Environment Systems Limited

Earth Observation Data Service

Provision of on-demand analysis-ready satellite data, environment and agricultural metrics.

Features

  • On demand access to processed satellite imagery
  • Analysis ready data products from SAR (including Sentinel 1) satellites
  • Analysis ready data products from optical (including Sentinel 2) satellites
  • Environmental and agricultural metrics from satellite indices
  • Time series analysis of environmental and agricultural metrics
  • On demand analytics for your key areas of interest
  • API level access to data services
  • Highly scalable cloud-based data service
  • Data published under open data licence (CC-BY-SA-4.0)

Benefits

  • On demand access to near real time information
  • Evidence base from field to farm, to national coverage
  • Analysis ready data analytics on current agricultural performance
  • Analysis ready data analytics on state of our current environment
  • Key input for modelling, monitoring, land management, and policy formulation
  • Standards based to help seamless integration into existing workflows
  • Metrics collection in all-weather from SAR satellites
  • Analyse historic agricultural and environmental metrics
  • Open data licence to give you freedom to operate

Pricing

£200 to £700 per user per month

Service documents

G-Cloud 10

363783520096437

Environment Systems Limited

Steve Keyworth

01970626688

steve.keyworth@envsys.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No
System requirements
  • Modern internet browser (Chrome, Firefox, IE11+)
  • 2MB+ internet connection

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 1-2 working days
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels All users receive the same levels of support
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online Tooltips are provided
Online video tutorials demonstrating service
Service documentation No
End-of-contract data extraction Data products are available to download and offline use for duration of access period.
End-of-contract process Paid for features of account are disabled. The account remains in place for easy re-enabling/purchase.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All features are the same across mobile and desktop. There will be some changes in layout flow in the mobile due to screen sizes.
Accessibility standards None or don’t know
Description of accessibility Web browser HTTPS or API
Accessibility testing None
API Yes
What users can and can't do using the API - Users can request all data from the catalogue and transfer/download to their own data storage (server or cloud).

- Users can search catalogue by date, and select data from returned results for transfer/download to their own data storage (server or cloud).

- Users can search catalogue by location, and select data from returned results for transfer/download to their own data storage (server or cloud)
API documentation Yes
API documentation formats Open API (also known as Swagger)
API sandbox or test environment Yes
Customisation available No

Scaling

Scaling
Independence of resources We mitigate by:
1) Using virtual machines on which we can change the resource allocation in response to demand
2) Performing user processing jobs on scalable node clusters, automatically responding to higher loads with more processing nodes.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Other
Other data at rest protection approach All data are held on Amazon Web Services and are subject to their data at rest
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Using personalised download link from the data services portal.
Data export formats
  • CSV
  • Other
Other data export formats
  • Zipped data package containing GeoTiff and metadata
  • ESRI shapefile
Data import formats Other
Other data import formats Zipped ESRI Shapefile

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network Other
Other protection within supplier network Amazon Web Services security, including secure API keys

Availability and resilience

Availability and resilience
Guaranteed availability Environment Systems Earth Observation Data Services availability is described in the Terms of Service and Service Level Agreement available here https://data.envsys.co.uk/terms
Approach to resilience Available on Request
Outage reporting In-house Nagios monitoring resulting in a notice on dashboard and email alert to Environment Systems DevOps administrators. For custom services and AWS cloud watch for AWS services with automated alerts going to Environment Systems DevOps administrators. User notifications will be provided.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication Password supplied is verified against password hash for supplied email.

Other: For API access, request information is hashed using a secret private key, public key is passed to server with request and hash. Server hashes request information with private key corresponding to public key and checks the hashes match.
Access restrictions in management interfaces and support channels Username and passwords. Only specific tagged accounts have access to the management interface. Management access only from Environment Systems IPs.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Username or password
  • Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Environment Systems approach to security governance starts at the Board level with ownership by the Operations Director (company Director). Day-to-day this is managed by the IT Manager, with education and awareness on the subject ongoing with all staff. The company is in the well through the process of implementing the NCSC 10 Steps to Cyber Security and is committed to completing this by the end of 2017. All incidents are logged and reported to the Board with action and learning subsequently taking place.
Information security policies and processes Environment Systems has a Data Security Policy that is owned and maintained by the Operations Director (company Director). The purpose of the Data Security Policy is to ensure the effective protection and proper usage of data within Environment Systems. The creation and management of data in the organisation is considerable, and the dependency on data in the delivery of Environment Systems services is high. The aim of the Data Security Policy is to ensure that all data is managed in a secure and efficient manner by assisting in the maintenance of data at an operational level. Contraventions of the Data Security Policy could seriously disrupt the operation of Environment Systems, clients and partners and any breaches will be treated seriously.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We have three environments (Dev, Staging, and Live). The Dev environment is used to apply vendor supplied software updates to the components, and new feature developments. The Staging environment is used for testing hot-fixes (including security), and to highlight issues with merges from Dev, prior to going Live.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Environment Systems monitors multiple sources daily for the latest security threats.
Sonicwall Application and Threat Protection Highlights both email, together with Nagios alerts notify Environment Systems Dev. Ops. when critical security updates (operating system) are needed for the cloud infrastructure, including Elastic Compute Cloud servers. These are then actioned within 24 hours. Postgis and Elastic File System‎ updates are handled by Amazon directly.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We generate security alerts by processing control data using detection and compliance rulesets; deploy new or modified ruleset(s) that has been confirmed by Environment Systems to accurately identify cyber threats, to continually improve the generation of security alerts; process and analyse the security alerts generated by the system; we raise a security incident once a threat has been identified by a Environment Systems Dev. Ops.
Incident management type Supplier-defined controls
Incident management approach Environment Systems takes breaches of security very seriously. All breaches will be investigated by the board of directors and following the gathering of evidence and establishment of facts, appropriate policy and operational changes will take place, with disciplinary action (if required) as appropriate.

Environment Systems backup procedures (both systems and data) enable the company and company services to be restored to a normal service operation as quickly as possible and to minimise the impact on business operation.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £200 to £700 per user per month
Discount for educational organisations No
Free trial available Yes
Description of free trial The free, open data option provides access to rolling, seasonal, composite imagery of Great Britain.
The map interface enables registered users to choose from a time period, pan/zoom and select an AOI for download, complete with relevant metadata. Downloaded data are suitable for use in a GIS for further analysis.
Link to free trial https://data.envsys.co.uk

Documents

Documents
Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