance Load File
  • Other delimited formats
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Native loose file format
  • Concordance Load File
  • E01/Ex01
  • L01/Lx01
  • DD
  • AFF
  • Microsoft Purview Connector

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: As per SLA's forming part of contract
• Approach to resilience: All Nuix software has been certified compliant with the ISO 27001, 27017 and 27018 information security standards. We maintain rigorous information security management systems for our software as a service (SaaS) and software development environments.
• Outage reporting: Email alerts and dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Role based access controls
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: A-LIGN
• ISO/IEC 27001 accreditation date: 1/10/2021
• What the ISO/IEC 27001 doesn’t cover: Nuix Sales & Marketing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: No
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: All Nuix software has been certified compliant with the ISO 27001, 27017 and 27018 information security standards. We maintain rigorous information security management systems for our software as a service (SaaS) and software development environments. Nuix is a member of the Cloud Security Alliance. We also assess our software and operations against the US Government Federal Risk and Authorization Management Program (FedRAMP), United Kingdom and German standards.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Supplier-defined controls - available after signing NDA
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Supplier-defined controls - available after signing NDA
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Supplier-defined controls - available after signing NDA
• Incident management type: Supplier-defined controls
• Incident management approach: Supplier-defined controls - available after signing NDA

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality

  Fighting climate change

  We are a leading provider of investigative analytics and intelligence software, that empowers our customers to be a force for good by finding truth in the digital world. Our software allows our customer to identify and deal with ROT (Redundant, Obsolete and Trivial) data that they hold. Removing or archiving ROT data significantly reduces data-centre needs and as a result carbon emissions.

  Tackling economic inequality

  We are a leading provider of investigative analytics and intelligence software, that empowers our customers to be a force for good by finding truth in the digital world. Our users rely on Nuix software to assist with challenges such as fraud and bribery investigations. Our software is used by many of the worlds key investigative agencies, using it to identify and prosecute financial crime.

Pricing

• Price: £10,000 an instance a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Time limited POC available.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk.gov@nuix.com. Tell them what format you need. It will help if you say what assistive technology you use.