Emu Analytics Ltd

Location Insights Explorer

Spatial data analytics and visualisation software

Features

  • Hyper-performant web enabled mapping and data visualisation
  • Highly engaging and intuitive User Interface design
  • Imports many different spatial data formats including common ESRI outputs
  • Unique and Innovative data sharing and data democratisation capabilities
  • 2D and 3D rendering
  • Data science and Location insight driven
  • Zero client side install - Browser only requirement
  • Self-Serve Administration for User Setup, Theming, Styling and Content Structure
  • Data privacy and GDPR compliant
  • Rapidly deployed into the cloud and offered on SaaS basis

Benefits

  • Hyper-performant web enabled mapping and data visualisation and data-curation platform
  • Supports multi-variate user base with differing requirements
  • Easily share spatial insights to industry and the wider public
  • Intuitive platform with minimal training requirements
  • Highly engaging and innovative interface to all users
  • Support for private and public access
  • SaaS that removes the need for internal platform management
  • Create, style, share and publish insights in minutes
  • Easily manage access control for Private, Organisation and Public
  • Web Browser interface delivering stunning 2D and 3D Visuals

Pricing

£14750 to £25750 per instance per year

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

9 3 0 6 8 5 9 6 7 7 7 6 7 8 3

Contact

Emu Analytics Ltd

Richard Vilton

+447949215774

richard.vilton@emu-analytics.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints Currently the service is available on AWS. Other cloud platforms are expected to be supported later in the year
System requirements Upto date Web Browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times UK working day 9-5 support only.
Emails will be responded to within 2 hours within these times
User can manage status and priority of support tickets No
Phone support No
Web chat support No
Onsite support Yes, at extra cost
Support levels A single support level for the solution is offered, for 2 hour response to email support requests.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The interface is specifically designed to be intuitive, interactive and usable by personnel that do not require deep technical data science training to realise value from the data. Short Training and QuickStart sessions are available for organisations on request . Location Insights Explorer has some on-line help built in. We also provide a series of short tutorial videos.
Service documentation Yes
Documentation formats
  • HTML
  • Other
Other documentation formats
  • In-app help
  • Video Tutorials
End-of-contract data extraction Data would be destroyed at the end of the contract with the termination of the cloud based instance. Data is not currently extractable from the solution in a reusable format - although maps can be exported as images (PNG/PDF). Should an exceptional case for extraction be required, then the supplier would consider undertaking this as a one-time professional services offering, although the effort and cost would be determined by the nature and volume of the data already created within the platform.
Future versions of the product will provide capability for datasets to be exported.
End-of-contract process At the end of the contract, assuming there is no intent for the solution to be extended, the cloud instance would be shutdown and all related cloud-based assets (data, user accounts etc) destroyed.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Service interface No
API No
Customisation available Yes
Description of customisation The "look and feel" of the the service can be customised by Admin users to their own organisations branding with ability to change welcome text, support text, logos and theming.
See London Borough of Barking and Dagenham's public facing instance as an example of this: www.lbbd.gov.uk/boroughdataexplorer

Scaling

Scaling
Independence of resources Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them. Services which provide virtualized operational environments to customers (i.e. EC2) ensure that customers are segregated via security management processes/controls at the network and hypervisor level. Service usage is monitored to project infrastructure needs to support availability commitments/requirements. Capacity planning is performed to assess current infrastructure usage and demands. The underlying cloud (AWS) architecture and containerisation of Location Insights Explorer supports the planning for future demands to acquire and provision additional resources based upon current resources and forecasted requirements.

Analytics

Analytics
Service usage metrics No

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations No
Datacentre security standards Supplier-defined controls
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach Location Insights Explorer is provisioned on AWS which adheres to independently validated privacy, data protection, security protections and control processes. AWS is responsible for the security of the cloud. End user Access to the Location Insights Explorer is only ever via secure HTTPS url login. There is no access to any data not presented within the application. Access to the Location Insights Explorer management plane is securely managed through a combination of access keys, VPNs and 2 factor authentication. Where applicable data may also be encrypted within at-rest storage.
Data sanitisation process Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach In-house destruction process

Data importing and exporting

Data importing and exporting
Data export approach Maps can be exported as PNG and PDF images with user control over the export size and quality.
Data export formats Other
Other data export formats
  • PNG
  • PDF
Data import formats
  • CSV
  • Other
Other data import formats
  • SHP
  • GeoJSON
  • KML
  • Other OGR vector formats

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
  • Other
Other protection within supplier network Customer environments are logically segregated to prevent users and customers from accessing resources not assigned to them. Location Insights Explorer cloud architecture (AWS) enables content by design that allows for the most appropriate secure data transit based on start and end point. This includes TLS/SSL, and/or IPsec or TLS VPN (if applicable), or other means of protection if required. API calls can be encrypted with TLS/SSL to maintain confidentiality. AWS Console connection is encrypted with TLS.

