Monterosa

LViS Platform

Monterosa's LViS interaction platform provides a range of interactivity tools powering real-time activations for campaigns and education including voting, quizzes, puzzles, predictions, ratings and competitions. The platform is secure and robust, supporting millions of users via responsive websites, native mobile apps and chatbots.

Features

  • Voting: single or multiple option votes and polls
  • Quizzing: single or multiple correct answers, flexible points options
  • Predictions: short or long term predictions, points for correct answers
  • HTML5: All interactive elements displayed in mobile responsive UI
  • Chatbots: Create chat bots in messenger with text, images, video
  • Native apps: Build native/hybrid apps using interactive elements
  • Graphics: Output results to TV graphics or outdoor screens
  • Easy to manage interactive events using LViS Studio dashboard
  • Real time user data in LViS Studio and Google Analytics
  • Audience segmentation based on demographic data

Benefits

  • Push live interactive content to users rapidly in real time
  • Create experiences users will engage with on all screens
  • User data securely stored in LViS platform within EU
  • Meets compliance standards of all major UK broadcasters
  • Horizonally scalable up to millions of concurrent users
  • Zero outage record over thousands of TV and sport events
  • Configurable, flexible HTML5 front-end within Play Along product
  • Live data feeds allow easy integration with 3rd parties
  • Comprehensive APIs and libraries with full documentation
  • Clients: BBC, Channel4, ITV, UEFA, Eurosport, World Rugby, F1, adidas

Pricing

£50000 per licence per year

  • Education pricing available

Service documents

G-Cloud 9

466443289597720

Monterosa

Simon Brickle

02072690555

ukgov@monterosa.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints No special requirements
System requirements
  • Current browser
  • PC or Mac

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Standard SLA - max 4 business hours response time
Enhanced SLA - max 10 minute response time during live events
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Standard support - 99.9% uptime guarantee; 4 business hour response times
Enhanced support - 100% uptime guarantee; 10 minute response times

Support is provided by phone or email; first line support is a qualified engineer who can deal with most platform issues, and can escalate to technical managers or CTO.

Standard support is included in licence fees
Enhanced support is billed at £150 per hour
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Training is provided for new LViS Studio users as part of the on-boarding process, either in person or remotely.

Accounts are created for key users who can create sub-accounts within their projects.

An account manager is introduced and support details provided.
Service documentation Yes
Documentation formats HTML
End-of-contract data extraction Data can be exported at any time via LViS Studio
End-of-contract process Accounts remain open until users confirm that all data has been safely removed. Accounts are not automatically closed or any data deleted without explicit agreement.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service End users can interact on mobile or desktop devices using native apps (iOS and Android) or HTML5 mobile-responsive browser applications. Admin users use the LViS Studio dashboard on desktop with a simplified form available for mobile monitoring of events.
Accessibility standards WCAG 2.0 A
Accessibility testing None recently
API Yes
What users can and can't do using the API LViS API (Javascript, iOS and Android versions) allow developers to build their own LViS Applications for native or HTML platforms. Control API enables developers to create LViS and manage events and elements remotely, as an alternative to the LViS Studio dashboard. APIs are also available for specific LViS services: Leaderboards, Data Capture and Demographics
API documentation Yes
API documentation formats HTML
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Look and feel of all applications can be customised via LViS Studio, which is sufficient for most common use cases. Completely flexible customisation is possible using the LViS APIs

Scaling

Scaling
Independence of resources We proactively provision additional cloud capacity to ensure headroom is always at least 100%, and actively monitor all services using a combination of human and automated monitoring.

Analytics

Analytics
Service usage metrics Yes
Metrics types For each event, and overall: Unique users, peak concurrent users, average session length, no. of interactions. For each interaction (e.g. votes) number of votes for each option. Demographic reports provide user breakdown by demographic categories; Data capture reports include answers to forms; Google Analytics can be enabled to provide detailed click-by-click analytics.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency Less than once a year
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data export from LViS Studio in CSV format
Data export formats CSV
Data import formats Other
Other data import formats Bulk upload is not required for this service

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.9% monthly, which can be increased to 100% for short periods at additional cost, e.g. during broadcast windows or live events.

