FlyingBinary Ltd

Tableau Private Visualisation

Tableau Private is fully-managed single-tenanted self-service SaaS visualisation service fully-hosted in the UK which resides in the FlyingBinary big data analytics suite. Keywords:Business Intelligence, BI, Dashboard, VizQL, In-Memory, Desktop, Prep, Creator, Explorer, Viewer, Viz, Chart, Graph, Table, Database, Secure, Audit, insight, Intuitive, data driven, datajournalism, Teccarto Classic, IoT, sensor

Features

• Visual Analytics. Interactive, Creative, Analytical, Human, Perception, Insight, Science, Cognition
• Hosted. Maintained, Administered, Upgrade-free, Dublin Data-Centre, Compliant, Trust, Available
• Secure. AD, SAML, SSL, Authentication, Authorisation, Row-Level-Security, 2FA, SSO, Monitored
• Data-Platform. Valuable, Mobile, App, Device, Scale, Journalist, Collaborate, Share, Enterprise
• Access. Connectors, Spatial, Relational, Real-Time, Drivers, Unstructured, Cloud-based, social
• Data-Science. R, Python, Open-Source, Advanced, Statistics, Forecast, Cluster, What-if, Parameter
• Integrates with Teccarto packages for enhanced mapping and geospatial analysis
• Prep. Re-structure, Pivot, Union, Join, Transform, Flow, Clean, Integrate, ETL
• Enterprise configurable security access and control capabilities, security, governance
• GDPR demonstration of compliance, stream data, twitter, facebook, Public, Community

Benefits

• Data-Governance. Data-Security, Consistent, Access, Permissions, Certified, Protected, Audit, Alert
• Creative. Flexible, Intuitive, Storytelling, Guided, Teccarto Matrix, mapping layers
• Pedigree. Stanford, Stephen, Few, Disruptive, Gartner, Leader, Community, User-Group, Tufte
• Time-Saving. Fail-Fast, Agile, Iterate, Collaborate, Inclusive, Quick-Start, Accelerate.
• Self-Serve. Empower Workforce, Browser-based, Question, Immediate Answers, Web-Authoring, Subscribe
• Lower Cost. TCO, Efficient, Revenue-generating, Cost-reducing, Value, Subscription, Operational
• Evolution. Data-driven, Not Opinion-based, Strategic, Decentralise, Adoption, evidence based policy
• Custom Geography with full Teccarto mapping capability, smart city, cities
• Comprehensive data security, access and control capabilities, fully-hosted Creator
• GDPR configurable to meet business need, sensitive data, special category

£99 a user a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jacqui.taylor@flyingbinary.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

688415225566471

Contact

Dr Jacqui Taylor
+44 77 899 668 02
jacqui.taylor@flyingbinary.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Published views and dashboards are accessible from any platform and from any current browser. A browser with the Microsoft Remote Desktop Web Client browser plugin is required to access the design environment. Internet Explorer 11 compatibility mode is not supported.
• System requirements:
  • A desktop or mobile web browser
  • Remote Desktop Web Client is required for the Design environment

