Medialogix Ltd

FotoWare Digital Evidence Management System (DEMS)

Suitable for police and law enforcement agencies. Offering a secure, cost-efficient, scalable solution for Digital Evidence Management (DEMS). Public Upload Portal, Artificial Intelligence auto-tagging, Sharing and Collaboration, MG form and document templates, MoPi compliant, Video Redaction, Clipping, Mobile Apps, Integration / API

Features

• SSO with SAML2, OneLogin Active Directory, Azure AD etc.
• Faceted Search using Taxonomies - create powerful search lists
• Flexible uploading and ingestion plugins and integration, Public Upload Portal
• Easy Export and Embed  using drag and drop
• Easily embed photos in WordPress, Joomla, eZ Publishing etc
• Mobile/Tablet Apps - Access and upload files from anywhere
• Acesss from anywhere using web based html5 interface
• Flexible selection tools and efficient workflow processes, MoPi compliant
• Options to adjust video playback speed, redaction, blurring, clipping
• RESTFul APIs for seamless integration with your systems

Benefits

• Increase efficiency and reduce risk by properly managing your assets
• Audit Trail and Evidential Master - full chain of custody
• Flexible Security and Role-based Access - integrated with AD
• High Performance - optimized searching, indexing and workflow
• Manage image, video, document, audio and any other file type
• Quick and Easy Uploading - connect to 3rd party systems
• Create custom workflows and processes. Annotations and Redactions
• Sharing and Collaboration - share files internally and externally.
• Seamless integrations with Word, PowerPoint, Adobe InDesign or PhotoShop.
• Flexible Retention Policies - MoPI compliant.

£25,000 an instance a year

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@medialogix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

824933044873537

Contact

Faisal Mahmood
01216630309
sales@medialogix.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: No
• System requirements:
  • Windows Server 2016 or higher - 64 bit versions
  • Internet Information Services 7.5 or 8.0
  • Microsoft SQL Server Express 2008 minimum
  • Microsoft .NET Framework 3.5 minimum
  • Microsoft Silverlight 5.1
  • Local Administrator privileges for service account

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our normal SLA response times from us when a call is raised are: ; ; Software inoperable fault – Initial response time -4 hours – fix time 4 hours ; Serious degradation fault – Initial response time – 4 hours – fix time 4 hours ; Minor degradation fault - Initial response time – 4 hours – fix time 16 hours ; Cosmetic issue fault - Initial response time – 4 hours – fix time 32 hours ; ; Site visit day response time – 3 working days ; ; Bespoke SLAs and informal arrangements are available subject to negotiation.; ; Standard Support UK business hours/days. 24/7 support options available.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Our normal SLA response times from us when a call is raised are: ; ; Software inoperable fault – Initial response time -2 hours – fix time 4 hours ; Serious degradation fault – Initial response time – 2 hours – fix time 4 hours ; Minor degradation fault - Initial response time – 2 hours – fix time 16 hours ; Cosmetic issue fault - Initial response time – 2 hours – fix time 32 hours ; ; Site visit day response time – 3 working days ; ; Bespoke SLAs and informal arrangements are available subject to negotiation.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide onsite training and user documentation. Training can be generic product training or specific training relevant to the system deployed.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data is always available in the standard file system which can be extracted at anytime by anyone with minimal IT knowledge. Extracting data from SQL Server and MongoDB would be done by the end-user's Database Administration (DBA)
• End-of-contract process: Subscription licence software will be disabled at the end of the contract. You will have the opportunity to download all the data prior to end of the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Chrome
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Simpler interfaces for mobile devices and functions implemented differently if using mobile devices or tablets. Web interface works best at screen resolution 1280x1024 or higher.; Mobile apps for Android and iOS devices which are simple, robust and configurable. These apps are used to capture and upload files and developed with law enforcement and healthcare organisations in mind.
• Service interface: No
• User support accessibility: None or don’t know
• API: Yes
• What users can and can't do using the API: The API can be used for the following purposes:; Building custom user interfaces; Building custom mobile apps; Automating workflow; Analytics; ; An API client communicates with the FotoWeb server by making HTTP requests, which roughly fall into two categories:; Requests that only read data (GET requests); Requests that modify data on the server (POST, PUT, DELETE, PATCH, ... requests); ; If the response body contains data, then it is usually in the JSON format (See http://www.json.org). Most programming languages these days have built-in support or mature third-party libraries for processing JSON data.; ; Every request sent to the server has a URL (uniform resource locator), which refers to a resource. A resource can be any object known to the server and exposed by the API, such as an asset, an archive, an album or a user. Each resource has a unique URL, which is also its ID. API clients should not compose or decompose URLs. Instead, the URL itself should be used as the ID of the archive.; An API client may read data from a resource, modify it, delete it, or create a new resource. ; The FotoWeb RESTful API was designed to be as self-documenting as reasonably possible.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: FotoWare products are modular with options in each product to customise views, colours, metadata forms, markers, access to archives, workflow processes and access control. The possibilities are vast when the available modules are configured together. Listing all configuration options here is not possible here however what we can say is that we have been able to configure a solution for all of or clients to date. If a feature didn't exist in the product we were able to convince the manufacturer to add it or make a word-around.; Typically, with FotoStation Pro the user can customise the interface though typically, this best done by a system administrator to minimise errors. Server based products ( Index Manager, Color Factory, FotoWeb and Connect) are customised by an administrator. Most typical installations are configured to cater for all possible eventualities with access controlled for individuals or groups.; This provides you with the flexibility to configure often complex solutions but controlled so that end users are not overwhelmed with options and processes which can lead to confusion or mistakes occurring.

