DAMS Digital Asset Management Solution
An end-to-end digital asset management solution to store, control, edit, and share all digital asset types. Includes integrated workflows, access control, metadata management, alerts, and retention schedules. Audiovisual editing and analytics capability including redaction, object and motion detection; sharing of images, videos, collections and files internally and externally.
Features
- Flexible upload options, including individual, bulk, automatic, and external.
- Secure public upload/ asset submission and crowdsourcing portal.
- Store, search, play wide range of file types, including CCTV.
- Internal/external/public asset and collection sharing and download.
- Asset tagging, categorisation, bundling, automatic indexing and metadata management.
- Editing & video analytics (object detection, redaction, clip, bookmark).
- Multiple ways to view digital assets; map, timeline, network, collections.
- Full version control and audit trail on asset editing activity.
- Digital asset retention and deletion schedules, GDPR compliant.
- Reporting module, audit log and security layer.
Benefits
- Quick, easy and direct access to all your digital assets.
- Improved effectiveness through digital asset collaboration, workflows and asset sharing.
- Configurable workflows and processes to meet your specific requirements.
- Full user activity log/ audit trail for transparency and compliance.
- Role based access control and content viewing restriction tools.
- Intuitive and simple to use with minimal training.
- Powerful reporting capability for transparency and accountability.
- Reports and information tailored to all levels of management.
- Highly resilient architecture for security and availability.
- Capable of accreditation to a minimum of ‘Official’ (IL3 +).
Pricing
£45 to £120 a user a year
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
5 4 0 4 1 4 6 6 6 5 5 0 6 6 1
Contact
Innaxys Ltd
Jean-Claude Lafontaine
Telephone: 01773 765350
Email: Sales@innaxys.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Hybrid cloud
- Service constraints
- None
- System requirements
- None
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Response/acknowledgement within one business hour.
Response times are different at weekends. - User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Onsite support
- Support levels
-
Innaxys provides full support to our users through our online support portal managed by an in-house engineering team, depending on the individual terms of each contract. Many of our clients choose second and third line support, with their own IT teams providing first line support (after training by us).
Support is available as per the pricing schedule. Please enquire for more details.
We provide a dedicated account manager who will support clients throughout the contract term. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Solution discovery workshops, training (onsite and online options, depending on client preference and requirement), user documentation, and support for configuration and set-up is included in the service offering.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Innaxys provides a fully managed procedure to export client data and deliver it to them at the end of the contract.
- End-of-contract process
-
At the end of the contract, Innaxys will provide the procedure to extract the data from the system to be re-imported into a new solution or archived by the client. When the data has been recovered, the system will be deactivated and de-installed from the client's private cloud environment.
We will export the client's data and provide them with it, and deactivate/deinstall the system, as part of the contract price.
Support to import the data into the client's new solution will incur additional cost.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
None - the user interface is optimised to display the full functionality on any mobile device.
A separate Mobile Application is available if required - Service interface
- No
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- API
- Yes
- What users can and can't do using the API
-
The API is aimed at third party developers who want to exploit the analytical platform underneath the user interface. It is accessible under NDA by third parties or the client, if the client wishes to undertake development.
Includes API interfaces to external systems for the sharing of data and seamless integration - API documentation
- Yes
- API documentation formats
-
- Open API (also known as Swagger)
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
The Solution is designed to be easily tailorable to the needs of each client, if required, in terms of UI look and feel, wording and terminology, user roles/access permissions, reporting, alerts, workflows and structure.
Configuration and customisation can be undertaken by Innaxys as part of the system implementation, then maintained by suitably trained users in the client organisation.
Scaling
- Independence of resources
- Each installation is independent and discrete, implemented on a unique hosted deployment or the client's own private cloud with no interaction or dependency on any other installation or usage by any other clients/users.
Analytics
- Service usage metrics
- Yes
- Metrics types
- The Solution is fully audited. The audit logs provide key information about the usage, activity, access, security, etc. of the Solution.
- Reporting types
-
- Real-time dashboards
- Regular reports
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with CSA CCM v3.0
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- Data can be extracted from the Solution during the contract via the reporting and export modules. Alternatively Innaxys can build an interface with any required third party systems which will need to utilise the data on a regular basis.
- Data export formats
-
- CSV
- ODF
- Other
- Other data export formats
-
- Database export
- Data import formats
-
- CSV
- Other
- Other data import formats
- Database import
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
-
Our system uptime currently is at 99.99% availability. Downtime and planned maintenance are conducted outside of client working hours to minimise disruption for users. The terms of availability and specific SLAs will be negotiated for each individual contract.
Clients will be refunded in line with the defined conditions regarding penalty costs for SLA breaches that have been agreed for the individual contract. - Approach to resilience
- Information available on request
- Outage reporting
- SNMP Reporting via a dashboard
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- Access is controlled by username and password, and by IP
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Limited access network (for example PSN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Intertek
- ISO/IEC 27001 accreditation date
- 01/11/2023
- What the ISO/IEC 27001 doesn’t cover
- Our ISO 27001 certification covers the full scope of our business and products.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials Plus
- ISO 27001
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials PLUS
- Information security policies and processes
-
Innaxys is certified to ISO27001:2013 Information Security Management System. We maintain and follow all related and required processes and procedures. Policies and procedures are fully documented and are audited annually in line with the standard. We have had continuous certification since 2018.
Our policies and procedures restrict access to infrastructure and client data to key members of our team. Access levels are dependent on a team member’s role which is decided at the technical director’s discretion supported by ISO 27001 guidance.
