Unilink Software Ltd

Immigration Detention biometric self-service detainee case management

NForce / Custodial Management System CMS from Unilink enables immigration detention centres to run efficiently and detainees to operate self-service. Combined with biometric case management, it enables detainees to take responsibility, reducing their chances of reoffending; integrates with emailaprisoner and epayments which enhance friends and family contact helping detainees.

Features

  • Biometric tracking for detainees, visitors, contractors and staff ensuring security
  • Unique system incorporating both detainee case management and self-service
  • Delivered through wing based kiosks, in-cell devices, tablets, thin clients
  • Extensive range of functional modules covering all detainee daily transactions
  • Automated secure links for friends/family allowing messaging and e-payments
  • Keep-apart markers schedule detainee activities more safely
  • Security accredited to IL3 with secure remote support
  • Operational data stored in SQL databases for analytics/ reports
  • Combines self-service and the management of nominals into one
  • Combined detainee management and self-service system

Benefits

  • Enables safer immigration centre management
  • Moves almost all detainee transactions from paper saving PO time
  • Enables detainees to take more responsibility for their own lives
  • Detainees taking more responsibility experience greater confidence
  • Staff sickness reduced due to improved job roles
  • Officer time spent booking visits is practically eliminated
  • Purposeful activity reports enable management to identify detainees in need
  • Automated payments linked to schedules/biometric movements save officer time
  • Self-service surveys enable management to assess changes quickly
  • Timed management reports assist immigration centre operation

Pricing

£0.45 to £0.95 per person per day

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 1 0 1 0 0 3 4 7 1 2 9 5 1 4

Contact

Unilink Software Ltd

Zaneta Whitworth

020 7036 3810

enquiries@unilink.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The service has been designed to limit constraints, however, the service constraints will be largely dependent upon the client's chosen G-Cloud PaaS Hosting Provider.
System requirements
  • Secure Windows or Android Terminal with anti-virus
  • Windows SQL cloud infrastructure
  • Available utilising Azure as a value added option

User support

Email or online ticketing support
Email or online ticketing
Support response times
1 hour but normally less. Users can log their support calls using the online portal and review their current status. Users cannot change their ticket priority, as this is determined by Unilink. Typically users do not use the online portal, rather they submit issues via email to the 24/7/365 Unilink helpdesk. This results in an improved service as any fault is correctly categorised and therefore resolved more quickly.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
Web chat
Web chat support availability
24 hours, 7 days a week
Web chat support accessibility standard
WCAG 2.1 A
Web chat accessibility testing
Chat testing was performed during the development stage and continually refined through user feedback from over 60 successful deployments.
Onsite support
Onsite support
Support levels
Service Support is offered through UK-based security cleared staff working within a ITILv3 Service Support model.
Service Level Agreements are negotiated directly with Unilink to achieve customer objectives of service availability, recovery time and backup objectives.
The Unilink Service Desk is the principal point of contact for all service users. Unilink currently provides ITIL aligned support services to Sodexo, Serco, G4S, Hampshire Constabulary and several other Police Forces, working closely alongside other outsourced Service Providers. This functional service is responsible for the Incident Management process and is also a key communications point for receiving and disseminating operational information to Unilink’s customers. Unilink is very experienced in working alongside customer Change and Release teams to deliver a seamless managed Service.
Support is provided through a combination of Service desk, Email, Phone, Live chat and Onsite.

“Unilink’s support has been second to none….I wouldn’t have any hesitation in recommending Unilink” – Ian Malkin, Security Key Advisory
Support available to third parties
Yes

Onboarding and offboarding

Getting started
The service is designed so that the on-boarding of customers can be completed within two or three months of the commencement date. The technical installation can be completed in a few days but it is the services, training, planning and infrastructure development that takes the time.
In addition to standard training and documentation, online hosted videos describing CMS are available over WebEx or over Unilink’s YouTube channel. With each establishment implementation Unilink also provides chargeable onsite training to meet standard customer needs.
Consumers are required to: Provide code Lists and other configuration information for on-boarding; Set up information sharing agreements with third parties for data feeds. Work with Unilink to achieve necessary security accreditation objectives
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
End-of-contract data extraction
At any stage, user representatives are able to download case information to local storage and archive.
End-of-contract process
The service can be terminated with one month’s notice. Hosting charges would be dependent on the length of time that data is retained on the Hosting Service. On notification, Unilink, in conjunction with the G-Cloud PaaS Hosting Provider will delete purge and destroy all information from the application and permanently remove it. At any stage, user representatives are able to download case information to local storage and archive. There are no termination costs.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
Application to install
Yes
Compatible operating systems
  • Android
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The service has been optimised for mobile, desktop and secure kiosks
Service interface
Yes
Description of service interface
Web browser interface as well as application to install (Android, Windows).

