Forensic Analytics Ltd

CSAS

CSAS: Our evidential analytical solution CSAS automates the processing of multiple data sets, including communications data, ANPR, Telematics, handset download, events, RF, Wifi and any Geodata. It includes autonomous mapping, schedules, instant reporting and over 80 analytics-based reports. Furthermore, CSAS integrates with upstream and downstream data processing systems.

Features

• Telecommunication data cleansing - mobile phone (CDR/Handsets) and landline records
• Process, Analyse, Map Communications, ANPR, Telematics, Geolocation, WiFi, Financial Data
• Visualise Radio Frequency (RF), Cell Site and crowd sourced data
• Analyse/visualise data to reveal links between people, locations, identifiers
• Automated reporting of digital data to evidential or intelligence standards
• Automated file loading, simple dashboards, self-service analysis for Analysts/ Investigators
• Fast-Time data analysis/reporting, filtering entity, date, time, location
• Identify top locations, call frequency, colocation, RF desktop visualisation
• Pre-defined and user-defined analytical query capability
• Attribution – Bulk importing, Auto Attribution, handset download Attribution

Benefits

• Fast time processing large volumes of telecommunications and other data
• Fast Time reporting freeing up Analysts and Investigators time
• Over 95% operational efficiency of communications data processing
• Automated creation of exhibits and reports saving users’ valuable time
• Powerful analytics queries allow Analysts and Investigators to look deeper
• Instant data mapping interrogation, analysis visualisation including CellView crowdsourced data
• Constantly updated with new formats of telecommunications and other data
• Improved investigation timelines leading to increased detections, satisfaction and confidence
• Faster charging decisions and judicial outcomes, improved safeguarding
• Available as standalone, networked, on premises or in the cloud

£7,000 a licence a year

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scott.mcmillan@forensicanalytics.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

738491831749092

Contact

Scott McMillan
0800 158 3830
scott.mcmillan@forensicanalytics.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: CSAS Cloud requires use of an Internet Browser with access to the Internet
• System requirements:
  • User PC-Windows 7,8,10 (32-bit or 64-bit))
  • Browser must be HTML5-capable
  • A supported browser.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: During normal business hours (Monday to Friday, 0900 – 1700) questions can be answered instantly or within one hour depending upon the complexity, either way dialogue will be opened up as soon as the question arrives. ; First line support is available 24 hours a day, 7 days a week. Please note that technical issues that require second line support will be resolved on a 0900 to 1700, Monday to Friday basis.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Forensic Analytics standard CSAS Service Levels:; - Priority 1: 30 minutes response with a 4 hour resolution target; - Priority 2: 60 minutes response with an 8 hour resolution target ; - Priority 3: 2 hour response with a 4 business day resolution target ; - Priority 4: 2 hour response with a 10 business day resolution target ; ; All tickets raised via email are classified as a ‘priority 3’ and will be responded to within 2 hours. Priority 1 and 2 tickets must be raised via the self-service portal or via phone. This SLA applies throughout the working hours specified (service availability support 24/7, application support 9 to 5 Monday to Friday).
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Initial demonstrations would be provided for users to see the look and feel as well as functionality within the product ahead of a program of training provided by an experienced training team. The training would consist of a combination of e-learning and tutor led sessions (either remotely or in person), all supported by documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
  • Other
• Other documentation formats:
  • Videos
  • A customer portal containing a knowledge base is in development.
• End-of-contract data extraction: Collaboration Server data can be exported in a format that allows the customer to keep their data. Individual FSx folders cannot be exported, so case data would need to be uploaded to Collaboration Server before being exported.; We reserve the right to charge additional fees to cover the data throughput or export costs of exporting the offboarded data to the customer’s required location.; Once the customer data has been exported, the customer VPC will be securely deleted.; Any volumes that are deleted will be released back to AWS for reuse. The data on these volumes would have been encrypted and spread across many physical disks. ; AWS has a procedure to zero the disks before reuse, as well as a policy for disk destruction at end of life.; http://d0.awsstatic.com/whitepapers/Security/AWS%20Security%20Whitepaper.pdf; AWS data destruction processes, https://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper_020315.pdf
• End-of-contract process: If a customer decides not to renew their CSAS Cloud service, they will be offboarded in a managed fashion, as described in the response to the previous question.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • MacOS
  • Windows
  • Other
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Desktop application GUI interface
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Independently audited through third party accessibility testers.
• API: No
• Customisation available: No

Scaling

• Independence of resources: Users’ instances are separate, so they are not impacted by other customers using the service. The only limitation will be the types of machines in their instance and the number of licences purchased.

Analytics

• Service usage metrics: Yes
• Metrics types: Dashboard reports are provided by the service provider for each fleet used by a customer.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest:
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: All data used in the product, is initially provided by the customer. Any results produced by the product can be exported from multiple points within the product, into .xls, .xlsx and .csv files.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • .xls
  • .xlsx
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • .xls
  • .xlsx

Data-in-transit protection

• Data protection between buyer and supplier networks: Other
• Other protection between networks: There is no direct connection between our network and the customers cloud environment. Only if the customer has agreed for Forensic Analytics to have an Azure AD authenticated connection for example, would one be set up for support purposes. This would only allow connectivity to the environment but not give access to the product or the data contained therein.
• Data protection within supplier network: Other
• Other protection within supplier network: As stated in a previous response, cloud customers’ data isn’t passed through our network at any stage. Within our product, data is encrypted.

