SENTRY SECURE INTELLIGENCE SYSTEM

SENTRYSIS

ONLINE CRIME REPORTING AND CRIME PROCESS WORK FLOW MANAGEMENT FOR UK POLICE CONSTABULARIES.

This includes MG11 creation, remote telephone statement taking, CCTV file transfer, convert and supply and collation of digital evidence packs for the police and CPS.

Features

  • Secure CCTV file transfer, convert and supply from desired provider
  • Online crime reporting to police from businesses and/or public
  • Remote MG11 witness or victim telephone statement taking for police
  • Crime and/or criminal data sharing between stakeholders
  • Digital evidence asset collation and export
  • Fully cloud based product (accessed from any internet device)

Benefits

  • Creates multiple cost saving efficiencies
  • Receive large CCTV files from provider in minutes
  • Securely share crime data and intelligence with businesses
  • Save time and human resources
  • Reduce time by completing MG11 witness statement remotely with public
  • Produce digital paper-trail of evidence and assets in real time
  • Access digital evidence via cloud 24/7
  • No need to visit businesses in person to conduct statements

Pricing

£58000 per instance per year

Service documents

G-Cloud 10

145488805313373

SENTRY SECURE INTELLIGENCE SYSTEM

CHRIS NRIAPIA

07715797417

CHRIS@SENTRYSIS.COM

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to The SentrySIS platform includes a Business Crime software solution used by national retailers and crime partnerships.
Cloud deployment model Private cloud
Service constraints No.
System requirements
  • SentrySIS can be used on any internet enabled device
  • Must have a web browser that can access the internet

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support is available via email or UK based call centre (telephone).

Currently 9am until 6pm Monday to Sunday, although we are planning on offering 24 hour telephone and email support from August 2018.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels SUPPORT LEVELS:

Basic Support : A basic task within the system cannot be complete.
Critical Support: A task that requires immediate attention is required. System Failure Support: SentrySIS cannot be accessed or is offline.

COST FOR SUPPORT:

All support costs are included in the SaaS annual cost.

TECHNICAL ACCOUNT MANAGER OR CLOUD SUPPORT ENGINEER:

Yes. If a support request cannot be rectified by our customer services agents, this is escalated to a cloud support engineer and the technical account manager is notified.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Once an agreement has been made, we provide a series of onsite and online training modules including documentation (user guides) that can be disseminated to other system users. This is an ongoing process during the contract length.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Our internal developers will work with the users to extract data from SentrySIS by exporting this from the main system database.
End-of-contract process At the end of the contract we require the client to provide feedback as to why they wanted to end the contract. All of their data is exported and supply to them (via secure FTP system). All this is included in the price.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
  • Windows Phone
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The cloud interface is through any web browser is fully responsive meaning that it will 'respond' to any device the user wants to use it on.

There is also a dedicated smartphone app (on iOS and Android) that can be used in addition to the browser based version.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing We have spent time on testing the interface with different user groups around input controls, time-based media, CAPTCHA boxes (for security) and formatting & visibility.
API No
Customisation available Yes
Description of customisation The only area of SentrySIS that can be customised for users is to insert their police constabulary logo on the main dashboard interface. Users can custom this by request at no extra cost over and above the annual SaaS licence costs.

Scaling

Scaling
Independence of resources Our software and hosting solution has been designed and architectured to handle mass usage from multiple different locations, all demanding high bandwidth data transfer.

Analytics

Analytics
Service usage metrics Yes
Metrics types All service metrics are displayed within the software around users system usage, their specific activity using each software tool within SentrySIS, organisation-wide cost and efficiency savings and number of completed tasks (such as telephone statements completed)
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Encryption of all physical media
  • Other
Other data at rest protection approach Access protection at physical data centre
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach At the time of writing this application, all users currently export their data from the system by request. The data export is then carried out by our intern al developers. Their data is then securely deleted.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network Multiple firewalls, DMZ, encryption of data

Availability and resilience

Availability and resilience
Guaranteed availability Our SLA guarantees a 99% up time of the SentrySIS provision. If our SLA isn't fully met due to a technical fault of our system or from our third party host supplier, users are entitled to a refund of any fees paid, based on a pro-rata basis of usage.
Approach to resilience This information is available on request, once an NDA has been signed by both parties.
Outage reporting Our service reports outages through a public dashboard, a private police & local authority dashboard, a messaging service, email alerts and direct telephone communications with senior management at SentrySIS to our user main contact.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Limited access network (for example PSN)
  • Username or password
Access restrictions in management interfaces and support channels We restrict access by only allowing approved users and approved IP addresses to access SentrySIS
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 British Assessment Bureau
ISO/IEC 27001 accreditation date 07/12/2016
What the ISO/IEC 27001 doesn’t cover Nothing.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Secured By Design

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes The system uses ‘end to end’ data encryption provided by SSL SHA 256 and is accountable to an annual system-wide penetration test, conducted by a Crest, C.H.E.C.K service and Tigerscheme accredited external supplier (Secarma Ltd / UKFast Ltd).

SentrySIS is a company that current holds an ISO27001:2013 standard (Certificate number: 208379), and has a information business management manual that s followed by all staff.

Finally, SentrySIS is a police approved Secured By Design accreditation and is registered as a data controller and data processor with the Information Commissioner’s Office (Reg no: ZA096911)

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach The system is accountable to an annual system-wide penetration test, conducted by a Crest, C.H.E.C.K service and Tigerscheme accredited external supplier (Secarma Ltd / UKFast Ltd). This highlights any potential security impact that might need further development after any update is applied.

As the system is used for digital evidence by the police and Crown Prosecution Service, a fully transparent digital paper trail is kept within the system for the lifetime of how long (by law), is needs to be kept for.
Vulnerability management type Undisclosed
Vulnerability management approach As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full risk assessment and potential threat process framework is conducted within the company. Potential threats are scanned for daily by SentrySIS and our third party provider. If any threats are found these are communicated with us immediately. If any patches are required, these are applied deployed immediately.
Protective monitoring type Undisclosed
Protective monitoring approach As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full risk assessment and potential compromises framework is conducted within the company. Potential compromises are scanned for daily by SentrySIS and our third party provider. If any compromises are found these are communicated with us immediately. If any patches for incidents are required, these are applied and deployed immediately.
Incident management type Undisclosed
Incident management approach As the company works within its ISO27001:2013 standard (Certificate number: 208379), a full incident management framework is conducted within the company. Users can report incidents via the 'report an issue' section within the software. Incidents are scanned for daily by SentrySIS and our third party provider. If any incidents are found these are communicated to us immediately. If any patches for incidents are required, these are applied and deployed immediately. We provide a full incident report back to the user once information has been complied

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £58000 per instance per year
Discount for educational organisations No
Free trial available Yes
Description of free trial Police constabularies can use the full SentrySIS platform / system for up to 3 months free of charge.
Link to free trial https://vimeo.com/237711648

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