Designed for use on mobile devices.

The service has been optimised for mobile, desktop and secure kiosks.
Accessibility standards
WCAG 2.1 A
Accessibility testing
The service was tested at design stage and has been continually refined based on feedback from over 60 successful deployments.
API
Yes
What users can and can't do using the API
API Enabled: Yes
API: SOAP
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Every implementation is customised to ensure that it dovetails with each client's site specific processes and procedures.
The Visits System is fully configurable and allows creation of custom visits rules to match establishment visit requirements. Some of these configurable features are:
Nominal and visitor warnings which prevent inappropriate visits from being booked e.g. for child protection. For instance the system will not allow a visit to be booked with an approved child visitor unaccompanied by their guardian. The age below which one is considered a child can be set by the establishment.
Ability to ban or approve visitors, either individually or globally.
Allows definition of prohibited and allowed visitor property.
Information on booked visits can be displayed to the security and visits officer at the visits gate and visits hall, as well as in the visits reception on visitor entry. The system has a fully searchable database with an integrated report writing tool.

Scaling

Independence of resources
The service has been carefully architected with planned scaleability to ensure that users are not affected by the demand that other users are placing on the service.
The product is widely used with over a billion prisoner transactions alone; one prison alone does more than a million prisoner transactions per month. Hence, the product is well tested, reliable and has been continuously developed since 2007.

Analytics

Service usage metrics
Yes
Metrics types
Service Metrics can be provided to clients based on their specific requirements
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Other
Other data at rest protection approach
FIPS-assured encryption
Secure containers, racks or cages
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
At any stage, user representatives are able to download case information to local storage and archive.
Data export formats
Other
Other data export formats
User defined
Data import formats
Other
Other data import formats
User defined

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
99.99 Availability. Service Level Agreements are negotiated directly with Unilink to achieve customer objectives of service availability, recovery time and backup objectives. Financial Recompense Models covering the circumstances in which Service Levels are not met are negotiated directly with Unilink.
Approach to resilience
G-Cloud PaaS Hosting Providers will provide Backup and Restore Services at the Centre/ Facility/ Agency level. These arrangements will be negotiated and captured within Service Level Agreements. Further, G-Cloud PaaS Hosting Providers will be required to provide Disaster Recovery Services. Again, these arrangements will have to be negotiated and captured within Service Level Agreements. Unilink is an ISO27001 and 9001 accredited organisation and has full continuity management plans which have been independently audited. The company operates out of two available secure premises with redundancy built into systems, infrastructure and staffing. In the event of any disaster, Unilink will be fully operational within 24 hours. Further information is available on request.
Outage reporting
Service outage reports are provided via both a public dashboard and email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
User access control within management interfaces and Administrator permissions are subjected to the following identity and authentication controls:
Username and two-factor authentication
Limited access over dedicated link, enterprise or community network
Username and strong password/passphrase enforcement
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users receive audit information on a regular basis
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
08/07/2017
What the ISO/IEC 27001 doesn’t cover
Both the company and the Digital Marketplace Services are covered within the scope of our ISO/IEC 27001 accreditation
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Unilink is ISO 27001 and 9001 certified and is audited by BSI Our services are designed to manage data at the IL3 level, and as a result require hosting in an appropriately accredited G-Cloud PaaS Data Centre. For example, the service can be securely hosted by SunGard or UKCloud, or other hosting partners with whom Unilink has relationships. Unilink’s test and development networks are accredited to IL3 level and can hold production data for a temporary period on a secure network. Data is destroyed after use, using approved procedures and protocols. All support and development staff are SC cleared, BD staff are cleared to CTC and the Unilink offices in Hampshire and London are physically secure and audited.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Unilink is an ISO 27001 accredited company that uses ITIL change management processes.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Unilink employs independent security consultants and work closely with supply chain partners such as Microsoft and Cisco to assess potential threats and implement mitigation measures including emergency patch deployment where advised to do so.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring processes are defined in conjunction with the client to take into account their security controls
Incident management type
Supplier-defined controls
Incident management approach
Security Incidents may be reported to our help desk (Service Desk) via Vendors, Customers or in-house staff. Incidents are then categorised (event severity and priority). Significant or severe events are escalated to the Service Desk Manager and are continually reported on until resolution.
Post incident reports are made available to clients within 24hrs.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Yes
Connected networks
  • Public Services Network (PSN)
  • Other
Other public sector networks
Other

Pricing

Price
£0.45 to £0.95 per person per day
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
The service is available for up to six months free of charge to one establishment for use on a trial basis. All such trials are individually discussed due to the operational implications.

Service documents

Return to top ↑