START PaaS
For emergency services control rooms to receive emergency calls, manage incidents, communicate with resources in the field and store information relating to incidents
Features
- Command and Control
- Computer Aided Dispatch
- Integrated Common Communication System
- Control Room Solution
- Incident Management and Dispatch System
- Geographical Information System
- Incident Reporting System
- Emergency Medical Services Software
- Mobile Data Terminal
- Management Information System
Benefits
- Software licenses included
- Antivirus included
- Supervision included
- Self contained system
Pricing
£50,000 to £100,000 an instance a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
4 3 7 0 7 9 3 5 0 9 9 5 9 5 7
Contact
SYSTEMES ET TELECOMMUNICATIONS LTD
Damien Mallet
Telephone: 07495471066
Email: d.mallet@systel-sa.com
Service scope
- Service constraints
-
Offering is for a minimum contractual term of 5 years.
It is the buyer's responsibility to provide the operational data (including mapping data subject to licences) at no cost to the supplier.
The buyer ought to provide the user workstation hardware (however supplier has an option to provide workstations at additional cost).
The buyer ought to manage the provision of telephone lines to the cloud hosting site(s). - System requirements
-
- IP-Sec link with fire stations
- Telephones lines (SIP)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Due to the nature of the service we provide, we have 24/7 on-call technicians who will be contactable in the event of outages or major issues out of hours.
The response times are agreed with the buyer, with the pricing of the service depending on the level of SLA desired.
Questions raised are usually picked up Next Business Day and the response timeframe aligned to the agreed SLA. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- None or don’t know
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- To provide
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Systel will work with the buyer organisation to provide the required knowledge and training to configure and use the system. Systel has a dedicated team of multilingual trainers who will deliver both onsite and online training. The system also comes with an extensive set of user documentation which is available online. The training will consist of functional and technical elements
- Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- WinHelp (.chm)
- End-of-contract data extraction
- Users can either query the Datawarehouse themselves to retrieve historical data or Systel can provide a one-time extract of both the operational database and the Datawarehouse and share with the buyer
- End-of-contract process
-
A one-time data extract is included
Closure of the access and destruction of all the data is included
Using the service
- Web browser interface
- Yes
- Using the web interface
- Most modules of the Command and Control solution are web based and can be accessed using a web browser with Role Based Authentication and Single Sign-On. The system also relies on an application that requires to be accessed through a Virtual Desktop Infrastructure. The system data and configuration can be administered using the interfaces.
- Web interface accessibility standard
- None or don’t know
- How the web interface is accessible
-
Systel has implemented the WCAG 2.0 guidelines within its product development organisation, adhering to the AA level by default. The internal process document describes the methodology the software developers at Systel ought to follow and provides them with the required guidance. At the unit test stage, the adherence to the guidelines is audited.
It is important to note that WCAG are guidelines only and that specific requirements (if they exist) have to be discussed and agreed between the buyer and Systel, due to the particularity of the Command and Control software (and its limitations as a result) as well as the uniqueness of the ways of working within a fire service Operational Control Room. - Web interface accessibility testing
- The implementation of assistive technology is usually managed in collaboration with the buyer due to the nature of the operations in a Emergency Service Control Room
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
-
The system is sized based on worse case operational scenario which is tested during the implementation phase.
The service provisioned for the buyer is only used by the buyer organisation and not shared with other buyers (due to the nature of the system) - Usage notifications
- Yes
- Usage reporting
-
- Other
- Other usage reporting
-
Alerts in the supervision user interface
Support team to contact buyer
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
-
- CPU
- Disk
- HTTP request and response status
- Memory
- Network
- Number of active instances
- Other
- Other metrics
- Database utilisation
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
- Physical access control, complying with another standard
- Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Hardware containing data is completely destroyed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- Yes
- What’s backed up
-
- Databases
- Virtual Machines
- Network configuration
- Backup controls
- As part of the service, the supplier controls what backups are performed, in line with industry standard for this type of system.
