Business Systems (UK) Ltd

Web Based Video Conferencing for courts including witness interviews and defendant interviews

Web Conferencing for courts including witness interviews and defendant interviews is cost effective and easy to adopt supporting ad-hoc online meetings and large 'lecture style' presentations.

Available 24/7, covering a wide range of collaboration, messaging and calling capabilities, desktop screen sharing, auditing, recording, integrated chat. Optional hardened mobile device available.

Features

  • Web based collaboration software bringing together remote teams.
  • Team desktop Video Conferencing/Audio Conferencing with integrated VOIP.
  • Desktop sharing and presenting based on JITSI®
  • Easy deployment: Web Conferencing via browser, no client software required.
  • Low bandwidth and secure networks supported.
  • High Quality, secure solution for guaranteed levels of confidentiality
  • Delivery and communication across both public/private environments.
  • Resilient and available configurations - supports service levels.
  • Regular Service monitoring to provide quality & performance
  • GDPR Compliant and secure storage and recording of conferences.

Benefits

  • Extend team out to the field with cross Agency cooperation
  • Easy deployment as no client software or scheduling required
  • Scaleable to large concurrent teams.
  • Adhoc collaboration and online learning platform.
  • Secure server platform ready for Public, Tier One Services.
  • Ideal for Public, Private and Shared Cloud environments.
  • Integration with a large variety of chat and collaboration tools.
  • Options to work with either UKCloud, AWS, Azure, private clouds.
  • Integration with Learning Development Platforms.
  • Ideal for courts including witness and defendant interviews

Pricing

£420 per unit per month

Service documents

Framework

G-Cloud 11

Service ID

7 9 4 1 0 5 8 8 7 5 5 4 6 1 2

Contact

Business Systems (UK) Ltd

Julie Kerman

0208 326 8326

contact@businesssystemsuk.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
Service constraints A Viewdeck Patch Server is a requirement to provide a patch service and Virus/Rootkit signatures upgrades. A Viewdeck Log Server is a requirement to provide event monitoring for the service. A Viewdeck Monitor Service is required to provide availability and host health check monitoring. Backup Solution providing secure offline remote cloud based storage is required. The Viewdeck Backup Service provides a suitable service. The Secure Mail Server with connectivity to the secure administration mailbox providing alerting and reporting from the hosts. Secure Remote Administrator Access via a suitable secure network. This will vary depending on the hosting environment
System requirements
  • Viewdeck Patch Server for patch and Virus/Rootkit signatures upgrades
  • Viewdeck Log Server for event monitoring for the service
  • Viewdeck Monitor Service for availability and host health check monitoring
  • Backup Solution providing secure offline remote cloud based storage
  • The Viewdeck Backup Service provides a suitable service
  • The Secure Mail Server with connectivity to secure administration mailbox
  • Providing alerting and reporting from the hosts.
  • Secure Remote Administrator Access via suitable secure network.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 98% of support phone calls are answered within 5 seconds by our Customer Service centre. They will log a case and assign the priority of the query or problem. Typically Business Systems provide technical 1st response within 20 minutes for Support related issues. Response times differ outside core business hours due to the automated routing of calls. A 24 hour facility is available where cases can also be logged 24/7 (calls are routed to the Out Of Hours Team; emails would be logged and picked up the first business day).
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Business Systems provides five levels of support (remote access is a pre requisite) including: 1. Platinum - Full support, 2 hour response for P1 faults (24 hours a day, 365 days a year). 4 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 2. Gold - Full support, 2 hour response for P1 faults (08:00 – 20:00 hours a day, 365 days a year) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 3. Silver - 2 hour response for P1 faults (0800-2000 Mon - Fri, includes UK Bank Holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 4. Bronze - Basic on-site support 4 hour response for P1 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 8 hour response for P2 faults (9 - 17:30 Mon-Fri, excludes UK bank holidays) 5. Tailored Service Level based on the customer's requirements e.g. custom support hours, on-site support, technical account manager etc.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started Viewdeck offer implementation assistance to support rapid deployment. Self taught CBT training is available as part of the service. Additional fixed price packages for other training, including train the trainer, is also available on request at extra cost.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction On end of contract, Viewdeck can supply the users information extracted from the system in native format or configuration files, including XML/JSON format. This can be transferred to the user electronically via secure electronic transfer by arrangement with the client organisation, or via a shared secure File Transfer area. If the client has specific needs for the physical transfer of the data we would support this by additional services for the media and media transport for Data Extraction.
End-of-contract process 30 days before end of Contract, there will be client engagement to confirm the Requirements, agree a plan, determine any additional services needed, and the Quality Criteria for the delivery of those services to meet the Requirements.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are no differences in functionality. The menus are rendered slightly different between the two, based upon available screenspace.
Service interface Yes
Description of service interface Viewdeck provide a web-based service interface for users to manage all of their service requests. There is an additional web interface for users to manage the features of their service.
Accessibility standards WCAG 2.1 A
Accessibility testing Accessibility testing - Our knowledge has come from service tooling manufacturers commitments and market research
API Yes
What users can and can't do using the API Client (normally Technology Administrators) can access the system through a web based API. This allows the Client to gain 'Controlled' access to the key functionality of the service to support Configuration and Data Management. All Services support REST based API interfaces.
API documentation Yes
API documentation formats
  • HTML
  • PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Our services are based upon COTS components that are configurable for Clients via common and native interfaces. The functionality accessed by the Client allows a certain level of Business configuration within the parameters of each individual Service. Typically this is via a Web interface.
We encourage Clients to self serve for such Configurable parameters.