Scaling

• Independence of resources: Each client instance is independent and assigned dedicated resources

Analytics

• Service usage metrics: Yes
• Metrics types: Typically, on the server level, CPU, storage and memory usage are monitored in real time. In addition, the number of active users, the amount of files in the database, number of files in processing queues, the filename of the currently processed file at all viewable in real time. ; User activity (login, search, view, preview, add to process and more) is stored in an SQL database from which configurable reports can be created; Microsoft Azure cloud also has it's own metrics so you can monitor what effect our service has on your infrastructure.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: FotoWare and Microsoft

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: Less than once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There are a number of options. The first one is the simplest as the FotoWare DAM uses industry standard Adobe XMP metadata format which is readily readable by any XMP compatible DAM software. Alternatively, you can export metadata in SQL format or CSV if your new DAM solution is database driven.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Original media files (doc, ppt, jpg etc)
  • Adobe XMP
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: Private network or public sector network
• Data protection within supplier network: Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: This depends on what Microsoft Azure cloud service you will be running your FotoWare software on. As a general rule for a single instance of virtual machine you can expect 95% availability minimum. ; More information can be found at https://azure.microsoft.com/en-gb/support/legal/sla/
• Approach to resilience: Local and Geo redundancy options are available from Microsoft on the Azure Cloud service
• Outage reporting: This is provided by Microsoft Azure Cloud services and is accessed from the portal dashboard and email alerts.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: This is done using access control features for groups and individuals.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • CSA CCM version 3.0
  • ISO/IEC 27001
• Information security policies and processes: This is determined by FotoWare and Microsoft

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Determined by end user or client.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: This is performed by FotoWare and Microsoft and as a reseller we not involved in the vulnerability management process.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: This is managed by FotoWare and Microsoft.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: This is managed by FotoWare and Microsoft.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: Yes
• Connected networks:
  • Public Services Network (PSN)
  • Police National Network (PNN)
  • NHS Network (N3)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)

Social Value

• Fighting climate change:

