Bentley Systems International Limited

Bentley Connected Data Environment (CDE)

The Bentley CDE (Connected Data Environment) is a Client-centric, PAS1192 compatible CDE for managing information throughout the Asset Lifecycle in support of BIM Level 2 and BIM Level 3 (asset-centric) collaborative business processes.

Features

  • Unique, seamlessly integrated Design, Project and Asset Information management environment
  • Single CDE combined from Bentley AssetWise and ProjectWise G-Gloud offerings
  • Designed to support CAPEX and OPEX information workflows
  • Full support for PAS1192 ‘Digital Plan of Work’ framework
  • Full change management control over Information Delivery Plans
  • Support for BS1192 collaborative workflows, including ‘Client Share’
  • Unique ability to connect Employer and Supplier CDEs
  • Automated QA checking of information exchange artefacts, including models
  • Full Client Review and Acceptance workflows, with audit trail
  • Real-time dashboarding for evidence of progress, assurance and compliance

Benefits

  • Protect intent behind Organisational, Asset and Employer Information Requirements
  • Reduce costs by simplifying and expediting access to enterprise information
  • Improve decision making through controlled access to accurate, trusted information
  • Reduce risk through evidence of compliance against industry/regulatory standards
  • Reduce risk through real-time evidence of progress, compliance and assurance
  • Easy to access all Asset and related Information in context
  • Minimise rework by maximising information re-use throughout the asset lifecycle
  • Create a safer workplace through improved accuracy of available information
  • Reduce asset handover costs through efficient electronic handover
  • Reduce number of systems, thus reducing training and license costs

Pricing

£35471 per instance per quarter

Service documents

G-Cloud 9

391391302555314

Bentley Systems International Limited

Bentley Systems Business Ops

+44 207 861 0900

gcloud@bentley.com

Service scope

Service scope
Software add-on or extension Yes
What software services is the service an extension to AssetWise CONNECT Edition;
ProjectWise CONNECT Edition;
Context Share;
Components Center;
Optioneering;
Project Performance Dashboards;
Project Share;
Deliverables Management;
Issues Resolution;
Automation;
Microsoft Azure;
Cloud deployment model Public cloud
Service constraints Patching and maintenance windows are scheduled every month to ensure the security and reliability of the service. Notice is provided and some service disruption may occur during these out-of-hours windows.
System requirements All requirements covered with the offered service

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Response times are covered by SLA and are based on priority. P1 - 24x7 - N. America and Europe - Response 1 Hour - Resolution 4 Hours - Update Interval - 1 Hour; P2 - 24x5 - N. America and Europe - Response 2 Hours - Resolution 1 Day – Update Interval 4 Hours; P3 - 24x5 - N. America and Europe - Response 4 Hours - Resolution 10 Business Days - Update Interval 1 Day; P4 - 24x5 - N. America and Europe - Response 8 Hours - Resolution Mutually Agreed - Update Interval Mutually Agreed
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), 7 days a week
Web chat support No
Onsite support Yes, at extra cost
Support levels Our initial level is SELECT. That, along with licensing and content access benefits, gives access to the Support team and Product Upgrades.
Success Plans come in three levels; Bronze, Silver, and Gold. They align software with company goals and provide Service Level Agreements based on incident priority, access to senior talent and subject matter experts. Every Success Plan comes with a named Success Plan Manager providing extended reports and monitoring of mutually agreed KPIs. Based on the priority of the incident, SLA times range from 2 hours to 24 hours.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started After the cloud service is enabled we engage with the users (stakeholders, representatives from various departments) to define configuration details. Once the system is finally configured we perform on-site or remote training sessions for each group/role. Options to share video, training material, prepare custom training material are possible.
Service documentation Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction There are different ways to extract data depending on the volume of data to be extracted. It ranges from simple document check out, to using bulk export utility or automated using SSIS packages.
End-of-contract process It is recommended to engage with Bentley to get your data extracted before the contract ends. At a minimum, Bentley would provide the database and file repositories.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10+
  • Firefox
  • Chrome
  • Safari 9+
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service The main UI is a web frontend that can be used on desktop computers, but also on mobile devices. In addition, we offer an app that allows you to access and view documents stored within the CDE using our ProjectWise Worksite app.
Accessibility standards WCAG 2.0 AAA
Accessibility testing No specific interface testing with users of assistive technology has been done.
API Yes
What users can and can't do using the API The API allows you to customise the UI, add additional event handlers, wizards or business rules.
API documentation Yes
API documentation formats Other
API sandbox or test environment No
Customisation available Yes
Description of customisation Bentley is providing APIs to customise the CDE and to customise the user interface. It means you can create/modify and delete any CDE object in any way you want until your required modification are supported by functions provided in the SDK. The SDK consists of .NET API (can be used to modify UI, create wizards, create engines, etc.) and SQL API (can be used in event handlers or database jobs). Bentley can do the customisation for you, but Bentley also can provide training on the API, so that you can do customisation by yourself. If the customisation is a server side customisation, then it needs to pass a customisation review process at Bentley and get approval before it could be used in the cloud environment. Therefore we recommend to let Bentley do the customisation.

