Coeus Software Ltd

PoliceBox: frontline digital mobility platform

A flexible frontline digital mobility platform for operational policing. An innovative approach to digital transformation that delivers radical business change. Mobilises business processes using a simple design tool with no coding required. Integrate with back office systems using API/SDK. Works with Android, iOS and Windows devices both online and offline.


  • Android, Windows 10, iOS and Chrome native client apps
  • Microsoft Azure data centre(s) hosted in UK
  • Microsoft 365 deployment compatible
  • API/SDK for advanced integration
  • No code App designer for rapid deployment of business processes
  • AI-driven data capture and fingerprint scanners support
  • Role-based access to business processes
  • Oauth2 authentication, encryption, digital signature and audit trail
  • Home Office Digital Evidence Standards compliant
  • Policing Vision 2025 compliant


  • Improved access to information from police system for frontline officers
  • Improved productivity: Less manual input required
  • Improved response times: Information is near 'real-time'
  • Improved officer confidence: Easy-to-use interface minimises training
  • Improved data quality: Less manual input and re-keying of information
  • Improved efficiency: Rapid deployment of processes to the frontline
  • Improved internal communication: Less voice traffic to the control room
  • Improved officer safety: Less distracted by manual input
  • Improved officer visibility: Use anywhere including no network coverage


£3 to £20 a person a month

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

7 6 6 1 6 2 4 7 8 2 9 5 6 1 5


Coeus Software Ltd Simon Hall
Telephone: 07802 234789

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Hybrid cloud
Service constraints
Our service requires: Federated Authentication using Azure Active Directory (with ADFS or Azure AD Connect); Windows Server (Integration Server) for exporting of completed tasks within your IT environment. Full provisioning documentation is also provided. Windows desktop is used for the business process app design tool. You will need to use the OnBoarding Cloud support service to establish the Integration components. You will also need to decide upon the use of the "Data Return" service at subscription termination, when notification is issued. The service will make use of your existing enterprise device (security & management) solution and mobile network infrastructure.
System requirements
  • Windows Server (Hybrid Server) 2012 R2 or later
  • Federated Authentication Azure AD using ADFS or Azure AD Connect
  • Windows 10 Client Devices or
  • IOS 9 (or later) Client Devices or
  • Android 5.0 (Lollipop) Client Devices
  • Network Access to Azure UK data centres
  • Windows 7 or later for the Design Tool

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our standard response times are based upon Monday-Friday 08:30 to 18:00, except English bank holidays.

Our service is monitored 24x7x365 and our support team will rectify emergency issues as soon as they are detected.
User can manage status and priority of support tickets
Online ticketing support accessibility
None or don’t know
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Business Hours Mon-Fri 08.30 to 18.00 Except English Bank Holidays. Online ticketing service 24x7x365.

Incidents acknowledged within 4hrs with problem assessment within 24hrs. Major Incidents action within 4hrs.
Support available to third parties

Onboarding and offboarding

Getting started
We provide an onboarding service which includes delivery of software as well as online training (client application familiarisation videos) and user documentation.
Service documentation
Documentation formats
  • PDF
  • Other
Other documentation formats
  • Video
  • Immersive Try-out
End-of-contract data extraction
We provide an offboarding service and data return support service. This allows your database to be extracted as a backup file and presented to you on your media.
End-of-contract process
The offboarding service provides a data return support service. You must request the data extract service within 14 working days of notice of cancellation. The data return support service is a chargeable service via our professional services outcomes (Lot 3 Cloud Support) based on our standard SFIA rate card.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
The desktop application uses the Windows 10 Universal Windows Platform (UWP) and the app is deployed via the Windows Store.

The difference between the mobile and desktop service UI/UX is optimised for the device being used.

