Viable Data

Cloud-Based Identity Assurance Solutions

Viable Data offer cloud-based identity assurance solutions, leveraging cloud-based solutions and tailoring our in-house intelligent identity verification solution, LearnID®, to meet your organisation’s specific identity assurance needs. Utilising our expertise in biometrics and security controls, we offer biometric and identity solution design, build and implementation.

Features

• Identity verification technologies
• Utilisation of our in-house scalable intelligent identification software platform, LearnID®
• Utilisation of Multi-Factor Authentication
• Biometric and identity assurance solution design
• Centralised identity management
• Design, build and implementation of biometric capture solutions
• Seamless integration with existing infrastructure and services
• Compliance checks
• Streamlined onboarding/offboarding process for users – improving security and efficiency
• Scalability/flexibility to grow with an increase of users or devices

Benefits

• Enhanced security and reduced risk of data breaches
• Increased user satisfaction and productivity
• Reliability and flexibility
• Remote access
• Staff with active Government security clearances (up to DV)
• Adoption and application of industry best practices
• Cost effective solutions, supported by leading industry professionals
• Highly secure and tightly governed

£350 to £1,351 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgovernment@viabledata.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

804415390751378

Contact

Tom Fitzherbert
+44 20 4566 8150
ukgovernment@viabledata.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: There are no constraints associated with our service.
• System requirements: Cloud hosted solution

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: We tailor our user support to the needs of our clients and users, ensuring that our clients receive cost-effective support that is aligned to their needs. We provide all levels and combinations of first-, second- and third-line support to our clients. Based on our client’s needs, our support can be contacted via email, online ticketing, phone, or live web chat. ; We provide a dedicated Client Executive to each of our clients, at no cost to the client. Our Client Executive is available by phone during office hours and by email at any time to ensure that escalations are managed effectively.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We use industry standard tooling and have performed an internal accessibility audit to confirm the vendor's assessment against the WCAG accessibility standards.
• Onsite support: Yes, at extra cost
• Support levels: Our dedicated Client Executives will be on hand by telephone during office hours and by email at any time to ensure that any operational support is provided in an effective and efficient manner. This is provided at no additional cost to the Client. ; ; Where the support required is of a technical nature, our Client Executive will call upon our staff for second-line and third-line support. Depending on the nature of the query and the amount of work required to provide a resolution, there may be an additional charge for this type of support.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Full user documentation is provided where required. Where requested we can provide on-site training, online training or additional documentation where required.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: This service is part of our service off boarding and will be agreed as part of the service contract.
• End-of-contract process: End of contract activities will be defined on a case-by-case basis.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
  • Windows Phone
  • Other
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: N/A
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Web chat functionality
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: We have completed accessibility testing with users. Our services meet WCAG 2.1 AA standard by default. Our testing includes tests for the most common assistive technologies such as screen readers, screen magnifiers and speech recognition software. We undertake selective testing where required with users that have conditions such as Rheumatoid Arthritis, Asperger's, Dyslexia and Dyspraxia.
• API: No
• Customisation available: Yes
• Description of customisation: The service is fully customisable, including look and feel on user interface, technology stacks involved in the deployment and running, the different browsers and devices that the service operates on. ; ; Technology agnostic, we can utilise or integrate with any biometric algorithms or end user device (such as fingerprint scanners, document scanners etc.).

Scaling

• Independence of resources: Scalable micro-service architecture to meet demand and requirements.

Analytics

• Service usage metrics: Yes
• Metrics types: Metrics to be defined during Discovery.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: This service is part of our service off boarding and will be agreed as part of the service contract.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: We agree SLAs and availability requirements are defined during Discovery.
• Approach to resilience: Resiliency requirements are defined during Discovery.
• Outage reporting: Outage reporting requirements are defined during Discovery.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: User access control within management interfaces and Administrator permissions are subjected to the following identity and authentication controls:; Username and two-factor authentication; Limited access over dedicated link, enterprise or community network; Username and strong password/passphrase enforcement
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: In line with ISO/IEC 27001 standards
• Information security policies and processes: In line with ISO/IEC 27001 standards

