Centerprise International Ltd

Centerprise Room and Resource Management System by GoBright

The Centerprise Room booking and Reservation Service
by GoBright, is a highly flexible smart workplace solution suite, designed to allow booking of resources such as meeting rooms/spaces and work desks, supplemented by way finders and interactive maps, and a visitor management solution, all unified under a single cloud-based platform.


  • Room Booking
  • Desk Booking
  • Visitor Management & Badge Printing
  • AV Room Control
  • Workplace Analytics
  • Interactive map kiosk
  • Meeting Room Service Handling
  • Digital Signage
  • Integration with Office365, Exchange and Google G Suite
  • Integration for Linak based height adjustable desks


  • Book meeting rooms or desks either remotely or locally
  • 5 ways to book - Outlook/ web/ mobile/RFID/kiosk.
  • Book services for rooms, such as food/drink/room layouts.
  • Pre-book visitors to the building.
  • Control AV equipment in the room manually/automatically
  • Digital Signage solution allows for display of images or videos
  • Desk cleaning feature for desks
  • Gain detailed analytics on room and desk use.
  • Facilities Managers can open/close specific spaces for booking
  • Visitor attendance lists to support track and trace


£27.50 to £2,000,000 a unit a year

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 12

Service ID

4 6 1 1 8 7 3 3 6 1 5 1 7 3 3


Centerprise International Ltd Tenders Team
Telephone: 01256 378 000

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
If integrating with O365, Exchange or Google, a user with room impersonation rights needs to be set up as a requirement.
System requirements
Suitable network points are required for hardware

User support

Email or online ticketing support
Email or online ticketing
Support response times
Multiple service tiers available.
Standard level provides response within 15 minutes, Monday - Friday 9:00 - 17:30
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
1. Overview.
There are 3 Service Desk packages: Silver, Gold and Platinum. Service Hours are 09:00 to 17:30 Monday to Friday (excluding UK Bank Holidays); Gold Service Hours are 08:00 to 20:00 Monday to Friday (excluding UK Bank Holidays); and Platinum Service Hours are 24x7x365.

2. Incident Target Resolution.
Priority 1 - High. Service is completely unavailable or there is a critical impact on the Customer’s business operation: 4 hours.
Priority 2 - Medium. The Service is severely degraded or there is a significant impact on the Customer’s business operation: 8 hours.
Priority 3 - Low. The quality of the Service is degraded and is affecting one or more users: 16 hours.
Priority 4 - Service Request. Customer is seeking a change to the Service: 5 working days.

3. Service Credits.
A Service Credit regime is used to recompense the Customer for failures to meet the agreed Service Level. Service Credits are valued as a percentage of the related Service Charges for the month.
Support available to third parties

Onboarding and offboarding

Getting started
Getting started guides available on GoBright website.
We provide base level online training and user documentation. As an additional service, if required, onsite or offsite training can be provided (at a cost).
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
At the end of the contract, should the user wish to extract their data, then all data is held in Exchange, and can be extracted from there.
End-of-contract process
If no renewal is made, access to the Gobright portal is suspended from the licence end date. Hardware devices will no longer communicate with the Gobright cloud platform.

Using the service

Web browser interface
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Compatible operating systems
  • Android
  • IOS
  • MacOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
There are no material differences between mobile and desktop services.
Service interface
Description of service interface
Settings available in web portal
Accessibility standards
None or don’t know
Description of accessibility
Documentation is accessed via an online portal. Compliance and accessibility standards are currently being reviewed by the vendor.
Accessibility testing
What users can and can't do using the API
Details available from GoBright on request
API documentation
API documentation formats
API sandbox or test environment
Customisation available
Description of customisation
Users can choose the modules needed for their requirement


Independence of resources
We use Cloud technologies that are designed to insure appropriate resources are at all times allocated to the most intensive processes. In the case of the GoBright service, we use Microsoft Azure as the Cloud hyperscaler.


Service usage metrics
Metrics types
Analytics on room/desk use, list of historical bookings, list of room desk live status are all available.
Reporting types
Real-time dashboards


Supplier type
Reseller providing extra features and support
Organisation whose services are being resold

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Booking data can be exported to .csv, although if integrated with O365, Exchange or Google, this will not be necessary as the organisation on would still have all booking data here anyway
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Logical separation of data through VRFs (Virtual Routing and Forwarding).

Availability and resilience

Guaranteed availability
SLAs are customer and contract dependant.
Approach to resilience
All core components are deployed across geo-redundant sites with services load balanced across sites. An individual site is capable of running all services under load in the event of a critical failure of the other. This failover is automatic.
Outage reporting
There is a public dashboard available.

Identity and authentication

User authentication needed
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
Access restrictions in management interfaces and support channels
All management platforms are segregated physically and separate to production cloud systems. Access is strictly limited, conforming to both best practice and security regulation requirements.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Less than 1 month
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Alcumus ISOQAR
ISO/IEC 27001 accreditation date
24th June 2008 (re-issued 12th February 2018)
What the ISO/IEC 27001 doesn’t cover
N/A - Everything is covered by our ISO 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
PCI DSS accreditation date
10th November 2018
What the PCI DSS doesn’t cover
N/A - Everything is covered by our PCI DSS certification
Other security certifications
Any other security certifications
Cyber Security Essentials Plus

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
Cyber Security Essentials Plus
Information security policies and processes
In-line with the requirements of ISO 27001 and 20000, we've developed policies and procedures to support both standards and comply with the requirements of ISO 9001. E.g, our Information Security Policy includes the following internal policies/procedures:

•IT Security Business Continuity Policy
•Information Security Policy – Suppliers
•CCTV Policy
•CI Forensic Policy
•Corporate Hospitality and Bribery Act
•Access Control Policy
•Policy Against Malicious Code
•Child Protection Policy
•Policy on the Secure Handling, Use, Storage, Retention and Destruction of Disclosure Information
•Clear Desk Policy
•Cryptographic Policy.

The Information Security Policy has been produced and accepted by the Board. The policy is visible to all staff on SharePoint and all staff sign Appendix E of the policy, which is retained in the employee’s HR file. The importance of Information Security and the policy is covered in employee inductions and the Staff handbook.

Security responsibilities are defined within our Information Security policy, which records the following managers:

•Service Delivery Manager (Information Security Manager)
•Security Controller
•Group Quality Manager
•Users – to comply with the IT Security Policy.

Security Responsibilities are defined in the individual’s job description and employment contract.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All Change Management procedures are audited as part of our Information Security accreditations and all change logs are kept and audited as part of this process. We have clearly defined procedures for both customer and supplier-initiated changes and all change requests are available for real-time review via our service management system.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Multiple tools are used to block and monitor potential threats to the environment. If patches are required, they are rolled out via automation tools to the environment through change control process where the criticality and impact is assessed and approved.
Protective monitoring type
Protective monitoring approach
Potential compromises will be detected by the SIEM. An alert will be created should the SIEM directives be triggered by various correlated events. Upon receipt of alert, the SOC team will investigate the incident. Depending on the criticality, a level 1 (highest) is investigated within 15 minutes.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We follow ITIL V3 for our incident management. Incidents can be reported via phone, web or email into our ticketing system. Incident reports are provided through the ticketing system with details provided around root cause analysis and remediation steps.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks


£27.50 to £2,000,000 a unit a year
Discount for educational organisations
Free trial available
Description of free trial
30 day trial access to the GoBright platform.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.