Black Marble Limited

tuServ Electronic Notebook; a secure, multi-media information gathering tool for emergency services.

tuServ’s Notebook is a unique, secure, multi-media collaboration tool for emergency services. Notebook allows you to create entries and add items, such as text, images, videos, audio, and drawings. Entries are synchronised to the server and made available on other devices. Each item can include signatures from the relevant individuals.

Features

  • Enables multi-media content (Video, audio, images, text, and drawings)
  • Digital recording of signatures
  • Automatically accessible by colleagues in the control room
  • Complete audit log
  • Secure evidentiary correct data store

Benefits

  • Real-time data gathering
  • Real-time sharing with the option to make private if needed
  • Due to security data gathered can be shared with CPS
  • Digital making monetary savings on paper, ink, printing etc.

Pricing

£1 to £2 per licence per month

  • Free trial available

Service documents

G-Cloud 10

716368598774460

Black Marble Limited

Linda Hogg

01274 300175

linda@blackmarble.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints We require connectivity to on-premise systems, in order to extract and submit information, if that functionality is required.
System requirements
  • Windows 10 for Client Application
  • Android for Client Application (Marshmallow)
  • VPN or ExpressRoute for connectivity to on-premise systems
  • Active Directory Federation Services to enable Sign-on with organisational credentials.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 2 hours depending on criticality
Long term aim is 24/7, currently stands at 9 to 5.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 A
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Onsite support
Support levels We provide a technical account manager. This support is included within the license cost.
The support arrangement has clearly defined timescales within which we have agreed to respond to a logged call . This does not imply a guarantee of a fix within this time.
Level 1 - The Software is entirely non-functional, response time 1 working hour from Acknowledgement.
Level 2 - The Software is functioning but an error exists which is preventing the use of a material component of the Software, response time is 4 working hours from Acknowledgement.
Level 3 - The Software is functioning but an error exists which is not preventing the use of a material component of the Software, response time is 7 working hours from Acknowledgement.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide
* Technical assistance in the implementation of prerequisites and system requirements.
* Knowledge transfer for the management of the system.
* Training materials including documentation, videos.
* Train the trainer.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Customer data is stored within customer systems, and we would work with them to meet their data extraction requirements.
End-of-contract process Notebook is included within the contract.

Using the service

Using the service
Web browser interface No
Application to install Yes
Compatible operating systems
  • Android
  • Windows
  • Windows Phone
Designed for use on mobile devices Yes
Differences between the mobile and desktop service All versions of the client application have the same functionality. The UI is adaptive to support different screen sizes, but is consistent in look and feel.
Accessibility standards None or don’t know
Description of accessibility The application was developed in partnership with operational police forces, and has been tested to meet the operational needs of their officers.
Accessibility testing None.
API No
Customisation available No

Scaling

Scaling
Independence of resources Currently each customer is provisioned in a dedicated tenant, and this is done for security and compliance reasons, but also means issues in one tenant cannot affect another.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency Never
Protecting data at rest Other
Other data at rest protection approach TuServ does not store data at rest.
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach We do not store any user data in tuServ.
Data export formats Other
Other data export formats We do not store operational data.
Data import formats Other
Other data import formats TuServ does not require bulk import of data.

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability Uptime of 99.99%.
Currently no financial penalties in place, but agree on a customer by customer basis.
Approach to resilience TuServ is provisioned using the Microsoft Azure public cloud. All provisioned services are deployed in line with Azure Best Practices for resilience.
Outage reporting It is expected that tuServ will be deployed on an Azure subscription owned by the customer. As such, all the standard Azure alerting mechanisms for service degradation and outage are available.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Other
Other user authentication TuServ integrates with ADFS and as such the customer has complete control of access restrictions, including MFA, Geographic sign-in restrictions etc.
Access restrictions in management interfaces and support channels Every user has their own login details.

All individual access.
Access restriction testing frequency At least once a year
Management access authentication Other

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security No
Security governance certified Yes
Security governance standards Other
Other security governance standards The standard of protection required varies with the level of protective marking, according to the Government Protective Marking Scheme (GPMS).
Information security policies and processes For documentation - The standard of protection required varies with the level of protective marking, according to the Government Protective Marking Scheme (GPMS).

Black Marble Information Security Procedural Guidelines.
IT Kit Disposal Process.
Security Incident Process.
Business Continuity Plan.
Company Handbook.

Process:
* Individuals report to a line manager, who reports to a member of the board.
* Regular meetings and electronic communications are used to disseminate information/policy & procedure updates to all staff.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We use Microsoft Visual Studio Team Services and the Microsoft Secure Development Lifecycle for all of our development and work tracking.
Vulnerability management type Undisclosed
Vulnerability management approach TuServ would run on Microsoft Azure, and all the vulnerability management is carried out at the service provider level - we would adhere to all Microsoft SLAs, and guidance around dealing with threats and patches.
Protective monitoring type Undisclosed
Protective monitoring approach TuServ would run on Microsoft Azure, and all the protective monitoring is carried out at the service provider level - we would adhere to all industry standards, and Microsoft SLAs, and guidance around dealing with compromises and incidents.
Incident management type Undisclosed
Incident management approach TuServ would run on Microsoft Azure, and all the incident management is carried out at the service provider level - we would adhere to all industry standards, and Microsoft SLAs, and guidance around dealing with, and the management of, incidents.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • Police National Network (PNN)

Pricing

Pricing
Price £1 to £2 per licence per month
Discount for educational organisations No
Free trial available Yes
Description of free trial A full-version of tuServ Electronic Notebook, but with no integration to existing systems, over a period of three months. Depending on the customer's preferences, we can supply a limited number of demo devices, or make use of the customer's own units.

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