Lima Digital Forensic Case Management
Lima Digital Forensic Case Management solutions provide complete case and laboratory management capabilities to laboratories. From case submissions through to final reporting, the Lima solution enables DF Laboratories to operate consistently to the methods required by ISO-17025 FSR Code of Practice and Industry Best Practice. Perpetual or Subscription licensing models.
Features
- Comprehensive Digital Forensic Case Management system
- Enabling ISO 17025:2005 Compliance
- Enabling Policy Deployment and Standard Operating Procedures within Client Laboartories
- Management Dashboard reporting in application and via Browser
- Integration with Digital Forensic Tools
- Full Case Level reporting in documentary and electronic formats
- Evidence tracking and management
Benefits
- Asset utilisation tracking
- Comprehensive Chain of Custody Recording
- Audit Logging al activity within cases
- Staff time recording and tracking
- Improved communication via Browser with Investigators / Police Officers
- Auditable Authorisation processes
- Configurable to suit client's processes and workflows
Pricing
£595 to £2,400 a licence
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 10
Service ID
3 9 2 0 0 5 9 5 3 7 2 3 5 1 8
Contact
IntaForensics Ltd
Mandy Thomas
Telephone: 0247-7717780
Email: tenders@intaforensics.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
- Private cloud
- Service constraints
-
Lima requires a version of Microsoft SQL to be available on the same domain as the system is to be used within.
Multiple configurations are possible including a variety of virtualisation environments. - System requirements
-
- Windows Operating systems
- MS-SQL Required (no other databases supported)
- Connectivity to SQL Database and Mapped Network Drive (data storage)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Within 1 Working Day. In critical situations out of hours support is available through a 24 / 7 / 365 support line.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
One level of support is available. Support is included in the cost of Subscription based services. Alternative licensing models are available which charge support as an option based on 20% of the cost of perpetual licenses for the system.
Support is primarily delivered via our own dedicated and hosted support portal. Initial triage of all support tickets is conducted and then tickets are assigned to the relevant agent internally (either Training, Commercial or Technical). - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
-
Users deploying into a private cloud environment can choose to install and configure the Lima system without assistance if they wish. Options are discussed and can be provided for on-site training, installation and configuration assistance if desired.
In addition, off-site training is available either locally to the client site (at additional cost for facility hire) or at IntaForensics' own Training Centre in Stafford. Training may be either public open courses or alternatively private courses for staff from one organisation.
Additionally, online training is available covering core functions of the software along with an online Knowledge-base accessible through the Support Portal.
Frequent webinars and User Group meetings are held throughout the year to provide further support to clients at no additional cost. - Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
- Clients who use the system on a private cloud basis have full access to the SQL database used within the system as well as the data storage areas (usually a RAID array of one format or another). Such clients can access, download and migrate their data as they wish. IntaForensics can assist with this at additional cost should a client wish to cease using the service.
- End-of-contract process
-
A variety of licensing models are available.
Subscription model purchasing would include full use of the system whilst the subscription is paid, with a full Software Maintenance and Support (SMS) package included within the price of the system. At the end of the contract, the client would simply extract their data from the SQL database and download all of their stored data ion the Data Storage area and migrate to a replacement system.
Alternatively, outright purchase of a perpetual license includes 12 months of SMS with the purchase price. At the end of the SMS contract, clients have the option to renew SMS or continue to use the system without any additional costs, but with no software support, version updates or bug fixes. All data would therefore remain in the clients control.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 7
- Internet Explorer 8
- Internet Explorer 9
- Internet Explorer 10
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari 9+
- Opera
- Application to install
- Yes
- Compatible operating systems
- Windows
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
- There is a browser based portal which is available for investigators to submit casework requests for authorisation from appropriate third parties, correspond with and send files and additional information to forensic investigators and other parties involved in investigations. The portal enables staff in the forensic laboratory to communicate directly with the investigator or their team from their own working environment, ensuring that all communications remain within a case record, ensuring full accountability and comprehensive, auditable records of all activity with a case.
- Accessibility standards
- None or don’t know
- Description of accessibility
-
The browser based component to the solution is fully configurable by the client to meet their corporate requirements. This included the ability to modify and change font, colour and use of images and logos.
A wide variety of formats and options are therefore available to meet the requirements of clients developing an appropriate visual appearance for their Lima portal.
No specific functionality has been incorporated into the software to provide audio capability. - Accessibility testing
- Not Applicable
- API
- No
- Customisation available
- Yes
- Description of customisation
-
Lima has in excess of 400 fields and functions capable of customisation. A dedicated Administrator Application is provided to assist clients to manage their installation of Lima, which allows tailoring of the system to meet the needs of the client.