The Android App also supports Samsung DeX
Service interface
User support accessibility
None or don’t know
Description of service interface
Day to day management of the service is provided through a web-browser. It is role-based and permits management of users, task queue, statistics dashboard, audit log review and system log review.
Accessibility standards
None or don’t know
Description of accessibility
Day to day management of the service is provided through a web-browser. It is role-based and permits management of users, task queue, statistics dashboard, audit log review and system log review.
Accessibility testing
None at this time. it is a roadmap item.
What users can and can't do using the API
An API is available that provides a range of services, including:

1. Sending tasks to mobile users
2. Getting completed tasks for ongoing processing, with retry management
3. Getting situational awareness information
4. Providing metadata for KPI analysis etc.

An alternative connector-based integration SDK which is described in the customisation section.
API documentation
API documentation formats
  • Open API (also known as Swagger)
  • PDF
API sandbox or test environment
Customisation available
Description of customisation
The entire platform is customisable, to digitise any business process. Connectors can be deployed to allow researching from or exporting to any target back office or national system.

Use the App Designer tool to define tasks designs and to integrate them with broader business processes. This no-code tool can be used by anyone with appropriate training, governed by role based access.

The platform integrates with other systems via connectors. The creation of new connectors is a developer role and can be done by your nominated developer.

Additionally, the API can be used to integrate, via a third party integration platform or other middleware.


Independence of resources
We use the inherent scaling capabilities of the Microsoft Azure platform. This scaling allows demand management during peak times, reducing at non-peak times to optimise the service.


Service usage metrics
Metrics types
We provide metrics in a Dashboard screen within the Web Portal. It shows the following statistics: Tasks Processed Today; Tasks Completed Today; Tasks Abandoned Today; Search Criteria Tasks Processed; Search Detail Tasks Processed; Tasks Processed Last Seven Days. It will also show a graph of totals of each type of task (i.e. Non Endorsable 30, versus NIM-A etc) for the last 2 hours and last 24 hours. Finally, the range of completed tasks can be plotted on a map, showing the geographical distribution of where tasks are completed.
Reporting types
  • API access
  • Real-time dashboards


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
Our service depends on the continued compliance of the Microsoft Azure UK data centres.
SQL Azure transparent data encryption.
Blob storage transparent data encryption.
Task data is compressed and encrypted using AES256.
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
No significant data is held in the service for any length of time as it is exported when completed tasks are processed by the Integration Server and sent to your back office databases. At the end of the contract you may request the data return service.
Data export formats
  • CSV
  • Other
Other data export formats
  • JSON
  • PDF
  • Word
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
Data is protected by encryption to AES-256. We expect the buyer would also use a Mobile Device Management (MDM) system whilst using the service.
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Application traffic is additionally secured using application level compression and encryption within the TLS tunnel. Data at rest is also compressed and encrypted. The approach uses AES256. Users cannot login without time synchronisation and the client app will not run if the device is 'rooted'.

Availability and resilience

Guaranteed availability
Our solution is hosted by Microsoft Azure platform and we use their service level as our baseline.
Approach to resilience
We use the Microsoft Azure platform due to its scaling and resilience capabilities. We also utilise geographic replication of databases and services using a second UK datacentre to ensure that the service is resilient. Web services are provided by at least two instances at each data centre.
Outage reporting
Our service desk will issue email alerts in the event that the service suffers any outages.

