InJenuity

Forensic Portal

Webservices that supports integration between software solutions.
Seamless move data between systems based on events or schedules

Features

• Event driven capability to push and transform data between systems
• Schedule capability to push and transform data between systems
• API supporting Json/Rest
• API supporting Xml/Soap

Benefits

• Automate data transfer between systems
• Synchronise systems based on events
• Customisable transformations
• Supports Niche RMS
• Supports Socrates SOCEASI

£2,000 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew@injenuity.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

880159205014012

Contact

Matthew Barrett
07533721667
matthew@injenuity.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: 1. Support is limited to the specified versions of operating systems and other databases.; 2. There may be requirements to upgrade IIS, operating system or database version to deal with security vulnerabilities and to maintain a supportable version.; 3. There may be downtime in service to undergo maintenance or upgrades
• System requirements:
  • ASP.NET 4.8
  • Microsoft IIS 10, or above
  • Erlang v26
  • Java v21

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Support is open between 9am and 5pm Monday and Friday.; We aim to respond to a ticket within 2 hours
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: We only provide our standard support service which is included in the price.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: The solution is deployed using an agile approach where the forms are design to support the clients accreditation process. After the forms have been configured the appropriate integration is undertaken with the forces case management system(s).
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
• End-of-contract data extraction: This is not applicable as our solution is designed as a gateway to pass scene examination information to other back-end systems.
• End-of-contract process: When the contract ends we will expect the user to stop using the software and we can provide consultancy to assist any migration. Although it is not expected there will require any migration as all the data is passed through to other systems.

Using the service

• Web browser interface: No
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: The solution provides a programming service interface which supports Json/Rest and Xml/Soap.
• Accessibility standards: None or don’t know
• Description of accessibility: The Forensic Portal is a back-end service and is accessible through documented API's
• Accessibility testing: None
• API: Yes
• What users can and can't do using the API: The API is available for integration with other tooling to allow information to be added or retrieved. All functionality is available via the API.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Events and triggers can be added to the tooling, along with the ability to customise the transformation layer through NiFi.

Scaling

• Independence of resources: The solution is built on scalable technology and will be sized accordingly to the expected concurrency. The solution is also designed to work both online and offline and will just synchronise when available.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Supplier-defined controls
• Penetration testing frequency: Never
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The solution automatically pushes data into other client systems using our integration services. There is no need for users to export additional information.; ; The solution allows event driven functionality where event driven exports can be built.
• Data export formats: Other
• Other data export formats:
  • Xml
  • Json
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • ODBC
  • OLEDB
  • Json/Rest
  • Xml/Soap

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: The SLA will be agreed with the client as part of the contract
• Approach to resilience: This information is available on request. However, the solution uses a message queue to deal with resilience to deal with situations when services are not available.
• Outage reporting: The solution provides emails if a service is down or not available or unexpected errors are generated.

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: InJenuity adheres to the the access and support channels of the client if the solution is deployed on their cloud or infrastructure.; ; For InJenuity managed services access to the application or software is limited to pre-agreed and vetted (SC) staff. ; ; Access to client data will be restricted to time limited periods based on agreement with the client and only by approved and cleared InJenuity staff.
• Access restriction testing frequency: At least once a year
• Management access authentication: Limited access network (for example PSN)

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: We follow the security governance required by the client based on the sensitivity of the data.
• Information security policies and processes: InJenuity has documented security policies and processes that are followed throughout the DevOps process. These can be provided at request.; ; The Data Processor Officer (DPO) is responsible for weekly reviews of software and vulnerabilities. They report directly to the managing director.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: InJenuity have documented processes for change management which can be provided at request.; ; All components, class libraries and other tooling are actively reviewed for security vulnerabilities.; ; All changes, including documentation and code, are managed using our DevOps tool. They are managed using agile development processes which are responsible of the product owner.; ; The code branching strategy supports master branch, and development branch. The development branch manages both features and bugfix change branches.; ; All releases are managed and approved by the product owner, and the data protection officer.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: InJenuity use a number of methods for assessing potential security threats:; 1. Vulnerabilities reported by GitHub; 2. Vulnerabilities reported by NuGet manager; 3. Actively review online resources such as the CISA known exploited vulnerabilities catalog; ; Each vulnerability will be impact assessed and the client informed. If there is a known work-around or patch they will be applied at the earliest opportunity.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: If the solution is deployed onto a clients cloud it is expected the client is responsible for the protective monitoring.; ; For InJenuity hosted solutions Azure Monitor is used to collect and analyse IIS logs. Once an alert is raised we aim to respond within one hour during supported hours.; ; All solutions provide logging to assist with monitoring and detection.
• Incident management type: Supplier-defined controls
• Incident management approach: InJenuity have a pre-defined process for raising, investigating and resolving issues via their online support system. This solution can provide users 24 hour access to their incidents along with providing incidents reports.; ; There is a frequently asked questions area that provides guidance for commonly reported questions.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  Equal opportunity

  Equal opportunity

  InJenuity is committed to encouraging equality and diversity among our workforce, and eliminating unlawful discrimination.; The aim is for our workforce to be truly representative of all sections of society and our customers, and for each employee to feel respected and able to give their best. ; The organisation; - in providing goods and/or services and/or facilities ; - is also committed against unlawful discrimination of customers or the public

Pricing

• Price: £2,000 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at matthew@injenuity.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.