Availability and resilience

Availability and resilience
Guaranteed availability Location Insights Explorer is provisioned on AWS Cloud which provides the following SLA's: • Amazon EC2 SLA: http://aws.amazon.com/ec2-sla/ • Amazon S3 SLA: http://aws.amazon.com/s3-sla • Amazon CloudFront SLA: http://aws.amazon.com/cloudfront/sla/ • Amazon Route 53 SLA: http://aws.amazon.com/route53/sla/ • Amazon RDS SLA: http://aws.amazon.com/rds-sla/ • AWS Shield Advanced SLA: https://aws.amazon.com/shield/sla/ If specific Location Insights Explorer iSLA’s levels are required these can be offered based on specific requirements and related commercial viability of specific SLA levels. This would be part of an agreed Statement of Work (SoW) undertaken with the customer to ensure that the level of support they require for their Location Insights Explorer application is aligned to their business priorities and budget.
Approach to resilience Location Insights Explorer is provisioned on AWS Cloud. The AWS Business Continuity plan details the process that AWS follows in the case of an outage, from detection to deactivation. AWS has developed a three-phased approach: Activation and Notification Phase, Recovery Phase, and Reconstitution Phase. This approach ensures that AWS performs system recovery and reconstitution efforts in a methodical sequence, maximising the effectiveness of the recovery and reconstitution efforts and minimising system outage time due to errors and omissions. AWS maintains a ubiquitous security control environment across all regions. Each data centre is built to physical, environmental, and security standards in an active-active configuration, employing an n+1 redundancy model, ensuring system availability in the event of component failure. Components (N) have at least one independent backup component. All data centres are online and serving traffic. In case of failure, there is sufficient capacity to enable traffic to be load-balanced to the remaining sites. If advanced requirements such as dedicated replication and hot-failover are required these can be provided as part of a Statement of Work (SoW). This ensures that Location Insights Explorer deployments are provisioned to optimise both functionality and budget requirements.
Outage reporting Service outages are reported to the customer via email and/or via direct telephone contact to the customer SPOC (Single Point of Contact) by the Account Manager.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels Location Insights Explorer is provisioned on AWS which provides IAM for access management. IAM is used to define user access control to all services, APIs and specific resources. Other controls include time, originating IP address, SSL use, and authentication via MFA devices. API calls to launch/terminate instances, change firewalls, and perform other functions are signed by customers’ Amazon Secret Access Key (either the root AWS Account’s Secret Access Key or the Secret Access key of a user created with AWS IAM). Only approved Emu personnel are granted access to management interfaces.
Access restriction testing frequency At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for Between 1 month and 6 months
How long system logs are stored for Between 1 month and 6 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Emu Analytics has an internal security policy that defines the current approach to security governance. The company has been audited by global enterprise security teams previously and has passed with it's current security policy that covers: Access Control Policy, Antivirus Software for laptops, Document Confidentiality Classification, File lists, GDPR Guide & Resources, Incident Reporting, Information Asset Classification And Handling, Information Security Policy Statement, Management of Client Data, Office & Workplace Security Policy, Risk Register, SSL Certification, User Accounts and Password Policies The company is embarking on a programme to achieve formal ISO27001 certification.
Information security policies and processes The Emu Analytics security policy and procedures are available to all staff on the internal company intranet. All existing staff are familiar with these policies and the policies are part of any new employee induction. Emu Analytics follow a structured agile delivery methodology which ensures all projects have daily scrum delivery sessions where policy adherence is both enforced and reviewed.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach All software components are version controlled in a Professional and Secure Configuration Management System (BitBucket). Access and privileges within the repository is strictly managed. Any third part components and code are virus and malicious code checked. Company written code is peer reviewed.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Location Insights Explorer is provisioned on AWS Cloud Infrastructure. AWS Security performs vulnerability scans on the host operating system, web applications, and databases in the AWS environment. Approved 3rd party vendors conduct external assessments (minimum frequency: quarterly). Identified vulnerabilities are monitored and evaluated. Countermeasures are designed and implemented to neutralise known/newly identified vulnerabilities. Potential threats are tracked via https://aws.amazon.com/security/security-bulletins/ Security patches against all services are deployed inline with the recommended urgency and security guidance.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Location Insights Explorer is provisioned on AWS and utilises the supported monitoring processes. AWS deploys (pan-environmental) monitoring devices to collect information on unauthorized intrusion attempts, usage abuse, and network/application bandwidth usage. Devices monitor: • Port scanning attacks • Usage (CPU, processes, disk utilization, swap rates, software-error generated losses) • Application metrics • Unauthorized connection attempts Near real-time alerts flag potential compromise incidents, based on AWS Service/Security Team- set thresholds. Incidents are responded to as All incidents are assigned an owner and logged and tracked within the Incident Report.
Incident management type Supplier-defined controls
Incident management approach All incidents are assigned an owner and logged into the internal incident management log which contains: Date, Description, Severity, Status, Affected Infrastructure, Affected Personnel, Affected Services, Reported by, Incident Owner, Links and Attachment. Customers can report incidents by emailing Emu Support or by calling their Account Manager directly. Emu Analytics will always endeavour to resolve problems as swiftly as possible. It recognises that a client’s systems are key to its business and that any downtime may be business affecting. Updates on service affecting issues are communicated to customers via email or by a direct phone call to the customer SPOC.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £14750 to £25750 per instance per year
Discount for educational organisations Yes
Free trial available No

Service documents

Return to top ↑