Design IT Solutions (Trading as Panoptech)

MiX Messaging Server

MiX is a combination of a secure mobile application and a central server solution, to facilitate encrypted messaging between deployed and internal groups within an organisation.

Messages can be sent between members of a broadcast group or just between individuals, with the content being centrally stored and moderated, if required.

Features

  • Group or Individual Messaging
  • Web Based Interface for Clients
  • Secure iOS & Android Based Mobile App
  • Full Audit Trail
  • Moderated Content
  • Encrypted AES 256 TLS 1.2/1.3
  • No Data is Stored on the Mobile
  • Document & Image Sharing
  • Time Limited Messages
  • Geo-Location of Device (If required)

Benefits

  • Secure & Encrypted Message Management
  • Individual or Organisational-Wide Broadcast
  • Both iOS & Android OS Platforms
  • Messages Groups can be Moderated
  • Full Audit trail (User & Message Content)
  • Device Location Reporting (optional)
  • No Messages/Information Stored on the Mobile Device
  • Messages can contain Documents & Imagery (optional)
  • Data cannot be copied out the App
  • Users can login from Desktop via Web Browser & Message

Pricing

£7,500 a server

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kmcdonald@panoptech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

1 2 9 1 3 1 3 8 7 9 3 4 0 4 7

Contact

Design IT Solutions (Trading as Panoptech) Kevin McDonald
Telephone: 0121 782 7200
Email: kmcdonald@panoptech.co.uk

Service scope

Service constraints
Application resides on only standard iOS & Android Operating Systems
System requirements
  • Linux or Windows Operating System (Central Server)
  • IOS or Android Operating System for Mobile Device (Tablet/Phone)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Within 8 hours during Normal Working Hours, Monday to Friday, 9:00 to 17:00 excluding UK Bank Holidays
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Telephone support with 8 hours SLA during normal working hours (9:00 to 17:00), Monday to Friday, excluding UK Bank Holidays.

Call out to site can be provided on a next working day SLA, but at an additional charge and dependant on location of system.

If remote access is available then support can be provided during normal working hours, Monday to Friday, excluding UK Bank Holidays.
Support available to third parties
No

Onboarding and offboarding

Getting started
Documentation provided included MiX User and Technical Manuals. Training is delivered either at a customer or Panoptech location. Two levels of training are offered being "Technical Delivery & Support Training" & "User Training". Both are delivered either in “End User" or "Train-the-Trainer" format. Bespoke training can be provided and costed separately depending on the requirements.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
  • Other
Other documentation formats
Microsoft Word
End-of-contract data extraction
The User will have access to their own data at all times and as such can provide their own mechanism to extract data when the contract ends.
End-of-contract process
All of the system is closed down and decomissioned

Using the service

Web browser interface
Yes
Using the web interface
The web interface allows Users to access the MiX product. There are different access levels which can be assigned to a User which then determines what they are able to do.
Administrators are able to manage the application, including User Management and Creation.
Users are able to message, within the restrictions applied to their account, including creating new Message Groups, Attaching Images/Documents to messages etc.
Web interface accessibility standard
WCAG 2.1 AA or EN 301 549
Web interface accessibility testing
Tested with Clients to ensure that it works as required.
API
No
Command line interface
No

Scaling

Scaling available
No
Independence of resources
The system is built as per the requirements of each user. When the system is built, it is scaled to the requirements.
Usage notifications
No

Analytics

Infrastructure or application metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
Yes
What’s backed up
Virtual Machine Backup & Database backup
Backup controls
Users will have access to the system backup capability and can change the schedule to meet their organisations requirements.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
  • Users can recover backups themselves, for example through a web interface
  • Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The availability of system is based wholly influenced on the resiliance designed into the infrastructure/network on which whic the solution resides. Panoptech will work with the User to make sure that this offers the best possible uptime for the budget and capability being delivered at which point the availability of the system can be determined.
Approach to resilience
Our Servers are multi databased and multi server across sites in the UK.
Outage reporting
We have a Network Operactions Centre which can monitor the network on which the MiX software resides if required. This provides a dashboard which allows users a view of the curent status of the infrastructure.

By way of notification, faults can be highlighted to a user in a SMS or Email format.

Identity and authentication

User authentication
2-factor authentication
Access restrictions in management interfaces and support channels
MDM is also used for access management and applying policies to all devices/users
Access restriction testing frequency
At least every 6 months
Management access authentication
2-factor authentication
Devices users manage the service through
  • Dedicated device on a segregated network (providers own provision)
  • Dedicated device on a government network (for example PSN)
  • Dedicated device over multiple services or networks
  • Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Please note we are currently working towards ISO27001. As such policies designed under this standard are in place to cover our reporting structure.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Changes are managed in the internal system.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Threats are analysed and dealt with as required.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We would recommend deploying the Cisco Umbrella security product or a customer supplied security solution, across the network. This product will provide a layer of protection as well as a tool to identify any potential compromises at a network level. End Device Protection will be in the form of a EndPoint Device Management tool which will not only protect the device but also provide reporting on any potential compromise.
Incident management type
Supplier-defined controls
Incident management approach
Users report incidents via the Support Desk telephone number or the Online Help Desk. The incidents are logged and then actioned depending on their status. This process and responce levels would be defined with the customer and documented in a Maintenance Support Contract.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Yes
Who implements virtualisation
Supplier
Virtualisation technologies used
Hyper-V
How shared infrastructure is kept separate
Separate Silo's & Separate LUN'S on the system.

Energy efficiency

Energy-efficient datacentres
No

Pricing

Price
£7,500 a server
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Panoptech can host a MiX Trail for Users. This is limited to a period of a month and 20 users. Users can download the applicaion Free Of Charge from the App Store. As Panoptech are hosting the service, any data which is created will be visible to Panoptech !

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kmcdonald@panoptech.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.