Cloudview’s Visual Data Platform securely transports visual data from your CCTV cameras, to secure cloud servers, where it can be viewed, managed and shared using a web browser. Cloudview integrates with visual data analytics to bring new capabilities to CCTV systems as well as enhanced accessibility, data security and compliance.
- Connects to legacy analogue and digital CCTV cameras
- Encrypts and secures video footage collected from CCTV cameras
- Consolidates CCTV video footage onto secure cloud servers
- Password protects user access to CCTV footage
- Sophisticated administration of user permissions and access to functionality
- Highly flexible data retention periods: one day to many years
- Nominated event triggers define recording and user alerting by camera
- Remote diagnostics, automatic new feature and security upgrades
- Automatically add new cameras and users
- Adjustable camera recording periods for cameras and image redaction
- No need for extra hardware, software or infrastructure
- CCTV data protection and GDPR compliance
- Access CCTV footage through a single, unified interface
- Use CCTV footage flexibly for multiple applications
- Keep track of CCTV users and control access to footage
- Vary recording periods to match the purpose of recording
- Record only pertinent data, relevant users receive critical event alerts
- Automatic failure reporting, new features and threat protection
- Scalable CCTV use without complexity or cost
- Keep recorded data adequate, relevant and limited to its purpose
£60 per device per year
- Free trial available
Cloudview (UK) Limited
James NB Wickes
+44 (0) 1256 698071
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
CCTV cameras connected to Cloudview require an internet connection with sufficient bandwidth to support the required level of visual data recording (Min 200 kbps per camera).
To access visual data recorded by Cloudview users require a device such as an iPhone, tablet or PC which supports a internet browser via an internet connection.
|Email or online ticketing support||Email or online ticketing|
|Support response times||
The Cloudview Service Support Group is available via email, phone, online ticketing and SMS.
Each call is allocated a priority as follows:
1. Business Critical impact
2. Major Operational impact
3. Minor Operational impact
4. Minor Operational inconvenience
5. System Operation not impeded
Cloudview Service Support group is available 9.00-17.00 Monday to Friday, except Bank Holidays. Cloudview ticket support system is Zendesk.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||None or don’t know|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Cloudview will respond to application related incidents taking all reasonable steps to achieve a resolution within target timescales. Cloudview will respond to incidents relating to the availability of its Visual Data Platform in an accelerated timeframe: Level 1 - 2 working hours - 1 working day. Level 2 - 2 working hours - 5 working days. Level 3 - 2 working hours - 30 working days. Level 4 - 2 working hours - 60 working days. Level 5 - TBA
All contacts are logged onto our Service Support Group toolset which ensures that details are accurately captured and the most appropriate skillsets are assigned to resolve queries within the associated service hours.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||As part of commissioning of the Cloudview Visual Data Platform a one to one online training session (free of charge) is provided to users. Cloudview provides dedicated training sessions on site at the request of the customer. Training is charged on a day rate basis, as per the SFIA. Cloudview also provides Quick Start booklet and access to training videos which describes how to operate the system.|
|End-of-contract data extraction||
Any files that are to be kept beyond the data retention periods specified by the customer may be downloaded (MP4 format) to the customer’s preferred data storage facility. In the unusual event that large amounts of data from Cloudview are to be retained this can be facilitated by special arrangement with Cloudview.
Files to be kept beyond customer specified data retention periods can be downloaded to the client’s data storage facility. In the event that large amounts of data from Cloudview must be retained this will be facilitated by special arrangement with Cloudview.
There are no charges for on- or off-boarding services. If additional technical expertise and support services are required these can be provided. If the scope of them is exceptional, charges may apply. The off-boarding exceptional charges will be charged on a day rate basis, as per SFIA.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
The Cloudview interface is based on a responsive design that surfaces appropriate functionality for the device in use. Cloudview users with mobile phones and tablets can receive event and camera failure alerts and can search for and review recorded footage as well as view live feeds.
More complex functionality such as administering user access to visual data, recording and deletion features and creating movies from multiple events are actions restricted for use on laptop and desktop computers only.
|Accessibility standards||None or don’t know|
|Description of accessibility||
Cloudview conforms to the system settings based on display attributes such as contrast, greyscale and colour inversion. The Cloudview Visual Data Platform does not rely on any elements that flash or change rapidly.
Cloudview does not disrupt or disable any activated features of other products that are identified as accessibility features, but is not currently suitable for keyboard only use.
|What users can and can't do using the API||
Whilst a complete set of APIs is available for customers to build their own tools and interfaces this is not required. Cloudview leverages its own API set to provide the Cloudview front end that is available through any standard web browser.
All of the services exposed by the API set to the web application are also available for customers to use if they are required to integrate Cloudview into an existing application.
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||
Cloudview’s Visual Data Platform is highly configurable. Once installed, either as an upgrade to legacy CCTV or standalone, clients can customise the system to suit their needs with respect to using and monitoring visual data. Using role-based access control, the system can be configured to create an almost infinite mapping of camera access permissions for users.
The Administrator is able to set up:
• password protected access to Cloudview for specified users.
• user access to visual data recorded by specific CCTV cameras and camera features such as live view at scheduled times.
• event and camera failure alerts to specified users from specified cameras or camera groups.
• motion detection zones to trigger recording or set up triggers from other external devices or analytics such as ANPR or other analytics software.
• redaction zones within camera views to prevent the viewing and recording of sensitive data.
• data retention periods on a camera by camera basis to better limit storage of visual data.
• the assignment of CCTV cameras to groups of users in any combination required.
Complex configurations of features or customisations of the user interface can be carried out by Cloudview’s configuration specialists.
|Independence of resources||
The Cloudview Visual Data Platform is engineered to be able to provide the required capacity to all Cloudview users at all times by scaling on demand.
