ImageSilo Electronic Content Management System

The Vendor is required to provide value added resellers (“VAR)”) of the imagesilo enterprise content management (“ECM”) system for the successful continuity of the agencies’ current records system.
- ImageSilo (powered by Paper Vision) is the current ECM platform under licensure by the Agencies.
- The Reseller must:
• Ensure access to upgrades for the duration of the contract;
• Cloud hosting: host the system in a secure, top-tier cloud environment, ensuring at minimum 98.9% uptime service levels;
• Advanced features: ensure the imagesilo system includes advanced search capabilities, metadata tagging, automated workflows, and compliance with regulatory standards.
• Storage based fee structure, based on GB of storage used;
• Data security: provide robust security measures, including data encryption, identity management, and disaster recovery plans;
• Retention and disposal: support automated retention scheduling and secure disposal of records in compliance with regulatory requirements; and
• Search and retrieval: enable advanced search capabilities, including full-text search and metadata filtering.
• Disaster recovery: a disaster recovery plan must be in place and must be tested upon the agencies’ request;
• A recovery time service level agreement (SLA) is required by the agencies to protect against any unforeseen outages;
• Ensure that all data will be made available outside the borders of the states, either physically, electronically, verbally, or in any other form or manner; and 
• All resources of the successful proposer will be physically located within the borders of the states.
• In place security controls: the hosting application or the application utilized for the repository must have the following security controls in place:
• Application security: ensure that good software development practices and software security solutions are utilized;
• Data encryption and transmission: data must be encrypted when at rest or in transmission;
• Identity management solutions: hosting application must have an identity management or directory structure to manage user’s identity and accesses to privileges, and controls for the privileges assigned to both identities and resources.
• Network security: the hosting environment must have security of all parts of the network including firewalls, servers, clients, routers, switches, and access points that are in accordance with best practices. • A network/system diagram will be required for documentation.
• Malicious software prevention: the computing environment must be protected from all sorts of hacking and malicious attacks by implementation of antivirus, anti-spyware, anti-spam, and anti-rootkit solutions to protect from malicious attacks.
• Security integration: the integration of security around data at rest or in transmission.
• Authentication, authorization, and access control: the application must comply to strict controls with user name and complex password, password lockout and expirations, multi-factor authentication for data accessed over the public web.
- Contract Period/Term: 5 years
- Questions/Inquires Deadline: July 15, 2025