Calla Technology Limited

Calla Account on the Cloud

Calla Cloud lets you safely store videos in your online account. Only you can access these videos by logging into your Calla account. Calla Cloud features enable you to manage and share videos securely, without worrying about storage.

Features

  • Upload and manage video files
  • Share video files securely with colleagues or external partners
  • Take clippings and snapshot of video footage
  • Auto uploader as a service; direct upload to cloud
  • Secure audit trail
  • Automated redaction
  • Active directory integration
  • Custom user roles, permissions and retention policies
  • Access your Calla Cloud account securely anywhere using any device
  • Sophisticated reporting tools to aid evidence management

Benefits

  • Seamlessly and securely share video online with teams/externally
  • Simple and easy to use, automated redaction overcomes privacy concerns
  • Manage data protection requirements with tamper proof audit trail
  • Easily set up users and control permissions
  • Scalable and cost-effective Cloud storage solutions
  • Automatic access to feature updates
  • Directly upload files to your Calla account
  • Advanced search features to find files easily
  • Intuitive playback controls to review video
  • Categorise files, add tags and notes to aid video management

Pricing

£15 to £89 per licence per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

1 8 2 8 6 9 0 0 5 9 0 9 5 3 6

Contact

Calla Technology Limited

Ellie Surey

0800 689 1619

info@calla.co

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No major constraints.
System requirements
  • Internet connectivity
  • Internet browser (Chrome, IE or Edge)

User support

Email or online ticketing support
Email or online ticketing
Support response times
Limited response at weekends.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), 7 days a week
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Directly via Calla website.
Web chat accessibility testing
None to date.
Onsite support
Yes, at extra cost
Support levels
In addition to our standard support service 9 to 5 (UK time), Monday to Friday, enhanced SLAs and 24x7 support services are available for additional charges.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We provide onsite training supported with user documentation.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
We have an export utility which allows customers to export their digital evidence files and associated metadata in industry standard format.
End-of-contract process
Customers will be provided with an option to extend or renew their contract no later than 90 days before the end date. If they elect not to do so, customers are free to download and export their data at any point before the end of the contract. In addition, upon request, Calla will continue to store a customer's data for a period of up to 90 days following the end of the contract. During this period, the customer will be provided with access to the Cloud service in order to download or export the customer's data. Following this period, Calla will promptly delete any remaining customer data and, upon request, provide the customer with written confirmation that the customer data has been deleted. Calla reserves the right to charge the customer reasonable fees for (a) storing, downloading or exporting the customer data during the period requested by customer and (b) for any assistance provided by Calla in the downloading or exporting of the customer data

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
Application to install
Yes
Compatible operating systems
  • Android
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The Calla Account operates on desktop and mobile devices.
Service interface
Yes
Description of service interface
Our application uses a modern Web UI that is easily accessible.
Accessibility standards
None or don’t know
Description of accessibility
Calla endeavours to ensure that access to our Cloud services is secure and usable.
Accessibility testing
None to date.
API
Yes
What users can and can't do using the API
APIs are used by Calla to communicate between the different applications, database and storage.
Access and documentation to the API’s is available on a case by case basis determined by Calla.
Users make changes through the API in accordance with the documentation.
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
Each customer is provided with its own virtual server.

Analytics

Service usage metrics
Yes
Metrics types
Calla Account provides reports on usage patterns.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
We allow customers to download all the data they have stored in the Cloud.
Data export formats
Other
Other data export formats
  • All uploaded digital evidence in original formats
  • XML
Data import formats
Other
Other data import formats
  • Comprehensive list of digital formats supported for upload.
  • XML

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
We use commercially reasonable efforts to ensure a minimum 99.9% service offering.
Approach to resilience
Evidential data in your storage account is always replicated to ensure durability and high availability. Locally redundant storage (LRS) is offered as standard and Geo-redundant storage (GRS) is available at additional cost.
Outage reporting
E-mail alerts are sent to system administrators when service outages are identified.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
Access to the Cloud environment, data and applications is managed by federating user identities to Active Directory or any standard federation and enabling Azure Multi-Factor authentication for more secure sign-in. Additional users are managed by each customer’s IT Administrator via Active Directory. Calla can use any Active Directory Federation Service (ADFS) if the customer does not have Azure Active Directory.
Access restriction testing frequency
Less than once a year
Management access authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Assessment Bureau
ISO/IEC 27001 accreditation date
8th July 2018
What the ISO/IEC 27001 doesn’t cover
Not applicable.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Police-Approved Secure Facility (PASF)

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We have an Information Security Policy that is compliant with the requirements of ISO 27001. We have an Information Security Officer who implements this policy and an Internal Compliance Officer who ensure compliance to the policy. Incidents of non-compliance are escalated to a Board representative.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Our processes for configuration and change management comply with ISO 27001.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We carry out regular penetration testing using independent and qualified third parties. Patches are deployed in a timescale that reflects the severity of the threat/vulnerability.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
We use a range of methods to detect potential compromises. The response procedure and timing reflect the nature of the compromise.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Customers can log incidents via our online fault report form or email (24/7) or via phone (during office business hours). • All cases are managed by our in house support desk and recorded on our incident tracking tool. • All open cases are monitored against pre-defined SLA’s. • The support desk issue service reports to customers either upon request (for small accounts) or pre-agreed intervals (usually either monthly or quarterly) for larger accounts • Service review meetings are chaired by a Calla Service Delivery Manager and are part of our service offering.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£15 to £89 per licence per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free trials available subject to scoping.

Service documents

Return to top ↑