Donseed Causeway Technologies Limited

Workplace

Donseed Workplace® is a cloud-based biometric identity workplace management SaaS which is used to accurately capture and centralise key project data. The data captured using biometric identifiers (hardware) and is easily accessible online. Customer data can be quickly exported, bespoke reports easily configured and compliance alerts configured.

Features

  • Applications developed for Microsoft Azure Cloud Services
  • Encrypted biometric templates for enhanced security
  • Hub and Spoke biometric template synchronization
  • Browser based access to cloud-based customer portal
  • Data available via real-time dashboards and reports
  • Portable Fingerprint Recognition Tablet integration
  • Facial Recognition ClockFace Unit integration
  • iOS and Android Mobile Application integration
  • Access control / tunstile integration
  • Smart Card integration (for example CSCS cards)

Benefits

  • Record accurate site attendance details with biometric identification
  • Fully build up to gross pay with overtime and expenses
  • Produce accurate times sheets for employees and integrate to payroll
  • Validate operative smartcards in real-time, such as CSCS cards
  • Manage qualifications, Right to Work records and other documents
  • Establish cost controls by reviewing budgeted hours vs. hours worked
  • Assign specific trades and resources to ensure effective deployment.
  • Create company or site specific inductions for new operatives joining
  • Run accurate roll calls of site attendance with biometric identification
  • Manage Health and Safety Compliance

Pricing

£2000 per licence

  • Education pricing available

Service documents

Framework

G-Cloud 11

Service ID

6 5 7 0 7 6 7 6 5 1 9 9 3 4 3

Contact

Donseed Causeway Technologies Limited

Dave Ingram

447801349662

dave.ingram@donseed.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Any planned maintenance activities that have user or service availability impact are scheduled outside of a normal UK business hours and customers are informed in advance to limit any disruption to their service.
System requirements
  • Standard internet browsers are required to access the service.
  • Integrated biometric identifiers (hardware) is required.
  • For mobile devices iOS and Android operating systems are supported.

User support

Email or online ticketing support
Email or online ticketing
Support response times
The Customer Service Team is available Monday to Friday (0800 to 1800) excluding on UK Public Holidays. We have a 4-hour response target during these opening hours.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
A Customer Service Team is available Monday to Friday excluding UK Public Holidays from 0800 to 1800. Remote support is available to all customers who have a valid licence subscription at no additional fee. Onsite support is charged at the current time and materials rate at the time of the request. Additionally, all customers also have access to Account Management who are responsible for both the commercial and technical relationship.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Onsite training and user documentation is made available. Users can access additional product information through the Donseed Customer Portal
Service documentation
Yes
Documentation formats
  • PDF
  • Other
Other documentation formats
Video
End-of-contract data extraction
At the end of the licence agreement users / customers can request that all personal data is extracted from the platform. All requests are made through the Customer Support Team and the data extract is completed by Donseed
End-of-contract process
At the end of the licence agreement all user accounts are closed and the customer data is released to the customer upon request. There are no additional costs. Customer data is retained in line with current UK legislation guidelines

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
No
Service interface
No
API
Yes
What users can and can't do using the API
The API provides a read only ODATA data feed for consumption in MS PowerBI, Excel or a REST based client.
Access is via a secure connection (SSL) with ASP.Net Identity Authentication.
The accessing user account will observe the permissions and access rights set in the main application.
No update, insert or administration functionality is provided
API documentation
Yes
API documentation formats
Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The Service is a cloud hosted multi tenanted solution. The performance, capacity and security of the service is managed by Donseed. Donseed Workplace® is biometric identity workplace management software solution and at its core is the management of workforce time and attendance. Administrators of the software are able to customise and define specific rules by individuals, contractors or projects. Examples of customer definable rules including pay and overtime rates, working shift patterns, expense approval workflows and reporting.