Scaling

Scaling
Independence of resources Systems are logically separated in a virtual cloud environment. All systems are monitored in real time for performance and availability.

Analytics

Analytics
Service usage metrics Yes
Metrics types Usage via Bentley licensing server can be self reported.

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Staff screening not performed
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
  • Other locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach The system has multiple options to export data ranging from simply copying out, via bulk export or even automated using SSIS packages. Which option is most appropriate depends on the purpose of the export.
Data export formats
  • CSV
  • Other
Other data export formats Excel
Data import formats
  • CSV
  • Other
Other data import formats Excel

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network TLS (version 1.2 or above)

Availability and resilience

Availability and resilience
Guaranteed availability 99.9%, assured by contractual commitment. Service credits when service availability drops below SLA level in a month.
Approach to resilience All services deployed in a fully redundant configuration within fully redundant data centres meaning that any failure of equipment, service provider or software service will result in zero, or minimal, impact to the overall service.
Outage reporting Planned and unplanned outage notification emails are sent to registered users for affected systems.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels Multi-factor authentication used for administrative access.
Access restriction testing frequency At least once a year
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 A-Lign
ISO/IEC 27001 accreditation date Oct 2015/Oct 2016
What the ISO/IEC 27001 doesn’t cover All aspects of the service are covered. Certified scope is available at https://www.bentley.com/en/trust-center
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security accreditations No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance accreditation Yes
Security governance standards ISO/IEC 27001
Information security policies and processes Information Security policies are designed utilising ISO 27001, SSAE16, ITIL and CSA frameworks. Several SaaS offerings are ISO 27001 certified and others are SOC2 certified.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach Configuration and Change Management follow the ITIL framework and policies and procedures are documented with various security standards. All SaaS offerings go through a cloud approval process and are scanned for vulnerabilities prior to production.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Vulnerability management is conducted through various technologies internal and external to the Bentley network. Threats are identified using industry standard listings and patches/updates are applied at least monthly or as needed based on criticality.
Protective monitoring type Supplier-defined controls
Protective monitoring approach Active IDS is active on the network perimeter and on selected systems under the scope for ISO 27001 and SOC2 certifications. Compromises are analyzed and put through the incident mgmt process for investigation. Response time depends on the severity of the compromise.
Incident management type Supplier-defined controls
Incident management approach Incident management process covers all aspects of a potential incident from start to finish with defined procedures and colleague involvement. Common events are handled depending on severity, users have multiple methods of reporting and reports are provided as part of the incident management procedure.

Secure development

Secure development
Approach to secure software development best practice Supplier-defined process

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £35471 per instance per quarter
Discount for educational organisations No
Free trial available Yes
Description of free trial A test environment can be provided to test the main software features. This environment uses disposable data and is available for up-to 30 days free-of-charge (subject to agreement).
Alternatively, Bentley can provide a chargeable Pilot solution using user data which is run against agreed success criteria for 60-90 days.
Link to free trial Access to the pilot/proof of concept environment will be setup to meet the requirements of each user.

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