FORMCEPT TECHNOLOGIES & SOLUTIONS PRIVATE LIMITED

MECBOT: AUGMENTED DATA MANAGEMENT PLATFORM (AI & ML)

Trusted augmented data management and excellence platform for real-time analytics and decisions at scale and enterprise AI needs. Comes bundled with a self-service, intuitive interface and manages all your data no-code lo-code and provides insights and data driven decisions, including scalable deployment.

Features

• Real-time analytics
• Structured and unstructured data analysis
• Smart data fabric
• Auto-detection of patterns
• Connected data analytics
• Metaspace : Smart Metadata Powerhouse
• Interoperable
• Guided AI using Generative AI
• Single API to connect downstream
• Intelligent data mesh

Benefits

• Business-focussed
• No-code Lo-code system
• Operational from Day 1
• Scalable to few PetaBytes
• Reduces the time from data to insight considerably
• Real-time data analysis
• Cost savings
• Centralized security and compliance
• Not vendor locked with any cloud providers
• Rapid data-driven application development

£45,000 to £70,000 a terabyte a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sam.bhaskar@formcept.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

510204033065335

Contact

Sam Bhaskar
+44 7841 118452
sam.bhaskar@formcept.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No
• System requirements:
  • Linux based system
  • Dedicated and reserved instances from the cloud or on premise
  • Cluster of machines is required
  • Cloud and Standalone environment
  • Oracle JAVA
  • Root access to machine

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 8h x 5d (Working Days); ; 24h x 7d support can be provided at an additional cost
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Accessible via the website with one-click / single-click.; ; Supported by ZenDesk ticketing system.
• Web chat accessibility testing: Done by the provider (ZenDesk)
• Onsite support: Yes, at extra cost
• Support levels: Level 1 / Level 2 / Level 3 with phone / email / 24X7 and 8X5.; ; • Critical (Severity 1) - Response time 1 hour with update every 1 hour until incident resolution. Support coverage will be provided during Business and Non-business hours; ; • High (Severity 2) - Response time is 2 hour with updates every 4 hours until incident resolution. Support coverage will be provided during Business hours and non-business hours; ; • Medium (Severity 3) - Response time is 1 working day with updates every 1 working day. Support coverage will be provided during Business hours; ; • Low (Severity 4) - Response time is 2 working days with updates until incident resolution. Support coverage will be provided during Business hours.; ; Cost depends, if the support is on-site or off-site (via phone or webchat).; ; Technical account manager and/or cloud support engineer provided under different support plans and options.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Online training and / or user documentation.; ; In order to help users get started with the service we provide extensive online training sessions. Training sessions are conducted based on the user roles that each user would have. ; ; Multiple sessions are conducted in order to ensure high-user adoption of the platform. ; ; Users are also provided with documentation in order to enable them to use the platform in a much more efficient manner.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
  • Other
• Other documentation formats: Markdown
• End-of-contract data extraction: Provision to dump entire data via CSV format (also possible in alternate format on request).; ; Also, we could offer repository services with a link for an agreed period of time, if required or requested.
• End-of-contract process: The entire data is purged and reformatted. No information or data is stored elsewhere.; ; All the data will be migrated and provided to customer as and when customer requires.; ; Platform with data ingestion including any customization based on user requirements including mobile applications, if requested / required.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems: Linux or Unix
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: End cognitive applications are available on mobile (landscape mode)
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Mail or Jira ticket.; ; Also we have a bespoke tool for managing support services, if required.; ; Users can use the UI application to achieve various business operations.
• Accessibility standards: None or don’t know
• Description of accessibility: We provide role based access and only people with relevant roles can access data that is shared.; ; End applications or services are available as Web based application with role based access.
• Accessibility testing: We have not tested our product across people with disability or people with special skills, however we are working to support this in near future.
• API: Yes
• What users can and can't do using the API: APIs can be used or verified by curl / postman.; ; Changes to the APIs can't be made by the user / users. They can only read or query.; ; Updates to data or adding new data through the pipeline only.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Everything can be customized.; ; Partners or System Integration or we can do it.; ; If we do it, there will be an additional charge depending on the level of customization to be conducted.; ; The platform is infinitely customizable and can be mirrored to reflect the buyer's business processes. Any requests for customization are received and would be made during implementation.; ; 1. The configuration of the organization such as region, BU, Contract category/Sub-category; ; 2. User roles and access rights; ; 3. The data, option and other details available on the home screen etc.; ; Certain customizations such as User roles, access rights and details available on the home screen can be made via the product interface. ; ; Customizations such as Changing the organization structure can be performed with the help of the Customer success manager.; ; Admin users as well as the Customer support team.

Scaling

• Independence of resources: Multi-tenant platform – Islanded / secluded per customer .; ; Scalable system (vertically & horizontally).; ; Also, we could use bespoke network and application management tools to ensure that users aren't affected during peak hours, if required.; ; We have auto-scalability of our services in order to guarantee users aren't affected by demand of other users.