Identity and authentication

User authentication needed
User authentication
Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels
We use role based access that is configured through an administrative (html-based) interface and utilises Active Directory / Federated Authentication.
Access restriction testing frequency
Less than once a year
Management access authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance approach
The service design ensures our staff do not have access to your protected information. We also monitor systems including internet-based communications and centrally managed group policies to ensure that our staff operate within their role function and no-one person has overall access. Our Development environment is separated from Operations and Service Management. Any incidents that occur will be reported and escalated up to CEO level where a formal report would be made to the client(s) affected, accordingly. We will produce a report within 24hours of the incident being detected. We hold Cyber Essentials and are working towards ISO/IEC 27001.
Information security policies and processes
We operate an information security policy. Our products are designed to ensure that our staff do not have access to your protected information. We monitor the service including internet-based communications and manage group policies to ensure our staff operate within their role function and no-one person has overall access to everything. Our development team is separated from operations and service management. Incidents are reported and escalated to CEO level where a formal report would be made to you. The client report is made within 24 hours of the incident being detected.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our configuration and change management processes records client configuration details, including knowledgebase materials in our Service Desk system. Change management follows a documented process that is described in the standard service management policy. We have set up a user forum for the service; PoliceBox User Group (PBUG) to cover product roadmap. Our Operations Department includes a process where changes can be simulated in a representative customer configuration for factory test purposes. This takes place before the formal release cycle to ensure that potential security impacts are identified.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We work with partners and research other sources to monitor emerging and discovered vulnerabilities. Our agile development process ensures that vulnerabilities that are identified can be graded and our resolution can be impact assessed. Our change management process ensures that software updates or knowledgebase articles are issued in a timely manner. Our Operations department track and monitor the conclusion remedial action. We operate a DevOps methodology that includes continuous integration and includes vulnerability as well as functional testing.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use proactive monitoring of the service. In addition, the system provides Logs and Audit Logs to assist with monitoring and user behaviour. We also liaise with suppliers and clients in order to continue the company's continued alignment to GPG13. Audit logs comprise HMAC checksums to assure validity of data at rest. The collection of information in the field is only permitted on authorised devices.
Incident management type
Supplier-defined controls
Incident management approach
Our service desk is accessed via a web-based interface.Our standard service management policy sets out the process of Incident and Problem management cycles. Our service desk operates 'business to business'. It is your responsibility to ensure that calls from your user community are correctly analysed to eliminate local issues. We issue service tickets when calls are placed. We grade calls by priority and categorise problems. Depending on severity, the Change Management cycle may be invoked. We will use workarounds wherever possible to ensure continued service until a release cycle provides a formal resolution.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

Our Climate Change policy adopts a holistic perspective when analysing all Coeus Software® operations. Electric vehicles are used to reduce the environmental impact of travel from sales and management teams. This policy is also committed to reducing, recycling and where possible, re-using consumables.
Covid-19 recovery

Covid-19 recovery

Since its launch in 2005, Coeus Software® has been committed to supporting local communities through the employment of local skilled workers and government apprenticeship schemes. In recovery to the COVID-19 pandemic, Coeus Software® has employed two apprentices and supported digital training courses for all staff seeking to expand their skills base. In response to the pandemic, Coeus Software® provides a work-from-home policy which allows all employees to work in a flexible, safe environment either in the Coeus offices or their own homes. The mental and physical wellbeing of our staff forms the centre of all Coeus Software® operations and the support provided from the HR and Management teams has been vital in mitigating the negative effects of the COVID-19 pandemic. Coeus Software® will continue to follow all COVID-19 related government guidance regarding social distancing, remote working and safe travelling whilst implementing internal safeguarding systems to ensure the security of staff.
Tackling economic inequality

Tackling economic inequality

Coeus Software® believes in a continuous improvement working environment which seeks innovative development opportunities in the creation of new jobs, provision of staff training and rethinking business processes. The apprenticeship scheme supports the delivery of new ideas and skills into the niche market in which Coeus Software® operates and has developed their individual skills through extensive on-the-job training.
Equal opportunity

Equal opportunity

Coeus Software® is an equal opportunities employer offering flexible working and career development opportunities and training to all staff regardless of disabilities. At Coeus Software®, we recognise the importance upskilling the workforce and diversifying the knowledge base of staff in order to empower our employees and deliver the best possible results. Our extensive policies surrounding inequalities, disabilities and modern slavery within the workplace are regularly reviewed to ensure maximum coverage.


Coeus Software® is committed to supporting the mental and physical wellbeing of all staff through a range of mechanisms and systems designed to connect with employees. Our regularly updated staff handbook clearly details the support measures in place via our portal and is available at all times. Our healthcare policy provides essential cover both physically and mentally and is included in all staff contracts.


£3 to £20 a person a month
Discount for educational organisations
Free trial available
Description of free trial
A free trial may be available but would be time limited for non live data

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.