Reliance High-Tech Ltd

Milestone xProtect on AWS provided by Reliance High-Tech

Xprotect is a video surveillance system designed to integrate with multicamera types and connection methods to provide one seamless interface along with a suit of analytics features

Features

• Manage live and recorded video streams from surveillance cameras
• Carry out advanced analytics against video streams
• Integrate multiple different camera makes, models and connection types
• Interactive multi-layered maps
• A built-in alarm manager
• Support for XProtect Smart Wall
• Secure evidence handling
• Virtual joystick control

Benefits

• Scalable
• Flexible
• Easy to deploy
• Secure
• Segregated
• Integrated with AD groups and users

£20 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@reliancehightech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

232298438589474

Contact

Nicola Verrier
08451210802
info@reliancehightech.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: System requirements must meet minimum specification for intended application
• System requirements: System requirements must meet minimum specification for intended application

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Calls and web chat are answered within 30 seconds, emails responded to within 1 working day
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Our web chat is available across all of our pages on our Reliance Protect website
• Web chat accessibility testing: We have designed the web chat to be simple to use with minimal chatbox options so the enquiries go quickly to our Service Desk or Sales Team to pick and respond to
• Onsite support: Yes, at extra cost
• Support levels: We can provide on site and remote support packages which are costed at different rates depending on service level requirements. 24x7 365 support is available.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We offer a fully project-managed onboarding support service to make the process as simple as possible for our customers, online training is also available on the Milestone website.
• Service documentation: Yes
• Documentation formats:
  • PDF
  • Other
• Other documentation formats: Browser Based Training Courses
• End-of-contract data extraction: Once the contract ends customers can take a copy of the SQL database storing all system configuration data.
• End-of-contract process: Reliance will contact the contract holder when the contract expires to discuss the customer's next options and to clarify any questions around service loss.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile access is for basic functionality only such as viewing live feeds and playback.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Browser based dashboard used for accessing live feeds, playback and incidents.
• Accessibility standards: None or don’t know
• Description of accessibility: Users can access our platform via any web browser on any OS and via mobile app (Android and iOS), Via the Android app or via the Xprotect desktop clients.
• Accessibility testing: None to date.
• API: Yes
• What users can and can't do using the API: Interfaces can be customised as needed. Reports can be customised and layouts can also be customised.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Interfaces can be customised as needed. Reports can be customised and layouts can also be customised.

Scaling

• Independence of resources: The core of the system will be hosted on servers within the AWS cloud hosting platform which has multiple controls to limit impact on the customer from third parties using AWS for hosting.

Analytics

• Service usage metrics: Yes
• Metrics types: In system reports can be generated to gather camera metrics and user metrics such as bandwidth usage, frame rate and admin.
• Reporting types: Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Milestone

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data can be exported via the Xprotect client using reports or from the SQL database instance.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • PDF
  • MS SQL Instance
• Data import formats: Other
• Other data import formats: MS SQL Instance

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99% 3 days 15 hours Batch processing, data extraction, transfer, and load jobs; 99.9% 8 hours 45 minutes Internal tools like knowledge management, project tracking; 99.95% 4 hours 22 minutes Online commerce, point of sale; 99.99% 52 minutes Video delivery, broadcast workloads; 99.999% 5 minutes ATM transactions, telecommunications workloads
• Approach to resilience: Data centers are designed to anticipate and tolerate failure while maintaining service levels. In case of failure, automated processes move traffic away from the affected area. Core applications are deployed to an N+1 standard, so that in the event of a data center failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.
• Outage reporting: Customers will be contacted via email if any outage occurs.

Identity and authentication

• User authentication needed: Yes
• User authentication: Other
• Other user authentication: Active Directory user login, Local account.
• Access restrictions in management interfaces and support channels: Permissions can be set on a user account basis that allow or deny access to management interfaces.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Other
• Description of management access authentication: Active Directory user login, Local account.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: EY CertifyPoint
• ISO/IEC 27001 accreditation date: 05/11/2019
• What the ISO/IEC 27001 doesn’t cover: The in-scope applications, systems, people, and processes are globally implemented and operated by teams out of an explicit set of facilities that comprise Amazon Web Services, Inc. and are specifically defined in the scope and bounds. All entities not included within this scope are not covered ISO27001 certification.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: BS5979

