Analytics Engines

COBALT BSafe

COBALT BSafe is a combined hardware/software solution that improves the safety, efficiency and effectiveness of local authority transport services. BSafe provides local authorities, transport providers and schools with a real-time monitoring system that can be used track students and ensure their safety and wellbeing.

Features

  • Student bus attendance recording system using RFID or Biometrics
  • Parent/bus prefect app with unique sign ins
  • School/local authority management app enabling parent and driver messaging/alerts
  • Transport provider/bus driver app for routes, status, location
  • Real-time weather and traffic delays, and alerts
  • Advanced analytics creating a single data view across source systems
  • Real-time view of bus/student location
  • Telematics system integration

Benefits

  • Real-time view of vehicle usage
  • Visibility of bus arrival times to proactively manage incidents
  • real-time bus location, ETA and notifications of service delays
  • Pupils can report incidents
  • Drivers can alert passengers in case of delays or cancellations
  • Drivers can view their assigned route and pick-up stops
  • Reporting for logistics optimisation

Pricing

£850 to £42000 per licence per month

Service documents

Framework

G-Cloud 11

Service ID

5 5 9 1 5 4 4 0 2 6 7 7 6 0 6

Contact

Analytics Engines

Scott Fischaber

02890669022

info@analyticsengines.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Planned maintenance is typically scheduled during Analytics Engines support hours.
System requirements
CentOS or Red Hat OS operating systems

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response to support emails are typically within 1 working day (normally within 1 hour).
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Analytics Engines provides full support for the service, from level 1 to level 3. As a small company, we do not specifically stratify the support levels, although we do provide a technical account manager to oversee and manage the engagement.
Support available to third parties
No

Onboarding and offboarding

Getting started
User documentation is provided. Onsite training can be provided upon request.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The captured data can be downloaded in CSV format at any time during the contract.
End-of-contract process
At the end of the contract, the buyer should either renew their license with Analytics Engines or they should remove the service and provide Analytics Engines with confirmation that the service has been removed.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
User apps are designed to be used on mobile devices (parent/student/driver/teacher app) and the dashboard, reporting, and management services are designed to be used on a desktop.
Service interface
Yes
Description of service interface
A service interface is provided for user and role management and administering routes.
Accessibility standards
None or don’t know
Description of accessibility
The keyboard focus indicator is visible. When any component receives focus, it does not initiate change of context. The pages are titled. The purpose of links can be determined from their text. Headings describe their purpose. Changing the setting of any user interface component does not automatically cause a change of context.
Accessibility testing
None
API
No
Customisation available
No

Scaling

Independence of resources
Each customer has their own deployment of COBALT.
Within a given COBALT deployment, user quotas can be specified and where necessary workload isolation can be configured.

Analytics

Service usage metrics
Yes
Metrics types
Service metrics are available for the runs of the data pipeline. The metrics provide details of dates of the runs, status of the runs, and duration of the runs.
Reporting types
  • API access
  • Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Staff screening not performed
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The COABLT UI and API provide functionality for users to download data and results of the COBALT analytic models in CSV format.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
High-Availability can be provided on demand based on customers specific application demands.
In the event of a fault within COBALT, Analytics Engines will provide a response from front line support within 1 business day (Normal response time is 1 hour) outlining resolution steps.
Events are expected to be resolved within 2 business days of resolution plan providing at least a workaround to downgrade the criticality.
In the event of a resolution not being made available within the above timeframe a 10% credit on following months’ service for every day of failure beyond planned resolution time will be provided.
This SLA covers the COBALT software solution. This SLA does not cover services provided by the customer that COBALT utilises (e.g. Cloud/Server infrastructure, API availability, DB access, etc.). This SLA does not cover Incidents caused by User’s negligence, abuse, misapplication or use of the COBALT service other than as specified in the COBALT Service Description or other causes beyond the control of COBALT.
Approach to resilience
The COBALT BSafe system is based on AWS and designed to be resilant and scalable. Once on-boarded, COBALT installation and configuration is completely automated. In the event of a catastrophic system failure the complete system (or key pieces of the system) can be redeployed to AWS. This process typically takes less than 2 hours to complete at which point backup data can begin to be loaded. The COBALT database is separated from the application which allows backup/restore following the business unit policies for the configuration of COBALT. In the event of a backup recovery being required the backup data is used to re-populate COBALT to the previous backup snapshot.
Outage reporting
COBALT includes a monitoring component. The monitoring component provides a dashboard that users can log into to see reports and charts regarding service availability and any outages. Email alerts can be configured.

Identity and authentication

User authentication needed
Yes
User authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Management interfaces require authentication in the form of either username/password or public key authentication.
Access restriction testing frequency
At least once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BMTRADA
ISO/IEC 27001 accreditation date
11/09/17
What the ISO/IEC 27001 doesn’t cover
Scope covers all of our operations
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
  • ISO/IEC 27001
  • Other
Other security governance standards
We are accredited with Cyber Essentials.
Information security policies and processes
Policy Manual
AE have a policy manual in place which demonstrates how the company meets the requirements of the Information Security Management System – ISO 27001. It includes the policy, responsibilities, and acts as a signpost to related system documentation.

Policy and Procedure Documents
Policy and Procedure Documents have been prepared to cover situations where their absence could lead to deviations from the company’s Information Security objectives and would introduce or elevate Information Security risks to unacceptable levels. These include: Access Control Policy, Backup and Restore Policy, Capacity Planning Policy, Change Management Policy, Credential Management Policy, Data Encryption Policy, Data Retention & Destruction, Document Control Policy, Human Resources Security Policy, Incident Management Policy, Logging and Monitoring Policy, Malware Control Policy, Patch Management Policy.

Internal Management
Analytics Engines has an ISMS owner who is responsible for the day-to-day tasks of ISO 27001. Ultimate responsibility of the system lies with the Directors of the company. We have assigned IT team members who deal with technical tasks on a daily basis.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Service components are versioned and kept under source control in private software repositories. Any changes to service components are subject to review and functional regression testing prior to release.
Vulnerability management type
Undisclosed
Vulnerability management approach
Vulnerability management patching follows ISO 27001 processes. Potential threats to the COBALT service are identified through a variety of means: including regular Penetration Testing, subscription to industry standard threat information system vulnerability listings, and regular OS and software level release information.
Protective monitoring type
Undisclosed
Protective monitoring approach
The service collects relevant accounting and audit information. Administrators can examine the audit information and in the case of finding any suspicious activity request support from Analytics Engines for further investigations.
Incident management type
Undisclosed
Incident management approach
Incident management events are captured following an ISO27001 policy. Users have a specified contact for incident management reports. Once investigations into an event are concluded a report is generated which can be provided to the user.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£850 to £42000 per licence per month
Discount for educational organisations
No
Free trial available
No

Service documents

Return to top ↑