Skip to main content

Help us improve the Digital Marketplace - send your feedback

  1. Digital Marketplace
  2. Lot 2: Cloud software
  3. Flo.w
Emu Analytics Ltd


Spatial and temporal data ingestion, analysis and visualisation software for Smart Cities, Transport, Energy systems & IOT sensors and networks


  • Real time actionable insights
  • Location based intelligence with map driven UI
  • Unique Hyper-Performance at scale
  • Zero client side install - Browser only requirement
  • Highly engaging User Interface design
  • Enterprise Grade
  • Data Privacy and GDPR compliance
  • Streaming Data Analytics Engine
  • Massively flexible data integration capabilities
  • Unique and Innovative data sharing and data democratisation capabilites


  • Insights delivered at "right time" speed for maximum business impact
  • Supports multi-variate user base with differing requirements
  • Intuitive platform with minimal training requirements
  • Highly engaging and innovative interface to all users
  • Support for private and public access
  • SaaS that removes the need for internal platform management
  • Rapid speed of delivery - days and weeks not months
  • Share insights and reports easily and securely
  • Value driven performance, scalability and flexibility
  • Web Browser interface delivering stunning 2D and 3D Visuals


£8,500 to £102,000 an instance

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

2 8 5 0 7 1 2 0 6 3 2 2 2 7 3


Emu Analytics Ltd Richard Vilton
Telephone: +447949215774

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Currently the Software as a Service (SaaS) is hosted on AWS as a default. Other cloud platforms can be supported (by agreement) for private cloud deployments.
System requirements
Upto date Web Browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
UK working day 9-5 support only.
Emails will be responded to within 2 hours within these times
User can manage status and priority of support tickets
Phone support
Web chat support
Onsite support
Yes, at extra cost
Support levels
The final maintenance and support SLA’s levels will be defined and offered based on requirements and related commercial viability of specific SLA levels. This would be part of an agreed Statement of Work (SoW) undertaken with the customer to ensure that the level of support they require for their Flo.w application is aligned to their business priorities and budget.
An account manager contact is provided to each customer.
Support available to third parties

Onboarding and offboarding

Getting started
The interface is specifically designed to be intuitive, interactive and usable by personnel that do not require deep technical data science training to realise value from the data.

Training and QuickStart sessions are available for Flo.w applications and are agreed as part of a Statement of Work (SoW).
Flo.w applications have relevant on-line help and documentation built in. Specific user documentation can also be produced as part of a SoW.
Service documentation
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
Customer Specified
End-of-contract data extraction
Data would be destroyed at the end of the contract with the termination of the cloud based instance. Data is not currently extractable from the solution in a reusable format, as it is aggregated and transformed on ingestion to facilitate the functional requirements of the solution.
Should an exceptional case for extraction and partial reverse transformation be required, then the supplier would consider undertaking this as a one-time professional services offering, although the effort and cost would be determined by the nature and volume of the data already consumed by the solution
End-of-contract process
At the end of the contract, assuming there is no intent for the solution to be extended, the cloud instance would be shutdown and all related cloud-based assets (data, user accounts etc) destroyed. There would be no further overhead for termination unless bespoke processes were additionally required by the customer.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Service interface
User support accessibility
None or don’t know
Customisation available
Description of customisation
Customer specifications are catered for within the Statement of Work (SoW) which defines how the Flo.w application is to be built and configured.
End Users of a Flo.w application can customise the visual display through different selections and choices within the application.


Independence of resources
Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them.

Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level.

Service usage is monitored to project infrastructure needs to support availability commitments/requirements. Capacity planning is performed to assess current infrastructure usage and demands. The underlying cloud (AWS) architecture and containerisation of Flo.w supports the planning for future demands to acquire and provision additional resources based upon current resources and forecasted requirements.


Service usage metrics


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least every 6 months
Penetration testing approach
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Flo.w is provisioned on AWS which adheres to independently validated privacy, data protection, security protections and control processes.
AWS is responsible for the security of the cloud.
End user Access to the Flo.w applications is only ever via secure HTTPS url login. There is no access to any data not presented within the application.
Access to the Flo.w management plane is securely managed through a combination of access keys, VPNs and 2 factor authentication. Where applicable data may also be encrypted within at-rest storage.
Data sanitisation process
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Data may be downloaded in standards formats such as CSV or within report formats such as PDF. Applications may also optionally, have the ability to share a "see what I see" URL link.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Bespoke (as required)
Data import formats
Other data import formats
Any open data format can be provisioned into Flo.w

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network
Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them. Flo.w's cloud architecture (AWS) enables content by design that allows for the most appropriate secure data transit based on start and end point.
This includes TLS/SSL, and/or IPsec or TLS VPN (if applicable), or other means of protection if required.
API calls can be encrypted with TLS/SSL to maintain confidentiality. AWS Console connection is encrypted with TLS.

