This G-Cloud 10 service is no longer available to buy.

The G-Cloud 10 framework expired on Tuesday 2 July 2019. Any existing contracts with Airbox Systems Limited are still valid.
Airbox Systems Limited

MOSAIC / ACANS

MOSAIC is a mobile command and control application designed for frontline and field-based professionals working with or without central co-ordination. It provides users with mapping, situational awareness and collaborative annotation tools.

ACANS is a variant for aviation users.

Features

  • Tracking
  • Team coordination
  • Situational awareness

Benefits

  • Resolve issues faster
  • Intelligence beyond maps
  • Get the bigger picture

Pricing

£500 to £1,500 a device a year

  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@airboxsystems.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 10

Service ID

2 8 8 8 0 0 7 0 8 0 3 3 0 0 2

Contact

Airbox Systems Limited Airbox Systems
Telephone: 01235 227360
Email: accounts@airboxsystems.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
Windows server

Planned maintenance in agreement with customer
System requirements
  • Windows Server
  • Windows Desktop
  • IOS
  • Android

User support

Email or online ticketing support
Email or online ticketing
Support response times
Mon-Fri - within 24 hours

Sat-Sun - best effort or by arangements
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
By arrangement with each client
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Online training
User manual
Assistance with server setup and user account creation
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
By arrangement with client.
End-of-contract process
Data download to client in an agreed format.
Removal of all users from server.
Secure deletion of server / storage.

Using the service

Web browser interface
No
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
No significant difference
Accessibility standards
None or don’t know
Description of accessibility
None except those supported by the hardware
Accessibility testing
None
API
No
Customisation available
No

Scaling

Independence of resources
Monitor performance, larger customer placed on dedicated servers.

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
From mobile devices or web site admin page.
Data export formats
  • CSV
  • Other
Other data export formats
  • GPX
  • KML
  • SQL
Data import formats
Other
Other data import formats
  • Kml
  • Xml
  • Gpx

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
See Airbox SLA
Approach to resilience
Available on request
Outage reporting
Email alerts

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Username and password
IP address white listing
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
Recommended: 27/4/2018
What the ISO/IEC 27001 doesn’t cover
NA
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
  • Cyber Essentials
  • Cyber Essentials Plus

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Internal IT security policies (available upon request) monitored by the IT Security Board.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Version control to monitor when new features are added. Integration testing and longer soak testing in a production like environment before applications are moved to production.

Any changes thought to impact on application security are discussed and where required outside consultation is sought.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Regular patch deployment every two weeks. Critical patch deployment within 7 days.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Notify customers of any perceived or actual compromise, including any loss of data.

Aim to respond to incidents within 48 hours.
Incident management type
Supplier-defined controls
Incident management approach
Pre-defined process in the IT Security Policy, including forms for Airbox staff to report incidents.

Users provide incident reports via ticket system.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£500 to £1,500 a device a year
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
By arrangement with client.
Link to free trial
Www.airboxsystems.com

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at accounts@airboxsystems.com. Tell them what format you need. It will help if you say what assistive technology you use.