Scaling

Scaling
Independence of resources All services are based on dedicated devices with managed contention performance to ensure no service degradation due to other user activity.

In the event of performance degradation occurring our service management tooling would automatically trigger an incident alerting us to the problem so that immediate action can be taken to address it

Analytics

Analytics
Service usage metrics Yes
Metrics types Full Access to service Monitoring interfaces is provided by a web interface. This give the client access to the full spectrum of system and service accessibility and availability, with optional reporting against service SLAs.

The Service Management tooling records and reports on all aspects of the Service delivery , and provides reporting against service SLAs for clients. This is provided free of charge for clients as part of the baseline service.
Reporting types Real-time dashboards

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Viewdeck

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach User is able to extract their data through Web Interface access management tools allowing them to download the data to their desktop, where applicable to the Service.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats XML
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • XML
  • SQL

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Level of availability is 99.50%
Approach to resilience Utilises a service provider that has multiple hosting sites with diverse routing of communications and power. We use a service configuration that makes use of these capabilities to provide a resilient service.
Outage reporting The client would get an alert via an email should there be an outage. Additional Alerts can be provided by Web RestFUL API, SMS or Slack/messenger. The client would also be able to view a service dashboard to see the status of their service.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels Access is limited via IP address of connecting devices and use of shared keyword.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 UKAS
ISO/IEC 27001 accreditation date 06/11/2017
What the ISO/IEC 27001 doesn’t cover All operational areas are covered.
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes All security incidents posing a threat to the information storage and processing facilities are reported and documented. For each reported incident it is required that a thorough investigation is conducted and remedial action taken leading to a satisfactory closure. All employees and contractors are made aware of what constitutes an information security incident and are familiar with the reporting procedures. It is the responsibility of all employees and subcontractors to report any information security incident or suspicion to the ISO Security Officer and ensure that the incident is duly recorded on the Information Security Incident form. It is the responsibility of the Security Incident Management to take appropriate action to provide a prompt response to the incident and to facilitate normal operation as soon as safely possible. This is overseen by the Board.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All configuration and change management processes are fully covered by ISO27001 certification and ISMS. All change is approved via a Change Advisory Board where all change requests are assessed via a number of security impact criteria. All changes are pre-configured and tested, with automated deployment to ensure consistency of production releases with pre-production testing.
Vulnerability management type Supplier-defined controls
Vulnerability management approach A Continuous Systems Improvements team meets monthly to evaluate and mitigate risks and vulnerabilities. There is in addition, subscription to vendor and independent vulnerability forums and newsfeeds. Critical patches are often performed as zero-day fixes, following testing.
Protective monitoring type Supplier-defined controls
Protective monitoring approach All servers and computers utilise anti-virus and anti-malware protection. Intrusion Detection Systems are also utilised at the network edge. Consolidated logging and alerting are used to ensure notification and rapid response to potential incidents.
Incident management type Supplier-defined controls
Incident management approach Incident management processes are in line with ISO 27001 accredited governance procedures. Users can report incidents by telephone and email. System alerts also notify of incidents. Critical outages or other significant incidents are immediately notified by telephone, with non critical incidents initially notified by email. All incidents are reported in document format by email following root cause investigation.

Secure development

Secure development
Approach to secure software development best practice Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Health and Social Care Network (HSCN)

Pricing

Pricing
Price £420 per unit per month
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