Blue Lights Digital

Activity recording: Digital decisioning & workflow assurance (BLD EVOLVE)

Suitable for multi agency, Police & Fire services with secure GPS located activity recording with operational decisions, rationale & reference workflow solution delivering interactive, immersive multimedia workflow resources.

Cloud based with web or mobile native apps enabling access to organisational knowledge, procedures, intelligence, legislation, policy and signposting.

Features

• Gov, Police and Fire service activity recording
• Identity Access Management (IAM) and Role Based Access Controls (RBAC)
• Offline, local application content available across iOS, Android and Windows
• Full interactive, automated, visualised, decision workflows with real time reporting
• Location of activity/data entry both active and passive capture
• Drop down crime type, deployment role & function cascade
• Restful API for data transmission to force
• Visual guides delivering legislation, standards, policy, guidance and workflow advice
• Collaborative integration and design service available for new/updated content
• Subscription content for new modules or programmes

Benefits

• Accelerate adoption of tradecraft, legislation, policies and procedures across staff
• Orchestration with access to internal and external support functions.
• Publish user-focused content for operational assurance and best evidence capture
• Remote audit, guidance, instruction & policy assurance through one application
• Assure knowledge currency with cyclical knowledge check function
• Front line ready and operational as App or desktop
• Secure platform via HTTPS SSL/TLS or dedicated mobile apps
• Achieve benefits realisation through automated reporting and dashboard system
• Control content deployment to individual users or groups through policy
• Flexible pricing including White lable, Enterprise, PAYG or per user

£10,000 to £200,000 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at claire.stanley@bluelightsdigital.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

632515862823515

Contact

Claire Stanley
07847258384
claire.stanley@bluelightsdigital.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Available on mobile across iOS, Android and Windows 10. No support for legacy Windows Mobile prior to Windows 8.1; ; The Evolve platform is routinely tested and verified on the current version and the previous version of each of these browsers. We generally encourage the use of, and fully support the latest version:; Chrome; Safari; Firefox; Microsoft Edge and Microsoft Internet Explorer 11
• System requirements:
  • Mobile deployment: devices with ability to distribute enterprise applications
  • Desktop deployment: current version of Safari, Explorer, Edge, Chrome, Firefox

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Toolset is Fresh Service ; SLA's available are 1 hr - 8hr - next business day response. ; We have dedicated e-mail and chat channels available 24/7; - Service options include 24/7 human support available Service Desk or remote. ; - Mon - Fri 9-5 Service Desk or remote support ; - Automated bot support available on chat channels only
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Web chat is presented as intercom session within the Web Service or in App.
• Web chat accessibility testing: None. Please ask if this is required and we will assist.
• Onsite support: Yes, at extra cost
• Support levels: Support is on a reasonable endeavour basis and is included in our pricing. Dedicated 'operational' support can be provided under our standard day rates for an investigating officer. ; ; Technical developers can be provided to assist with data modelling, Data integration, Data Parsing, Data migration, API build, software integration, Network integration and automation under our standard day rates.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Onboarding for end users is provided from the Evolve system itself with an integrated welcome, solution tour and on boarding feature on first launch.; ; The UI and UX are designed for self provisioning. Content is navigated by breadcrumbs and visual pointers. The app has been UX tested for systems usability.; ; With all versions of Evolve the live chat support team are available to assist in system support and user issues.; ; On site training is provided for publishers and administrators in line with deployment preferences. Training can be provided in design, build and operation of Evolve content and reporting on organisation, group or individual user progress and performance.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data is controlled by assigned data Czars who have overall rights over content and data within the system. Data Czar can be assigned as overall system administrators or with responsibility for individual content or data based upon RBAC. A data Czar can be the client, an appointed 3rd party or as a managed service.; ; Data Czars can publish, share, collaborate or delete data throughout the duration of the contract or on contract completion.; ; On content completion, any content contributed by the client or licensed by 3rd party individuals, companies and associates for use within the system remains the intellectual property of the client or third party and will be deleted by Blue Lights Digital.; ; Any content contributed and licensed by BLUE LIGHTS DIGITAL remains their intellectual property and the licence will cease removing access to users.
• End-of-contract process: At the end of contract, unless extended the system subscription will lapse and no further updates will be provided to the platform or user accounts.; ; Access to the mobile apps and web service will be denied to frontend users.; ; Access will be retained for administrators and Data Czars for a period of 30 days at which point data will be deleted, unless otherwise stipulated or requested.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Bespoke mobile app designed for Evolve across iOS, Android and Windows 10 devices.; ; Access to content on mobile app is additionally available offline with content retained to be accessed on device without Wi-Fi or mobile data access.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: Application features and functionality customisable on deployment based upon individual client preferences.; ; Content and workflows are updatable through RBAC portal by Web Services only with Identity Access Management applied. ; ; Customer managed content can be updated and published to web and mobile users.; ; Live chat can be routed to internal or external subject matter experts as defined by the client during onboarding.

