Bailey Solutions Ltd

Simple Little Library System

Simple Little Library System is hosted library management software to manage print and/or electronic library & information resources. It is a modular system for smaller libraries, written in the .Net framework using latest technology. Subscription includes hosting, usage licences, support, updates & back-ups. Pay monthly or annually. First launched 2017.

Features

  • Catalogue module - with automated cataloguing
  • Loans module - with self service options
  • Finance module - to handle orders, receipts & invoices
  • Serials module - manage receipt of journals and serial publications
  • Pre-configured reports in every module
  • Web OPAC - for library users to discover resources
  • Regular releases - contain fixes, improvements & new features
  • Searchable help centre with comprehensive articles and training videos

Benefits

  • Quickly download bibliographic details, additional text and images
  • Efficiently chase all outstanding orders grouped by supplier
  • Claim missing serial issues before it's too late
  • Intuitive system means low training overheads
  • Users can (optionally) self-loan & renew saving staff time
  • Track usage to inform whether replacement/renewal is justified
  • Users made aware of all resources both print & electronic
  • Easily review spending and control budgets throughout the financial year
  • Control access to resources and enforce licensing constraints

Pricing

£399.96 to £1,560.00 an instance a year

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

4 8 0 7 4 1 9 9 5 9 3 8 9 3 7

Contact

Bailey Solutions Ltd Shaun Ellenger
Telephone: 01273386849
Email: info@baileysolutions.co.uk

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
No
System requirements
  • Library staff only need a browser
  • Library users only need a browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
All questions are responded to within 1 hour, between 9 AM and 5 PM, Monday to Friday. The support desk is closed at weekends.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
The subscription includes:

Initial installation and set-up on the hosted platform.

Phone, email support and the online help centre during weekdays and normal working hours, 9.00 am - 5.30 pm.

Automatically applying releases to your software. Frequent releases include fixes for errors and improvements.

Nightly back-ups

Support queries should be addresses to support@baileysolutions.co.uk and then it will be assigned to a named technical consultant.

The subscription does not include:

Technical support for data services, e.g. bulk data cleansing and data manipulation.

On-site support (rarely necessary).
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Free installation and site set-up including the initial branding.
We provide free training videos, quick guides and manuals. There is a searchable online help centre with step-by-step instructions and video guides.
We can provide online training sessions and there is an hourly rate currently set @ £80 per hour + VAT.
We can provide on-site training and there is a half-day charge currently set @ £345 per half day + travel expenses + VAT.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
We supply a SQL Server database with the client's data in tables but with the software's system objects (code modules, views, stored procedures) removed. There is no charge for this service.
End-of-contract process
At the end of the contract a SQL server database containing the client's full relational data is provided at no extra cost.
If the client requires continued hosting or re-directs to their new system then this can be be provided at cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile display is linear and re-scaled to fit neatly on mobile screens.
Menus change icons on mobile to (optional) words on desktop.
You can tap buttons and selections in the mobile and use a mouse with desktop service.
The software will also scale up on wide screen monitors.
Service interface
No
API
Yes
What users can and can't do using the API
Clients can use the API to allow third party search engines to search the records, return search results and link through to the web page with the resource details.
Users are not making changes they are simply receiving search results with records that match their search criteria and then viewing the individual records by clicking through to the full details.
API documentation
Yes
API documentation formats
HTML
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Library Staff can can select alerts and reminders on their home page.
Library Staff can set various system options for the system, e.g. fines on or off, reservations allowed, cataloguing templates used. There are settings for each module.
Library Staff can edit the cataloguing templates.
Power Users can configure the web OPAC and how it works for Library users. They can change the displayed field names, configure the search results, the indexed fields, the timing of the indexing, the bibliographic display, and various other attributes in the OPAC. Power Users can also add and remove standard gadgets, create custom gadgets and custom pages, and manage the menu items. Power Users can create a theme for the appearance of the OPAC. Library users can change the font size. This list is not comprehensive.

Scaling

Independence of resources
Normally your software would be housed on a server shared with other clients. The server serves many clients, There is one database per client so it's not a multi-tenanted database. The only way we can guarantee that clients won't be affected by other clients' activity is by providing you with a dedicated server on our host platform. This currently costs around £1,200 extra per year depending on your requirements.