Employee ISMS refresher training is conducted annually. Our CEO is responsible for ensuring polices are followed.
Operational security
- Configuration and change management standard
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Configuration and change management approach
-
We operate a strict Change and Release Management procedure in line with our ISO-27001 accreditation, that includes:
• Keeping a record of each client configuration in our ITIL compliant system.
• Documenting a Bill of Materials and reviewing periodically released component updates through their lifetime and potential security risks with their implication. We make an assessment and test prior to updating client systems in a pre-prod environment and later in production.
• We perform ITHC on each release prior to implementation and address any security issues.
• We operate a Change Management Process in line with the ITIL standard. - Vulnerability management type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Vulnerability management approach
-
We work closely with our Cloud supplier to make best use of technology available to protect the service and we use hardened versions of key components. We use the cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating software vulnerabilities.
Our support team will scan periodically for available patches and depending on the assessment, those will be implemented asap or within the next quarterly release.
We get our information about potential threats from a variety of sources including the components editors, AWS Patch Manager and other applications used in the industry to scan solution builds for vulnerabilities and available updates. - Protective monitoring type
- Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
- Protective monitoring approach
-
Our protective monitoring process includes protection against:
1. External threats, data integrity compromises, etc.
2. Misuse
For the 1st point, our team performs regular inspections of firewall logs, investigate security alerts, and monitoring intrusion detection systems. We will take immediate corrective actions when such situation is detected.
For the 2nd point, our solutions include a very strict role-based access security and a detailed log of actions and data accessed by users that is secured and can be access only by security cleared personnel in order to detect any identity misuse or suspicious usage.
Action is normally taken by our clients. - Incident management type
- Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
- Incident management approach
-
Innaxys has a well-documented incident management process for common events, the details of these processes are available to buyers on request.
Users can report incidents through our ITIL compliant online helpdesk. Incidents are acknowledged and actioned accordingly by our Support Engineers in line with client-defined SLAs.
We can provide incident metrics including ticket resolution times as reports generated from our helpdesk application.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- Yes
- Connected networks
- Public Services Network (PSN)
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
We are committed to achieving Net Zero emissions by 2027, well within the government’s required timescales for public sector suppliers.
As an SME software studio, we believe that our organisation is naturally low carbon emitting. However, we still make a continual effort to ensure our overall emissions remain minimal. Examples of these efforts include working towards a paperless office (by the end of 2024); equipping our office spaces with recycling bins and water fountains; providing crockery and glasses instead of disposable cups. We ventilate our data centre with natural airflow rather than air conditioning. We chose office premises on a public transport route and allow staff flexible working times to accommodate bus/train timetables, in order to encourage the use of public transport to get to and from the premises. We also offer bicycle storage and showers for those cycling/walking to work.
When choosing delivery partners for contracts, including hosting for our external cloud systems, we undertake due diligence on the credentials of relevant companies to ensure that they are also adhering to or exceeding all environmental and legislative requirements. This is particularly relevant in terms of the composition and impact of the large data centres used to host our solutions, and the measures taken to reduce that impact.
Our Carbon Reduction Plan is maintained, updated annually, and published on our website in line with UK legislative requirements.Tackling economic inequality
At Innaxys, we believe in supporting the local community by investing in the people it comprises. All the work we do is produced in the UK by personnel fully employed by our company and to whom we pay good salaries in line with our industry’s expectation.
We do not rely on offshoring development, nor do we outsource to provide support or project services: instead, we value the long-term relationship that can be created with permanent employees and the fact that this provides jobs to the local community. We are proud to be a member of the Made in Britain campaign which has verified the geographic provenance of the services we provide in the UK.
• We actively prioritise providing employment opportunities to local young professionals first and foremost, working with a recruitment agency that prioritises consideration to local candidates, on our request.
• Where possible, we provide student placement opportunities, our most recent intake being a computer-science student who completed a year’s placement within our software development team.Equal opportunity
We are committed to promoting equal opportunities and a culture that actively values differences. We recognise that people from different backgrounds and experiences can bring valuable insights to the workplace and enhance the way we work.
• We value and respect diversity and we provide equality of opportunity and the facilities to recruit and retain a diverse workforce.
• We accept flexitime and part-time working pattern requests where possible.
• We strive to ensure that all our employees are heard and have the opportunity to speak and step up within our development and commercial projects, in order to foster natural workforce skills growth and accountability.
• We allow and we encourage our people to progress through the roles in the company to more senior positions.
• We automatically grant interviews to female and minority-gender applicants for our technical vacancies in light of the well-documented gender imbalance within STEM industries.Wellbeing
We pride ourselves in running our business a little differently from the norm. A small example of this is allowing daily flexibility to team members to account for commuting preferences, personal obligations, and anything else that might pop up as things often do in life. We are less concerned about what time our employees are at their desks, rather that when they are, they deliver to the best of their ability - and we ensure that they can do so in a comfortable and relaxing environment.
We have invested in a sports facility in-house to enable all our personnel to use the gym at no extra cost and make a break from work when they need. We are located near a beautiful park and actively encourage our employees to explore the outdoors during their breaks. Our offices include showering facilities, bicycle storage, games room, and a fully equipped kitchen to encourage healthy living and meal preparation. We have also established the means to balance remote working and on-site team working.
Pricing
- Price
- £45 to £120 a user a year
- Discount for educational organisations
- No
- Free trial available
- No