Snafu Services Limited

Low Cost Air Quality Monitoring for Schools and Councils

Low cost sensor units for Air Quality Monitoring and Citizen Scientist engagement using the cloud hosted Air Quality Action Plan web site ( linking the general public into specific local real-time data readings and to promote, inform and educate the wider general public into the risks of poor Air Quality.


  • Real time air quality monitoring
  • Online portal
  • Secure data
  • Exportable data into dashboard
  • Tool for sites Non Road Movable Machinery (NRMM)


  • Tried and tested solution deployed world wide
  • Implementation by masters of the industry
  • Air quality monitoring finally a cost effective rates
  • Interface for dedicated pages for Council web sites


£500 to £750 per person per month

Service documents


G-Cloud 11

Service ID

6 7 2 8 2 0 8 1 7 8 3 7 0 0 3


Snafu Services Limited

John Meyer


Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
System requirements
  • Internet
  • Computer / phone / mobile device with a browser

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to respond within the hour Monday - Friday 08:00- 18:00.
Weekend we will respond as soon as practical.
User can manage status and priority of support tickets
Online ticketing support accessibility
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
WCAG 2.1 AA or EN 301 549
Web chat accessibility testing
We utilise help and support website adding from Freshdesk, an industry standard compliant supplier.
Onsite support
Yes, at extra cost
Support levels
Support levels will be adapted to meet the needs of the client and published via a Service Level Agreement.
A central London Local Authority will require a differed support offering to a rural district Council in the Cotswolds.
We offer a bespoke service and would tailor support to deliver to each client exactly what they need.
Support available to third parties

Onboarding and offboarding

Getting started
On site liaison meeting and onsite commissioning.
Hand holding till UAT is carried and on further on site training as needed.
PDF of everyday scenarios have been produced and can be customised as required.
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
There are several export routines within ERS. These are generally set up to run automatically.

Where data is extracted for manipulation and MI purposes this is usually a one click process offering export to a wide range of formats including .csv .xml .txt.
End-of-contract process
At the termination of the contract we would work with the users to understand the export requirements they have. Usually this involves another supplier and we would work alongside them to export the data in a suitable format to enable the data to be migrated into the new system quickly and efficiently.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
Seameless. No differences.
Service interface
Customisation available


Independence of resources
With ERS on our internet connection we enable QoS (Quality of Service) to ensure enough bandwidth is available to the end users. We also use segregated infrastructure which means each client has their own dedicated servers running their system. This means that they are not affected by another authority putting strain on the system. Should we see the underlying infrastructure being strained we can easily scale up by either (a) providing additional resources to the VMs running the system or (b) add additional servers in a load balanced solution.


Service usage metrics
Metrics types
Most users will have a landing page that will contain their own performance metrics. these can be measured against a team average very easily, Supervisors have this team view and managers have a higher level view again. The dashboards are mostly dynamic and allow users to drill down into specific details from that first screen. ERS has several associated reporting tools and this come with pre built standard reports. Reports can be run by authorised users or scheduled to run and be sent to individual email accounts. Bespoke reports can be ordered and there is a reports builder for clients.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Physical access control, complying with CSA CCM v3.0
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
There are several export routines within ERS. These are generally set up to run automatically.

Where data is extracted for manipulation and MI purposes this is usually a one click process offering export to a wide range of formats including .csv .xml .txt
Data export formats
  • CSV
  • Other
Other data export formats
  • XML
  • TXT
Data import formats
  • CSV
  • Other
Other data import formats
  • XLS
  • XML
  • TXT

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
With ERS our standard availability target is 99%, measured on a calendar month basis and not to include any planned downtime for system maintenance and the likes. Service availability will be defined under specific contract terms but will generally mean that a user under licence can access the system and retrieve information.
Where there are local issues that prevent access to the system any failure to be able to meet these conditions will not be deemed to be a breach of the SLA.
To monitor the service we will provide clients with our monitoring tool that shows the live status of all server availability.
Approach to resilience
With ERS this is dependent on the the clients specific needs but where possible we ensure that we have no single points of failure. The physical servers all run RAID disk arrays and dual teamed network cards. The firewalls are setup in a cluster with one running at each site, this automatically fails over should the primary one experience an issue.

Data is replicated between 2 separate sites over a dedicated fibre point to point link.
Outage reporting
With ERS we use both internal monitoring tools to monitor CPU, memory and disk space etc as well as external monitoring for our public facing sites. Should any of these monitoring tools detect an issue an email and SMS is sent to a number of people who can resolve the issue. In addition we also have a dashboard available on the internet showing the current status of our systems. These can be easily customised to allow our clients to see only the services that are of interest to them.

Identity and authentication

User authentication needed
User authentication
Username or password
Access restrictions in management interfaces and support channels
At Snafu users are added to security groups and all parts of the system are protected from users who are not part of the correct access groups. For example, only users who are a member of a specific security group would be able to reverse a transaction.
All user actions and document updates are audited (date/time/userID).
Access restriction testing frequency
At least every 6 months
Management access authentication
Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
How long system logs are stored for

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
At Snafu we run a robust information security policy that is designed to ensure that all of clients (and so their customers) data is protected at all times. As our clients are Local Authorities we are heavily audited. The policy deals not just with the data itself but also extends to security around access to data. This is especially important to us as several of our services have both public facing web pages and involve remote lone workers using mobile devices. We build our system to be in line with legislative standards and to ensure that users have a compliant, safe and secure platform from which to work. The policy is a active part of our core behaviours as we understand that it protects both our clients and ourselves from reputational harm as well as protecting the data itself. It should be noted that for the policy to be effective it needs to dovetail with local client policies and procedures.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
At Snafu we work hard to ensure users are fully aware of changes, that they are trained or have factsheets etc. We manage and implement most of the initial system configuration, but we will do this this in close partnership with the clients mobilisation team and will rely heavily on them to supply the relevant data sets. Core elements of the service are monitored continually with KPI reports or some clients opting for our live system health checks. Being Local Authorities, our clients IT teams are often involved in the change management process especially so when relating to local security.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
At Snafu we run our own penetration tests regularly using OWASP ZAP to ensure no vulnerabilities exist within our systems.

Upon identifying an issue we asses the risk and give the issue a priority. Priorities are assessed by the vulnerability and the number of our clients that it could possibly affect.

Information is obtained from a number of sources including Qualys Community and Dell Sonicwall.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
At Snafu we use external penetration tools to help us identify potential compromises. If an issue is identified it is categorised High, Medium or Low.
Anything falling into the High category is immediately actioned and a fix sourced immediately.
Medium category issues are usually dealt with on a weekly basis.
Low category items are resolved on a monthly basis as part of the server maintenance routines.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
At Snafu users report incidents via a web portal and these are logged directly in our Support Desk software. The software is configured with triggers that recognise common problems, and route them to the most suitable person or team. It contains a Knowledge Base, so that knowledge can be easily shared between team members.

We have strict processes for specific events e.g. Priority 1 issues, and these processes are regularly reviewed.

Clients can view the progress of issues on the web portal.

Incident Reports are run automatically and emailed to a nominated circulation list weekly.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
Connected networks
  • Public Services Network (PSN)
  • NHS Network (N3)
  • Joint Academic Network (JANET)
  • Scottish Wide Area Network (SWAN)
  • Health and Social Care Network (HSCN)


£500 to £750 per person per month
Discount for educational organisations
Free trial available

Service documents

Return to top ↑