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: We respond to all questions within 8 business hours. Normal business hours are 0800-1800 Mon-Fri excluding UK holidays. We regularly respond to questions within 4 business hours, and we triage all inbound questions to establish urgency and set appropriate priorities.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our standard support service is by email 0800-1800 Mon-Fri excluding UK holidays and we respond to all questions within 8 business hours. We regularly respond to questions within 4 business hours, and we triage all inbound questions to establish urgency and set appropriate priorities. We can offer several extensions to the standard service at extra cost: extended hours support at 10x7 or 24x7; 4 business hour response; phone support; web chat support; onsite support. The support service is provided for issues, incidents and service requests. We will also respond to questions about how to use the service, but we reserve the right to direct clients to our training services if users are clearly not equipped to use the service competently.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: There are four types of onboarding help available, which may be used in combination: online help; key contact getting started assistance; additional onboarding assistance; service training courses. Key contact getting started assistance is included within the cost of the service. It is usually conducted as an interactive web screenshare session, but may also be provided as a pre-recorded video session with a follow up teleconference, or as an onsite session. Onsite sessions outside the M25 area will incur an additional cost. Online help is available to all client users of the service and is included within the cost. Additional onboarding assistance and service training courses are both provided via the companion Cloud Support service.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The service has built-in tools that allow user data extraction. These tools are available at any time, not just at contract end, and may be used for any data extraction purpose required. There are no restrictions: all user data may be extracted from the service for any reason, at any time. User data extraction does not require supplier intervention, but clients may choose to limit this functionality to client super users or administrators. There is no limit to the number or size of data extractions performed, but the service is priced on a "fair use" basis for network charges. Excessively large or very frequent data extractions may incur an additional cost or bandwidth limits. Alternatively, the companion Cloud Support service offers assistance with data extraction, at an additional cost.
• End-of-contract process: Prior to the end of contract/contract renewal date, we discuss the forward plan with the client key contact. In the event of contract end, we work with the key contact to ensure that all user data and collateral is retrieved or extracted before the contract end date. Although there are standard data extraction tools built in to the service, there may be a requirement for special data migration to the client's chosen new service. In that instance, we can work with the new supplier to migrate data to maximum benefit for the client, such work would be performed within the companion Cloud Support service and incur an additional charge. In the event that the client is unable to extract all required data before the contract end date, it is often possible to extend the duration of the data extraction features of the service for an additional period; or to extend the full service for an additional period; so that the client does not suffer unnecessary unavailability.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: All standard features of the desktop service are available on mobile devices. The presentation and navigation of features is reformatted to provide a mobile-friendly experience for smaller screen sizes. Some design and administration features may be more difficult, or not available on mobile devices. Services may be configured for access over the public internet, or restricted to public sector networks. Mobile devices must be able to access services via the same network routes as desktop or laptop devices.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service employs a modern, simple, browser-based, easy-to-use interface to provide a unified approach for users to interact with the service. Choosing browser-based over an installed application simplifies security, enterprise deployment and ensures that the service is evergreen without costly software upgrades. See answers to other questions concerning browser specifics. All standard user features are available via desktop or mobile web browsers. Mobile browsers are optimised to work with touch input, while desktop browsers support accessibility tools and software. Note that a small group of client super users still require an installed application to perform advanced design and administration tasks.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: All parts of the service interface are tested using both standard input and assistive technologies, including keyboard navigation and screen readers. In addition to in-house testing, the public beta programme is open to users of assistive technologies. The product toolbars are now Double A conformant including Custom Views, Subscribe and Alerts.
• API: Yes
• What users can and can't do using the API: Several APIs available to automate or enhance aspects of the standard platform: REST, Extract, Document, Javascript, Web Data Connector and Extensions (in beta May18). Search online for 'Tableau onlinehelp API Reference'. The REST API can be used for managing users, groups and sites, updating workbooks or datasources and Integrating Tableau content with a custom app or portal. Extract API can be used to create data extracts that improve performance and provide offline access to data. Document API is used to create and deploy templates or migrate workbooks from test to production data sources. Javascript API for embedding Tableau into custom web applications. Allows a bi-directional communication between Tableau and the host application. Web Data Connector: connect to any data via HTTP/HTTPS, providing an HTML interface to end-user, storing into data extracts. Also allows automatic refreshes and authentication. Extensions API can open up a range of capabilities from 'write-back' to custom interface options and bi-directional communication between Tableau and guest application.
• API documentation: Yes
• API documentation formats:
  • HTML
  • Other
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The purpose of Tableau Private Visualisation is to allow customers to create their own analytics, reports and dashboards, each of which is customised to meet specific needs. Automation can be applied to the platform through the use of APIs. In addition the interface can be adapted and tailored to reflect customer branding. At an individual level the users can personalise their experience through the use of favourites, selected 'home pages', custom filter settings on views, etc.

