BLUE SCREEN IT LIMITED

ClassifIeD

Bespoke DBS, BPSS, and pre-employment screening services. Our solution combines ListX’s secure data storage with customisable technology, streamlining the screening process. By reducing resource requirements and saving valuable time, we empower faster hiring decisions. Whether you choose individual or group screening services, our all-in-one solution ensures efficiency and confidence

Features

• Personalised portal.
• Built in DBS, Right to Work, Digital identity checking tool.
• Remote access.
• Dedicated support.
• Managed service.
• Real time reporting.
• Input validation to prevent user errors.
• Dedicated screening and development support team.
• 100% UK-based data storage.
• Customisability.

Benefits

• Fast personal response from dedicated in house support.
• Continuous feature development and support from our development team.
• In house cyber security operations center providing continouse monitoring.
• Cost efficient due to inhouse support and development.
• Flexible payment options available as per your subscriptions
• Ensuring GDPR compliance.
• 24/7 access.
• Free, fast, simple set up with UI friendly interface
• Bespoke and tailored solution to support niche needs
• Single management interface to request multiple services

£6 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bluescreenit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

691777702506619

Contact

Sam Snowdon
01752724000
sales@bluescreenit.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: No service constraints
• System requirements: Internet enabled device.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Emails are aimed to be responded with one working day. 8:45 am to 5:00 pm Monday - Friday.; Emails sent on Saturday and Sunday will be answered on the next business day.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: We use Zoho Web Chat to support our service delivery. The organisation's founder is visually impaired (half blind) and can use the Zoho suite of products every day without issue or any other aids.
• Onsite support: Yes, at extra cost
• Support levels: All levels of support and service will have full access to a continuously updated FAQ.; ; Candidate support - Included within our managed services, we provide full support to candidates. Portal and clearance queries are handled by our in-house vetting team and any technical requests are raised to our in-house development team.; Admin support - At no additional cost, help is provided to site admins for any interactive portal-based questions as well as the ability to escalate any technical requests through our in-house development team. We are also able to guide end users due to the vast knowledge of our in-house vetting team.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide an online demo by one of our team and the user's admin, which can be recorded for future reference. We then supply the client with operation manuals that break down each process with pictures and step-by-step instructions. The client's admin team have an open channel of communication with our team if they have any problems or issues during their onboarding or time utilising our service.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All users going through the screening process have their data purged and deleted 30 days after being marked completed with the screening process to ensure compliance to GDPR.; ; Users can request data via email and held information will be collected, encrypted and uploaded to their account ready for download.
• End-of-contract process: No additional costs are required for the end of the contract. There will be a detailed offboarding process to ensure a smooth extraction and transition out of our service led by our in-house development team.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Mobile site has been designed to ensure interactions work as expected on a mobile device, tablet or personal computer.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Bespoke interface to allow processing of DBS and pre-employment checks through a portal designed to operate on a wide range of internet-connected devices such as mobile phones, tablets, and personal computers. Ensuring a smooth user experience for the submitting and administration of the above checks. To ensure ease of use, customisable reports for download are available all within one portal.
• Accessibility standards: None or don’t know
• Description of accessibility: The service is designed to only provide users access to systems within their assigned roles. we ensure that this is usable with operating system native accessibility support due to the nature of being a web-accessible service.
• Accessibility testing: Accessibility tools native to the device, such as the magnifier or text to speech can be used, by those who require the assistance, to navigate and use our webpages. The same applies to 3rd party page readers and accessability features, that can be installed by the site users on their own machine.
• API: No
• Customisation available: Yes
• Description of customisation: Full customisation is available to any part of the solution to tailor it to client needs, including names on forms, the logo on the site and forms, User login restrictions (MFA on or off, Password lengths and requirements), and site colours.

Scaling

• Independence of resources: High-demand clients are separated into individually hosted instances of the service to ensure availability.; ; This is determined based on forecast plans with the client to ensure the smooth operation of the service. Measures will be taken to accommodate any forecasted fluctuations in service usage. ; ; We also provide on-prem solutions if required.