Our standard terms include service credits for non-availability as follows:

98% - <99.9% Availability - 10% monthly fees credited
95% - <98% Availability - 20% monthly fees credited
90% - <95% Availability - 30% monthly fees credited
Below 90% Availability - 40% monthly fees credited
Approach to resilience LViS is designed a mesh architecture, with no single point of failure.

The platform is hosted in Amazon Web Services Dublin Data Centre (or other EU locations).

We use multiple Amazon services including Cloudfront and EC2. Our EC2 virtual server instances are located in multiple Availability Zones.

Multiple instances of each infrastructure component are deployed in different availability zones, and actively monitored.

In the event of an outage of a single instance or availability zone the service will continue as normal.

Our infrastructure support DevOps team responds to any monitoring alert and takes remedial action in the event of an outage, removing underperforming instances from service and replacing them with healthy ones.
Outage reporting We use automated monitoring of all services, powered by Zabbix, an open source monitoring platform. Our Zabbix service is monitored remotely by Pingdom.

Our infrastructure support team receive alerts of any issues, outages or poor performance.

This team notifies customers by email or telephone of any issues and action being taken and escalates the resolution internally as needed.

We can make arrangements for customers to have access to our monitoring dashboard if required.

Identity and authentication

Identity and authentication
User authentication needed No
Access restrictions in management interfaces and support channels LViS Studio requires username (email address) and password to access project data
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for Between 1 month and 6 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation No
Security governance approach Access to production environments is restricted to the users directly involved in managing a client service.

The LViS platform supports 4 levels of user access:
Viewer - read-only access to one or more projects
Producer - read and write access to one or more projects
Admin - As Producer, with the ability to add new Viewer or Producer users to a project

Our Infrastructure support team has wider access which is tightly controlled. Only a small number of senior users has "superadmin" access. This list is managed and regularly reviewed by the CTO.
Information security policies and processes Datacentre security - we use Amazon Web Services for cloud hosting - security arrangements are documented here - https://aws.amazon.com/security/

Office security - our office is protected by physical security (lockable grating on all doors), monitored alarm system (Chubb and G4S monitoring) and CCTV (Nest camera system).

Computer security - All staff computers are encrypted and password protected. This policy is subject to regular checks by COO.

Data at rest: Server databases are encrypted using AWS encrypted storage instances.

Data in transit: Secure (https) transfer of data to LViS; Secure (IP filtered) access to back-end services.

Penetration testing is carried out when requested by clients using third party security testers.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach LViS Platform updates are released on a 3 month cycle. All service users are notified of new releases by email newsletters and offered early beta access.

Platform users have the option to migrate to newer versions, with older versions remaining available for up to 12 months after each update.

Each new release is tested internally for resilience, load and security before being released to users.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We use the OSSEC system (http://ossec.github.io/) to monitor all server instances for vulnerabilities. This service logs any issues found and alerts our infrastructure support team.

We maintain hardened Debian Linux AWS Instances and monitor Debian security announcements (https://lists.debian.org/debian-security-announce/) and apply updates regularly. Service outages are scheduled at non-critical times if indeed they are necessary.

All instances are protected by Amazon Security Groups with only those ports which are specifically required opened.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We use automated monitoring of all services, powered by Zabbix, an open source monitoring platform. Our Zabbix service is monitored remotely by Pingdom. Our infrastructure support team receive alerts of any issues, outages or poor performance.

We use the OSSEC system (http://ossec.github.io/) to monitor all server instances for vulnerabilities. This service logs any issues found and alerts our infrastructure support team.

All issues are reported to our Infrastructure support team, who investigate and escalate issues internally and externally within SLA timescales, typically within 1 hour.
Incident management type Supplier-defined controls
Incident management approach Incidents can be reported by users by telephone or email, which create support tickets in our Zendesk system.

When an incident is detected by monitoring or a user report, it is investigated by our infrastructure support team.

The support team notify service users and attempt to resolve it directly.

If the incident cannot be resolved within SLA timescales the issue is escalated to CTO and hourly updates provided until resolution.

A comprehensive issue report is sent to all parties upon resolution, with details of the incident, steps taken to resolve it and future mitigation plans.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £50000 per licence per year
Discount for educational organisations Yes
Free trial available No

Documents

Documents
Pricing document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