Customisation can be conducted by clients themselves without requiring any engagement by IntaForensics.
Full access to the SQL database used is permitted, and clients are able to connect other resources and analytical tools to the atabase for further flexibility (for example reporting, additional dashboards and otehr purposes).
Different versions of the system are available to meet the requirements, available infrastructure and operational outcomes required by clients.
Scaling
- Independence of resources
- Typical use cases are for a Private Cloud installation. Lima uses the available resources, and this is therefore controlled within the private cloud environment controlled by the client.
Analytics
- Service usage metrics
- No
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Security Clearance (SC)
Asset protection
- Knowledge of data storage and processing locations
- No
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Physical access control, complying with CSA CCM v3.0
- Data sanitisation process
- Yes
- Data sanitisation type
- Explicit overwriting of storage before reallocation
- Equipment disposal approach
- Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001
Data importing and exporting
- Data export approach
- Lima has a number of methods for exporting data depending upon the function. The advanced search engine (which integrates dtSearch) enables export of data as XML data; Data fields can be merged into MS-Word .DOC format templates configured by the client; Complete and flexible case reporting can be achieved through configurable HTML reports; Case reports can be output as PDF documents. In addition Lima enables users to directly access the MS-SQL database to extract data in a variety of formats using SQL to query the database should that be of use to the client.
- Data export formats
-
- CSV
- Other
- Other data export formats
-
- HTML
- TSV
- XML
- MS-Word .DOC
- Data import formats
-
- CSV
- Other
- Other data import formats
- V-Card
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
- Data protection within supplier network
-
- IPsec or TLS VPN gateway
- Legacy SSL and TLS (under version 1.2)
Availability and resilience
- Guaranteed availability
- This is dependent on the cloud infrastructure agreed with the client if using a private cloud implementation (as 95% currently are).
- Approach to resilience
- This is dependent on the cloud infrastructure agreed with the client if using a private cloud implementation (as 95% currently are)
- Outage reporting
- This is dependent on the cloud infrastructure agreed with the client if using a private cloud implementation (as 95% currently are).
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- Username or password
- Other
- Other user authentication
- Active Directory Single Sign On
- Access restrictions in management interfaces and support channels
- Comprehensive user management control by User Role or on each individual account. User access control is capable of defining access permissions to every function within the Lima system. Entire features can be turned on or off universally as well. In addition to user account restrictions, Classification Levels can be given to each user, with cases with higher levels of classification not visible to staff or users without that level of clearance.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- Username or password
- Other
Audit information for users
- Access to user activity audit information
- Users have access to real-time audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users have access to real-time audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Alcumus ISOQAR
- ISO/IEC 27001 accreditation date
- 21/03/2017
- What the ISO/IEC 27001 doesn’t cover
- Internal Software Development processes
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- Yes
- Who accredited the PCI DSS certification
- Self Assessed via SAQ-A Submitted via Worldpay
- PCI DSS accreditation date
- 16/02/2018
- What the PCI DSS doesn’t cover
- No areas of our operations are not covered by our PCI-DSS Certifications. IntaForensics are a PCI Accredited Qualified Security Assessor Company and an Accredited PCI Forensic Investigations Company.
- Other security certifications
- Yes
- Any other security certifications
-
- ISO-27001:2013
- IASME Gold
- Cyber Essentials Plus
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
- IntaForensics are ISO-17002:2013 Certified and accredited to both Cyber Essentials PLUS and the IASME Gold Standards. In addition the company is an accredited PCI-SSC Qualified Security Assessor Company. All of these independently reviewed and audited standards verify the strength of security controls and processes, and commitment of the organisation, to information systems security.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Structured internal software development methodologies are adopted, alongside structured testing methods a full internal Beta testing process and Release Management.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
- Aside from internal use in operational servcie provision, vulnerability reporting is actively managed through our support channels. New releases are planned and emergency releases can be deployed to all registered users.
- Protective monitoring type
- Undisclosed
- Protective monitoring approach
- Given that most clients manage their deployments in private cloud environments by choice, this is usually a client responsibility.
- Incident management type
- Undisclosed
- Incident management approach
- Given that most clients manage their deployments in private cloud environments by choice, this is usually a client responsibility
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Public sector networks
- Connection to public sector networks
- No
Pricing
- Price
- £595 to £2,400 a licence
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
- Potential clients can be provided with access to a demonstration system on a hosted VM enabling complete testing and reconfiguration of the test platform as required.