G4S Monitoring Technologies Ltd

Electronic Offender Monitoring

The G4S EM (or Tagging) system covers all aspects of Offender Monitoring, including RF House Arrest/Home Detention, GPS Tracking, and Domestic Violence. The system provides Police, Local Authorities and Government Agencies a cost effective and robust solution to assist in their efforts to reduce re-offending across all offender types.

Features

  • Secure, intuitive, web based monitoring platform
  • Passive, Active, Hybrid GPS tracking
  • Exclusion, Inclusion Geo-fencing
  • Real-time offender location
  • Adaptable online Reporting tool
  • Expert witness support
  • 24/7 Support

Benefits

  • Supports reduction in re-offending
  • Improves Police/Authority efficiency in terms of Reports and Data Analysis
  • Supports Criminal investigations
  • Improves safety when used in Victim Monitoring
  • Reduces Recidivism

Pricing

£100 to £195 per unit per month

  • Free trial available

Service documents

G-Cloud 9

996699901751099

G4S Monitoring Technologies Ltd

Scott Holmes

07823883278

scott.holmes@uk.g4s.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints There are no constraints to the service offered.
System requirements Software runs in a Microsoft environment.

User support

User support
Email or online ticketing support Email or online ticketing
Support response times 30 - 360 minutes for critical requests
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support Onsite support
Support levels Email and telephone support, with 24/7, on-call cover for critical issues.
Mon to Fri 08:00 to 17:30 for other issues.
Designated Account Manager will be provided.
Bespoke development can be provided at additional cost.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started G4S will work closely with all system users to ensure they are fully trained on all system aspects. At the onset of the program, training will initially be provided on site at the customers location, and will be supported with comprehensive user documentation, and online guides. Periodic, refresher training will be provided by the G4S contract manager throughout the lifetime of the contract.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction The user would request the data to be exported. G4S would carry out this and provide the data to an agreed format.
End-of-contract process Price includes the following:-
Field Hardware (Tags, Monitoring units)
Officer Tools (Fitting, Diagnostic & Removal eqt)
EMSyS Monitoring software, Hosting, Training, SIM cards (& associated costs), and consumables (straps)
24/7 On-call support.

Price does not include:-
Lost & damaged equipment
Changes/customization of the User Interface.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Microsoft Edge
  • Firefox
  • Chrome
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility The Management System contains a number of accessibility features, but is not formally tested to WCAG 2.0.
Accessibility testing No specific interface testing has been done with users of assistive technology.
API Yes
What users can and can't do using the API The Management System exposes a number of features via a REST interface, including the ability to create subjects, and manage schedules.
API documentation Yes
API documentation formats PDF
API sandbox or test environment No
Customisation available Yes
Description of customisation The service can be customised in a variety of ways, and by a number of routes. These include configuration files prepared prior to deployment, customisation applied by system administrators during normal operation, and customisation applied by a user that persists for the life of a user session.

Scaling

Scaling
Independence of resources Each system is private to each customer and scaled to the usage requirements of the delivered system.

Analytics

Analytics
Service usage metrics Yes
Metrics types The Service provides a number of standard reports that provide information about the usage of the system. Further bespoke reports can be provided.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Encryption of all physical media
Data sanitisation process Yes
Data sanitisation type Explicit overwriting of storage before reallocation
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be viewed using a number of standard reports, which can be exported from the system in a wide variety of formats, such as Excel, CSV, PDF, etc. Further bespoke reports can be provided.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Excel
  • Word
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability 99.99% as described by the up-time institute.
Approach to resilience Available on request.
Outage reporting Email Alerts via proactive network operations centre.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Other
Other user authentication G4S can tailor user service authentication to individual customer requirements,
Access restrictions in management interfaces and support channels Remote administration and support is rare owing to air-gap hosting environments. When required secure support channels are arranged with the customer using industry standard secure practices and aligned with security procedures such as Information Classification, Password and Access Control policies.
Access restriction testing frequency At least once a year
Management access authentication Other

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations Yes
Any other security accreditations Common Criteria Certification for Monitoring Equipment and their interfaces

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards Other
Other security governance standards G4S requires all business units to comply with a mandatory set of Information Security Controls based on ISO27001:2013. We comply with those. In addition, we operate an Information Security Management System (ISMS). We are working towards full ISO27001:2013 accreditation.
Information security policies and processes 1. Information Security Policy
2. Nominated Information Security Manager
3. Information asset register, classification and risk assessment of assets
4. Information Security and Awareness Program
5. Acceptable Use Policy
6. Secure disposal of all media
7. User registration and re-registration process
8. Password policy
9. Appropriate physical barriers
10. IT Change control process
11. End-point hardening of all servers and systems
12. Independent penetration testing
13. Non-disclosure agreements with all parties which process G4S information.
14. Controlled software development process
15. Security incident reporting procedure
16. Robust safeguards of Personal data
17. All staff to have read IT Policies and mandatory information security documentation

These information security policies are subject to G4S audit and annual self assessment.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Change requests for the hosted service are performed through a change management process controlled through a collaborative change control board. Changes are raised and tracked through the G4S Service desk, then developed, tested and rolled out in collaboration with the customer.
Vulnerability management type Supplier-defined controls
Vulnerability management approach G4S adopts a proactive vulnerability monitoring and ongoing risk assessment. Patches are deployed in a timely manner as assessed on risk.

Potential threat sources include:
ncsc.gov.uk
ISC - SANS Institute (Internet Storm Centre)
Microsoft
Cisco
Protective monitoring type Undisclosed
Protective monitoring approach We actively monitor potential compromises. This is achieved through real-time monitoring controls.
Response to potential compromise follows the documented Security Incident Reporting procedure.
We are able to respond immediately, in a planned manner, to apply corrective action risk treatment.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Our incident management plan conforms to ISO/IEC 27035:2011

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £100 to £195 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial A trial option is provided. Limited to 5 monitored devices for a period of 2 weeks.

Including:-
Field Hardware (Tags, Monitoring units)
Officer Tools (Fitting, Diagnostic & Removal eqt)
EMSyS software, Hosting, Training, SIM's (+costs), and straps.
24/7 On-call-support.

Not including:-
Lost & damaged equipment
Changes/customization of the User Interface.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