A Tree management system allowing mobile users to add or download tree inventory data and download geo-referenced mapping for offline use. The mobile application uploads updated asset data to the kaarbontech cloud system. We include the ability to complete an arb inspection, record defects, repair and maintenance or service requests.
- Field data capture on iOS, Android and Windows devices.
- Council specific spatial datasets used for greater clarity.
- Trees marked for attention are clearly identified.
- Arboricultural Data displayed on OS Mastermap with offline use.
- Create tree arb management programme based on risk.
- Integration with existing corporate systems possible.
- Arboriculture defect recording with service request facility.
- Comprehensive reporting suite with export functionality.
- Manage inventory for individual and groups of trees
- Create risk model by species, location, vulnerability and full consultancy
- Provides accurate, complete and reliable data.
- Ensures compliance with legislation and codes of practice.
- Easy access to inventory data and simple export and reporting.
- Intuitive user interface, easy to use and low training needs.
- Enables fast response to public and Councillor Arb data requests.
- One touch interactive KPI reporting.
- Effective solution for managing arboricultural tree stocks.
- Tree valuations using CAVAT functional value and QTRA (if licensed).
- Planned management of Chalara - Ash Dieback action plan
- Data collected by tree inspector conforms to requirements of BS5837:2012
£1715 to £2325 per licence per year
Kaarbon Technology Ltd
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||There are no service constraints.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||Monday to Friday 8am to 6pm - response within 60 minutes, out of hours SLA can be specified, further details on request|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
Our support services are delivered by online ticket, email or telephone and are operational 0800 until 1800 UK time, Monday to Friday excluding bank and public holidays. We do provide a dedicated account manager for each customer but this is not specifically a technical or cloud support engineer.
We offer onsite support at a day rate of £750 to include travel time.
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||We provide detailed training video's, telephone support and offer on site training for an additional fee|
|Other documentation formats||Video Tutorials|
|End-of-contract data extraction||All data can be exported at any time during the contract period.|
|End-of-contract process||No additional charges are due at the end of the contract.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||Mobile service can have offline maps for use when a mobile signal is not available.|
|What users can and can't do using the API||Our API is not part of our standard G Cloud offering, Please contact us to discuss your requirements|
|API documentation formats|
|API sandbox or test environment||Yes|
|Description of customisation||Asset collection process has questions based on BS5837, answers to these questions can be personalised by buyer once an order has been received.|
|Independence of resources||We limit the amount of customers hosted on a single server and monitor demand to ensure system is optimised at all times|
|Service usage metrics||Yes|
|Metrics types||Real-time management and login information provided|
|Reporting types||Reports on request|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||No|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||Physical access control, complying with another standard|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Data can be exported in from the operations tab on the main menu or from many of the reporting screens within the system.|
|Data export formats||
|Other data export formats||Esri Shapefile|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||Legacy SSL and TLS (under version 1.2)|
|Data protection within supplier network||Legacy SSL and TLS (under version 1.2)|
Availability and resilience
|Guaranteed availability||99% service availablility|
|Approach to resilience||Detailed resilience information available on request|
|Outage reporting||Email alert of service outages.|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||We use Puppet as our core user control system. Access can be restricted via an access control dashboard, restricted access and version control access is also applied to reduce the possibility of unauthorised access to the system|
|Access restriction testing frequency||At least once a year|
|Management access authentication||Public key authentication (including by TLS client certificate)|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||Operate a system based on ISO 27001 and working towards full accreditation to ISO 27001|
|Information security policies and processes||Our policies around information security are held within the companies ‘software overview’ document and are reviewed every six months. All queries or issues with regard to information security should be reporting to line manager and then passed directly to the managing director who has ultimate authoritiy over IT governance, any fail safe’s to ensure policy adherence can be viewed on request. We are currently working towards full ISO 27001 accreditation.|
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||We ensure that any changes to the system are properly tested and authorised with close attention to any that might alter security properties. Our penetration testing process and vulnerability processes would identify security issues in constituent components. We operate failover software which currently poles the live and development server status every 10 minutes. To avoid false alerts due to internet consistency the program increases its checks to 1 minute if there is no initial response and reports the status to two of our developer’s and KaarbonTech managing director via text and email.|
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||A vulnerability assessment is carried out monthly and any potential threats are assessed using the Common Vulnerability Scoring System (CVSS). Those that are deemed in need of a fix are given a priority (1-4) and dealt with accordingly with high or critical vulnerabilities having a target patch time of 24 hours. Potential threats are communicated to us by our failover software supplier and we monitor the weekly threat report from the National Cyber Security Centre.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Server logs are used to monitor any errors which are emailed to the developers as and when they occur. This includes the line of code and all the detail about the system. Once received, the error is prioritised and the log is examined. This proactive approach allows us to catch abnormalities before the customer notices them. All logs are stored for retrieval and assessment for up to 12 months. The statistics of compromises form part of the weekly developer meeting agenda.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||
Errors are communicated to the development team as and when they occur, the error is prioritised and the log is examined in detail either:
• The following morning.
Analytics are used to monitor timings and crash reports in a similar way. This information is also prioritised for action within the following timescale:
• Within 24 hours
• Within 7 days
• Before the next natural release
The incident report statistics form part of the weekly developer meeting agenda.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£1715 to £2325 per licence per year|
|Discount for educational organisations||No|
|Free trial available||No|