PODFather has provided a mix of Vehicle Safety Compliance Check software, Vehicle Booking Management and KPI Reporting systems, collaborative Haulier portal for uploading compliance information and eTicketing for material movements (including muck‐away) to projects of national significance, such as: Tideway, Crossrail, Queen Elizabeth Olympic Park, Heathrow, Borders Railway and MerseyGateway.
- Multimodal Vehicle Booking Management System (VBMS) vehicle/rail/marine
- KPI reporting from VBMS to Construction Logistics Plan
- Construction Site Gate Duty Access Manager (DAM) device and "app"
- Legally compliant eTicketing for bulk materials movement
- Haulier driver "app" with GPS tracking and site ETA calculation
- Collaborative Construction Logistics Consolidation and Courier Hub
- API data interface to post and collect data
- Health and Safety including FORS/CLOCS vehicle safety inspections
- Collaborative Haulier Portal for sharing compliance information
- report against Construction Logistics Plan (CLP) and Excavated Materials Plan
- remove paper-based processes, associated admin cost, cut rekeying errors
- drive a collaborative approach for sustainable transport management
- real-time information to client, logistics teams, gate/site, hauliers
- ensure compliance to "Duty of Care" Waste Carrier regulations
- GPS-tracked haulier driver "app" ensures approved lorry routes used
- cut carbon and fuel cost through better vehicle routing/consolidation
- cut cost of vehicle FORS/CLOCS/project safety compliance checking
- Enforce Logistics Environmental Minimum Requirements and Undertakings and Assurances
- improve construction efficiency by providing planned and controlled delivery operations
£24 to £392 per user per month
0131 553 0400
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||Your existing ordering or accounts system - API access to PODFather|
|Cloud deployment model||Public cloud|
|Service constraints||No constraints.|
|Email or online ticketing support||Email or online ticketing|
|Support response times||4 business-hours response before escalation|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), 7 days a week|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||Business hours email and phone support to helpdesk, with 4-business-hour response and automatic escalation to technical account manager|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||PODFather provides onsite training, shared-desktop sessions and video conferencing via Google hangouts for offsite training, and laminated training sheets for field staff.|
|Other documentation formats||Laminated paper for training field staff|
|End-of-contract data extraction||The Report module in the secure web portal provides options for downloading all data.|
|End-of-contract process||Included: downloading all data that has been input into the service.|
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
The desktop service is for planning staff to use to schedule jobs.
The mobile service is for drivers/field staff to complete job information and confirm ePOD.
|Accessibility standards||None or don’t know|
|Description of accessibility||Standard HTML accessibility features|
|What users can and can't do using the API||
PODFather API provides SOAP-XML access to create and update jobs for field staff to complete.
API provides access to GPS tracking data, to completed job sheets (POD's), to photographs and to any captured signatures.
|API documentation formats||HTML|
|API sandbox or test environment||Yes|
|Description of customisation||
As part of the setup discussion, the service, job sheets and workflows will be customised to the buyers specification.
Users themselves can customise colour scheme and logo of web portal.
|Independence of resources||Real-time monitoring reacts to current load levels and throttles as appropriate.|
|Service usage metrics||Yes|
|Metrics types||Pingdom.com measures the availability of our services real-time, and can be viewed at podfather.com/service-levels|
|Reporting types||Real-time dashboards|
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||None|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least every 6 months|
|Penetration testing approach||In-house|
|Protecting data at rest||Physical access control, complying with CSA CCM v3.0|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||
Backoffice Users view/download the data on the dashboard and reporting screens within the secure web portal.
CSV dumps are available from the Reports module.
API access gives raw XML data.
sftp and https access to upload.thepodfather.com gives formatted text and PDF output as required.
|Data export formats||
|Other data export formats|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||
Availability and resilience
|Guaranteed availability||Agreed on a per-customer basis, but generally better than 99.99% availability|
|Approach to resilience||White paper available upon request. Real-time secure automated database replication. Multiple master servers.|
|Outage reporting||Twitter @thepodfathercom and blog at thepodfatherstatus.blogspot.co.uk|
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||Role-base Access Control is defined at the top level of the secure web portal|
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users have access to real-time audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users have access to real-time audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||At least 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||Yes|
|CSA STAR accreditation date||12/2013|
|CSA STAR certification level||Level 1: CSA STAR Self-Assessment|
|What the CSA STAR doesn’t cover||None|
|Other security accreditations||No|
|Named board-level person responsible for service security||Yes|
|Security governance accreditation||No|
|Security governance approach||Currently implementing ISO27001 and CyberEssentials.|
|Information security policies and processes||Currently implementing ISO27001 and CyberEssentials|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||Changes are testing development environment, QA'd by senior developers, tested in testing environment, then deployed to live. CTO has responsibility for assessing potential security impact.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||
PODFather subscribes to several appropriate vulnerability mailing lists and newsgroups.
Server OS's are patched within the timescales recommended by suppliers.
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||
PODFather runs secure, locked-down servers, with automated compromise-testing tools as developed in-house.
PODFather responds immediately to potential compromise with staff on-call as appropriate.
|Incident management type||Supplier-defined controls|
|Incident management approach||
Users report incidents via phone or email.
Incident reports provided via twitter @thepodfather.com and technical blog at thepodfatherstatus.blogspot.co.uk
|Approach to secure software development best practice||Supplier-defined process|
Public sector networks
|Connection to public sector networks||No|
|Price||£24 to £392 per user per month|
|Discount for educational organisations||No|
|Free trial available||No|
|Pricing document||View uploaded document|
|Skills Framework for the Information Age rate card||View uploaded document|
|Service definition document||View uploaded document|
|Terms and conditions document||View uploaded document|