Availability and resilience

Guaranteed availability
Flo.w is provisioned on AWS Cloud provides the following SLA's:
• Amazon EC2 SLA:
• Amazon S3 SLA:
• Amazon CloudFront SLA:
• Amazon Route 53 SLA:
• Amazon RDS SLA:
• AWS Shield Advanced SLA:

Any Flo.w application SLA’s levels will be defined and offered based on requirements and related commercial viability of specific SLA levels. This would be part of an agreed Statement of Work (SoW) undertaken with the customer to ensure that the level of support they require for their Flo.w application is aligned to their business priorities and budget.
Approach to resilience
The Flo.w service is provisioned on AWS Cloud.
The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximising the effectiveness of the recovery and reconstitution efforts and minimizing system outage time due to errors and omissions.

AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.

All Flo.w application code and data is backed up with agreed client retention dates. Requirements such as replication and hot-failover are agreed as part of a Statement of Work (SoW) with customers. This ensures that Flo.w applications are provisioned to meet and optimise both functionality and budget requirements.
Outage reporting
Service outages are reported to the customer via email and/or via direct telephone contact to the customer SPOC (Single Point of Contact) by the Account Manager.

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
Flo.w is provisioned on AWS which provides IAM for access management. IAM is used to define user access control to all services, APIs and specific resources. Other controls include time, originating IP address, SSL use, and authentication via MFA devices.

API calls to launch/terminate instances, change firewalls, and perform other functions are signed by customers’ Amazon Secret Access Key (either the root AWS Account’s Secret Access Key or the Secret Access key of a user created with AWS IAM).

Only approved Emu personnel are granted access to management interfaces.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
Emu Analytics has an internal security policy that defines the current approach to security governance. The company has been audited by global enterprise security teams previously and has passed with it's current security policy that covers:

Access Control Policy,
Antivirus Software for laptops,
Document Confidentiality Classification,
File lists,
GDPR Guide & Resources,
Incident Reporting,
Information Asset Classification And Handling,
Information Security Policy Statement,
Management of Client Data,
Office & Workplace Security Policy,
Risk Register,
SSL Certification,
User Accounts and Password Policies

The company is embarking on a programme to achieve formal ISO27001 certification.
Information security policies and processes
The Emu Analytics security policy and procedures are available to all staff on the internal company intranet.

All existing staff are familiar with these policies and the policies are part of any new employee induction.

Emu Analytics follow a structured agile delivery methodology which ensures all projects have daily scrum delivery sessions where policy adherence is both enforced and reviewed.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All software components are version controlled in a Professional and Secure Configuration Management System (BitBucket).
Access and privileges within the repository is strictly managed.
Any third part components and code are virus and malicious code checked.
Company written code is peer reviewed.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Flo.w is provisioned on AWS Cloud Infrastructure. AWS Security performs vulnerability scans on the host operating system, web applications, and databases in the AWS environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.

Potential threats are tracked via
Security patches against all services are deployed inline with the recommended urgency and security guidance.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Flo.w is provisioned on AWS and utilises the supported monitoring processes. AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:

• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts

Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set thresholds.
Incidents are responded to as
All incidents are assigned an owner and logged and tracked within the Incident Report.
Incident management type
Supplier-defined controls
Incident management approach
All incidents are assigned an owner and logged into the internal incident management log which contains:
Date, Description, Severity, Status, Affected Infrastructure, Affected Personnel, Affected Services, Reported by, Incident Owner, Links and Attachment.
Customers can report incidents by emailing Emu Support or by calling their Account Manager directly.
Emu Analytics will always endeavour to resolve problems as swiftly as possible. It recognises that a client’s systems are key to its business and that any downtime may be business affecting. Updates on service affecting issues are communicated to customers via email or by a direct phone call to the customer SPOC

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Emu Analytics has signed up to the UK SME Climate commitment as one of the "small business climate leaders across the UK" ( The company also undertakes self-funded work to assist with efforts for research and raising awareness on climate change in those areas which may not yet have been widely considered. Am example of this is the research and paper the company has published on "Wet Bulb: The temperature beyond human survival". The research and paper has been presented at a number of Geo-spatial conferences. Further information can be found here:
Covid-19 recovery

Covid-19 recovery

Throughout the COVID 19 pandemic Emu Analytics put in place operating procedures which allowed it to continue to operate at full capacity with no furlough claims. During this time the company also provided flexibility in the services delivered to those clients and organisations most dramatically affected both operationally and financially by the pandemic.
Tackling economic inequality

Tackling economic inequality

Emu Analytics supports all employees who wish to offer their services to organisations and charities delivering social benefit. The company has funded employee time and commitment to non-profit organisations such as those responding to humanitarian emergencies around the world with the provision of expert geospatial and data resources.
Equal opportunity

Equal opportunity

Emu Analytics is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.


The joint proposition ("Location Insights Explorer with Space Syntax") between Emu Analytics and Space Syntax brings together a cloud software platform (Emu Analytics LINE) and Integrated Urban Modelling data (Space Syntax IUM) that delivers access to spatial network modelling with data on social, economic and environmental performance of places. The solution quantifies the impact of planning and design decisions on health and wellbeing.


£8,500 to £102,000 an instance
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.