Atos IT Services UK Ltd

Atos Operational Services; Multi Agency Incident Transfer (MAIT) Router

Atos’ Multi Agency Incident Transfer (MAIT) Router, is a cloud service designed to securely route MAIT Standards compliant incident data between Computer Aided Dispatch (CAD) systems in the contact centres and control rooms of emergency services authorities and other relevant users.

Features

  • High Availability with hot standby Disaster Recovery fallback
  • Message volume and number of connected entities are completely scalable
  • Error handling built in for malformed or un-routable messages
  • Uses British APCO approved XML schema validation-MAIT1c and MAIT1d
  • Supports TCP/IP 1.2 and HTTPS SOAP connections
  • Minimal set up via VPN client
  • Hosted in the UK Azure cloud instances
  • Comprehensive audit capability for fault finding investigations and evidence gathering
  • Simple flat fee pricing structure/agreed volume–easy to upgrade
  • Supported by experienced Service Desk operating in line with ITIL

Benefits

  • Life-saving–allowing faster deployment of emergency services assets
  • Efficient–freeing up contact centre time to handle more calls
  • Cost effective–reduces ISP charges to a single Internet connection
  • Easy interaction between emergency CADs
  • Less prone to inaccurate information being pass between CAD’s

Pricing

£2500 per instance

  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

4 1 4 3 6 4 8 9 5 3 6 9 3 4 9

Contact

Atos IT Services UK Ltd

Louise Haggart

07733315094

GCloud@atos.net

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
The Atos MAIT Router has no known constraints.
System requirements
Ability to deploy small footprint VPN client into users CAD

User support

Email or online ticketing support
Email or online ticketing
Support response times
Service support is available 8am-6pm 5 days a week and out of hours for Priority 1 incidents.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
Level 1 telephone support 24/7/365.
Level 2 engineering support 8am – 6pm Monday-Friday.
Level 3 code level product support 8am – 6pm Monday-Friday.

All included with standard pricing.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Engineering support is available to trial the service, set up testing and troubleshoot connectivity to prove the service prior to switching to production environment.
Service documentation
Yes
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats
MS Word
End-of-contract data extraction
Not necessary, the service does not store client data.
End-of-contract process
The routing service stops, no additional charge.

Using the service

Web browser interface
No
Application to install
Yes
Compatible operating systems
  • Linux or Unix
  • Windows
Designed for use on mobile devices
No
Service interface
Yes
Description of service interface
Supports TCP/IP 1.2 and HTTPS SOAP connections for easy connectivity.
Accessibility standards
None or don’t know
Description of accessibility
Users are not required to interface with this service, it is a system to system routing technology.
Accessibility testing
Users are not required to interface with this service, it is a system to system routing technology.
API
Yes
What users can and can't do using the API
Users are not required to interface with this service, it is a system to system routing technology.
API documentation
Yes
API documentation formats
  • ODF
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
No

Scaling

Independence of resources
The service scales automatically in line with demand, it is a feature of the cloud based architecture behind the service.

Analytics

Service usage metrics
Yes
Metrics types
Number of messages routed and rejected in the reporting period.
Number of incidents raised and their resolution status.
Reporting types
Regular reports

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other
Other data at rest protection approach
Data does not “rest” in the system, it is received and routed to a destination and stored only momentarily for the purpose of format checking before being overwritten.
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data export is not applicable to this service
Data export formats
  • CSV
  • Other
Other data export formats
MS Excel
Data import formats
Other

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
The application we provide to the client creates a VPN back to the MAIT hub in Azure, Atos also manage the hub in Azure via a VPN connection.
Data protection within supplier network
Other
Other protection within supplier network
No client data touches the Atos network

Availability and resilience

Guaranteed availability
The solution is based upon Azure Cloud with resilience built into the solution. SLA’s on compute mirror that of Microsoft Azre
Approach to resilience
Dual redundant systems with automatic failover – further details on request.
Outage reporting
If the router and its hot standby failed then receipts for messages sent would be generated and senders would hence be aware of the fault.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
Access restrictions in management interfaces and support channels
Only relevant security checked staff are able to support CDC using specifically secured support laptops. These use two factor authentication with strict password policies.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)

Audit information for users

Access to user activity audit information
You control when users can access audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Ernst & Young - CentrePoint
ISO/IEC 27001 accreditation date
11/12/2017
What the ISO/IEC 27001 doesn’t cover
Anything not explicitly declared in the Statement of Applicability.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • CSA CCM version 3.0
  • ISO/IEC 27001
Information security policies and processes
Group wide and local in country security policies as referenced from our Information Security Management System operated in accordance with and certified under ISO27001.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Atos operates a full ITIL compliant change process including configuration management, security management and release management.

All changes are assessed for potential security impact and tested with external penetration tests being commissioned for any material security impacting change for external validation.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Software is maintained within N-1 of latest versions using quarterly patch releases.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
All data in encrypted at rest, only approved compute can communicate between each other. Standard Azure monitoring and alerting is placed within the solution notifying our support team
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Incidents whether system-generated or user reported are recorded by the first line service desk where they are triaged. P1 incidents get an immediate response, all other incidents are responded to next working day.

Incident reporting is covered under monthly service reporting.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2500 per instance
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Atos are happy to discuss the specific needs of individual potential customers and support trials of bounded scope and effort .

Service documents

Return to top ↑