Armour Comms

Armour Mobile - Secure Mobile Video Conferencing with Armour Comms

A London organisation providing NCSC CPA certified secure video conferencing on iOS and Android smartphones and tablets and Windows 10. Supplying Governments with cost-effective, easy to use technology, the solution includes secure voice, video, messaging, group chat, and file transfer communications on cloud-based and on-premises solutions up to UK SECRET.

Features

• Secure video conferencing within a secure community
• Secure voice, video calls, messaging, group chat and file transfer
• Easy to use, simple to deploy, end to end encryption
• Supports popular COTS devices such as Android, iOS, Windows desktop
• Message Burn/Time to Live (TTL) determines message life
• Advanced features for potential use at SECRET / Advanced Mobile
• Secure connection to desktop solutions inc Teams, Zoom, Jitsi etc
• Cloud hosted, on-premises and managed service options are available
• Compatible with complementary technology e.g. MDM and MAM systems
• Secure by design. CPA accredited solution up to Official Sensitive

Benefits

• Manage governance, risk and compliance
• Flexible secure communications for home working/mobile workers/BYOD
• Face to face meeting environment wherever employees are located
• Collaboration will benefit from the secure group chat functionality
• Supports interoperability with Unified Communications
• 24/7 support options are available
• CPA certified alternative to WhatsApp, Viber, SIGNAL, Cryptify, Ceerus.
• Secure by default, using NCSC approved encryption and MIKEY SAKKE
• Armour ReCall media audit option available for later forensic review
• Compatible with Samsung Knox, Trustzone, Samsung DeX, Chromebook

£10 a device a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.holman@armourcomms.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

726060666190866

Contact

David Holman
0203 637 3801
david.holman@armourcomms.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Community cloud
• Service constraints: Armour Mobile can be downloaded currently to iOS and Android phones and tablet devices and Windows 10 Desktop
• System requirements:
  • COTS Apple devices (phone or tablet) iOS Version 12.5+
  • COTS Android devices (phone or tablet) OS Version 6+
  • Windows 10 Desktop

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Severity-related response times from 4 hours upwards depending on SLA, during UK working hours 09:00 to 17:00 (see Support Levels).
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Armour provides customer specific account managers to support client requirements .; 24x7 support can be made available at additional cost depending on requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Training tutorials are available on the Armour Comms website.; Additional training services are available e.g. train the trainer and can be quoted on request.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Armour Mobile contacts data can be removed from the device prior to the contract end by creating a export file and emailing.
• End-of-contract process: The customer will be contacted prior to the end of the contract to see if they wish to renew. If they do not wish to renew, the app will cease to communicate with the service. The app will remain on the device and securely retain all the information within it.

Using the service

• Web browser interface: No
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Armour Mobile is designed to offer the same functionality and similar look and feel on all platforms.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: No

Scaling

• Independence of resources: Usage is monitored on a continual basis and scaled according to requirement

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Armour secure data at rest on mobile devices is encrypted to protect it. Data at rest on servers is protected by a multi-security-zone server architecture with database encryption, physical access control to dedicated server room, staff authorisation, staff security clearance, etc.
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: For security reasons the only data that can be exported from the device is the contacts. A user can export their contacts to an encrypted file and store or email it off their device (platform-dependent).
• Data export formats: Other
• Other data export formats: Encrypted file
• Data import formats: Other
• Other data import formats: Encrypted file

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: Armour secure services are protected by at least AES-128 with PKI using MIKEY-SAKKE between end user devices and up to AES-256 with TLS1.2+ in client/server interactions.
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • Other
• Other protection within supplier network: All inter-server communications within the Armour secure service use at least TLS1.2+ with AES-256, multi-zone server security, firewalling, intruder detection, monitoring, etc.

Availability and resilience

• Guaranteed availability: The Armour Mobile service is dependent on the full availability of the data service over the mobile bearers provided by the third-party cellular systems. However, typical availability of the underlying Armour networks is 99.98%; specific SLAs are available if required by the customer.
• Approach to resilience: Armour server resilience information is available on request.
• Outage reporting: Unexpected Armour Mobile outages are reported by email to customers. (Pre-planned outages are, of course, notified to customers in advance.)

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: End user clients are password protected, based on the unique end point identity used in the MIKEY-SAKKE cryptography; the client itself also authenticates to the servers. Additional user authentication (e.g. 2-factor) is available at additional cost based on user requirements.
• Access restrictions in management interfaces and support channels: Access to the user management system / servers is restricted to authorised administrators using passwords, user certificates, etc. For support, senior staff have SC clearance to deal with sensitive customer issues.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Intertek
• ISO/IEC 27001 accreditation date: 18/03/21
• What the ISO/IEC 27001 doesn’t cover: NO exclusions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CPA (up to OFFICIAL SENSITIVE) for key service components
  • Cyber Essentials for company-wide IT security
  • CPA Build Standard assessment of development mechanisms

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Company CISO reviews security daily with company teams to ensure adherence to defined security processes, including any special requirements imposed for specific customers.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Armour's development processes and operational change management processes follow defined mechanisms using the latest commercial configuration and change management tools.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: System security assessments (internal, CERT, etc.) are reviewed daily and resulting server or client level patches are deployed accordingly for the assessed threat, risk and impact level.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: The Armour secure service uses commercial IDS, anti-virus and similar measures as well as internal monitoring of its servers and services to detect potential compromises. Any issue identified is triaged (with CISO or delegate) and action taken to a timescale appropriate to the risk/impact.
• Incident management type: Supplier-defined controls
• Incident management approach: Incidents follow Armour's defined process for reporting and handling.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  Armour Comms support organisations and businesses to manage and recover from the impacts of COVID-19, including where new ways of working are needed to deliver services. This includes improved workplace conditions that support the COVID-19 recovery effort including effective social distancing, remote working, and sustainable travel solutions.
• Tackling economic inequality:

  Tackling economic inequality

  Armour Comms will influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.
• Equal opportunity:

  Equal opportunity

  Armour Comms supports and promotes in-work progression to help people, including women, those from disadvantaged or minority groups, to move into higher paid work by developing new skills relevant to the contract.
• Wellbeing:

  Wellbeing

  Armour Comms demonstrates its support for the health and wellbeing, including physical and mental health, of its staff through internal wellness programmes.

Pricing

• Price: £10 a device a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Armour Comms can offer free trial licences of an agreed quantity for an agreed period so that the customer can do a full and effective trial

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at david.holman@armourcomms.com. Tell them what format you need. It will help if you say what assistive technology you use.