  Fighting climate change

  We believe that businesses are responsible for achieving good environmental practice and operating in a sustainable manner. We are therefore committed to reducing our environmental impact and continually improving our environmental performance as an integral and fundamental part of our business strategy and operating methods. ; ; It is our priority to encourage our customers, suppliers and all business associates to do the same. Not only is this sound commercial sense for all; it is also a matter of delivering on our duty of care towards future generations.; ; Our policy is to; ;  Wholly support and comply with or exceed the requirements of current environmental legislation and codes of practice. ;  Minimise our waste and then reuse or recycle as much of it as possible. ;  Minimise energy usage in our buildings, vehicles and processes in order to conserve supplies, and minimise our consumption of natural resources, especially where they are non-renewable.;  Operate and maintain company vehicles with due regard to environmental issues as far as reasonably practical and encourage the use of alternative means of transport and car sharing as appropriate.;  Apply the principles of continuous improvement in respect of air, water, noise and light pollution from our premises and reduce any impacts from our operations on the environment and local community. ;  As far as possible purchase products and services that do the least damage to the environment and encourage others to do the same.;  Assess the environmental impact of any new processes or products we intend to introduce in advance.;  Ensure that all employees understand our environmental policy and confirm to the high standards it required.; ; By default all our staff work from home reducing the need to travel. We also encourage our customers to allow us to conduct system maintenance and meetings remotely.
• Covid-19 recovery:

  Covid-19 recovery

  During the pandemic wherever our clients were forced to work from home we provided free licences for use on an additional device. We will continue to provide this service should the need arise.
• Equal opportunity:

  Equal opportunity

  Medialogix encourage a diverse workforce and will never deny equality on the grounds of race, gender, marital status, caring responsibilities, disability, gender re-assignment, age, social class, sexual orientation and religion/belief or any other factor irrelevant to the purpose in view. ; Statutory Requirements; Medialogix accepts and welcomes the statutory requirements laid down in:;  Equal Pay Act 1970; ;  Rehabilitation of Offenders Act 1974;;  Sex Discrimination Act 1975;;  Race Relations Act 1976 and Race Relations Amendment Act Feb 2000;;  NHS Community Care Act 1990;;  Disability Discrimination Act 1995; ;  Asylum & Immigration Act 1996;;  Human Rights Act Nov 1998;;  Employment (Religion or Belief) and (Sexual Orientation) Regulations 2003.; Responsibilities; Medialogix recognises that it has moral and social responsibilities that go beyond the provisions of the above-mentioned Acts and Regulations, and that it should support and contribute to the wider process of change through all aspects of its work and practices in order to eliminate discrimination and promote equality and diversity.; Actions; Medialogix is committed to taking positive steps to ensure that:;  All people are treated with dignity and respect, valuing the diversity of all. ;  Equality of opportunity and diversity is promoted. ;  Services are accessible, appropriate and delivered fairly to all;;  The mix of its employees, volunteers and management committees reflects, as far as possible, the broad mix of the population of the UK.
• Wellbeing:

  Wellbeing

  The Company believes that its employees are its most valuable resource and that their well being is vital to effective performance at work and the continued provision of high quality services. To this end the Company is committed to providing maintaining and promoting a healthy and supportive working environment. ; ; • Under the terms of the Health and Safety at Work Act 1974 the Company has a duty to ensure the health and safety of its employees as far as is reasonably practical. ; • The Management of Health and Safety at Work Regulations 1999 place a duty on the Company to assess and control the degree of stress in the workplace. ; • The Disability Discrimination Act 2005 places a duty on the Company not to discriminate against employees who suffer from a disability under the act which includes long term ill health caused by stress at work. ; ; While the Company has no control over external or personal factors it is committed to managing stress and risks within its control, and to providing support to employees who are suffering from stress. ; ; Aims of the Policy ; ; • To ensure the physical and mental health of all employees;; • To promote a healthy, safe and friendly working environment and control and reduce risks to mental health;; • To help provide and maintain a supportive and non judgmental working environment; ; • To provide effective support to all employees in managing stress and other mental health problems, and to encourage better recognition of mental health issues; and; • To recognize that the prevention of stress is easier than dealing with it once it has arisen.

Pricing

• Price: £25,000 an instance a year
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: A fully functional trial can be made in the Microsoft Azure Cloud for 30 days.; The trial is fully functional with a standard/basic configuration.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@medialogix.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.