Stream UK

Media Platform

Media Platform is an online video platform. It allows you to host video content and deliver it over the internet. The service includes streaming, webcasting, payment and distribution modules.


  • Video Hosting, Live Streaming and Transcribing
  • HTML5 video players
  • VAST integration
  • Analytics and stats reporting
  • DRM protection
  • Accessibility compliant
  • Accessible through a web browser
  • Feed distribution module
  • Cloud based transcoding
  • User generated content


  • Hosting options in UK and Europe
  • Global CDNs including Akamai and Cloudfront
  • Faster script-based migration from Brightcove, Ooyala or Kaltura
  • Work flow integrated video ingest
  • Integrated with Blackboard and Moodle LMS
  • Distribution to multiple partners


£0.05 to £1.50 per gigabyte per month

Service documents

G-Cloud 10


Stream UK

Adam Evans

020 7419 2088

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No constraints.
System requirements Works on desktop, mobile, tablet or smart TV

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Within 4 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AA or EN 301 549
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 AA or EN 301 549 9: Web
Web chat accessibility testing We support the websites for 85 football clubs and provide end user support to blind and deaf users.
Onsite support Yes, at extra cost
Support levels Our standard SLA is 99.97% uptime across all services.
All of our clients will have a dedicated technical account manager.
In addition to the account manager we have a team of cloud support engineers.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide onsite training at £500 per workshop, online training via our Client Services team free of charge and comprehensive user documentation.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction We provide an excel sheet with all metadata and a full archive of video content on HDD or via FTP.
End-of-contract process The provision of the archive is free of charge.
Assistance with the migration to a third party is charged at £80 per hour.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All of our services work on mobile.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing We work with 85 football clubs and have tested the service with visually impaired fans.
What users can and can't do using the API The API gives complete access to all of the functionality available within the GUI.
API documentation Yes
API documentation formats Open API (also known as Swagger)
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Players can be comprehensively customised by any user with full account access.


Independence of resources We have auto-scaling parameters set up within our Amazon infrastructure and regularly conduct Load Reviews.


Service usage metrics Yes
Metrics types We provide comprehensive usage statistics along with integrations with Google Analytics, Comscore and Omniture.

Our statistics have over 80 different views including the basics like bandwidth delivered, storage, views, geographical distribution, referring URLs and heatmaps.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data is exported from within the user interface.
Metadata is exported as a csv file.
Video and audio files are exported as their source formats.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Our standard SLA is 99.97%

Users are refunded at double the pro-rata rate for any time beyond that, up to a maximum of the total fees due in the month in question.
Approach to resilience We our fully resilient according to best practice for AWS Cloud Services.
Outage reporting A public dashboard.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
Access restrictions in management interfaces and support channels Via secure key exchange.
Access restriction testing frequency At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)

Audit information for users

Audit information for users
Access to user activity audit information No audit information available
Access to supplier activity audit information No audit information available
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 Pending
ISO/IEC 27001 accreditation date 3/8/2017
What the ISO/IEC 27001 doesn’t cover Pending
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification ESCS
PCI DSS accreditation date 17/11/2016
What the PCI DSS doesn’t cover Handling of credit card data.
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards 9001 approved.

27001 approved for datacentres.
Information security policies and processes Our information security policies are the responsibility of our CTO, Joe Bray.

Policies are reviewed on an annual basis.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change management is via written request and response.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We undergo penetration testing on an annual basis.

Patches are deployed within one working day.

Information comes from a variety of sources, but we contract with a third party for DDOS protection.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We have three layers of monitoring, based on:

- Nagios;
- CopperEgg; and
- our own proprietary AudioMon
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach We have pre-defined processes for common events.

All incidents are tracked within our Atlassian and HelpScout desks.

Incident reports are provided within 8 working hours.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Joint Academic Network (JANET)


Price £0.05 to £1.50 per gigabyte per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial Full access to all software for one month
Link to free trial


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