Enable My Team

Enable My Team - Asset Information Management System (AIMS)

EMT is a web-based asset information management system (AIMS), allowing you to track, capture, verify and handover asset data for a construction project or maintenance scheme. Visualise asset relationships and compare back to baselines to capture changes. A mobile app is also available to capture site and verify assets.

Features

  • Asset information management system
  • Integration to CDEs
  • Integration to GIS
  • Integration to BIM models
  • Relationships between assets
  • Scalable platform
  • Real time reporting
  • iOS mobile app (includes offline mode)
  • Browser based including remote access

Benefits

  • Collaborative working
  • Capture asset data in the field or office
  • Integration into enterprise systems
  • Scalable for any size project
  • Exporting and importing of data

Pricing

£3,000 a unit a month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

6 9 0 7 4 1 2 6 6 7 7 8 0 2 6

Contact

Enable My Team Sandeep Jain
Telephone: 07917563955
Email: sjain@enablemyteam.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The asset information management platform is browser based and will work on all major browsers (Microsoft Edge, Firefox, Google Chrome, Safari). There is also an iOS mobile app.

Other solutions are more bespoke to specific client's needs.
System requirements
  • Browser based. No software installation.
  • Please see Service Definition Document

User support

Email or online ticketing support
Email or online ticketing
Support response times
All questions are responded to within 24 hours.
User can manage status and priority of support tickets
No
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
All customers will receive access to our support team who will respond within 24 hours. Additional support is normally bespoke depending on the client's needs. We can provide additional offsite resources, consultancy days where a technical account manager will visit the client, or even a permanent resource on larger, more complicated projects.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Clients can provision the service by entering a few service parameters (ex: client corporate domains) and a list of client administrators for the service. Provisioning of the service environment happens autonomously. This may take from a few minutes to an hour depending on input service parameters. This process also creates accounts for administrators who are notified by email. Their email address must match one of client domains for security. Once administrators activate and secure their accounts (2-step verification), next step is configuration of the service as per client requirements. This configuration can include integration with clients existing asset configuration, integration with client enterprise systems and their other cloud based softwares. At this point, we will be in touch with the client to arrange an online Webinar or onsite training session. The goal is to understand and align with client goals so the system is configured accordingly. We tend to work closely with client administrators during this phase. Additionally, the platform has documentation to help users get started on the platform. Administrators have more documentation on how to add and manage regular users. There are also guidance videos available online while provide visuals with step-by-step commentary.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Users can extract all their data including users, groups, configuration, assets and attachments/documents in four main ways at the end of a contract:
- Using built-in export options : The platform allows exporting of data in multiple formats: JSON, Excel, MySQL, ZIP.
- API : Data within the platform can be accessed through our API. The REST based JSON API can then be used to export and integrate data with any other client system or database.
- Contact our support/service desk : Our support team will export the data for the client and arrange for a handover.
- From Backups : As a minimum automatic data backups are taken every 24 hours and backed for the last 30 days are stored. Client data can be extracted from these backups.
End-of-contract process
This is a rolling contract.

However when the contact is terminated, the following end of contract process applies: Client is the owner of their data and all their data including users, groups, configuration, service specific data and attachments/documents can be extracted from our service at the end of the contract. Data extraction can be done by the client or by our support team by sending a data extraction request to our service desk. Once contract has been terminated and data extracted, we will terminate the service environment for the client including all user access. Data will be disposed as per our data disposal policy. The timing of this disposal and all other data backups will depend on our SLA and terms with the client.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
There is a dedicated iOS app available for iPhones and iPads. The browser service contains more admin features, but both the app and the browser provide the same data capture features. The app also includes a barcode scanner for use with QR / DM codes for asset management and labelling.
Service interface
No
API
Yes
What users can and can't do using the API
Do using the API We have an API for integration purposes. We can integrate with EDMS systems, BIM softwares, GIS softwares, CMMS softwares, Enterprise integrations with Azure, Databases and general file based formats such as Excel.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The asset management platform is customisable for each project. The asset breakdown structure and configuration will be unique for each user. They can customise configurations, location hierarchies and analytic visualisations. Documents can be synced to various CDEs or Document Management Systems. Additional metadata can be customised for individual projects.

Scaling

Independence of resources
Users will have dedicated environment's for their projects. The platform has been designed for horizontal scaling, so we can add more power to the service if the demand requires. We are experienced in scaling our system and we already experience dealing with millions of assets and attributes across numerous projects.