Scaling

• Independence of resources: Implemented load balancing. Clients can be allocated reserved instances for on demand scaling.; ; Live chat responses in application are on a best endeavours basis with a team scaled to meet peak interaction times.

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage metrics are available as standard or can be bespoke per deployment according to individual organisational requirements.; ; Metrics available include; - Transaction and usage by organisation; - Transaction and usage by individual account; - Usage of individual content blocks; - Usage separated between mobile and web access
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Data that is exported directly from Evolve by an administrator or Data Czar is automated in a .csv format.; ; Blue Lights Digital can, on behalf of the client on request, extract and send data to the client in any standardised format of their choosing.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Availability of less than 99.95% but equal to or greater than 99.0% is guaranteed by a 10% service credit for failure to meet SLA. ; ; Availability less than 99.0% is guaranteed by a 30% service credit for failure to meet SLA.
• Approach to resilience: We utilise elastic load balancing, computing clusters, autoscaling and cloud flaring (DNS obfuscation) to add resilience to our cloud environments.
• Outage reporting: Evolve has an integrated Service Page automated update to users of the platform which provides critical information and reduces inbound conversation volume for the support team by proactively surfacing critical outage information in the Evolve home screen.; ; Customers can then subscribe to updates (via email or live chat) directly to be alerted of any changes.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: Access to the Evolve system is limited by leading Identity Access Management or alternatively username and password, supported by Two Factor Authentication.; ; RBAC controls ensure content is limited to deployment per account, group or organisation.; ; RBAC controlled administrative accounts restricting access to support channels, administrative functions, management reporting interfaces and content design and publication.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: IP Whitelisting.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 18 September 2015
• What the ISO/IEC 27001 doesn’t cover: Detailed technical specifications or solutions; Specific software or hardware configurations; Compliance with other standards not directly related to information security; Non-information security-related processes or procedures within BLD Group
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Cyber Essentials
  • JOSCAR
  • RICOH

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Through Cyber Essentials and NCSC cloud principles.
• Information security policies and processes: We use a shared responsibility model between customers and Blue Lights Digital. We operate, manage, and control the components at the operating system layer down to the physical security of the servers in which the services are provided (including updates and security patches), other associated application software, as well as the configuration of firewalls. , ; ; It is possible to enhance security and/or meet more stringent compliance requirements by leveraging technology such as host-based firewalls, host-based intrusion detection/ prevention, and encryption which can be requested by our clients at additional charges.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Any changes to our systems are first managed by impact and risk assessment. Any changes to architecture, software or network access is tested within a development environment before release to production. A production snapshot is available for roll back. ; ; Security assessment is managed through in house pentesting an testing procedures. CHECK and CREST accredited pen testing is subject to additional charges.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: As part of our Cyber Essentials programme we practice identifying, classifying, remediating, and mitigating vulnerabilities. ; ; We use vulnerability scanners to identify known vulnerabilities, such as open ports, insecure software configuration, and susceptibility to malware. For unknown vulnerabilities, such as a zero-day attacks we relay on updates to our vulnerability scanners such as OWASP ZAP. Vulnerability testing is also part of our test automation processes.; ; Correcting vulnerabilities involves the installation of a patch, a change in network security policy, reconfiguration of software, or educating users about social engineering.; ; We are active members of OWASP and CISP.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We license SiteLock TrueCode Static Application Security Testing (SAST) for source code analysis. Also known as "white-box" testing, TrueCode finds common vulnerabilities by analysing 100% of the source code in our applications without actually executing them, and adds critical layer of security by protecting our web applications.; ; Our SAST is automated to send alerts if a breach or malware is detected.
• Incident management type: Supplier-defined controls
• Incident management approach: The activities within our incident management process include:; Incident detection and recording; Classification and initial support based upon known errors and new events; Investigation and analysis; Resolution and record; Incident ownership, monitoring, tracking and communication; ; We report on incidents with a full disclosure policy to ensure any impact can be contained and a resolution is satisfactory to the end user. ; ; Incident reports are provided by live chat or email to the end user depending on individual user preference.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The delivery of solutions and software from BLD can significantly contribute to fighting climate change through various means. Implementing BLD Evolve can optimise law enforcement resources which can lead to reduced carbon emissions. Additionally, integrating smart technologies to replace the transportation of physical devices to and from crime scenes facilities reduces fuel consumption and greenhouse gas emissions. Furthermore, software solutions that facilitate remote work and virtual meetings can help reduce the need for unnecessary travel for data recovery, thus lowering carbon footprints.; ; The social value of these contributions can be measured by quantifying the reduction in carbon emissions resulting from the implementation of BLD Evolve . This can involve calculating the energy savings achieved by optimising processes and systems, as well as estimating the reduction in vehicle and airmiles travelled due to the adoption of Evolve technologies.

