SOCIAL FINANCE LIMITED

Social Finance Data Platform

The Social Finance Data Platform is a hosted data processing application which will enable government organisations to share sensitive personal data securely and efficiently. It allows users to interrogate and visualise data, and to make data-driven decisions about service operations.

Features

• Secure infrastructure collecting data in a central hub for analysis
• UK-based AWS cloud storage
• Privacy by design: automated pipelines enforce data standardisation centrally
• Detailed logging supports users in understanding data processing
• New data pipelines can be added with minimal development
• Robust Information Governance framework
• All data pipeline code transparently maintained on open source repositories
• New data pipelines can be added with minimal development
• Solution designed to support multi-agency data sharing
• User-centred research and design

Benefits

• Cost-effective cloud-based data sharing platform
• Supports development and distribution of engaging analytics for users
• Data insights to support strategic decision-making
• Enables secure collaboration between teams, departments and organisations
• Advanced analytics to identify risks and effectively target interventions
• Minimum data required for analysis while enforcing standardisation centrally
• Allows public sector organisations to measure and monitor outcomes
• Enables under-served populations to be identified and understood
• Iterative data sharing governance structure
• Fosters multi-agency working to provide best interventions and impact

£20,000.00 to £80,000.00 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@socialfinance.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

648342393950321

Contact

Caroline Gadd
02077706836
tenders@socialfinance.org.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: Currently there are no constraints.
• System requirements:
  • Requires access to internet
  • Requires access to web browser

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We aim to respond to questions within 2 business days.
• User can manage status and priority of support tickets: No
• Phone support: No
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Social Finance can provide support necessary to on-board users to the Data Platform. Email support available throughout the contract. Specific support package to be agreed with customer at point of engagement.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We typically deliver training to the client as part of our implementation activities. Training sessions are typically delivered online.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Social Finance will work with clients to determine the best format(s) for extracting datasets in a timely manner. Additional information available on request.
• End-of-contract process: Data is deleted from the platform and user access is revoked. Final data extracts are produced and supplied to clients in the agreed format.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Website served over HTTPS/SSL1.3 and secured through a SAML 2.0 Single Sign-On solution.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Accessibility requirements are considered as part of design activities. Please contact us for more details.
• API: No
• Customisation available: Yes
• Description of customisation: We work with clients as part of initial scoping conversations to understand additional development requests.

Scaling

• Independence of resources: Every client is allocated a dedicated resource in the cloud environment. This ensures consistent performance for individual use of the solution without interference from other users.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics provided through the Social Finance Data Platform include: reports on auditing and error logging.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Holmusk Europe Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users upload their data through a secure web portal.
• Data export formats:
  • CSV
  • Other
• Data import formats:
  • CSV
  • Other

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Level of availability varies depending on the specific work. Our standard form Service Level Agreements (SLAs) can be provided on request.
• Approach to resilience: The Social Finance Data Platform is hosted on Amazon Web Service (AWS) infrastructure and makes substantial use of the AWS technology stack. Under the Shared Responsibility Model, AWS takes ownership of network infrastructure, physical security of data centers, and underlying software.; ; More details can be found here: https://aws.amazon.com/compliance/shared-responsibility-model/
• Outage reporting: Outages can be reported via email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication: Identity federation with existing provider (for example Google Apps)
• Access restrictions in management interfaces and support channels: Social Finance employee access to the Data Platform is approved by designated team leads following Social Finance's approved access control policy/processes. ; ; The Data Platform sit inside a federated Identity and Access Management cordon.; ; At the user end, SAML 2.0 federation is required to be set-up between AWS Cognito and Active Directory.
• Access restriction testing frequency: At least once a year
• Management access authentication: Identity federation with existing provider (for example Google Apps)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 18/11/2022
• What the ISO/IEC 27001 doesn’t cover: ISO/IEC 27001 certification covers the Data Platform being hosted through Amazon Web Services (AWS) cloud infrastructure.; ; Social Finance does not hold ISO/IEC 27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Under the Shared Responsibility Model, AWS secures the underlying infrastructure, while Social Finance takes ownership for the the security of the data and configuration. Please contact us for more details our approach to security governance.
• Information security policies and processes: The application is designed with the security and integrity of datasets in mind. It follows the National Cyber Security Centre’s guidelines for web application security best practice. Data is encrypted at rest on AWS S3, and in transit using TLS 1.2 and 128bit encryption. ; ; Data centres are managed by AWS and are subject to their access controls and operational resilience rules under the shared responsibility model. AWS holds ISO 27001 certification.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration and change management processes available on request.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Details of deployment-level vulnerability scanning available on request. Supply chain analysis is run at the code end.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Social Finance utilises a layered approach to intrusion detection. In the cloud, AWS GuardDuty safeguards our environment, while Microsoft's built-in intrusion detection continuously monitors our Active Directory for suspicious activity.
• Incident management type: Supplier-defined controls
• Incident management approach: Incident management processes available on request.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Public Services Network (PSN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity

  Fighting climate change

  Social Finance is committed to helping promote environmental sustainability and drive the growth of a circular economy.; ; Our organisational commitments to environmental sustainability are set out in our Environmental and Sustainable Travel and Ethical Procurement policies. Key features include:; ; Social Finance complies with all relevant environmental legislation and regulations, as well as to other requirements and standards which are relevant.; ; We aim to buy all products from managed, sustainable sources and only electronic products which are certified as easily recyclable.

  Tackling economic inequality

  Social Finance is deeply committed to addressing economic inequality.; ; Reducing young people not in education, employment and training: We’ve worked hard to create new businesses, new jobs and new skills. For example, we’ve developed services that have supported over 4,500 young people at risk of dropping out of school.; ; Supporting people into work: We work to help people gain meaningful employment and live fulfilling lives by offering effective infrastructure support. For example, our programmes have supported 4,000 adults with severe mental health issues into work.

  Equal opportunity

  Social Finance is committed to achieving a working environment which provides equality of opportunity and freedom from unlawful discrimination on the grounds of race, colour, nationality, ethnic origin, gender, gender reassignment, marriage or civil partnership, disability, religion or belief, age or sexual orientation.; ; We aim to provide a service that does not discriminate against its clients and customers in the means by which they can access the services and goods supplied by the Company.; ; We believe that all employees and clients are entitled to be treated with respect and dignity.

Pricing

• Price: £20,000.00 to £80,000.00 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at tenders@socialfinance.org.uk. Tell them what format you need. It will help if you say what assistive technology you use.