Aryaa Associates Limited

Application Ecosystem hosting

The fish-EYE Ecosystem (FE) that provides fully-automated data protection and compliance for an enterprise-class location tracking solution offered as software as a service, covering backup, restoration, compliance and legal. The FE- ecosystem offers an elastic, on-demand storage for any number of users with data stored on the Amazon AWS platform.


  • Electronic Monitoring
  • Secure Messaging Mobile Application
  • Geo-Location
  • Multi-Lingual
  • Real-time location
  • Specialised analytics
  • Artificial Intelligence enabled analytics
  • Time based automated data sanitisation
  • User Controlled data storage
  • International coverage


  • Promotes reduction in re-offending
  • Efficiency for Monitoring, Messaging, Reporting and Data Analysis
  • New language can be added within 1 week
  • One of the most economical solution available on the framework
  • Highly secure
  • Data expiry can be set at organisational level
  • Serverless architecture
  • Instantly scalable
  • Off the shelf iOS phones useable- Iphone 6 upwards
  • Off the shelf Android phones useable - Samsung S6 upwards


£2.8 per unit per year

  • Education pricing available

Service documents

G-Cloud 10


Aryaa Associates Limited

Raj Chakraborty

0207 203 8345

Service scope

Service scope
Service constraints Limited to Iphone 6 upwards and on Samsung S6 upwards only
System requirements
  • Minimum iOS Iphone 6
  • Minimum Samsung S6
  • Atleast the last two major OS release

User support

User support
Email or online ticketing support Yes, at extra cost
Support response times Between 7am to 6pm on weekdays.
Outside these hours support can be made available bespoke to the buyer requirements.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Yes, at an extra cost
Web chat support availability 9 to 5 (UK time), 7 days a week
Web chat support accessibility standard None or don’t know
How the web chat support is accessible Slack will be used to provide a chat/ messaging channel for users at an extra cost.
Web chat accessibility testing None. Work planned in the second half of 2018
Onsite support No
Support levels An UK account manager will be made available.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Self-service
Service documentation No
End-of-contract data extraction An extract from Dynamo DB can be made available for a small fee.
End-of-contract process All the user data can be deleted (hard delete) from the AWS environment. Buyer has a choice to get the data extract provided, at a small cost.

Using the service

Using the service
Web browser interface Yes
Using the web interface The web interface is for Reporting capabilities and providing user feedback.
Web interface accessibility standard None or don’t know
How the web interface is accessible Normal web forms are available for users to report issues or provide feedback. Dashboard for reports will be made available.
Web interface accessibility testing None. Planned work scheduled for 2nd half of 2018
What users can and can't do using the API API's for law enforcement can be made available at an extra cost, to create bespoke reports for the buyer's organisation.
API automation tools OpenStack
API documentation No
Command line interface No


Scaling available Yes
Scaling type Automatic
Independence of resources We operate on the AWS lambda architecture alongside many of the other AWS products, all set to autoscale.
Usage notifications Yes
Usage reporting
  • Email
  • SMS


Infrastructure or application metrics Yes
Metrics types
  • HTTP request and response status
  • Number of active instances
Reporting types Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold Fish-Eye Ecosystems and PeakBI

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations No
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Backup and recovery

Backup and recovery
Backup and recovery Yes
What’s backed up
  • Standard AWS backup
  • Database Backup scheduled for every 12 hours
Backup controls Users will not have the control.
Datacentre setup Multiple datacentres with disaster recovery
Scheduling backups Supplier controls the whole backup schedule
Backup recovery Users contact the support team

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability Uptime - 99.95%

If the above SLA is not met, an appropriate refund will be discussed to process back to the buyer
Approach to resilience Data is encrypted at rest and in transit using AWS key management and encryption on the client and on the server, including the Dynamo DB.
Outage reporting Email alerts

Identity and authentication

Identity and authentication
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google apps)
  • Username or password
Access restrictions in management interfaces and support channels Multi-Factor authentication through IAM on AWS
Dual-Factor authentication on other systems such as notification systems where they are made available and provided by 3rd party suppliers
Username and complex password through password manager accessed through MFA.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Devices users manage the service through Dedicated device over multiple services or networks

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Less than 1 month
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach By following good working practices as defined for the security principles.
Information security policies and processes Making sure that only those who need access to data have that access.
Not storing information where it can be accidentally exposed or lost, e.g. unencrypted USB drives and laptops.
Making sure that if data has to be transported it is done so securely using encrypted devices or channels.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change requests for the hosted service are performed through a change management process controlled through a collaborative change control board. Changes are raised and tracked through the AAL and FE Service desk, then developed, tested and rolled out in collaboration with the customer.
Vulnerability management type Supplier-defined controls
Vulnerability management approach We unify our customers data in one secure, fast and scalable environment underpins our service. Details available on request after signing up an NDA.
Protective monitoring type Supplier-defined controls
Protective monitoring approach We unify our customers data in one secure, fast and scalable environment underpins our service. Details available on request after signing up an NDA.
Incident management type Supplier-defined controls
Incident management approach We actively monitor potential compromises through Cloudwatch on AWS. This is achieved through real-time monitoring controls.
Response to potential compromise follows the documented Security Incident Reporting procedure.
We are able to respond immediately, in a planned manner, to apply corrective action risk treatment.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Separation between users

Separation between users
Virtualisation technology used to keep applications and users sharing the same infrastructure apart Yes
Who implements virtualisation Third-party
Third-party virtualisation provider AWS
How shared infrastructure is kept separate VPC on AWS cloud

Energy efficiency

Energy efficiency
Energy-efficient datacentres Yes


Price £2.8 per unit per year
Discount for educational organisations Yes
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