Analytics

• Service usage metrics: Yes
• Metrics types: Reports can be generated to display user progress, this is done through the client portal.; These metrics include:; DBS/BPSS form status, DBS status, employment and personal reference status, and id verification status.; ; Part of the managed service will include reports on a 3 times per week basis. This is then discussed in weekly client meetings.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Physical access control, complying with another standard
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users are able to raise a data request to us, the supplier, via email or call to our dedicated support. A process will then be followed to verify the request with the client before uploading held data through an encrypted file to the users client portal or sent directly via email.; ; Client site admins are able to download users forms and data directly through the portal.
• Data export formats:
  • ODF
  • Other
• Other data export formats: PDF
• Data import formats:
  • ODF
  • Other
• Other data import formats: PDF

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Our cloud-based solution provides 99.99% availability, however, it can depend on the customer's own infrastructure (on-prem) capability.; ; We will establish a Service Level Agreement (SLA) with the client. Performance will be assessed against this SLA. If the agreed-upon service level is not met, corrective actions will be taken.
• Approach to resilience: Internal disaster recovery plan aligns with ISO standards, Information is available on request.
• Outage reporting: Email alerts to all active users and client points of contact.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: Access is only delegated to those who require access and what level of access is required for their role.; ; Admins can access the front end and user data through the use of the portal and the use of authentication. ; Any backend systems are restricted to on-premise access only by our developers following best practice.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Less than 1 month
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IASME Assurance Level 2
  • ISO 9001
  • Cyber Baseline

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: ISO 9001; Cyber Essentials; Cyber Essentials plus; Cyber Baseline
• Information security policies and processes: We follow ISO 9001, Cyber Essentials Plus as well as Cyber Baseline. We ensure continuous adherence to these processes as well as any internal policies through the use of system information event motoring which monitors both user and device actions and compares against set rules. ; ; All employees have agreed to all information security policies, this is reinforced by monthly security awareness training, and yearly questionnaires to ensure understanding.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: We store all development changes through a GIT repo to track them through their lifetime. All changes are first tested within a segregated development environment where they are tested by our in-house team for any potential security or performance impacts.; Management is required to sign off before any changes are implemented to ensure the correct process has been followed.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We run weekly vulnerability scans against our system using Nessus, which gives us a breakdown of potential threats and outdated software. We then have a triaged response time to patch and resolve any high or critical vulnerabilities within 14 days and low and medium within 28 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: We have a SEIM and XDR service which is managed by our in-house security operations center. Due to the use of an XDR, any potential incidents are actioned instantaneously. This will then be reviewed and actioned by our in-house security analyst team and any additional actions will then be taken in line with our incident response plan and disaster recovery plan.
• Incident management type: Supplier-defined controls
• Incident management approach: We have bespoke incident response plans for common events based on our internal security tools. These tools are also set to take both proactive and reactive actions to prevent a potential incident. ; ; Users can report incidents through a central ticketing system which is monitored by our in-house security team, or through direct contact via call, these will then be actioned accordingly in line with our incident response policies.; ; Post-incident a full report will be created in line with best practice and our incident response plan, then relevant meetings and reports will be made for the client.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Our approach to fighting climate change, firstly we chose to locate our office within a BREEAM-compliant facility at Plymouth Science Park. We provide employees the option to work remotely, cutting down the need to have a large office and the associated heating and lighting that goes with it. By reducing the need for daily commuting, we minimise carbon emissions associated with travel. Our staff voluntarily choose public transport over individual car travel. This collective effort contributes to reducing traffic congestion and lowering greenhouse gas emissions. We have robust environmental policies in place. These guidelines ensure that our operations align with sustainable practices, waste reduction, and energy efficiency. Where we can, we prioritise suppliers who share our commitment to sustainability. For instance, our website host, Krystal, uses renewable energy sources, further reducing our carbon footprint. To minimise single-use plastic waste, we provide staff with reusable coffee mugs. This small change collectively makes a positive impact on the environment. We prioritise ongoing enhancements to minimise our social and environmental impact. Instead of extensive travel for client and customer meetings, we utilise virtual platforms like Teams. This not only saves time but also reduces the need for fossil fuel-powered transportation.; ; Together, these initiatives contribute to our mission of combating climate change and promoting a greener future.

