HCL Technologies UK LImited

HCL iGOVERN® Mobility Solution

iGOVERN® Mobility is a device and platform agnostic solution, enabling Police Officers to connect to operational systems from remote locations. The service is integrated with force local and national systems. Based on SOA (Service Oriented Architecture) principles it provides officers with access to all critical information needed via handheld devices.

Features

  • Single Sign On (SSO)
  • Offline Support
  • Future Proof - Scalable and Robust
  • In Depth Auditing
  • Security Compliance
  • Multi-Tenanted and SOA (Service Oriented Architecture) based architecture
  • Device and Platform Agnostic
  • Comprehensive Management Dashboards
  • Support for Open Source Technologies
  • Geo Fencing

Benefits

  • Increased Police Visibility by 15 to 20 %
  • Reduced Load on Back office Staff (ECC and FCC)
  • Increased Man Hours available on the street attending more jobs
  • Reduced physical IT infrastructure requirement
  • Integration - GPS, Camera, Peripherals e.g. SATNAVs, Biometrics Scanners etc.
  • Reduced Training Requirements with uniform experience across all business areas.
  • Reduced Process lead times (e.g .Crime report creation, intelligence submissions)
  • Improved Data Quality - Reduced Double Keying and Auto Data-Population.
  • Making Processes more Efficient by Removing Redundancies
  • Increased Officer safety - Real time access to critical information

Pricing

£14.50 to £29.00 per unit per month

Service documents

G-Cloud 9

330576072818282

HCL Technologies UK LImited

Paul Montgomery

+44 (0) 1784 480 800

eas-hclsalessup@hcl.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Not Applicable
Cloud deployment model Private cloud
Service constraints None
System requirements
  • Webserver with Windows Server 2012 R2, IIS and 16GB RAM
  • Hosting of web services and web interfaces of the application
  • Application server with Windows Server 2012 R2 with 16GB RAM
  • Hosting of integration service components
  • Database machines with Windows Server 2012 R2 to host databases
  • Active directory and certificate authority servers
  • To form domain and generate certificates for secure data communication

User support

User support
Email or online ticketing support Email or online ticketing
Support response times During business hours:
Severity 1 = 1 hour
Severity 2 = 2 hours
Severity 3 = 1 working day
Severity 4 = 2 working days
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels Level 3 - Software Support
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Super User training sessions
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Word
End-of-contract data extraction The database is moved to the client's network and complete access to data is provided with a service interface.
End-of-contract process The service is switched off completely, so as to avoid any misuse. Also the customer is provided with access to all the customer data.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service This service is designed to work on the Mobile phone. There are certain features which are available on the desktop, e.g. print, etc. and that is applicable for certain functions. Also Dashboard reporting is available on the Desktops.
Accessibility standards None or don’t know
Description of accessibility The web service hosted on the web server is accessed over the HTTPS (Hyper TextTransfer Protocol) and VPN (Virtual Private Network) tunnel established between the mobile device and the hosting server. The mobile application hosted on the mobile device uses the proxy of the web service to send the request and receive responses. A service hosted on a web server can only be accessed from the HCL mobile application.
Accessibility testing Not Applicable
API Yes
What users can and can't do using the API Only enrolled users can access the service from the mobile application. The web service is accessible only from a mobile interface. The exposed service is accessible via proxy.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Customers can pick and choose the functions they want. Also the business logic within those functions is fully customisable.

Scaling

Scaling
Independence of resources The scaling of the hosted service is performed based on the total number of users and peak time concurrency level. Each hosted virtual machine is configured to handle 350 concurrent user requests.

Analytics

Analytics
Service usage metrics Yes
Metrics types Transaction history report, performance report, exception report, login logout report, offline report, geo fencing report
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach The storage is protected with persistent key and encrypted further by strong encryption key (AES 256) format.
Data sanitisation process No
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The user can export data by selecting the export function on the dashboard reports of the Admin application.
Data export formats
  • CSV
  • Other
Other data export formats PDF
Data import formats
  • CSV
  • Other
Other data import formats Xls and xlsx

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks By associating the hosted web service with SSL (Secure Sockets Layer) certificate. Also, the service is accessed over HTTPS protocol and data - before transmitting over the air- is encrypted by using AES 256 bit encryption.
Data protection within supplier network Other
Other protection within supplier network Data within the network travels in binary format. Each request or response data is associated with a security token.

