SENTRYSIS
ONLINE CRIME REPORTING AND CRIME PROCESS WORK FLOW MANAGEMENT FOR UK POLICE CONSTABULARIES.
This includes MG11 creation, remote telephone statement taking, CCTV file transfer, convert and supply and collation of digital evidence packs for the police and CPS.
Features
- Secure CCTV file transfer, convert and supply from desired provider
- Online crime reporting to police from businesses and/or public
- Remote MG11 witness or victim telephone statement taking for police
- Crime and/or criminal data sharing between stakeholders
- Digital evidence asset collation and export
- Fully cloud based product (accessed from any internet device)
Benefits
- Creates multiple cost saving efficiencies
- Receive large CCTV files from provider in minutes
- Securely share crime data and intelligence with businesses
- Save time and human resources
- Reduce time by completing MG11 witness statement remotely with public
- Produce digital paper-trail of evidence and assets in real time
- Access digital evidence via cloud 24/7
- No need to visit businesses in person to conduct statements
Pricing
£58,000 an instance a year
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at <removed>@b570369f-0e51-45d5-9f71-165ddcce3be8.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 10
Service ID
1 4 5 4 8 8 8 0 5 3 1 3 3 7 3
Contact
SENTRY SECURE INTELLIGENCE SYSTEM
<removed>
Telephone: <removed>
Email: <removed>@b570369f-0e51-45d5-9f71-165ddcce3be8.com
Service scope
- Software add-on or extension
- Yes, but can also be used as a standalone service
- What software services is the service an extension to
- The SentrySIS platform includes a Business Crime software solution used by national retailers and crime partnerships.
- Cloud deployment model
- Private cloud
- Service constraints
- No.
- System requirements
-
- SentrySIS can be used on any internet enabled device
- Must have a web browser that can access the internet
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Support is available via email or UK based call centre (telephone).
Currently 9am until 6pm Monday to Sunday, although we are planning on offering 24 hour telephone and email support from August 2018. - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
SUPPORT LEVELS:
Basic Support : A basic task within the system cannot be complete.
Critical Support: A task that requires immediate attention is required. System Failure Support: SentrySIS cannot be accessed or is offline.
COST FOR SUPPORT:
All support costs are included in the SaaS annual cost.
TECHNICAL ACCOUNT MANAGER OR CLOUD SUPPORT ENGINEER:
Yes. If a support request cannot be rectified by our customer services agents, this is escalated to a cloud support engineer and the technical account manager is notified. - Support available to third parties
- No
Onboarding and offboarding
- Getting started
- Once an agreement has been made, we provide a series of onsite and online training modules including documentation (user guides) that can be disseminated to other system users. This is an ongoing process during the contract length.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Our internal developers will work with the users to extract data from SentrySIS by exporting this from the main system database.
- End-of-contract process
- At the end of the contract we require the client to provide feedback as to why they wanted to end the contract. All of their data is exported and supply to them (via secure FTP system). All this is included in the price.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- MacOS
- Windows
- Windows Phone
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
The cloud interface is through any web browser is fully responsive meaning that it will 'respond' to any device the user wants to use it on.
There is also a dedicated smartphone app (on iOS and Android) that can be used in addition to the browser based version. - Accessibility standards
- WCAG 2.0 AA or EN 301 549
- Accessibility testing
- We have spent time on testing the interface with different user groups around input controls, time-based media, CAPTCHA boxes (for security) and formatting & visibility.
- API
- No
- Customisation available
- Yes
- Description of customisation
- The only area of SentrySIS that can be customised for users is to insert their police constabulary logo on the main dashboard interface. Users can custom this by request at no extra cost over and above the annual SaaS licence costs.
Scaling
- Independence of resources
- Our software and hosting solution has been designed and architectured to handle mass usage from multiple different locations, all demanding high bandwidth data transfer.
Analytics
- Service usage metrics
- Yes
- Metrics types
- All service metrics are displayed within the software around users system usage, their specific activity using each software tool within SentrySIS, organisation-wide cost and efficiency savings and number of completed tasks (such as telephone statements completed)
- Reporting types
-
- Real-time dashboards
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a CHECK service provider
- Protecting data at rest
-
- Encryption of all physical media
- Other
- Other data at rest protection approach
- Access protection at physical data centre
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
- At the time of writing this application, all users currently export their data from the system by request. The data export is then carried out by our intern al developers. Their data is then securely deleted.
- Data export formats
- CSV
- Data import formats
- CSV
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Other
- Other protection within supplier network
- Multiple firewalls, DMZ, encryption of data
Availability and resilience
- Guaranteed availability
- Our SLA guarantees a 99% up time of the SentrySIS provision. If our SLA isn't fully met due to a technical fault of our system or from our third party host supplier, users are entitled to a refund of any fees paid, based on a pro-rata basis of usage.
- Approach to resilience
- This information is available on request, once an NDA has been signed by both parties.
- Outage reporting
- Our service reports outages through a public dashboard, a private police & local authority dashboard, a messaging service, email alerts and direct telephone communications with senior management at SentrySIS to our user main contact.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Limited access network (for example PSN)
- Username or password
- Access restrictions in management interfaces and support channels
- We restrict access by only allowing approved users and approved IP addresses to access SentrySIS
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- British Assessment Bureau
- ISO/IEC 27001 accreditation date
- 07/12/2016
- What the ISO/IEC 27001 doesn’t cover
- Nothing.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
- Secured By Design
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
The system uses ‘end to end’ data encryption provided by SSL SHA 256 and is accountable to an annual system-wide penetration test, conducted by a Crest, C.H.E.C.K service and Tigerscheme accredited external supplier (Secarma Ltd / UKFast Ltd).
SentrySIS is a company that current holds an ISO27001:2013 standard (Certificate number: 208379), and has a information business management manual that s followed by all staff.
Finally, SentrySIS is a police approved Secured By Design accreditation and is registered as a data controller and data processor with the Information Commissioner’s Office (Reg no: ZA096911)
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
The system is accountable to an annual system-wide penetration test, conducted by a Crest, C.H.E.C.K service and Tigerscheme accredited external supplier (Secarma Ltd / UKFast Ltd). This highlights any potential security impact that might need further development after any update is applied.
As the system is used for digital evidence by the police and Crown Prosecution Service, a fully transparent digital paper trail is kept within the system for the lifetime of how long (by law), is needs to be kept for. - Vulnerability management type
- Undisclosed
- Vulnerability management approach
- As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full risk assessment and potential threat process framework is conducted within the company. Potential threats are scanned for daily by SentrySIS and our third party provider. If any threats are found these are communicated with us immediately. If any patches are required, these are applied deployed immediately.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full risk assessment and potential compromises framework is conducted within the company. Potential compromises are scanned for daily by SentrySIS and our third party provider. If any compromises are found these are communicated with us immediately. If any patches for incidents are required, these are applied and deployed immediately.
- Incident management type
- Undisclosed
- Incident management approach
- As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full incident management framework is conducted within the company. Users can report incidents via the 'report an issue' section within the software. Incidents are scanned for daily by SentrySIS and our third party provider. If any incidents are found these are communicated to us immediately. If any patches for incidents are required, these are applied and deployed immediately. We provide a full incident report back to the user once information has been complied
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £58,000 an instance a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- Police constabularies can use the full SentrySIS platform / system for up to 3 months free of charge.
- Link to free trial
- https://vimeo.com/237711648
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at <removed>@b570369f-0e51-45d5-9f71-165ddcce3be8.com.
Tell them what format you need. It will help if you say what assistive technology you use.