Shop UPsafety
Want to Talk?
What is the Cloud?

The highly secure UPsafety Cloud is an easy to use, online, all-in-one back office solution that allows ToCite and ForCite Mobile to synchronize issued ticket or citation data, images, notes, and all other collected data directly from the field to the Cloud securely and efficiently.

Download more information

Powered by
Screen shot of ToCite Cloud interface

How does it work?

All of our solutions are entirely based upon the Cloud with mobile devices which are interfaced through the internet. All data from the mobile devices is automatically synced with the UPsafety Cloud. The solutions do not require on-site servers, backup systems, updates, or any other typical IT support. The Cloud is available anywhere an internet connection is (laptop, tablet, PC, cell phones, etc). The only requirements are an internet connection and a device running a browser. The Cloud is used to:

Is the UPsafety Cloud Secure?

United Public Safety and all of our partners utilize state of the art security such as SHA-2, (designed by the National Security Agency for data encryption), STS Secure Token Service (security for user information), PCI DSS Auditing (for credit card transactions), Federal Information Security Management Act (FISMA), and our Cloud has obtained the ISO/IEC 27001:2005 certification for Information Security Management. Our Cloud and mobile devices are FIPS Compliant.

Our Cloud utilizes the Microsoft Global Foundation Services (GFS) data centers. The data center is physically secured with fire, flood protection, high security locks, closed circuit cameras, biometric devices, electronic ID card readers and alarms. All access is secured with positive ID Access Control Lists.

Security Controls and Capabilities

The UPsafety Cloud utilizes the Microsoft Azure services to deliver the highest level of back office security.

  • 24 hour monitored physical security. Datacenters are physically constructed, managed, and monitored to shelter data and services from unauthorized access as well as environmental threats.
  • Monitoring and logging. Security is monitored with the aid of centralized monitoring, correlation, and analysis systems that manage the large amount of information generated by devices within the environment and providing alerts.
  • Patching. Integrated deployment systems manage the distribution and installation of security patches automatically to ensure the most up to date security protocols.
  • Intrusion detection and DDoS. Intrusion detection and prevention systems, denial of service attack prevention, regular penetration testing, and forensic tools help identify and mitigate threats from both outside and inside of our Cloud.
  • Isolation. Network isolation is used to prevent unwanted communications between the Cloud. Special access controls block unauthorized users.
  • Encrypted communications. Built-in SSL and TLS cryptography enables automatic encryption of communications.


Federal Risk and Authorization Management Program (FedRAMP)

Our Microsoft Azure Cloud has been granted a Provisional Authorities to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). Following a rigorous security review, the JAB approved a provisional authorization that an executive department or agency can leverage to issue a security authorization and an accompanying Authority to Operate (ATO). This will allow US federal, state, and local governments to more rapidly realize the benefits of the UPsafety Cloud using Microsoft Azure.

ISO/IEC 27001:2005 Audit and Certification

ISO/IEC 27001:2005, a broad international information security standard, validates that the Microsoft Azure Cloud has implemented the internationally recognized information security controls defined in this standard, including guidelines and general principles for initiating, implementing, maintaining, and improving information security management.

The certificate issued by the British Standards Institution (BSI) is publicly available.

HIPAA Business Associate Agreement (BAA)

HIPAA and the HITECH Act are United States laws that apply to healthcare entities with access to patient information (called Protected Health Information, or PHI). To ensure compliance with HIPAA and the HITECH Act, Microsoft Azure offers a BAA to customers as a contract addendum.

Payment Card Industry (PCI) Data Security Standards (DSS) Level 1

The Microsoft Azure Cloud is Level 1 compliant under the Payment Card Industry (PCI) Data Security Standards (DSS) as verified by an independent Qualified Security Assessor (QSA), allowing merchants to establish a secure cardholder environment and to achieve their own certification.

The PCI DSS is an information security standard designed to prevent fraud through increased controls around credit card data. PCI certification is required for all organizations that store, process or transmit payment cardholder data. Customers can reduce the complexity of their PCI DSS certification by using compliant Azure services.