Scaling

• Independence of resources: Our testing tells us the lower and upper levels of cloud resource required to maintain performance for normal levels of demand. We reserve and dedicate the lower level of cloud resources to each client, so that no client user can impact the performance of any other client. As client demand increases, we monitor performance and ensure that additional cloud resources are available to maintain performance, to the upper level. The service is priced on a "fair use" basis, so exceeding the upper level of demand means either reduced performance, or request further cloud resources, at additional cost.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics are available showing user activity, traffic to views, traffic to data sources, performance of views and actions by users. These metrics are presented in real time dashboards and are available to client super users on request.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There are tools built in to the service that allow users to export their data. User data export does not require supplier intervention, but clients may choose to limit this functionality to client super users or administrators. Users may specify any subset, or all, of the data that is relevant to the current export requirement. Once the data subset has been selected, invoking the export function creates a corresponding CSV file, which is then downloaded to the user computer for the required purpose. Data already held in tde or hyper format may be exported directly in that format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Tableau Data Extract (tde)
  • Tableau Hyper (hyper)
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Tableau has over 70 native connectors...
  • ...including files, databases, web data connectors and applications.
  • Search for 'Tableau Connect to your data' for current list.

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: Other
• Other protection within supplier network: The internal local network supporting the service is segregated from external networks using both firewalls and internal VLAN configuration. For reasons of operational effectiveness and performance, traffic within the VLAN is not encrypted. Traffic that passes from one cloud service to another is encrypted using TLS v1.2 as it traverses the VLAN boundaries and firewalls. If your use case requires internal network encryption, we can discuss alternate cloud deployments and architectures, at additional cost.

Availability and resilience

• Guaranteed availability: We guarantee the service will be available 99% of the time during business hours. Measured over the last two years, we have comfortably exceeded 99.5% availability. For use cases requiring higher availablity guarantees, we can discuss alternate cloud deployments and architectures, at additional cost. No financial recompense is offered for a single failure to meet service level within a year. In the event there are two or more failures in successive months, then a discount equal to one twelfth of the annual cost will be offered for renewals at the next anniversary.
• Approach to resilience: All cloud resources are virtualised, so there is no dependency on any single hardware component. The underlying infrastructure is 99.999% available. As standard, all service components are deployed in a single availability zone to minimise service costs. All client deployments are managed as separate cloud instances, ensuring that performance-affecting activity occurring in one client deployment cannot impact any others. All client data is backed up daily for additional protection against service outage, data corruption or other potential losses. In addition to the single zone service, there is also the option of dual zone service, where all service components are replicated at a second site, at additional cost. The dual availability zone option provides geographic resilience, in addition to providing an alternate source of service provision in the case of some outage that affects multiple hardware components, or a whole data centre or geographic location. As standard, primary or single zone hosting is located in the UK, while secondary zone hosting is located in the EEA.
• Outage reporting: Service affecting incidents are reported to client key contacts by email. Service affecting incidents include any observation of diminished service performance, reduced or missing functionality and not just observation of service outage. Initial emails may include only a report of the observation. Follow up emails will include notification of full service restoration, or estimated time to restoration, or additional details of mitigations or workarounds. Client key contacts may also request further details or additional help, as the emails are issued by a client support team, capable of responding to requests for additional information; the emails are not issued by "no-reply" mailboxes.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password
• Access restrictions in management interfaces and support channels: There are two type of management access, for client super users and for supplier administrators. Client management access is limited to designated user accounts that have super user or admin status. Supplier management access is limited to designated user accounts. Supplier management user accounts have very strong passwords stored in password management vaults, to which only authorised users have access. Some supplier management actions require direct cloud resource management and this is performed via whitelisted or other restricted network access links.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Our security governance is meshed with our corporate governance, with our CEO having final responsibility for G-Cloud services and governance policies and our CTO having day-to-day responsibility for policy implementation. Our policies cover people, processes, technology and information assets, at board, management and operational levels. We review our policies and update our practices in light of new regulation, standards and best practice to ensure we are able to counter current and emerging threats.
• Information security policies and processes: Our security governance is meshed with our corporate governance, with our CEO having final responsibility for G-Cloud services and governance policies and our CTO having day-to-day responsibility for policy implementation. Our policies cover people, processes, technology and information assets, at board, management and operational levels. We review our policies and update our practices in light of new regulation, standards and best practice to ensure we are able to counter current and emerging threats.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Service hardware components are managed by our data centre suppliers. Component lifecycle management is accredited to ISO27001, including storage overwrite and secure destruction. Service software is assembled from existing software components (proprietary and open source), is obtained only from the official repository, and security checked before use. No custom software is used. The service deployment checklist records all versions and change dates. Planned infrastructure or software changes are reviewed for new or changed features or capabilities, and internal software library dependencies. If needed, configurations are changed to disable unnecessary new features or mitigate any additional security exposure.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We monitor vulnerability feeds, vendor and security researcher blogs to understand emerging threats. We then make an assessment to confirm any potential to affect service, and if so, determine severity and likelihood. Based on our assessments, we create a mitigation plan that may include a change to operation practice, a planned upgrade or an emergency upgrade. Operational changes and emergency upgrades are carried out as soon as reasonably practical following assessment and planning. Planned upgrades are accommodated within the normal upgrade or patching cycle.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: System event monitoring is used to facilitate the identification, classification and analysis of potential security incidents. Any security-related incident is classified as a severely service affecting incident, is escalated accordingly and actioned immediately. Different techniques and processes are employed to mitigate and recover service integrity, depending on the nature of the incursion. Further details are available on request.
• Incident management type: Supplier-defined controls
• Incident management approach: All service incidents follow a standard process. A triage step classifies to: common event not service affecting; service affecting; severely service affecting. Common events are handled by following a routine process. Events affecting service severely are immediately escalated to acquire necessary resource and management support. All other incidents are handled by the respective support team. Clients can report incidents by email to the support team. Update reports and communications are issued for all client-reported and service affecting incidents. When service affecting incidents are resolved, root cause analysis is performed to determine mitigating actions.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Joint Academic Network (JANET)