  Covid-19 recovery

  The delivery of solutions and software as a systems integrator plays a crucial role in supporting post-Covid-19 recovery efforts, particularly in addressing the multifaceted challenges individuals encounter upon returning to work. This includes skills attrition and experience leaving public service for new roles in the third sector. Beyond health concerns, there is also a pressing need to mitigate the negative outcomes exacerbated by the pandemic, such as increased vulnerability to fraud. During the lockdown periods, many individuals were targeted by fraudulent schemes exploiting the uncertainties and disruptions caused by the pandemic. These were often manifested through breaches of privacy and then obfuscation of activities within social media and corporations and their technology providers. ; ; The social value of BLD Evolve can be measured by assessing the effectiveness of re-skilling through signposting and workflow guidance as well as for the general population, fraud detection and prevention measures implemented through BLD Evolve that reaches beyond the local community and social media networks. This involves quantifying the reduction in fraudulent activities targeting individuals returning to work, as well as evaluating the efficiency of response mechanisms in addressing reported cases. Additionally, feedback from affected individuals and stakeholders can provide insights into the perceived impact of these initiatives on restoring trust and confidence in economic activities post-pandemic.

  Tackling economic inequality

  The delivery of Evolve from BLD can contribute to tackling economic inequality by enhancing access to essential services and signposting for public sector workers in the support of marginalised communities. For example, implementing digital platforms for Policing services can streamline processes and reduce barriers to access for individuals with limited mobility or internet connectivity. With the lack of provision of training and support for digital literacy over the pandemic Evolve can empower underserved public sector workers to participate more fully in the digital economy. BLD provide access to Evolve as a agency wide enterprise SaaS solution or in house development through a level 4 PCSO and Level 4 Fraud Investigator apprenticeship that includes skills and competences that are automated within workflow within the BLD Evolve SaaS portfolio. ; ; The social value of these contributions is explicitly measured by assessing the extent to which they contribute to reducing disparities in public sector contributions to the local community, support for interagency services, employment support, educational opportunities for new workforce entrants, along with poorly measured however essential economic resources between police forces (mutual aid benefits realisation).

  Equal opportunity

  The delivery of Evolve services from BLD can promote equal opportunity by removing barriers to access and participation for individuals from diverse backgrounds. For example, implementing inclusive design principles in Evolve investigative development can ensure that digital products and services are accessible to people with disabilities. Additionally, providing training and support for digital skills development can empower individuals from underserved communities to pursue career opportunities in technology fields. BLD provide access through a level 4 PCSO and Level 4 Fraud Investigator apprenticeship that includes skills and competences that are automated within workflow within the BLD Evolve SaaS portfolio. ; ; The social value of these contributions can be measured by assessing the degree to which they promote inclusion and diversity within the workforce and society at large. This can involve tracking metrics such as the representation of marginalised groups in technology-related fields, the level of accessibility and usability of digital products and services, and the impact on social attitudes and perceptions toward diversity and inclusion.

  Wellbeing

  Implementing the automation of Evolve, prioritises professional reach back and lawfulness along with work-life balance and flexibility. This supports emotional wellbeing by reduces stress and burnout associated with overwork and excessive job demands. BLD Evolve allows for workflow design from the users work operations and undermeasured value sets such as non-crime reporting activities with the local community and events. These community relationship building activities are essential to many areas of public service and trust in these services saves significant time and effort. The wellbeing of officers and the wellbeing of the public is enhanced by good community relations. ; ; The social value of these contributions can be measured by assessing their impact on key indicators of individual wellbeing, such as physical health, mental health, work-life balance, trust from the community in public services and overall satisfaction with life. Evolve tracking metrics include employee engagement, productivity levels, measured against absenteeism and turnover rates, The fun assessment is designed as a self-reported measures of happiness and fulfilment in using the Evolve app.

Pricing

• Price: £10,000 to £200,000 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We will provide a 30 day free trial and supporting hardware to access both mobile and web application versions.; ; Access is limited to selected COTS content and not full system access.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at claire.stanley@bluelightsdigital.com. Tell them what format you need. It will help if you say what assistive technology you use.