Total Intelligence Ltd (G8)

MI View analytic solutions

The service is provided to allow organisations to rapidly analyse all data whether the data is in structured or unstructured form. Output from the analysis can be displayed in a variety of forms from traditional tabular style to real time updating dashboards and exported to other applications for further processing.

Features

• Real-time reporting
• Data Visualisation
• Powerful fast, simple search capabilities
• Scalability
• Scheduled reporting
• Scheduled updating

Benefits

• Data updated in real-time
• Comprehensive facilities to build world class dashboards
• Very simple but powerful search facilities for an end user
• Scalability, can query in seconds 100's millions of records
• Reports can be automatically scheduled to run whenever required
• Data is automatically updated on whatever frequency is necessary

£9,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.finch@totalintelligence.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

680347111411301

Contact

Chris Finch
07900675811
chris.finch@totalintelligence.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
• Service constraints: No constraints other than following the guidelines for configuration
• System requirements:
  • Windows 64 Bit or Linux 64 bit OS
  • Sun Java JDK 64 bit 1.9 or above

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response depends on the SLA. Response times would be different at weekends
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support is universal, the cost is dependent on numbers of users. A technical account manager is called on if needed.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Users are provided with onsite training AND User documentation
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data created/stored by the User can be exported in a number of different formats (e.g. CSV) following the end of a contract.
• End-of-contract process: We require 3 months notice in writing once a customer decides to end a contract. Unless additional services to assist in offboarding are requested there are no additional costs.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: MI View can be 'skinned' to reflect the customer using it to deliver their outputs

Scaling

• Independence of resources: This is managed by appropriate configuration of the resources

Analytics

• Service usage metrics: Yes
• Metrics types: All activity is captured in Log data
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Connexica

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users can export their data from MI View in a number of ways (e.g. PDF, Excel, HTML, Image, XML)
• Data export formats:
  • CSV
  • ODF
  • Other
• Data import formats:
  • CSV
  • ODF
  • Other
• Other data import formats:
  • Oracle
  • DB2
  • Postgress SQL
  • JDBCOLAP
  • Sybase
  • SQL Server 2008 & above
  • SQL server 2000-2005
  • MI VIew (other instances of)

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
  • Other
• Other protection between networks: Data transfer can be via SFTP
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: This is at two levels. The application availability will depend on the SLA's in place with the application host, normally this is expected to be 99% +.; ; Availability for the application itself is expected to be 99% +, only downtime is consumed by upgrades to the operating software and the application itself.
• Approach to resilience: Available on request.
• Outage reporting: E mail alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: In order to access managment interfaces and support channels the user MUST have been assigned the relevant permissions. Standard users will have access to the relevant screens to make amendments to the application configuration. Admin users authenticate onto the system by using user names and passwords as is the case with standard users. MI View has always offerd a high degree of flexibility with passowrd policies that are enforced as well as giving the user the ability to audit log on and log off events. An access process for managment/support channels which ensures only qualified staff can access client instances.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Total Intelligence is responsible for ensuring the service is installed in a secure environment. The data processed within the service is encrypted so is NOT accessible by any other processor/or users outside the aspplication

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: All upgrades and fix releases are managed through the defined change managment process. This ensures clients are already aware of all scheduled application changes and there is an associated design, development, QA and release mechanism in place that shows that changed functionality has been tested and meets the requirements specified prior to production. In addition it is possible to define agreed release schedules so that software changes (unless agreed as a priority fix) are only implemented within specific dates and times to minimise any potential impact on the organisation whilst the implementation is taking place.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: All upgrades and fix releases are managed through the defined change managment process. This ensures clients are already aware of all scheduled application changes and there is an associated design, development, QA and release mechanism in place that shows that changed functionality has been tested and meets the requirements specified prior to production. Systems have been configured for clients to automatically provide notification of issues on the host server regarding CPU/Memory utilisation as well as systems that automate backup processes. Preferred hosting partners identify potential compromises and respond to these threats in accordance with the ISO27001:2014 standard.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: For easch major release an automated vulnerability scan is completed to highlight any known vulnerabilities within the architecture of the application. This focuses on reviewing the application against vulnerabilities highlighted by OWASP. Literature/information from OWASP is reviewed to ensure newly discovered issues are already handled within the application. The dvevelopment team will patch any gaps within 2 weeks. Additionally, penetration tests haver been conducted byexternal security consultants approved by the CREST organisation when major functional changes are made to the aplication.
• Incident management type: Supplier-defined controls
• Incident management approach: A significant repository of knowledge has been built which assists in the rectification of frequent and/or known issues as quickly and efficiently as possible. SLA's are defined for different incident classifications dependent on severity and associated business impact. If the issue cannot be dealt with immediately it will be passed onto the development team for resolution. A patch will then be created, tested and made available as a patch release. Users can report incidents therough the online helpdesk portal. Weekly incident reports can also be accessed through this portal.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: NHS Network (N3)

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  We have always championed equal opportunities for any existing or potential future employees regardless of age, gender, race or religion.

Pricing

• Price: £9,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Free trials can be set up to provide users with a limited view of the product and its capabilities providing the user undertakes a short training session

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at chris.finch@totalintelligence.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.