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We use ITIL change management processes
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We have an internal security team who works closely with supply chain partners to assess potential threats and implement mitigation measures including emergency patch deployment where advised. Registered with NCSC early warning service and CISP member for advanced warning of vulnerabilities.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Undertake proactive security monitoring of internal network and monitoring tools deployed on customer installations.
• Incident management type: Supplier-defined controls
• Incident management approach: ISO270001 compliant incident management and ITIL incident reporting process.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Viable Data have committed to Net Zero emissions by 2025. We project that our carbon emissions will decrease to Zero (0) tCO2e by 2025 - a reduction of 100%. ; ; We have a published Carbon Reduction Plan, measuring our carbon footprint against scope 1, 2 and 3 emissions. ; ; We have onboarded various initiatives to fight climate change within our organisation: ; ; Work From Home Programme. Throughout the pandemic our teams adapted quickly and effectively to remote working. Our previous ‘baseline’ had been 3-4 days per week in our offices or our clients’ offices. Our work from home programme has substantially reduced the amount of business travel and commuting, having a significant impact on reducing our carbon emissions. ; All Electric Company Cars. Our company car fleet has been fully electric since 2014. We also commit to using 100% renewable electricity to charge these cars, whenever practicable, further minimising the carbon impact. ; ; Tree-Planting Initiatives. We have taken part in numerous tree-planting initiatives via the Woodland Trust and One Tree Planted, planting over 200 trees in the previous year, helping us to offset our carbon footprint. ; ; Green Incentive. We have established a green incentive for employees to switch their home to renewable energy. ; ; Switching to LED. We have changed our office lighting to LED. ; ; Environmental Impact Assessments. Before embarking on a new project, we conduct an environmental impact assessment to identify potential environmental risks or opportunities, allowing us to address any concerns and implement mitigation measures. ; ; Waste Reduction and Recycling. Our goal is to minimise any waste generation within the organisation, promoting recycling and reuse initiatives. ; ; Energy Efficiency. Our solutions are designed with a focus on energy efficiency and longevity, resulting in the implementation long-term solutions that do not need changing/updating frequently.

  Covid-19 recovery

  Our COVID-19 response put the health and wellbeing of our community as a priority. We quickly adapted to remote working arrangements on our projects and continually adjusted this in line with changing guidance. ; ; We supported our staff during COVID-19 through open discussions on mental health, work-life balance, and childcare. We also provided: ; ; • An open door policy for colleagues to discuss challenges ; • Created a new role for an internal Chief Experience Officer responsible for company culture and employee wellbeing ; • Adapted to remote working with ease, supported employees with additional equipment to adjust to working in a home environment ; • Actively developing hybrid working policies in line with customer requirements/policies ; • Regular check-ins, reviews and mentoring sessions ; • Project Support Officer to manage the additional administrative burdens of remote working

  Tackling economic inequality

  Bridging the digital skills divide is at the core of Viable Data – empowering people to participate more in the digital economy. Based outside of London, we focus on training employees from a range of different skill levels – for example through taking on junior and graduate team members. ; ; We provide equal opportunities, training and pay for all employees through dedicated policies and see our growth directly providing a positive impact in offering excellent opportunities that are completely free of bias for all potential employees. ; Furthermore, we develop and implement digital solutions that enhance job training and accessibility of the end user.

  Equal opportunity

  Our hiring practices: ; We frequently engage with key initiatives to ensure we attract talented people from all backgrounds, and our recruitment processes are tailored to remove bias at all stages and encourage applications from under-represented populations. Additionally, we are signed to initiatives such as the Armed Forces Covenant. ; ; Inclusive workplace policies and equal opportunities for growth: ; We are dedicated to upholding inclusivity and providing equal opportunities for all. We actively seek out projects that have a positive impact on making digital services more accessible. We were previously named as a Best Place to Work in IT finalist for the UK-IT awards, which we believe is in part to our supportive and inclusive environment. ; ; All employees are entitled to work in an environment free from discrimination and harassment, and we have a zero-tolerance approach to discrimination on any grounds, as outlined in our Diversity and Equal Opportunities Policy. ; ; Gender Pay Gap: ; As an organisation committed to equality and fairness in the workplace, we place great importance on monitoring and regularly reviewing the gender pay gap. We evaluate every stage of the employee lifecycle to ensure that our people management practices are unbiased and inclusive. In doing so, we are able to identify disparities and take proactive steps towards eliminating them. By ensuring equal pay, we create an environment that attracts and retains the best talent.

  Wellbeing

  The wellbeing of our employees is central to our core values and we believe this is the reason for our continued growth, culture and award winning delivery teams. To ensure wellbeing we implement the following: ; ; • Personal and career development. Our People Development Programme includes mentoring and coaching to build personal goals and implement training plans to grow our internal skills and job satisfaction. Our coaches provide a safe and confidential space for employees to talk through any challenges they may be facing, including stress-related issues. ; • Mental health. We have a team of mental health first aiders who are trained to provide support and guidance to employees who may be struggling with mental health issues. They are on hand to listen, offer advice and signpost to additional resources where necessary. ; • Lifelong learning. Performance development plans, access to training, mid-career review, technical and vocational learning, challenging work ; • Physical activity. Walking clubs, lunchtime yoga, charity walks ; ; Financial Wellbeing: ; • Fair pay and benefit policies. Pay rates above the statutory National Minimum/Living Wage, flexible benefits scheme ; • Retirement planning. Phased retirement such as a three or four-day week, pre-retirement courses for people approaching retirement ; • Employee financial support. Employee assistance programme offering debt counselling, signposting to external sources of free advice, access to independent financial advisers

Pricing

• Price: £350 to £1,351 a unit a day
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgovernment@viabledata.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.