Twin Technology

TT Web Traffic Intelligence and Reports

Scanalytix is an automated monthly report that takes a feed from
your Google Analytics account and presents the most relevant
information in a clear and simple format.

Features

• Provides data and insights to make informed decision
• Delivered to your inbox on the 1st of each month
• Simplifies key Google analytics data
• Month on month reporting
• Allows quick decision making
• Month by month reporting that allows trend analysis
• Easy to understand infographics
• Cost effective solution

Benefits

• Track positive results of your actions
• Make important changes based on previous months data
• Can be used by any department or organisation size
• Allows regular monitoring of website performance without being expensive

£10 an instance a month

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@twintechnology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

569019569625947

Contact

Larry Rach
01923 228820
sales@twintechnology.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Hybrid cloud
• Service constraints: Must have a Google analytics profile attached to a live website.
• System requirements:
  • PDF reader
  • Email address and access
  • Google analytics profile

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All support requests are handled by email inquiries.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: This is a low cost monthly subscription service. All support will be handled via email, web chat and social media, all queries will be responded to within 48 hours and handled to completion as soon as possible.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We take the client through a work through process to enable the configuration to be successful first time.
• Service documentation: No
• End-of-contract data extraction: With the exception of basic user account information, we do not hold any personal data or information relating to the client's Google analytics profile
• End-of-contract process: Month by month contract and the user profile is deleted if the user terminates their contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: This is a web based service and will scale to be used on mobile devices of all sizes.
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: No
• Customisation available: Yes
• Description of customisation: The report can we presented with your customised logo and branding.

Scaling

• Independence of resources: The platform is on a fully resilient platform with load balancing, this ensure that any peaks in the service can be dynamically handled.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Other
• Other data at rest protection approach: No data is moved.
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: If the User requires export of the information we have on file we are able to send this to them via a csv file.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: A report is provided to the end user every month, usually on the first working day. If this fails we will address this and get it resolved to have the report prepared for the without any additional charge to them.
• Approach to resilience: This information can be submitted upon request
• Outage reporting: Service outages are reported via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: We have a defined hierarchical permission structure and administrators only have access to permitted areas, password managers are used, with anti keyloggers and malware protection on all desktop. We also have a 30 day password expire policy.
• Access restriction testing frequency: At least once a year
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 6 months and 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: Payzone
• PCI DSS accreditation date: 28/04/2019
• What the PCI DSS doesn’t cover: Being a PCI DSS Level 1 Service Provider allows us to offer a PCI ready cloud environment that can help you drastically cut the cost of PCI compliant hosting. It also means we can help you understand the policies and procedures you need to have in place to ensure you’re meeting all 12 requirements of the PCI standard.
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We work within the guidelines of CyberEssentials and IASME
• Information security policies and processes: The information produced via the Scanalytix platform only goes to named email recipients

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: The configuration and change management process is on a development server. When changes are required they are sent to the staging server, once we are satisfied we trial this on the testing platform, if the test is successful it is published to the live environment.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have DDOS strategy implemented on the the environment.If an attack is identified, the platform is moved and to ensure the continuity of the service. ; ; Our service delivery team will endeavour to patch any vulnerabilities on the environment as soon as possible. We expect patches to be implemented when required within the hour.; ; We regularly monitoring our environment, we assess potential treats from security vendors, security news groups and peers.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Internal security audits and external penetration test.; ; Apply patches, move the environment and respond the threat as appropriate, we are usually responding the this threat within the hour.
• Incident management type: Undisclosed
• Incident management approach: All incidents are handled via internal ticketing and the teams respond to the end users who are able to email us for support. ; ; We will usually respond to these within 4 hours and a resolution will be given as as soon as possible.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Twin Technology is dedicated to the continuous improvement, understanding and taking appropriate responsibility for any adverse environmental, social, and economic impacts of its consultative work. In doing so, Twin Technology considers impacts on a life-cycle basis and prioritises actions according to: alignment with the companies values, magnitude of impact, and compliance with any applicable regulations.; Twin Technology has also commited to reducing our carbon footprint by investing in electric vehicles.

  Equal opportunity

  Twin Technology has an equal opportunity policy already in place, It is our policy in recognition of all relevant legislation to ensure that there will be no discrimination on the grounds of colour, race, nationality, religion, gender, marital status, domestic circumstance, disability, sexual orientation, age, or any legal affiliation(s). This is a positive policy and it is the requirement of all staff, employed or contracted, to actively follow these requirements.

  Wellbeing

  Twin Technology's acknowledges the importance of wellbeing and this is incorporated within it health and safety policy.; Twin Technology Ltd recognises that it has responsibilities for the health and safety of our workforce whilst at work and others who could be affected by our work activities. We will assess the hazards and risks faced by our workforce in the course of their work and take action to control those risks to an acceptable, tolerable level.; Our Managers and Supervisors are made aware of their responsibilities and required to take all reasonable precautions to ensure the safety, health and welfare of our workforce and anyone else likely to be affected by the operation of our business.

Pricing

• Price: £10 an instance a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Your first report is free.
• Link to free trial: Www.scanalytix.com

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@twintechnology.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.