Allsop Consulting Ltd

Allsop Mobile Workforce Solutions

Allsop provide a cloud service and mobile app to manage mobile workforces, reducing administration costs and increasing productivity, giving your business a competitive edge. From meter readings to electronic proof of delivery to fire risk inspections to vehicle tracking, our apps can be tailored to meet your organisational requirements.


  • Anywhere access to administration processes
  • On and off line availability for field operatives
  • Real time reporting from the field
  • Batch loading of jobs and assets
  • Drag and drop job assignment
  • Export work data to Excel or PDF
  • API available for system integration
  • Location mapping and tracking
  • Scan and sign capabilities
  • RFID/NFC and barcode reading


  • Reduce administration time and costs by up to 50%
  • Improve compliance and productivity by up to 20%
  • Enhanced visibility of operatives and assets in the field
  • Verify proof of delivery and send invoices immediately
  • Customise forms to suit your requirements
  • Accurate employee shift tracking
  • Reduce payroll inaccuracies
  • Lone worker protection
  • Consistency of returned data
  • Easy to understand reporting utilities


£25 per licence per month

Service documents

G-Cloud 10


Allsop Consulting Ltd

Ian Topping


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Hybrid cloud
Service constraints All maintenance will be notified ahead of time via notifications during login, however it usually does not majorly affect the mobile service, as it continues to work offline during any maintenance periods.
System requirements
  • Software user licences
  • Relevant hardware

User support

User support
Email or online ticketing support Email or online ticketing
Support response times First response - 2 Hours Mon - Fri 9am to 5pm
First response at weekends - 2 Hours subject to relevant support agreement in place.
Extended hours available on request.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Monday to Friday, 9am to 5pm support is included as part of the payment model.
24/7 support is available on request.
Technical account manager is assigned to each account.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Allsop provides as standard 1 day of onsite training, set up of GeoPal account and configuration of templates.
Additional training on request.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction Data can be extracted from the management console in a variety of formats eg. excel, pdf, word, JSON, XML and other file types are available.
End-of-contract process £950 set up fee. Monthly payment dependent on the number of licences. Users can also pay for the year in advance, in which case they receive a 10% discount off the total yearly licence fee.
A one month notice period must be given to end the contract.
Additional costs include extra training, on-site visits, platform customisation and any other consultancy.

Using the service

Using the service
Web browser interface No
Application to install Yes
Compatible operating systems Android
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The mobile app is designed specifically for data capture and to be used by field workers.
The web application acts as the management console for viewing and manipulating the data.
Accessibility standards None or don’t know
Description of accessibility N/A - Accessibility has not been tested
Accessibility testing N/A
What users can and can't do using the API An API key can be provided by Allsop on request. The API is only accessible through a valid API key.
Web API documentation is available and accessible through the management console. This documentation provides detailed information on the use of GeoPal web APIs. Multiple programming languages are supported eg. Java, C#, VB, Python, PHP.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation The look and feel of the mobile app can be customised. The functionality of the mobile app can be customised. This can be done app builder module on the GeoPal platform. Custom web portals can also be both developed and hosted on the GeoPal platform.
Customisation can be done by anyone with the appropriate access to a GeoPal account and a valid API key.


Independence of resources GeoPal's cloud architecture is designed so that the platform can handle large numbers of users without affecting performance. There is no limit on the amount of users that can access the platform at any one time.


Service usage metrics Yes
Metrics types Any action carried out in GeoPal is visible through the management console, for example, last login details, last known location, when the platform was last accessed, last completed job, in progress jobs.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Reseller providing extra features and support
Organisation whose services are being resold GeoPal

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations European Economic Area (EEA)
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least every 6 months
Penetration testing approach Another external penetration testing organisation
Protecting data at rest Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data can be extracted from the management console in a variety of formats eg. excel, pdf, word, JSON, XML and other file types are available.
Data export formats
  • CSV
  • Other
Other data export formats
  • Pdf
  • JSON
  • XML
  • Word
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Other
Other protection within supplier network The GeoPal database resides on Amazon's AWS cloud infrastructure. With its data protected to an AES 128 bit encryption. The GeoPal mobile app is protected by AES 256 bit encryption using SQL Cipher. Data is protected in transit and at rest on the mobile.

Availability and resilience

Availability and resilience
Guaranteed availability GeoPal data transfer occurs through the SIM card in each of the mobile devices which emit a carrier signal from the service provider. GeoPal has both online and offline capabilities. Data transfer in real-time occurs when online however WJM operatives can fill out their worksheets on their devices while offline. Once the operative has connectivity again the data will be synced to the cloud. As mentioned previously, data which is held in GeoPal’s cloud servers can be restored to its original state. This means that if records were changed or deleted, there is a process which can allow those records to be retrieved.
Approach to resilience The GeoPal database resides on Amazon’s AWS cloud infrastructure with its data protected to an AES 128 bit encryption. The datacentres themselves are secured with a number of physical restraints such as finger print and retina scan, 24/7 armed guards, passcode and timed-locks. Data is duplicated and held on two Tier 4 level (highest security rating) data centres both located in Europe. If one of the datacentres fails, data is backed up on the other. A load balancer is used to split traffic between both locations, both locations are live at once. An outage can be simulated by removing one route from the load balancer. The GeoPal mobile app is protected with an AES 256 bit encryption using SQL chipper. If the hand held device is lost or stolen its data cannot be accessed. Data in transit between the website and the servers is protected through a 128 bit encryption and sits behind SSL security protocols. The GeoPal application requires a username and password to access. The password must be at least eight characters and have at least one numerical digit. There is no auto-login feature in GeoPal. Sessions are automatically timed out after 30 minutes idle.
Outage reporting API and email alerts are available.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels GeoPal users can be assigned permissions based on their job role requirements. More granular permissions can be configured for example allowing users to access certain features of the platform.
Access restriction testing frequency At least every 6 months
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach The Allsop web application resides on Amazon’s secure and reliable hosting environment and all data is encrypted. Data captured using the Allsop mobile app is also encrypted and can only be accessed through the GeoPal mobile app.

Data can be encrypted at rest on the servers if required

The services Allsop uses within Amazon’s Cloud is also stored in a Virtual Private Cloud (VPC). This allows us to directly control which services and servers have access to which data ensuring that only servers with the correct security privileges have access.
Information security policies and processes All customer data exists only within their individual, locked account, and support technicians can only access it by being granted the permission by a customer directly. This is monitored regularly through our support manager, and is escalated to CTO for review.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and change management is implemented by the customer, as they control the configuration of their service.

New features are introduced through a 3-environment testing which the customer is able to check and report issues at any time.

All changes are reviewed through multiple approval workflows, to ensure security frameworks have been followed.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Our system is maintained by a 3rd party managed services provider that specializes in designing, building and managing scalable hosting infrastructures for mission critical websites an internet services. The monitoring software used is Nagios, which allows detection of any change in service level.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Our system is maintained by a 3rd party managed services provider that specializes in designing, building and managing scalable hosting infrastructures for mission critical websites an internet services. The monitoring software used is Nagios, which allows detection of any change in service level.
Incident management type Supplier-defined controls
Incident management approach Incidents can be reported via multiple support channels (email, web submission, telephone), and updates are provided to individual customers for specific incidents via the reporting channel, or to all customers via email and support portal updates.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £25 per licence per month
Discount for educational organisations No
Free trial available No

Service documents

pdf document: Pricing document pdf document: Skills Framework for the Information Age rate card pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