The Microsoft Azure PCI Attestation of Compliance is available for immediate download.

Family Educational Rights and Privacy Act (FERPA)

FERPA imposes requirements on U.S. educational organizations regarding the use and disclosure of student education records. Educational organizations use UPsafety’s Microsoft Azure Cloud to process data, in compliance with FERPA. Both United Public Safety and Microsoft will not scan Customer Data for advertising purposes.

SOC 1 and SOC 2 SSAE 16/ISAE 3402 Attestations

Azure has been audited against the Service Organization Control (SOC) reporting framework for both SOC 1 Type 2 and SOC 2 Type 2. Both reports are available to customers to meet a wide range of US and international auditing requirements.

The SOC 1 Type 2 audit report attests to the design and operating effectiveness of Azure controls. The SOC 2 Type 2 audit included a further examination of Azure controls related to security, availability, and confidentiality. Azure is audited annually to ensure that security controls are maintained.

Audits are conducted in accordance with the Statement on Standards for Attestation Engagements (SSAE) No. 16 put forth by the Auditing Standards Board (ASB) of the American Institute of Certified Public Accountants (AICPA) and International Standard on Assurance Engagements (ISAE) 3402 put forth by the International Auditing and Assurance Standards Board (IAASB). In addition, the SOC 2 Type 2 audit included an examination of the Cloud Controls Matrix (CCM) from the Cloud Security Alliance (CSA).

Cloud Security Alliance Cloud Controls Matrix

Microsoft Azure has been audited against the Cloud Controls Matrix (CCM) established by the Cloud Security Alliance (CSA). The audit was completed as part of the SOC 2 Type 2 assessment, the details of which are included in that report. This combined approach is recommended by the American Institute of Certified Public Accountants (AICPA) and CSA as a means of meeting the assurance and reporting needs of the majority Cloud services users. The CSA CCM is designed to provide fundamental security principles to guide Cloud vendors and to assist prospective customers in assessing the overall security risk of a Cloud provider. By having completed an assessment against the CCM, Azure offers transparency into how its security controls are designed and managed with verification by an expert, independent audit firm.

Detailed information about how Azure fulfills the security, privacy, compliance, and risk management requirements defined in the CCM is also published in the CSA’s Security Trust and Assurance Registry (STAR). A detailed paper discussing Azure’s compliance with the specific controls in the CCM can be found here.

In addition, the Microsoft Approach to Cloud Transparency paper provides an overview of how it addresses various risk, governance, and information security frameworks and standards, including the CSA CCM.

United Kingdom G-Cloud Impact Level 2 Accreditation

In the United Kingdom, Azure has been awarded Impact Level 2 (IL2) accreditation, further enhancing Microsoft and its partner offerings on the current G-Cloud procurement Framework and CloudStore. The IL2 rating will benefit a broad range of UK public sector organizations, including local and regional government, National Health Service (NHS) trusts and some central government bodies, who require 'protect' level of security for data processing, storage and transmission.

Cloud Support and Service

We provide direct support to you for as long as you have a subscription with UPsafety. Included in the initial deployment is training and customization for both officers in the field and you back office staff. Our service and support is available 24/7/365.

Contact us at 215.394.1906 or sales@upsafety.net

Cost Effectiveness

UPsafety back office solutions work on a subscription basis. Annual cost is substantially less than you are currently paying. Here's why:

All of the resources and costs associated with typical IT solutions including servers, applications, thin-clients, custom programming and annual maintenance fees, are now managed by the Cloud application providers. We use providers you already trust like Microsoft and Google. While all the data and customization is completely isolated from client to client, the Cloud application as a whole is managed as if it was one solution.


Your municipality or agency will also benefit from these cost saving opportunities:

  • Eliminate manual transcription

  • Eliminate transcription errors

  • Monthly Savings on Consumables

  • Fewer Court Dismissals

  • Eliminate costly servers

UPsafety Cloud Login Screen Image