Flo.w
Flo.w is an awarded wining cloud based Digital Twin software platform from Emu Analytics that provides dynamic visual insights to transport operators across aviation, rail, road, maritime and more.
Features
- Digital Twin capabilities supporting real-time, historical and predictive actionable insights
- Location based intelligence with map driven UI
- Unique Hyper-Performance at scale
- Zero client side install - Browser only requirement
- Highly engaging User Interface design
- Enterprise Grade
- Data Privacy and GDPR compliance
- Streaming Data Analytics Engine
- Massively flexible data integration capabilities
- Unique and Innovative data sharing and data democratisation capabilites
Benefits
- Insights delivered at "right time" speed for maximum business impact
- Supports multi-variate user base with differing requirements
- Intuitive platform with minimal training requirements
- Highly engaging and innovative interface to all users
- Support for private and public access
- SaaS that removes the need for internal platform management
- Rapid speed of delivery - days and weeks not months
- Share insights and reports easily and securely
- Value driven performance, scalability and flexibility
- Web Browser interface delivering stunning 2D and 3D Visuals
Pricing
£9,000 to £102,000 an instance
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
8 7 7 2 0 5 3 9 6 6 3 1 2 5 7
Contact
Emu Analytics Ltd
Richard Vilton
Telephone: +447949215774
Email: richard.vilton@emu-analytics.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Service constraints
- Currently the Software as a Service (SaaS) is hosted on AWS as a default. Other cloud platforms can be supported (by agreement) for private cloud deployments.
- System requirements
- Upto date Web Browser
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
UK working day 9-5 support only.
Emails will be responded to within 2 hours within these times - User can manage status and priority of support tickets
- No
- Phone support
- No
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
The final maintenance and support SLA’s levels will be defined and offered based on requirements and related commercial viability of specific SLA levels. This would be part of an agreed Statement of Work (SoW) undertaken with the customer to ensure that the level of support they require for their Flo.w application is aligned to their business priorities and budget.
An account manager contact is provided to each customer. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
-
The interface is specifically designed to be intuitive, interactive and usable by personnel that do not require deep technical data science training to realise value from the data.
Training and QuickStart sessions are available for Flo.w applications and are agreed as part of a Statement of Work (SoW).
Flo.w applications have relevant on-line help and documentation built in. Specific user documentation can also be produced as part of a SoW. - Service documentation
- Yes
- Documentation formats
-
- HTML
- Other
- Other documentation formats
- Customer Specified
- End-of-contract data extraction
-
Data would be destroyed at the end of the contract with the termination of the cloud based instance. Data is not currently extractable from the solution in a reusable format, as it is aggregated and transformed on ingestion to facilitate the functional requirements of the solution.
Should an exceptional case for extraction and partial reverse transformation be required, then the supplier would consider undertaking this as a one-time professional services offering, although the effort and cost would be determined by the nature and volume of the data already consumed by the solution - End-of-contract process
- At the end of the contract, assuming there is no intent for the solution to be extended, the cloud instance would be shutdown and all related cloud-based assets (data, user accounts etc) destroyed. There would be no further overhead for termination unless bespoke processes were additionally required by the customer.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Application to install
- No
- Designed for use on mobile devices
- No
- Service interface
- No
- User support accessibility
- None or don’t know
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Customer specifications are catered for within the Statement of Work (SoW) which defines how the Flo.w application is to be built and configured.
End Users of a Flo.w application can customise the visual display through different selections and choices within the application.
Scaling
- Independence of resources
-
Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them.
Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level.
Service usage is monitored to project infrastructure needs to support availability commitments/requirements. Capacity planning is performed to assess current infrastructure usage and demands. The underlying cloud (AWS) architecture and containerisation of Flo.w supports the planning for future demands to acquire and provision additional resources based upon current resources and forecasted requirements.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- In-house
- Protecting data at rest
-
- Physical access control, complying with another standard
- Scale, obfuscating techniques, or data storage sharding
- Other
- Other data at rest protection approach
-
Flo.w is provisioned on AWS which adheres to independently validated privacy, data protection, security protections and control processes.
AWS is responsible for the security of the cloud.
End user Access to the Flo.w applications is only ever via secure HTTPS url login. There is no access to any data not presented within the application.
Access to the Flo.w management plane is securely managed through a combination of access keys, VPNs and 2 factor authentication. Where applicable data may also be encrypted within at-rest storage. - Data sanitisation process
- Yes
- Data sanitisation type
-
- Explicit overwriting of storage before reallocation
- Deleted data can’t be directly accessed
- Equipment disposal approach
- In-house destruction process
Data importing and exporting
- Data export approach
- Data may be downloaded in standards formats such as CSV or within report formats such as PDF. Applications may also optionally, have the ability to share a "see what I see" URL link.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- Bespoke (as required)
- Data import formats
- Other
- Other data import formats
- Any open data format can be provisioned into Flo.w
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Bonded fibre optic connections
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Other
- Other protection within supplier network
-
Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them. Flo.w's cloud architecture (AWS) enables content by design that allows for the most appropriate secure data transit based on start and end point.
This includes TLS/SSL, and/or IPsec or TLS VPN (if applicable), or other means of protection if required.
API calls can be encrypted with TLS/SSL to maintain confidentiality. AWS Console connection is encrypted with TLS.