- Datacentre setup
-
- Multiple datacentres with disaster recovery
- Multiple datacentres
- Single datacentre
- Scheduling backups
- Supplier controls the whole backup schedule
- Backup recovery
- Users contact the support team
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- Other
- Other protection within supplier network
-
Internal networks are separated (VLANs and firewalls).
Systel uses the 3-tier architecture security model
Availability and resilience
- Guaranteed availability
- Refer to Service Definition Document
- Approach to resilience
- Available on Request
- Outage reporting
- User dashboard through supervision service
Identity and authentication
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Dedicated link (for example VPN)
- Username or password
- Access restrictions in management interfaces and support channels
- Support teams have a dedicated link to a support bastion to manage and administer the system
- Access restriction testing frequency
- Less than once a year
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
- Devices users manage the service through
-
- Dedicated device on a segregated network (providers own provision)
- Dedicated device on a government network (for example PSN)
- Dedicated device over multiple services or networks
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- Between 6 months and 12 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
- ISO22301 (pending)
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
Information security policies are formally maintained and distributed throughout SYSTEL. The responsible personnel reviews the security policies yearly and acquires appropriate management approval for revised versions created during the review process.
We have implemented the following security policies:
• Information security policy
• Access control policy
• Asset management policy
• Backup policy
• Business continuity policy
• Change control policy
• Cryptography policy
• HR security policy
• Incident management policy
• Logging & monitoring policy
• Network security policy
• Patch management policy
• Physical security policy
• Secure software development lifecycle Policy
• Security risk assessment policy
• Third party security policy
• User security policy
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Systel uses its internal configuration management system who is tied to its ticket, change and problem management system.
All assets (physical and logical) are loaded in the system.
Systel follows the ITIL methodology for configuration, change and problem management - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
SYSTEL utilises both automated and manual processes across both our software and infrastructure to detect vulnerabilities in production. The processes include:
• Quarterly vulnerability scans on our software and infrastructure
• Monthly internet exposure monitoring
• Monthly Dark Net Exposure monitoring
• Annual Penetration testing
The identified product vulnerabilities are assessed according to the CVSS system.
• CVSS : 9-10, 24h
• CVSS : 7-9, 10 days
• CVSS : 5-7, 90 days
SYSTEL works with a platform that offers continuous threat monitoring. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- The offering includes a security supervision solution (MDR - Managed Detection Response) which actively monitors continuously the supplier's environment for potential and actual security breaches. The MDR solution includes a SOC which reviews and manages the alerts and responds to the threats. The response time will depend on the threat priority.
- Incident management type
- Supplier-defined controls
- Incident management approach
-
The process is managed using MDR based on an external 24/7 multi-time zone SOC and SYSTEL's security team.
Security event are managed as following:
•CRITICAL: 60 secs acknowledgement, 15 minutes triage and if necessary telephone contact
•HIGH: 30 minutes to start investigation
•MEDIUM: Starts analysis within 1 hour
Containment measure are the following:
•Account: disable accounts, reset credentials
•Network Access: disable access, enforce encryption
•Endpoint: Isolation, power-off/on, reboot
Monthly report is communicated to customer with the following information
•Detected Alerts and detailed incident report
•Network health
•At Risk Systems
•Access Events
•USB storage device events
•Darknet exposure
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- Yes
- Who implements virtualisation
- Supplier
- Virtualisation technologies used
- Other
- Other virtualisation technology used
- Hyperconvergence based on Nutanix hardware and software
- How shared infrastructure is kept separate
- Different organisations will use the same datacentre but will not share low level infrastructure (physical servers, networks)
Energy efficiency
- Energy-efficient datacentres
- No
Social Value
- Social Value
-
Social Value
Equal opportunityEqual opportunity
Systel is committed to provide equal opportunity in employment and in it workplace
Pricing
- Price
- £50,000 to £100,000 an instance a month
- Discount for educational organisations
- No
- Free trial available
- No