Analytics

Service usage metrics
Yes
Metrics types
OPAC usage statistics are available in the web OPAC for Library Staff.
Pre-configured management reports in the Loans module also provide loans and usage statistics.
The Library Staff dashboard provides at-a-glance information about system state, e.g. how may orders, outstanding orders, loans, outstanding loans, outstanding serial issue, etc.
Reporting types
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Library staff can export catalogue data and data in any list screen.
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • XLSX
Data import formats
  • CSV
  • Other
Other data import formats
  • XML
  • XLSX

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
99.7% uptime
Approach to resilience
Built by the MOD as a command and control centre protecting people and technology from nuclear threat, the construction and security standards are what you might expect of such a purpose built fortress. It sits 30 metres beneath a 3.5m high perimeter fence, with concrete walls 3 metres thick, steel doors weighing several tons and includes military Electro Magnetic Pulse and Tempest RFI intrusion protection. Layered on top of this physical inaccessibility is a 24-hour watch with guard dogs, CCTV and a series of sophisticated access controls.
• 24/7/365 security guards and guard dogs permanently on site
• Vehicular gate with control barrier
• Infrared CCTV with 24 hour capture covering all entrances and operational areas
• Visual verification of all users entering data floor – NO un-manned escort
• Borer security card access system
• Very early sophisticated smoke and heat detection systems
• Firetrace detection and extinguishing system
• Redundant air conditioning units to guarantee stable data floor temperature and humidity @ N+1
• Redundant UPS conditioned power @ N+1
• Diverse Power Supplies with diesel generator backup @ N+1
Outage reporting
Email alerts

Identity and authentication

User authentication needed
No
Access restrictions in management interfaces and support channels
Library Users do not have to be authenticated to search and discover library and information resources. The client can decide to apply IP filtering to restrict users who have access to the Web OPAC.
Library Staff have higher access levels to administer the system and access the configuration settings.
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
You control when users can access audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
British Standard Institue
ISO/IEC 27001 accreditation date
19/05/2017
What the ISO/IEC 27001 doesn’t cover
A.14.2.7 Outsourced development - N/A
ISO 28000:2007 certification
Yes
Who accredited the ISO 28000:2007
Lloyd's Register
ISO 28000:2007 accreditation date
01/02/2018
What the ISO 28000:2007 doesn’t cover
No exceptions
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our policy is to protect the company’s information assets from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimise business damage and maximise return on investments and business opportunities. The Managing Director has approved the Information Security Policy ensure that:

a. Information will be protected from a loss of: confidentiality, integrity and availability.
b. Regulatory and legislative requirements will be met
c. Business continuity plans will be produced, maintained and tested
d. Information security training will be available to all staff.
e. All breaches of information security, actual or suspected, will be reported to, and investigated by, the Information Security Manager.

Supporting guidance and procedures: risk assessment, information classification, data protection, incident handling, information backup, system access, third party services (supplier due diligence), malware controls, mobile device security & remote working, passwords and encryption.

The role and responsibility of the designated Information Security Manager is to manage information security and to provide advice, guidance on implementation of the Policy, review and maintenance.
All managers are directly responsible for implementing the Information Security Policy within their business areas.
It is the responsibility of each employee to adhere to the Information Security Policy.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Identify potential change: A customer encounters a problem, proposes a change or desires new functionality; Determine technical feasibility; Determine costs and benefits; Analyze change impact; Plan change
Developer coding using Visual Studio Team Services; Propagate change;
Test change; Roll -out change to one client tester; Update documentation; release notes and users' help centre; Release change in a system release rolled out to clients; Review and close change
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We monitor for potential new threats, vulnerabilities or exploitation techniques which could affect our service regularly using F-Secure Radar.
Just Computing also monitor the servers 24/7 for vulnerabilities.
The severity of threats and vulnerabilities is considered within the context of the service and this information is used to prioritise the implementation of mitigations.
Using a suitable change management process, known vulnerabilities are tracked until mitigations have been deployed.
A centralized OS management tool carries out systematic patching across all hosted client sites.
Timescales depend on the severity of the risk. They could be deployed within 24 hours to one month.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Alerts form Just Computing 24/7 monitoring or F-Secure warnings.
The risk is assesed. Patch developed. Patch issued as soon as practically possible and released sometimes with 24 hours. Otherwise low risk compromises are addressed inthe next monthly release.
Incident management type
Supplier-defined controls
Incident management approach
Often we find incidents are picked up by Just Computing 24/7 monitoring of their servers and we are notified by mobile phone if they happen out of hours. Just computing will manage incidents on our behalf and have a predefined process. They will restore normal service as quickly as possible. Users can report incidents via our dedicated support number +44 (0)1273 242958 or our support desk: support@baileysolutions.co.uk We provide incident reports via email.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£399.96 to £1,560.00 an instance a year
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Buyers can trial the complete software application for free for 30-days without providing a credit card or other payment method.
Doesn't include data import services.

Service documents