Capita Business Services Limited

Internet of Things

Capita offers an Enterprise IoT platform that manages an entire IoT network from devices through to applications. IoT applications visualise and analyse data generated by IoT sensors by use case, entity, division or department, providing meaningful deep insight into assets and service operations to enable data informed decisions.

Features

• Single platform for IoT connectivity, management and applications
• IoT network is carrier grade
• Uses the LoRaWAN protocol
• Spectrum is EU 868Mhz
• Supported by industry recognised partner eco-system
• Can use both hard wired and mobile connectivity
• Can operate indoor and outdoor
• Over 100 ready to deploy use case and applications
• Easy to deploy, manage and scale
• Can be shared, private, self managed or managed

Benefits

• Safety, monitor and manage hazardous environments
• Society, monitoring for health and social care
• Environment, pollution levels, air quality flooding alerts
• Innovation, use data to deliver new product and services
• Intelligence, data driven better decisions for organisations and society
• Compliance, more effective monitor and reporting on compliance requirements
• Cost savings from productivity enhancements leads to lower cost services
• Productivity, automated data collection eliminates human errors
• Efficiency, better use of time speeds up processes
• IoT collects data, provides insight, discovers patterns and challenges assumptions

£1.00 to £2.00 a device a month

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

154252572568445

Contact

Capita Business Services Ltd
08702407341
engagewithus@capita.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Private cloud
  • Community cloud
• Service constraints: IoT uses radio and wireless technologies, therefore signal range is subject to surrounding environment and terrain. Sensor battery life is subject to its messaging profile. Battery life varies from sensor to sensor device type typically between 2-10 years.
• System requirements:
  • Sensors to network connectivity uses gateways or access point hardware
  • IoT network subject to setup, application license and subscription costs

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Subject to SLA requirements typically 2hrs or 4hr or other response. Can be Mon-Friday business hours, 365x7x24.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Support levels ; Gold: 365 x 7 x 24, 2 hour response ; Silver: Mon to Fri, Normal business hours, 2 hour or 4 hour response; Bronze: Mon to Fri, Normal Business hours, same day response; Above support levels are subject to service level requirement, can be also be bespoke to requirement, costed in the service set-up.; Technical account manager is subject to requirement, and costed in the service set-up.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: Please engage with Capita IT Services to ensure the correct service and options are identified. We will supply a full statement of works and proof of concept (if required). All customers are onboarded by our TDA, providing a Statement of works detailing the work required prior to BAU.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data can be transferred to any database or data lake using webhook (also called a web callback or HTTP push API) data transfer. Other methods available on request.
• End-of-contract process: At the end of the contract term typically three (3) to five years (5), there is an option to roll-on the service to extend the contract. Or, alternatively provide a minimum thirty (30) day notice to cease the service. Subject to any specific terms agreed within the contract.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: IoT Use Case applications accessible via an Intuitive designed for mobile interface with similar look and feel as the desktop browser version.
• Service interface: Yes
• Description of service interface: IoT network has interfaces for platform and device management and service performance monitoring
• Accessibility standards: None or don’t know
• Description of accessibility: Our IoT platform has a single-entry point to your applications making IoT delivery and operations processes simpler & faster. This single entry point fast-tracks sensors data delivery to IoT Applications, leveraging a large portfolio of IoT platform connectors and APIs, such as to AWS IoT, Azure IoT and more.
• Accessibility testing: No testing has been done with users of assistive technology at this time.
• API: Yes
• What users can and can't do using the API: Data can be transferred to any database or data lake using a webhook (also called a web callback or HTTP push API) data transfer. Other data transfer methods are available on request.; The above is accessed and managed by IoT platform administrators.; No changes can be made to this API as it has a specific function to transfer data.
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: IoT applications can be customised to specific buyer requirements, only limited by sensor ability to send the required use case data.; Customisation of application, data visulaisation and/or dashboard to specific buyer requirements is manage by application development using a framework of modular components and a rapid development method.

Scaling

• Independence of resources: Our service is governed and subject to regional parameters for the EU868 spectrum defined by the LoRa Alliance LoRaWAN protocol specification and Ofcom here in the UK.; ; Please refer to the information provided in these links for further information:; ; 1. https://lora-alliance.org/ ; 2. https://lora-alliance.org/resource-hub/rp2-101-lorawanr-regional-parameters-0; 3. https://www.ofcom.org.uk/manage-your-licence/radiocommunication-licences/internet-of-things

Analytics

• Service usage metrics: Yes
• Metrics types: Service usage metrics are subject to service requirements and can be tailored to requirement.
• Reporting types:
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: ThingPark from Actility (IoTPaaS), Crescent-NV - IoT Application Framework (SaaS)

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Flexible data process using HTTPS or MQTT brokers, DX API, with preconfigured cloud connectors to Azure IoT, Amazon AWS, IBM Watson.
• Data export formats:
  • CSV
  • ODF
• Data import formats:
  • CSV
  • ODF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Service Level Agreements (SLAs) and associated Service Credits (SCs) are subject to contract service level agreement requirements, and negotiated contract terms and conditions.
• Approach to resilience: Service resilience is subject to service requirements on a case-by-case basis, and can be designed and configure to deliver service resilience requirements. Further information on resilience designed specific requirements is available on request.
• Outage reporting: Outage reporting is based on service requirement and service architecture design, currently service reporting is managed and generated by our service desks supporting our services. As a minimum this would include email alerting.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: Access details for client systems are held securely in our Customer Service software and access is restricted to only those staff that support the customers cloud based system. The support teams access the customer cloud based system via terminal services and each member of the support team has their own login credentials.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Evova/BM Trada
• ISO/IEC 27001 accreditation date: Since 2006
• What the ISO/IEC 27001 doesn’t cover: All activity is covered and included in the certificate scope
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: All Capita systems are subject to the Capita corporate cyber and information security policy and the associated standards that underpin this.
• Information security policies and processes: SO/IEC 27001 / Other; ; All Capita systems are subject to the Capita corporate cyber and information security policy and the associated standards that underpin this.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: ITIL based processes are followed. ; - Full configuration management system tracking service components; - Full change advisory board; - All changes are assessed for risk and impact ; - Includes dedicated test environments; ; Whilst we have our own controls for change management (in line with our ITIL-oriented service management processes) we will ensure that any upgrade process meets the requirement of your change management policies as well, including liaising with the relevant internal stakeholders to ensure the right people are aware of what is going to take place and when.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Internal QA and test process; - Test and deploy patches in accordance with severity ; - Support regular independent penetration testing; - Active monitoring and management of network vulnerability and security threats.; - Relationships with key vendors to understand potential threats
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Monitor entire environment both at infrastructure and software level; - Includes monitoring individual files and folder configuration changes automatically; - Dedicated personnel for monitoring and managing the environment; - Relationships with vendors; - ITIL - deploy emergency change control and emergency escalation processes; - Incidents will be triaged; - Remediation plan in case of security incident
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Fully ITIL based service desk management , includes a dedicated incident management process. ; - Incident knowledge-based database, each with a predefined process for resolution; - phone, email, customer support portal as available contact methods to the service desk. ; - Service delivery managers provide reports, in addition self service is available through the customer support portal

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: Yes
• Connected networks: Scottish Wide Area Network (SWAN)

Pricing

• Price: £1.00 to £2.00 a device a month
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: 30 Day PoC of platform and sensor management with basic data visualization via limited free to use software.; Use Case sensors to be to be provided by the buyer, then connected to the IoT network for the duration PoC.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

• Modern Slavery statement

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at engagewithus@capita.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.