Availability and resilience
- Guaranteed availability
-
Flo.w is provisioned on AWS Cloud provides the following SLA's:
• Amazon EC2 SLA: http://aws.amazon.com/ec2-sla/
• Amazon S3 SLA: http://aws.amazon.com/s3-sla
• Amazon CloudFront SLA: http://aws.amazon.com/cloudfront/sla/
• Amazon Route 53 SLA: http://aws.amazon.com/route53/sla/
• Amazon RDS SLA: http://aws.amazon.com/rds-sla/
• AWS Shield Advanced SLA: https://aws.amazon.com/shield/sla/
Any Flo.w application SLA’s levels will be defined and offered based on requirements and related commercial viability of specific SLA levels. This would be part of an agreed Statement of Work (SoW) undertaken with the customer to ensure that the level of support they require for their Flo.w application is aligned to their business priorities and budget. - Approach to resilience
-
The Flo.w service is provisioned on AWS Cloud.
The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximising the effectiveness of the recovery and reconstitution efforts and minimizing system outage time due to errors and omissions.
AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites.
All Flo.w application code and data is backed up with agreed client retention dates. Requirements such as replication and hot-failover are agreed as part of a Statement of Work (SoW) with customers. This ensures that Flo.w applications are provisioned to meet and optimise both functionality and budget requirements. - Outage reporting
- Service outages are reported to the customer via email and/or via direct telephone contact to the customer SPOC (Single Point of Contact) by the Account Manager.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
Flo.w is provisioned on AWS which provides IAM for access management. IAM is used to define user access control to all services, APIs and specific resources. Other controls include time, originating IP address, SSL use, and authentication via MFA devices.
API calls to launch/terminate instances, change firewalls, and perform other functions are signed by customers’ Amazon Secret Access Key (either the root AWS Account’s Secret Access Key or the Secret Access key of a user created with AWS IAM).
Only approved Emu personnel are granted access to management interfaces. - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Public key authentication (including by TLS client certificate)
- Identity federation with existing provider (for example Google Apps)
- Dedicated link (for example VPN)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- Between 1 month and 6 months
- How long system logs are stored for
- Between 1 month and 6 months
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- No
- Cyber essentials plus
- No
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- No
- Security governance approach
-
Emu Analytics has an internal security policy that defines the current approach to security governance. The company has been audited by global enterprise security teams previously and has passed with it's current security policy that covers:
Access Control Policy,
Antivirus Software for laptops,
Document Confidentiality Classification,
File lists,
GDPR Guide & Resources,
Incident Reporting,
Information Asset Classification And Handling,
Information Security Policy Statement,
Management of Client Data,
Office & Workplace Security Policy,
Risk Register,
SSL Certification,
User Accounts and Password Policies
The company is embarking on a programme to achieve formal ISO27001 certification. - Information security policies and processes
-
The Emu Analytics security policy and procedures are available to all staff on the internal company intranet.
All existing staff are familiar with these policies and the policies are part of any new employee induction.
Emu Analytics follow a structured agile delivery methodology which ensures all projects have daily scrum delivery sessions where policy adherence is both enforced and reviewed.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
All software components are version controlled in a Professional and Secure Configuration Management System (BitBucket).
Access and privileges within the repository is strictly managed.
Any third part components and code are virus and malicious code checked.
Company written code is peer reviewed. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
Flo.w is provisioned on AWS Cloud Infrastructure. AWS Security performs vulnerability scans on the host operating system, web applications, and databases in the AWS environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities.
Potential threats are tracked via https://aws.amazon.com/security/security-bulletins/
Security patches against all services are deployed inline with the recommended urgency and security guidance. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Flo.w is provisioned on AWS and utilises the supported monitoring processes. AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor:
• Port scanning attacks
• Usage (CPU, processes, disk utilization, swap rates, software-error generated losses)
• Application metrics
• Unauthorized connection attempts
Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set thresholds.
Incidents are responded to as
All incidents are assigned an owner and logged and tracked within the Incident Report. - Incident management type
- Supplier-defined controls
- Incident management approach
-
All incidents are assigned an owner and logged into the internal incident management log which contains:
Date, Description, Severity, Status, Affected Infrastructure, Affected Personnel, Affected Services, Reported by, Incident Owner, Links and Attachment.
Customers can report incidents by emailing Emu Support or by calling their Account Manager directly.
Emu Analytics will always endeavour to resolve problems as swiftly as possible. It recognises that a client’s systems are key to its business and that any downtime may be business affecting. Updates on service affecting issues are communicated to customers via email or by a direct phone call to the customer SPOC
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
Fighting climate change
Emu Analytics has signed up to the UK SME Climate commitment as one of the "small business climate leaders across the UK" (https://businessclimatehub.org/) The company also undertakes self-funded work to assist with efforts for research and raising awareness on climate change in those areas which may not yet have been widely considered. An example of this is the research and paper the company published on "Wet Bulb: The temperature beyond human survival". The research and paper has been presented at a number of Geo-spatial conferences.Covid-19 recovery
Throughout the COVID 19 pandemic Emu Analytics put in place operating procedures which allowed it to continue to operate at full capacity with no furlough claims. During this time the company also provided flexibility in the services delivered to those clients and organisations most dramatically affected both operationally and financially by the pandemic.Tackling economic inequality
Emu Analytics supports all employees who wish to offer their services to organisations and charities delivering social benefit. The company has funded employee time and commitment to non-profit organisations such as those responding to humanitarian emergencies around the world with the provision of expert geospatial and data resources.Equal opportunity
Emu Analytics is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills and experiences within our workforce.
Pricing
- Price
- £9,000 to £102,000 an instance
- Discount for educational organisations
- No
- Free trial available
- No