Users can customise their individual user interface environment, such as grid layouts, alerts and scheduled reports

Scaling

Independence of resources
All users are serviced through a single Cloud Based Multi tenanted environment. Performance balancing is enabled throughout the Cloud Environment and resources are dynamically scaled. All services are delivered within the Azure cloud

Analytics

Service usage metrics
No

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
None

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
Less than once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
Other
Other data at rest protection approach
There is no data stored at rest
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
The Donseed Workplace® solution has an integrated reporting engine which users can customise to extract data in Excel, CSV, Word, PowerPoint, TIFF, MHTML, XML, and PDF formats.
An API is available for real-time data extract.
Data export formats
  • CSV
  • Other
Other data export formats
  • MS Word
  • MS Excel
  • MS PowerPoint
  • PDF
  • TIFF
  • MHTML
  • XML
  • Data Feed
Data import formats
  • CSV
  • Other
Other data import formats
MS Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
The buyers connectivity to the Service is via common browser using https and this is the only access that the buyer has to the Service and Data
Data protection within supplier network
Other
Other protection within supplier network
Donseed business systems are all cloud based SaaS and there are no onsite servers or storage. All connectivity is via the Internet using https

All user data is stored in the Azure Cloud Services and there is no requirement to have a local copy.

Availability and resilience

Guaranteed availability
The Service availability is at least 99.5% . The availability is measured to an access point on the Donseed backbone network . It does not apply to the portion of the network that does not transit the Donseed backbone network and the customer is responsible for its own internet access.

Avaiability does not include Maintenance Events, customer caused or 3rd party outages or outages or disruptions attributable in whole or in part to force majeure events

Availability measurement begins on the first day of the first month when the configuration services are completed and agreed in service by the user and Donseed.
Approach to resilience
As our service is hosted on Azure infrastructure it is designed for high availability, disaster recovery and backup to create a resilient environment for customers. Further information is available on request.
Outage reporting
The Azure Monitor application Insight has been deployed in the Service which monitors the Service Availability, Performance and Usage. Application Insight has been configured with pre determined thresholds which alerts via email when triggered. All notifications are real time and both proactive and reactive which allows identification of issues before customer impact.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
User access restriction is controlled with Role-based access control (RABC) and is managed by the User Administrator

The Service access restriction is controlled with Role-based access control (RBAC) is the primary method of managing access. All users are managed to least privileged and access is granted by the CTO and reviewed on a periodic basis
Access restriction testing frequency
Less than once a year
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Donseed is in the process of obtaining ISO 27001 Information Security Management. As part of this many of the policy's and process's with controls are being implemented. Certification to ISO27001 is anticipated by the end of 2019.
Information security policies and processes
ISO27001 will be the adopted framework for Information Security and certification is in progress.

Top management at Donseed understands the information security needs and expectations of its interested parties both within the organization and from external parties including, amongst others, clients, suppliers, regulatory and Governmental departments. The Company has recognized that the disciplines of confidentiality, integrity, and availability of information in information security management are integral parts of its management function and view these as their primary responsibility and fundamental to best business practice. To this end Donseed has produced this information security policy aligned to the requirements of ISO/IEC 27001: 2013

The reporting structure includes

Monthly Management Meetings
Non Conformance and Corrective Action Procedure
Management Review
Information Security Incident Management

The following policies that from part of the Information Security Management system are in use

Secure System Engineering Principles Policy
Supplier Security Policy
Server Maintenance Policy

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Any changes in the service are stored and tracked in Azure DevOps. Code reviews are also undertaken to identify any security vulnerabilities.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
The Azure Security Center is a unified infrastructure security management system and is used to monitor the service. The events collected from the agents and from Azure are correlated in the security analytics engine to provide recommendations and threat detection alerts. Security Center's threat protection includes fusion kill-chain analysis, which automatically correlates alerts it based on cyber kill-chain analysis

The service is Penetration Tested by independent external organisations on a regular basis and the last one completed in 2019.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Protective monitoring is delivered through Azure Cloud Infrastructure Monitoring Active monitoring tools include the Microsoft Monitoring Agent (MMA) and System Center Operations Manager. The Microsoft Security Response Center (MSRC) identifies, monitors, responds to, and resolves security incidents and cloud vulnerabilities.
Incident management type
Supplier-defined controls
Incident management approach
Donseed are implementing ISO27001 which will cover incident management and it is anticipated that certification will be achieved by the end of 2019.

All security incidents are reported to the CTO, COO and CEO immediately after receipt and ownership is agreed. Users report Security Incidents through the Customer Support Team.

Where appropriate incident reports are provided to the user and the CEO and when required all users are informed specifically if proactive measures are required

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2000 per licence
Discount for educational organisations
Yes
Free trial available
No

Service documents

Return to top ↑