Analytics

• Service usage metrics: Yes
• Metrics types: Depends on the app. But usage, who is using how much etc.; ; Operational metrics.; ; Any other metrics requested by the user.; ; Customised as per user needs and requirements.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Encryption of data at REST.; ; Banking Grade encryption.; ; We encrypt data at rest using a variety of tools including (but not limited to):; ; 1. Utilizing managed databases by our infrastructure provider which have options to encrypt data at rest. In these cases, encryption keys are managed by the infrastructure provider.; ; 2. Utilizing the infrastructure provider's option to encrypt the underlying storage of the assets that persist data. Again, encryption keys are managed by the infrastructure provider.; ; 3. Company laptops are encrypted as outlined in the Endpoint Security Policy.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Json or CSV option to export or dump data within the MECBOT platform
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Json
  • Parquet
  • Avro
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Json
  • Parquet
  • Avro
  • DBs
  • CSV
  • XLS
  • Word
  • PDF
  • Machine date over https / CoAp / MQTT / OCPP

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: 4 levels of security protection we provide:; ; Network Security by islanding the clusters of machines where MECBot is running (Perimeter security); ; Data Protection (HTTPS on transit and at rest can be encrypted, if customer wants); ; Access Controlled and only people with relevant access can access data they are allowed to.; ; Audit and Lineage.

Availability and resilience

• Guaranteed availability: We guarantee a 99.99% level of availability. We run on Microsoft Azure / Amazon / GCP and these providers ensure 99.99% of availability. Azure / Amazon / GCP provides payback if availability limit is breached.
• Approach to resilience: Available on request
• Outage reporting: All of the above

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access Control (Java Web Token based) Only authenticated users are permitted or allowed access and could be at different levels, if required.; ; We have elaborate rules and permissions management module.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ACCORP PARTNER INC.
• ISO/IEC 27001 accreditation date: 21/06/2023
• What the ISO/IEC 27001 doesn’t cover: All our services are covered by this certification
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications: SOC2 TYPE2

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: ISO 270001; ; SOC2 TYPE 2; ; OSWE, EC Council; ; Our platform is behind firewall and will be hosted on AWS/GCP/Oracle/Azure which are strictly compliant to all the standards.
• Information security policies and processes: Provided on request.; ; Mainly covers :; ; The Pillars of Information Security program are; ; 1. Information Security Training; 2. Incident Management; 3. Vulnerability Management; 4. Data Classification; 5. Data Backup; 6. Data Retention; 7. Encryption; 8. Endpoint Security; 9. Physical Security; 10. Acceptable Use Policy

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Code repository / Version Control / JIRA ATLASSIAN; ; Change management process ensures that all software developed in the service of or any subdomain of should be version controlled.; ; We use a decentralized version control system like git. This allows engineers to work on bug fixes, new feature development and other independent projects simultaneously. Before synchronising with the central repository, engineers work on local branches created from an appropriate version of the central repository. Changes are tested locally before the being deployed to users; ; The policy outlines procedures for conducting planned and unplanned changes as well.; ; We use a version-controlled system.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Reporting; ; The Information Security Officer is responsible for communicating detected vulnerabilities and package updates needed to the appropriate vulnerability management system where it can be tracked to resolution.; ; Remediating Vulnerabilities; ; The engineering staff is responsible for remediating any reported vulnerabilities. The remediation process should be tracked in the vulnerability management system. SLAs are in place to help prioritize vulnerability based on severity; ; Possible resolution statuses; ; 1. Fixed; 2. Inaccurate/Incorrect; 3. Vulnerable section unused; 4. Acceptable risk; ; Perform various internal vulnerability scans and package monitoring on a constant basis.; ; Perform external vulnerability-scans/penetration-tests periodically.; ; Patches : 24-48h.; ; Source : Public medium.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: How you identify potential compromises : Monitoring system in-house.; ; How you respond when you find a potential compromise : Notification via email.; ; How quickly you respond to incidents : Instant.; ; We use monitoring tools in order to identify network intrusions.; ; The support team is available 24/7 to find the root cause and fix the vulnerabilities.; ; The time period taken to respond to incidents depends on severity of incident, mostly instant.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: JIRA; JIRA Ticketing system; JIRA reporting; ; Pre-defined processes for said events; ; 1. Report the incident immediately to your manager as soon as possible.; 2. If manager is not available, employees are to approach the ISO / CEO to report the incident.; ; ISO is responsible for ensuring that reported security-incidents are added to the appropriate incident management system.; ; At any given point of time, On-Call-Engineer (OCE) is the first point of contact and responsible for addressing the incident.; The following are the levels of severity; ; • Low severity incidents; • Medium Severity incidents; • High severity incidents; • Critical severity incidents

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Fighting climate change; ; Fighting climate change; We have systems and process geared to save energy in our data centers

  Covid-19 recovery

  Covid-19 recovery; ; Covid-19 recovery; We have a process in place to manage services remotely and our teams are aware of Covid protocols

  Tackling economic inequality

  Tackling economic inequality; ; Tackling economic inequality; Our organization work with teams, where we contribute towards the wellbeing and employment of resource from economically diverse backgrounds.

  Equal opportunity

  Equal opportunity; ; Equal opportunity; We are a merit oriented organization and our teams are balanced in representation and we conscious of this attribute

  Wellbeing

  Wellbeing; ; Wellbeing; The management are firm followers of well being and teams are encouraged to follow yoga and healthy food habits within the organisation

Pricing

• Price: £45,000 to £70,000 a terabyte a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: 14 days trial period and what's included / excluded can be discussed and agreed.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sam.bhaskar@formcept.com. Tell them what format you need. It will help if you say what assistive technology you use.