Availability and resilience

• Guaranteed availability: Availability is underwritten by our hosting providers, AWS and Azure. Availability is 99.999%
• Approach to resilience: The AWS environment is built with clone machines and load balancing in place so if a single machine fails users are automatically moved to a cloned machine without any loss of service.
• Outage reporting: Individual customer Virtual Private Clouds (VPCs) are built and managed by Third Party Managed Service Provider, on behalf of Forensic Analytics. They monitor the availability of those resources and ensure the security of the environment, including intrusion detection. Third Party Managed Service Provider are responsible for the configuration, update, monitoring, security and availability of the virtual resources. Third Party Managed Service Provider will ensure that all OS/Application patches for backend services are applied within 7 days of release from the vendor. Emergency patches for security issues will be undertaken as a priority request and deployed as soon as practicably possible.; AWS are responsible for ensuring that the underlying physical machines in their data centres are updated and patched. Forensic Analytics will be notified of any outages. Where, as a direct result of this, customers are affected, they will be notified by our Support team.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Public key authentication (including by TLS client certificate)
  • Other
• Other user authentication: User authentication is integrated with the customer organisation’s internal identity and authentication structure to offer an SSO service where the user reuses their network credentials to access CSAS Cloud. Links between the customer identity provider and CSAS Cloud are handled via a SAML (Security Assertion Markup Language) service securely provided by AWS. See ; https://aws.amazon.com/blogs/aws/aws-identity-and-access-management-using-saml/ for more details.
• Access restrictions in management interfaces and support channels: As well as having user authentication and a SAML (Security Assertion Markup Language) service to restrict access, as a supplier there would be a service level agreement with the customer about the types of services included in the procurement of the product, which would include management procedures to prevent and monitor access controls.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • Public key authentication (including by TLS client certificate)
  • Other
• Description of management access authentication: Forensic Analytics' staff access would be set up with full authentication in place following agreement with the customer and full disclosure of the reasons access is required.

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: Between 1 month and 6 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: Between 1 month and 6 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials Plus and ISO 27001 in progress.
• Information security policies and processes: Forensic Analytics operate a Security Governance process to Cyber Essentials Plus standards and aligned to ISO27001. The Information Security Forum meets on a regular basis to review security risks and manage mitigation activities.; ; Forensic Analytics use Amazon Web Services (AWS) for the hosting of cloud software. All data is stored within the Amazon infrastructure, which is UK Hosted, PASF assured and complies with ISO/IEC 27001. ; ; Any changes to AWS infrastructure are required to go through our internal Change Management procedure and authorisation needs obtaining where required.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Forensic Analytics operates an ITIL Aligned Change Management process designed to minimise risk to service and ensure a stable, reliable, predictable service. The Change Management procedure is agreed during on-boarding and is dependent on the IT Service Management needs of the organisation(s).; ; Customers are informed of any IT Changes initiated by Forensic Analytics/partners to enable:; •input during decision stage; •updates during implementation; •involved in testing; • acceptance of change completion ; ; If agreed during on-boarding any changes initiated/managed by the customer’s Change Management process will be submitted via the normal support channels and assessed as part of our Change Management process.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Cloud systems are regularly penetration tested by a third-party supplier. Recommendations are implemented and security vulnerabilities patched accordingly. ; ; Third party supplied cloud systems use a built-in vulnerability scan which runs daily and provides reporting on risk scored vulnerabilities to the Operations Team. ; ; All IP addresses are registered with the NCSC Early Warning Service which proactively scans for internet facing vulnerabilities and reports on a weekly basis.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: In addition to protective monitoring provided by the AWS platform we utilise monitoring systems built into our OS platforms as well as the Microsoft 365 and Azure environments.; ; The business uses Webroot to monitor endpoints within the business. Alongside this each endpoint has Windows Defender installed and Microsoft inTune for MDM and monitoring.
• Incident management type: Supplier-defined controls
• Incident management approach: Forensic Analytics are notified of security incidents either via proactive monitoring and alerting managed by the Service desk or manually via phone, email or the support portal. Forensic Analytics first line support will log the incident in the tracking system and triage it to assign appropriate priority and categorisation. The ticket will then be assigned to the appropriate resolving team.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  We are active members of the Pirkx employee program. Pirkx offers employees access to 24/7 GP support, discounted gym memberships, and the Pirkx portal offering cashback and discounts across supermarkets and gyms. All employees are routinely encouraged to engage with the program. We also offer GoVox, a monthly wellbeing check in tool.

Pricing

• Price: £7,000 a licence a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: It is a full service of the product that is only available for an agreed period of 30 days for evaluation only.
• Link to free trial: There is no link to the free version available, as the customer needs to access the latest version of CSAS.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at scott.mcmillan@forensicanalytics.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.