Significant simulated load-testing as well as constant real-life monitoring supports this key feature of the service.
|Service usage metrics||Yes|
|Metrics types||Cloudview is able to provide overall usage and activity statistics as well as individual user activity and camera uptime and activity logs.|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Baseline Personnel Security Standard (BPSS)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||European Economic Area (EEA)|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||The user selects the recorded events required for exporting from Cloudview these are automatically emailed to the user in the form of links which when clicked will download the required visual data. These links expire within a 24 hour period. If the link expires, the process must be repeated.|
|Data export formats||Other|
|Other data export formats||MP4|
|Data import formats||Other|
|Other data import formats||H.264|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||Other|
|Other protection within supplier network||
Cloudview uses a high performance, secure, resilient global infrastructure with industry recognised certifications and audits such as SOC 1 Type 2, ISO 27001, PCI DSS, FISMA Moderate, HIPAA, and ITAR compliant controls. Cloudview resides on a secure, isolated subnet, with a layered architecture so only essential user-facing components are visible to the outside world, visual data is stored internally.
Visual data is stored over several large-scale data centres with military grade physical security measures in place. Cloudview employs significant protection against network security issues such as Distributed Denial of Service attacks, Man in the Middle attacks, and packet sniffing.
Availability and resilience
|Guaranteed availability||Our SLA availability is based on our systems being available 99.95% excluding outages caused by the customer, planned maintenance work or events outside of Cloudview's control. Non availability is termed as any unplanned period when the entire system is not delivering its core functionality. We provide service credits if this level of availability is not reached on a monthly basis.|
|Approach to resilience||Cloudview uses the AWS high performance, secure, resilient global infrastructure with industry recognised certifications and audits including SOC 1 Type 2, ISO 27001, PCI DSS, FISMA Moderate, HIPAA, and ITAR compliant controls. The Cloudview service resides on a secure, isolated subnet, and its layered architecture means that only necessary user-facing components are visible to the outside world, with visual data stored internally. Customer data is stored over several large-scale data centres with military grade physical security measures in place. Cloudview employs specific protection against network security issues such as Distributed Denial of Service (DDoS) attacks, Man in the Middle (MITM) attacks and packet sniffing.|
|Outage reporting||Cloudview is focused on providing the optimum levels of system availability and resilience. If downtime is unavoidable for either planned maintenance reasons or due to an unexpected issue, Cloudview will email registered system administrators with either the expected timings and progress for any planned maintenance or resolutions to technical issues.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||Only a select number of employees have access to the management and support interfaces which are documented and reviewed on a reg. Access is only possible from a select number of IP addresses. Credentials are rotated every 90 days.|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||
Operational procedures employed by Cloudview within its production environment are:
a) A strict separation between the cloud platform development team and production system administration team;
b) All access to the production system is logged by the Data Protection Officer, and reviewed each month;
c) No access, except in critical high-priority, pre-authorised situations, is allowed to the AWS-S3, where all fully encrypted customer visual data is stored;
d) All key employees and sub-contractors, working with the production environment/development programmes, receive appropriate vetting and background checks;
e) All relevant employees and sub-contractors receive extensive training to keep Customers data private and secure.
|Information security policies and processes||
Notwithstanding Cloudview's operational procedures, data privacy and security by design ethos, the Company operates strict information security and privacy policies in line with the requirements of the GDPR.
Information security has been built into the Cloudview Visual Data Platform from its inception, regular staff training and operational procedures support the company’s complete commitment to the security and privacy of any personal data held by the Company.
Customer data is only ever accessed by Cloudview staff when express permission has been given for us to do so, in writing, and only to the extent necessary to comply with their specific written request, and this is always in accordance with current legislation.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||
Cloudview's configuration and release management system has been custom built to handle configuration and change management processes. Component details are stored with the toolset as Configuration Items which are managed by change management. Any changes are initiated by raising a Request For Change which is assessed, approved, built/tested, implemented, closed on completion and reviewed.
Any potential security impacts are reviewed in the assessment phase and appropriate actions or safeguards identified as required.
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Cloudview's Visual Data Platform is hosted securely with the AWS (Amazon) VPC (Virtual Private Cloud) a secure, isolated subnet, its layered architecture means that only necessary user-facing components are visible to the outside world, whilst client visual data is stored securely internally. Furthermore, Cloudview deploys opensource vulnerability assessment tools to check critical parts of the system. Patches are deployed immediately should a vulnerability be identified.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
The Cloudview Visual data Platform is built to minimise potential attacks, all access requires authentication of users and devices, un-authorized users are automatically logged and rejected during attempted connection.
The Cloudview Visual Data Platform is hosted within the highly secure AWS (Amazon) datacentre. Cloudview utilises an AWS monitoring tool which generates alerting emails if a potential incident occurs.
Cloudview also deploys Monit, an open source process supervision tool which is installed within each server in deployment. This generates and sends email alerts to the relevant technical staff should an error or malfunction occur. The response to all incidents is immediate.
|Incident management type||Supplier-defined controls|
|Incident management approach||
The Cloudview Visual Data Platform resides on the Amazon VPC therefore most critical security and other incidents are handled by AWS.
Incidents reported by clients (usually by email) are responded to immediately and prioritised dependent on the severity and impact on the operation and security of the system.
On resolution, a detailed report is sent to the technical leads, and to other relevant company teams along with the board of directors. When appropriate or requested, a resolution response is provided to clients.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£60 per device per year|
|Discount for educational organisations||No|
|Free trial available||Yes|
|Description of free trial||Cloudview provides free trials where required. Cloudview mostly connects to existing client hardware therefore the extent of any trial to assess the suitability of the service requires a tailored approach to ensure key client objectives are met and that hardware compatibility issues are addressed prior to trial commencement.|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|