  Covid-19 recovery

  During the pandemic, we proactively supported the UK economy by pioneering Skills Bootcamps, aiding over 350 individuals whose income was impacted by closures and furloughs through deploying transitional training in IT and Cyber that gave new sources of work opportunities alongside helping retrain staff to help organisations with the skills they needed to support the sudden requirements of digital transformation within their business operations. We sustained our staff headcount by using strategic finance and cost-saving measures. Additionally, we actively promoted free training, empowering people across the UK to obtain certifications for new career paths

  Tackling economic inequality

  Our multifaceted approach encompasses various initiatives that include delivering security workshops as part of the Local Enterprise Partnership (LEP) drive to help grow and reduce the security risks associated with entrepreneurship and small business expansion by championing safe growth for new and small businesses through supporting local business workshop initiatives. By providing free advice, resources, and strategic guidance, we contribute to local economic development via working parties we are involved with and including Chamber of Commerce, the Cyber Resilience Centre Partnership, CyberHub Trust and Skills Launchpads etc, our expertise in cybersecurity ensures that businesses can thrive securely. Our Security Operation Centre prioritises inclusivity, this includes and as part of our Armed Forces Employer Recognition Silver Award, we actively hire and promote the benefits of ex-military personnel employment, alongside this, we work closely with neurodiverse individuals and with individuals who have faced economic challenges by investing in recruitment process that go beyond traditional interviews and CV submissions by using work experience opportunities to bridge the gap between experience, education and industry. By gaining practical insights, individuals enhance their chances of securing commercial sector interviews internally with us and externally with supporters of the approach. We also advocate supporting government T-Level Initiatives by offering work experience to those attending as well as providing shorter experiences to pupils from state and SEND schools in deprived areas to experience what it is like to work in a security company to expand on their career choices. Our goal is to inspire and prepare the next generation for meaningful careers.

  Equal opportunity

  We are committed to creating an inclusive and diverse workplace. Our approach to equal opportunity extends beyond the need to comply— it is at the core of our organisations values and business practices and have been recognised for with awards for our commitment to opening the door to diversity.; ; We recognise that traditional interviews may not be the best fit for everyone. Therefore, we offer work experience opportunities to individuals who may struggle with conventional interview processes. This allows us to assess skills, potential, and cultural fit in a more holistic and transparent manner.; ; As part of our commitment to professional development, we provide apprenticeship opportunities within our operations. These programmes empower individuals to gain practical skills, learn from experienced professionals, and kick-start their careers.; ; We actively encourage all our staff members to apply for internal job openings. Whether it’s a lateral move or a promotion, we believe in nurturing talent from within. Our transparent selection process ensures that everyone has an equal chance to grow and contribute.; ; Our remote working policy enables us to tap into talent from across the UK. We believe that geographical boundaries should not limit career prospects. By offering job opportunities to employees regardless of their location, we create a level playing field.; We celebrate diversity, champion fairness, and strive for excellence. Together, we build a stronger, more resilient workforce—one where everyone has an equal shot at success.

  Wellbeing

  We have a designated Wellbeing Ambassador who actively promotes wellness initiatives, provides resources, and ensures that our staff feel supported. We recognise that everyone has unique needs, so we offer flexible working hours. Whether it’s adjusting start times or accommodating personal commitments, we empower our team to find a balance that suits them.; Regular social gatherings foster camaraderie and strengthen our team bonds. From casual coffee breaks to team after-work meet-ups, we create opportunities for meaningful connections.; Our WhatsApp group serves as a platform for staff to share experiences, seek advice, and celebrate achievements. It’s a virtual space where we uplift each other. We provide robust password management tools to streamline access while maintaining security. Whether it’s work-related or personal accounts, our staff can manage passwords efficiently in their work and personal life. Our remote workers receive personalised attention. Directors visit them periodically, ensuring that they feel connected and valued, even from a distance.; Team leaders shine a spotlight on outstanding team members each month. Recognition boosts morale and reinforces our culture of appreciation. Our monthly virtual team meetings keep everyone informed about company updates, departmental progress, and group-wide initiatives. Communication is key to transparency.; We have a comprehensive well-being policy that outlines our commitment to mental health, work-life balance, and overall wellness. It’s a living document that evolves with our team’s needs.

Pricing

• Price: £6 a unit
• Discount for educational organisations: Yes
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@bluescreenit.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.