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our Statement of Applicability demonstrates that Reliance employs and maintains all 114 controls of AnnexA, A5.1.1 through to A18.2.3 with no exclusions.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Reliance operate a formal change control process. The change control process needs both technical and business signoff and contains information on assets affected, details of change, risk assessment, roll back procedures, testing details and security considerations around the change. The change process if affecting personal data includes a complete Data Protection Impact Assessment which is reviewed and approved by our Data Protection Officer.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Penetration testing is done by an independent 3rd party that complies to Tiger Scheme / CESG CHECK / CREST. Tests are at least annually for external infrastructure testing and quarterly application testing if updates have been made to our public facing sites.; Reliance use Nessus and other tools such as NMAP and Kali for in house Vulnerability testing and cover all applicable vulnerability classes using the output from organisations such as CWE, OWASP, OSSTMM, SANS and WASC as a baseline. We consider the overall risk profile based on Common Vulnerability Scoring Systems ratings CVSS.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Reliance operate a layered security approach with policy, procedural, people and technical controls in place. We have an ongoing collection and automated analysis of log and event data, validating records of activity and performing real-time advanced correlation and pattern recognition. Our monitoring alerts our IT team in the event of patterns outside of set parameters or suspected malicious event sequences.
• Incident management type: Supplier-defined controls
• Incident management approach: Reliance have defined Incident Management and response policies by Incident type, eg: GDPR, Confidentiality, Malware, Ransomware etc.. The primary purpose of the procedures is to recognise an Incident and then define Incident Actions, Containment, and Contingency Actions to ensure that the Incident is reported and correctly managed through to return to Business As Usual. As part of Incident Management we also include Lessons learnt. Within the plans we also manage 3rd party risk mitigation, being either a 3rd party exposing us to a risk or Reliance being the risk to another party.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our goal is to be net zero by 2030 and to achieve this, reduce our CO2 emissions by 10% per annum. Our plan (which is published on our website) https://www.reliancehightech.co.uk/wp-content/uploads/2023/04/Reliance-High-Tech-Carbon-Reduction-Plan.docx.pdf contains numerous activities that we are measuring (or plan to measure) in order to ascertain our progress against these goals. ; We recognise that the most carbon efficient journey is the one that is not taken. To that end, we work closely with all our customers to promote remote servicing and cloud solutions, which in turn have their own benefits for our clients premises (i.e. reducing hardware servers and associated energy consumption through things like air conditioning). These provide very environmentally friendly solutions, as many issues can be resolved without physical attendance. We have also invested in remote surveying tools, allowing customers or local engineers to produce clear video surveys used to design systems, reducing travel by specialists who may not be near the site in question. We have also adopted flexible working in all offices, reducing commuting requirements by staff.; Where a journey does need to take place, we are currently upgrading our ‘Service Helpdesk’ platform to take advantage of the latest AI technology to provide industry-leading scheduling tools to optimise distance travelled, time travelled and remote triaging through dynamic scheduling. Our targets are to make 50% of our service calls remote by 2027.

  Covid-19 recovery

  Reliance was fortunate that due to the sector we operate in and the services we provide our clients meant that we were able to retain and provide work for our workforce. We are however aware that for many Covid-19 has brought hardship and unemployment, especially for the younger generations. Therefore, we are increasing our commitment to offer apprenticeships to start work or re-train to work in the security sector. ; To attract the best candidates, we promote the five foundational principles of quality work, set out in the Good Work Plan (fair pay, participation and progression, voice, and autonomy), that should attract good candidates from all backgrounds, minimise turnover of staff and improve productivity.

  Tackling economic inequality

  Reliance is deeply committed to improving economic, social and environmental well-being across the UK and we work with a number of charities and initiatives nationally alongside key clients to tackle economic inequality specifically. While we often provide financial support for local initiatives, we also find that the best partnerships are those where we can be active participants, providing ‘human’ support and opportunity.; ; We believe that everyone should be given a fair opportunity and contribute, no matter their background or situation. One example is that we work with the ‘Drive Forward Foundation’, who aim to make a difference in the lives of young care leavers, and create focused employment opportunities where we can assist people from care through the application process into our business, whether that is into an apprenticeship or a more experienced position. Alongside this, we also work with ‘Young Enterprise’ and ‘Cauldwell Youth’, as well as having an active apprenticeships programme which although ‘engineer’ biased can cover a wide range of roles an opportunities across our business. We actively look for characteristics of desire, capability and motivation over experience and standard qualifications. We also partner with our customers to provide opportunities to grow and train ‘local talent’.

  Equal opportunity

  Diversity Equality and Inclusion are key to the success of Reliance. Our company tagline is “Serious about technology and passionate about people”.; With this in mind we have various initiatives to ensure that we create a positive and diverse workforce. We don’t just simply monitor the number of employees of a specific gender, race, background, ability , age etc, but also continuously assess the culture of the business and improve the outcomes.; We operate a biannual OCI survey across the entire company. This ensures that feedback is given and culture is measured across the business, managed through an independent organisation. This is reported within our board meetings and each executive ‘operational department lead’ will hold feedback meetings with their respective teams to encourage real life feedback and solutions to how to improve culture and engagement. We encourage everyone to have a voice and participate in order to improve the ethos within the business. There are a number of key scientific measures included within this tool which measure types of behaviour and outcome, against role, group, age, gender and other statistically significant norms that have been built up over millions of participants over the years.; We actively promote and train, regardless of background, culture, gender, age or disability to ensure we create a business with opportunity , diversity and equality at the forefront.

  Wellbeing

  Our team all have access to health insurance. Depending upon the scheme, this either covers full private healthcare or contributions towards well-being related costs, for example dentistry, audiology, optical, physiotherapy and access to mental health practitioners. ; In addition to this we have an employee assistance programme which provides 24/7 helpline to help advise on personal matters such as financial worries, access to counselling and legal matters. Within the business we have mental health first aid champions who are available to help any member of staff should they wish to speak to someone in confidence. We have a zero-tolerance policy on bullying and harassment and promote a speak up culture within the business to ensure that any issues all resolved expediently. ; We have a charity of the year for whom all staff are allowed an additional one day’s holiday to support, and we have undertaken activities such as sponsored walks, sporting events and quizzes. ; We strongly believe that culture of teamwork and a sense of belonging is a key component to good mental health. Since the pandemic remote working has become commonplace and whilst we fully support the flexibility this gives, it is important that individuals do not feel isolated. Throughout the pandemic and continuing with hybrid working patterns, we ensure that all teams meet regularly (preferably in person) to ensure a sense of belonging is maintained. For example, during the pandemic we held daily “drop-in” calls for all staff, the sole purpose of which was just too check in with each other.

Pricing

• Price: £20 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: Limited time trial account with access to all features

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@reliancehightech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.