Availability and resilience

Availability and resilience
Guaranteed availability 99.9%
Approach to resilience The hosting site is physically divided into 2 sites. Each physical site contains an exact replica of servers and acts as failover of the other site. Data synchronisation happens via the "Always On" feature of the MS SQL Server.
Outage reporting Monitoring tools (Microsoft SCOM) are configured to monitor hosted services and virtual machines. Disk coverage and capacity related configurations are performed to raise the alarm to mitigate any failure. An email is sent by the monitoring tool to all stakeholders before any failure happens. Transaction logs are maintained to generate a report on defined intervals.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Other
Other user authentication 1. User login is authenticated against the Mobile device IMEI and user email ID stored in the database.
2. On successful authentication, a security token is generated and returned back to the mobile application.
3. Each transaction is associated with the security token.
4. The security token session is maintained in the HCL mobility database for a defined time period.
Access restrictions in management interfaces and support channels 1. Each user is provided with an access role. The access to the system functionalities are directly linked with the access role permissions.
2. When the user logs into the application, only allowed functionalities are visible to the user.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information You control when users can access audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Bureau Veritas
ISO/IEC 27001 accreditation date 26/05/2015
What the ISO/IEC 27001 doesn’t cover Customer specific security requirements, to be discussed at call off contract stage.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Not known
PCI DSS accreditation date Not known
What the PCI DSS doesn’t cover Not known
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards ISO 9001:2008 - Quality Management
ISO/IEC 20000-1:2011 - Service Management
ISO 14001 - Environmental Management
ISO 27001 - Security Management
Information security policies and processes HCL will protect all its stakeholder interests by ensuring confidentiality integrity and continuous availability of information and information systems under its governance, including those of its customers. This includes but is not limited to electronic/ print information, etc. on servers, workstations, laptops, networking and communication devices, tapes, CDs and information printed or written on paper or transmitted on any medium.
Information is protected from unauthorised access, use, disclosure, modification, disposal or impairment, whether intentional or unintentional, through appropriate technical and organisational security measures.
Information risk assessment will be carried out and criteria established for evaluation and acceptance of risks and acceptable level of risks defined.
Any security incidents, security weaknesses and infringements of the policy, actual or suspected are reported, investigated by the Chief Information Security Officer and appropriate corrective or preventative action initiated.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration Management tracks the IT environment.
A repository maintains all versions of individual work products to help/permit developers to revert to previous versions during testing and debugging.
Dependency tracking and change management covers relationships between enterprise entities and processes, parts of an application design, design components and the enterprise information architecture, design elements and other work products.
HCL tracks all the requirements, design and construction components and deliverables that result from a requirements specification.
An audit trail is maintained about when, why and by whom changes are made, with source information of changes as specific objects in the repository.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability management focusses on finding weakness that can be exploited. HCL performs quarterly and/or annual vulnerability scans to get a snapshot at that point in time. Regular scanning ensures new vulnerabilities are detected in a timely manner and are fixed before they occur. The HCL vulnerability management process consists of the following phases:
1. Preparation
2. Vulnerability scan
3. Define remediating actions
4. Implement remediating actions
5. Rescan
Protective monitoring type Supplier-defined controls
Protective monitoring approach Not Applicable
Incident management type Supplier-defined controls
Incident management approach Incident management is designed with a goal to restore a normal service operation as quickly as possible and to minimise the impact on business operations. The incident management process follows these steps:

1. Incident identification and logging by the customer
2. Incident categorisation and prioritisation by the customer
3. HCL works on the incident response performing diagnosis and investigation followed by resolution and bringing the incident to closure
4. Corrective and preventive action are taken to avoid repeat or similar incident in future.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Public Services Network (PSN)

Pricing

Pricing
Price £14.50 to £29.00 per unit per month
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