Connexica Limited

CXAIR

CXAIR is a Data Management and Analytic platform that helps our customers to maximise the value of their data assets and provide enterprise wide reporting and business insights.

Features

• Data Management
• Analytics
• Forms based application development

Benefits

• Improved business performance
• Improved business efficiency
• Reduced Waste
• Assists with business planning
• Improve business understanding
• Business insights to chnage/improve business processes

£100 to £1,400 a user a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.luke@connexica.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

489295518909075

Contact

Gary Luke
07786544153
gary.luke@connexica.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: There will be planned maintenance arrangement agreed with the Customer and performed out of hours. Connexica supply a minimum hardware/server specification.
• System requirements: The Server must meet the CXAIR minimum specification

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Priority: Target Response Time: Target Resolution Time - ; Priority 1: 4 hours: 1 working day:; Priority 2: 2 working days: 10 working days:; Priority 3: 2 working days: 3 months or the next software update; 9:00 to 17:30 Mon-Fri exc Bank holidays
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Support cover is 9:00 - 17:30 Mon-Fri (Exc UK Bank Holidays); ; Priority: Target Response Time: Target Resolution Time - ; Priority 1: 4 hours: 1 working day:; Priority 2: 2 working days: 10 working days:; Priority 3: 2 working days: 3 months or the next software update; ; The support service is standard for all customer and at a single price included in the annual service charge.; ; We provide access to an account manager
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We provide onsite or online training and the product is fully documented in an online resource. We typically provide some kick start consultancy to re-inforce the knowledge acquired through the training courses and to ensure the project gets off to a flying start.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats: WIKI
• End-of-contract data extraction: The product includes simple extract capabilites to export the data to a variety of formats including CSV
• End-of-contract process: Connexica will provide assistance with the extract and transfer of the Customers data to a safe environment and remove the system and the data at no exra cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: There is no difference. The service can be delivered through a web browser on either desktop, laptop, tablet or phone.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: User only can access data through REST API.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customers can define their own corporate theme (logos, fonts, colours etc...). Data Source interfaces are configured to allow access to any non-standard information sources (e.g. REST API or Database)

Scaling

• Independence of resources: Connexica will assist with the sizing of the cloud envionment to address the volume of expected users. The capability of the cloud can easily be upgraded to cope with additional demand. HIgh demand requests can be run in the background.

Analytics

• Service usage metrics: Yes
• Metrics types: CXAIR records all access to the system and reports by user and stored the activity within its data store allowing customer to generate reports using CXAIR on the full usage of the system (by user).
• Reporting types:
  • API access
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: CXAIR includes functioanlity as standard to export data to a variety of formats including CSV. Other formats for exort are PDF, EXCEL, HTML, Email and JSON
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • XML
  • PDF
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • BigQuery
  • DB2
  • JDBC
  • MySQL
  • ORACLE
  • HSqlDB
  • PostgreSQL
  • SQL Server
  • Sybase

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: CXAIR minimum target for availablity is 99.8%.; CXAIR will refund upto 25% of the monthly service charge for failure to meet the SLA
• Approach to resilience: Available on request
• Outage reporting: Email Alerts and and a cloud management console to check performance

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: CXAIR supports defined user roles and access and functionalty rights to control access.; The management and support channels are protected via 2 factor authentication.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users receive audit information on a regular basis
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: The cloud hosting is provided by a 3rd party whose has the CSA CCM Version 3.0 and ISO/IEC 27001 accreditations
• Information security policies and processes: The cloud hosting is provided by a 3rd party whose has the CSA CCM Version 3.0 and ISO/IEC 27001 accreditations. In addition, Connexica complies with its internal data protection policy which covers all aspects of information goverance and data security and the obligations of Connexica employees in this respect.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Components are tracked through a development life cycle change control system producing bi-annual release that are fully penetration by an external party.; All changes are reviewed regards their impact on security, usability, reliability and performance.; Changes must be authorised by the product owner.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: The key is all new releases of the software are pentetration tested.; Pathches are can be deployed with 24 hours after they have passed through the quality assurance process.; Regular checks on latest penetration vectors on OWASP
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: System logs are reviewed for supicious activity; Any issues will be immediately reported to the customer and a patch release will be provided with 24 hours.
• Incident management type: Supplier-defined controls
• Incident management approach: Processes exist for system shutdown, re-start and upgrade.; Incidents can be reported via the help desk.; Customers can track and retrieve reports on any incident via the help desk

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  CXAIR is platform that enables customers to create analytics and insights to assist with understanding and improving an organisations net zero targets. Also, Connexica has sponsered a PhD student investigating smart energy networks. Connexica also provide a solution called "Track My Carbon" to the public and commerical sectors to assist with meeting the net zero target. Connexica use their own solution to drive its own net zero ambition.

  Covid-19 recovery

  CXAIR is platform that enables customers to create analytics and insights to assist with understanding and improving an organisations response to COVID-19 Recovery. During the COVID pandemic Connexica provided fast data capture and reporting on the COVID reponse in care homes for a large metropolitan area.

  Tackling economic inequality

  CXAIR is platform that enables customers to create analytics and insights to assist with understanding and improving an organisations response to economic equality.

  Equal opportunity

  CXAIR is platform that enables customers to create analytics and insights to assist with understanding and improving an organisations response to equal opportunity.

  Wellbeing

  CXAIR is platform that enables customers to create analytics and insights to assist with understanding and improving an organisations response to Wellbeing

Pricing

• Price: £100 to £1,400 a user a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Connexica will provide CXAIR on a trial basis for a maximum of 3 months

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gary.luke@connexica.com. Tell them what format you need. It will help if you say what assistive technology you use.