Social Value

• Fighting climate change:

  Fighting climate change

  In our work as Expert Advisors to 17 United Nations agencies, we are delivering technology services which help our clients measure and monitor both direct and indirect carbon emissions as defined by the Kyoto Protocol. ; ; All technology services offered on G-Cloud have been created with the intention of supporting H.M. Government meeting the procurement requirements of PPN 0621 and specifically users to create their Carbon Reduction Plans. ; ; Our data centre provider is a Corporate Participant in the European Code of Conduct for Energy Efficiency in Data Centres programme and recently won an award from the COC for adopting innovative technologies to improve data centre energy efficiency and reduce energy consumption. An example is the use of fuel cells that use a proprietary solid oxide technology to generate electricity through a clean electrochemical process. The process significantly reduces carbon emissions, saves water that would have been used in conventional power generation, and virtually eliminates harmful oxides and particulate emissions. All our data centres have ISO 50001 certification, awarded by Lloyd's Register Quality Assurance, which requires an ongoing commitment to energy management and continuous improvement in energy performance. We are also certified for ISO 14001, which provides assurance that environmental impact is being measured and improved. Our data centres are also ENERGY STAR certified. ENERGY STAR is a U.S. Environmental Protection Agency programme that assesses how efficiently a facility uses energy compared to similar facilities. A calculation similar to power usage effectiveness (PUE) is among the metrics considered for ENERGY STAR data centre certification. Additional specifics are available on request as part of the procurement process.; ; We are currently extending this work to deliver a membership service that enables start-ups, SMEs, VCEs and mutuals to access technology, tools, materials and support that enable them to create their own Carbon Reduction Plans.
• Covid-19 recovery:

  Covid-19 recovery

  FlyingBinary technology, developed at the beginning of the pandemic to support our own local community. This technology has now been made publicly available to communities and entrepreneurs to manage and recover from the impacts of Covid-19. ; ; This service is specifically designed to communicate local, regional and national covid-19 initiatives to organisations and citizens for all data needed to deliver covid-19 recovery services. The service can ingest any data required from existing services to form a more complete picture of the covid-19 issues related to both communities, regions and if needed nationally. It is deliberately architected to support non technical service users to understand the recovery actions which are needed to address the next steps for covid-19 recovery, particularly related to the outcomes required. This service uses best in breed analytics technology to help clients set priorities for covid-19 recovery initiatives. It brings together best of breed geospatial and analytic capabilities to understand where covid-19 recovery initiatives can be used, and can monitor the outcomes of any covid initiative. ; ; This technology is being used to increase productivity, and support remote, hybrid and in-office Covid safeworking. This enables all organisations to support flexible working for all employees and entrepreneurs. It also is used by cities and communities to support delivery of services disrupted as a result of the pandemic.
• Tackling economic inequality:

  Tackling economic inequality

  We are proud signatories of the Armed Forces Covenant and have supported the Ministry of Defence over many years to deliver innovation services. This has provided a variety of opportunities to acquire new skills through the use of FlyingBInary technology, attendance at training, workshops and events. Our work with Armed Forces veterans to reskill them in leading technologies that are used in cyber security and counter terrorism, has been recognised with a Bronze Award in recognition of the contribution we have made to tackling economic inequality. ; ; With an increased focus on economic crime in the UK this service has been adapted to utilise data related to beneficial ownership. This enables the underlying cause of economic crime to be understood and the impact this is having on communities, regions and nations. This approach to beneficial ownership can be further explored with the addition of Teccarto Classic and Teccarto Trek to evidence the geospatial inequalities which currently exist. ; ; We have created professionally accredited training offerings alongside this service to provide high value skills to the UK workforce. ; ; We have provided strategic services over many years which provide employment and skills in deep technology, data innovation, artificial intelligence and the Industrial Internet of Things for start-ups, SMEs, VCSEs and mutuals. This work is core to FlyingBinary delivering on our mission of “inclusion … leave no one behind”, and increasing resilience and building capacity for UK PLC.
• Equal opportunity:

  Equal opportunity

  We are a UK SME, led by a female CEO with vision disabilities. Inclusion is our mission, building and deploying enabling technology to ensure we leave no one behind. We have pioneered web science that has enabled us to evidence the contribution an equal opportunities agenda brings to companies in the private, public and not for profit sectors. We have used this technology to create inclusion strategies for GDP growth in the G20, EU Commission and United Nations. ; We work collaboratively across the entire value chain to support disabled people in all our work. All of our technology services adhere to the pervading accessibility standards which supports disadvantaged or minority groups to move to higher paid work as part of the delivery of our technology services to clients.; ; We have extended provision of these inclusive technology services to deliver services which address digital poverty for communities across the UK during the pandemic. We have evidenced the gaps, as services moved online during the pandemic. We have addressed the needs of many communities, and specifically those of young people, who were disadvantaged without access to technology or the new online skills.; ; From the launch of our company we have been committed to building technology services which combat slavery and human trafficking. ; ; We have a zero-tolerance approach to modern slavery across all areas of our company, as well as our supply chains. We are committed to ensuring we are not connected to modern slavery in any way. Beyond this we have created deep technology services which are used to combat modern slavery and human trafficking. Our approach to tackling modern slavery thorughout our supply chains is consistent with our obligations under the Modern Slavery Act 2015. Our full Anti-Slavery and human trafficking policy can be accessed on the FlyingBinary website at https://flyingbinary.com/modern-slavery/
• Wellbeing:

  Wellbeing

  FlyingBinary has developed workforce practices which we use internally to support the mental and physical well being of our staff. These are used to deliver our technology services for our clients, and can be extended to reflect the nature of the contracts we deliver based on client requirements. ; ; As a result of supporting clients to adapt to remote and hybrid working, we have developed additional technology to support staff, suppliers, customers and communities to create more resilient health and wellbeing approaches to managing and monitoring physical and mental wellbeing. ; ; Wellbeing approaches using technology can improve and create cohesion across communities. We have used FlyingBinary technology to understand, influence and collaborate on activities which create strong, integrated and resilient communities across the world.; ; Our CEO Dr Jacqui Taylor is recognised as the world’s first Smart City Tsar for the work she has led to improve outcomes for cities and communities using FlyingBinary technology. All clients benefit from these innovations which are used to refresh and create new technology offerings to improve wellbeing outcomes in the delivery of FlyingBinary technology services.

Pricing

• Price: £99 a user a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: The free version is the companion Tableau Public Visualisation service, providing exactly the same visualisation functionality as the paid service, but limited to extracted data sets. The results are fully public on the web, and so the service is suitable only for fully public data. There is no time limit.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jacqui.taylor@flyingbinary.com. Tell them what format you need. It will help if you say what assistive technology you use.