MOSAIC / ACANS
MOSAIC is a mobile command and control application designed for frontline and field-based professionals working with or without central co-ordination. It provides users with mapping, situational awareness and collaborative annotation tools.
ACANS is a variant for aviation users.
Features
- Tracking
- Team coordination
- Situational awareness
Benefits
- Resolve issues faster
- Intelligence beyond maps
- Get the bigger picture
Pricing
£500 to £1,500 a device a year
- Free trial available
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at accounts@airboxsystems.com.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 10
Service ID
2 8 8 8 0 0 7 0 8 0 3 3 0 0 2
Contact
Airbox Systems Limited
Airbox Systems
Telephone: 01235 227360
Email: accounts@airboxsystems.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
Windows server
Planned maintenance in agreement with customer - System requirements
-
- Windows Server
- Windows Desktop
- IOS
- Android
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
-
Mon-Fri - within 24 hours
Sat-Sun - best effort or by arangements - User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
- By arrangement with each client
- Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Online training
User manual
Assistance with server setup and user account creation - Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- By arrangement with client.
- End-of-contract process
-
Data download to client in an agreed format.
Removal of all users from server.
Secure deletion of server / storage.
Using the service
- Web browser interface
- No
- Application to install
- Yes
- Compatible operating systems
-
- Android
- IOS
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- No significant difference
- Accessibility standards
- None or don’t know
- Description of accessibility
- None except those supported by the hardware
- Accessibility testing
- None
- API
- No
- Customisation available
- No
Scaling
- Independence of resources
- Monitor performance, larger customer placed on dedicated servers.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Complies with a recognised standard (for example CSA CCM version 3.0)
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- From mobile devices or web site admin page.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- GPX
- KML
- SQL
- Data import formats
- Other
- Other data import formats
-
- Kml
- Xml
- Gpx
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
-
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
Availability and resilience
- Guaranteed availability
- See Airbox SLA
- Approach to resilience
- Available on request
- Outage reporting
- Email alerts
Identity and authentication
- User authentication needed
- Yes
- User authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
Username and password
IP address white listing - Access restriction testing frequency
- At least once a year
- Management access authentication
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- BSI
- ISO/IEC 27001 accreditation date
- Recommended: 27/4/2018
- What the ISO/IEC 27001 doesn’t cover
- NA
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Cyber Essentials
- Cyber Essentials Plus
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- Internal IT security policies (available upon request) monitored by the IT Security Board.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
-
Version control to monitor when new features are added. Integration testing and longer soak testing in a production like environment before applications are moved to production.
Any changes thought to impact on application security are discussed and where required outside consultation is sought. - Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Regular patch deployment every two weeks. Critical patch deployment within 7 days.
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
Notify customers of any perceived or actual compromise, including any loss of data.
Aim to respond to incidents within 48 hours. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Pre-defined process in the IT Security Policy, including forms for Airbox staff to report incidents.
Users provide incident reports via ticket system.
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £500 to £1,500 a device a year
- Discount for educational organisations
- No
- Free trial available
- Yes
- Description of free trial
- By arrangement with client.
- Link to free trial
- Www.airboxsystems.com
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at accounts@airboxsystems.com.
Tell them what format you need. It will help if you say what assistive technology you use.