Analytics

Service usage metrics
Yes
Metrics types
Number of unique active users
Numbers of total requests
Breakdown by request types
Peak requests & times
Total number of objects (assets, documents & attachments) in the system
Activity by duration
Reporting types
  • API access
  • Real-time dashboards
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2012
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Our system can integrate with a number of different software and platforms. This can include facilities management software to transfer all data at the end of a project. Alternatively, data can be exported to excel files or transferred to a sql database.
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • JSON
  • MySQL
  • ZIP
  • API
Data import formats
  • CSV
  • Other
Other data import formats
  • Model Formats (dwg, rvt, dgn, fbx, obj, ifc)
  • PDF
  • Excel

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
As per our SLA, we guarantee 99.99% of uptime. Uptime is measured the using our automated systems, over each calendar month. It is calculated to the nearest minute, based on the number of minutes in the given month (for instance, a 31-day month contains 44,640 minutes). A report containing these measurements will be validated and issued to the Client on a monthly basis. Client will also have access to an online portal which will show daily, weekly or monthly report on a number of cloud parameters:

Server Availability
Service Response Time
Packet Loss
CPU Utilisation
Memory Utilisation
Disk Utilisation

If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit. This means the following month’s/work package's fee payable by the client will be reduced on a sliding scale. The level of penalty will be calculated depending on the number of hours for which the service was unavailable, minus the downtime permitted by the SLA ie: routine maintenance as agreed in advance with client.

- Penalty per hour is 5% of total order/work package fee.
- Uptime penalties in any month are capped at 50% of the total order/work package fee.
Approach to resilience
Available upon request.
Outage reporting
The service includes a dashboard. Client will also have access to an online portal which will show daily, weekly or monthly report on a number of parameters for servers in EMT cloud:

Server Availability
Service Response Time
Packet Loss
CPU Utilisation
Memory Utilisation
Disk Utilisation

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Other user authentication
SAML based Identity federation using client's own enterprise systems/user directory as an identity provider.
Access restrictions in management interfaces and support channels
Security, User roles & groups management is built into the platform to ensure right people get the right level of access including special groups & roles for access to management interfaces and support channels. Features include:
- Highly granular level of control over user access
- Option of requiring 2-step user verification every time a user signs on through an unrecognised device
- Strong authentication & password policy: Enforced password changes and automatic session timeouts
- Option to set acceptable IP ranges from which users may log in
- Periodic & demonstrable Web application security, penetration and access controls test.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
  • Other
Description of management access authentication
Single Sign On - SAML based authentication to client enterprise systems

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
ISO Quality Services Ltd
ISO/IEC 27001 accreditation date
12/09/2018
What the ISO/IEC 27001 doesn’t cover
NA
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials Scheme

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our Information Security Policy is based upon the International Standard ISEC/ISO 27001 the Code of Practice for Information Security Management and ISEC/ISO 27002. This policy defines to all staff, suppliers and partners how the Company will secure electronic information, which is found within:
• The Company’s IS/IT infrastructure.
• Key Business System data and information.
• Security of information held in electronic form on any Company computer.

This policy subject to annual review is owned by the Company and is maintained, reviewed and amended by the IT Manager in accordance with Company policy, procedures and guidance.

The IT Manager will maintain and monitor, at six monthly intervals, reports of records of electronic security incidents. Reports will be considered by the Company. It will then be decided if further action or investigation is required. The Directors of the Company are ultimately responsible for ensuring that adherence to this policy is observed and for overseeing compliance by users under their direction, control or supervision. Each user is responsible for their own actions and must ensure all actions relating to using the Company network and IT Services adheres to the principles and requirements of this policy.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Our Configuration & Change management policy helps in tracking the components of our services through their lifetime ex: Firewall & Gateways, Network, Services (database, middleware & front-end services), Apps and Documentation. This policy includes:

Version Control
Baseline and release information
Audits & Review
Documented Process
Build, Integrate, Deploy Scripts

Standardisation of process and its implementation is key. Users requesting changes are required to submit a change management plan. This plan includes impact to Security. The plan must then be approved by multiple teams including Information Security (IS). Any change impacting Security must demonstrate results of adequate testing of IS impact.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
A dedicated Security Officer is responsible for our vulnerability management process assisted by a Vulnerability Engineer who configures vulnerability scans and information updates from latest security bulletins. We use a thoroughly tested and market leading vulnerability scanning vendor. Scans are tuned to limit the amount of false positives and regular scanning ensures new vulnerabilities are detected in a timely manner. An IT Systems Engineer is responsible for implementing remediating actions, testing and deploying patches while working closely with the IT asset owner. Scanning configuration is regularly updated with latest updates from the vendor to include new potential threats.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Our Protective Monitoring combines process and technology, detecting and alerting on operational and security issues related to a wide range of compliance and risk concerns. We use 3rd party SIEM system which provides out-of-the-box packages, including GPG 13, SOX, HIPAA, GCSX. We conduct automatic analysis and pattern recognition of all log data, maintaining constant vigilance for multiple attack vectors that, when combined, may indicate an APT-style attack. Our Security officer and IT asset owners get alerts on individual and broader malicious event sequences simplifying remediation and helping mitigate risk quickly.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
We have an incident management process to restore normal service operation as quickly as possible and minimise the adverse impact on business operations. We also have a service desk in place with proper arrangements of interface between incident management. We use an ITIL compliant web based software tool accessible by all users. Users can submit incidents this tool or by email to a dedicated service desk email address. Service desk requests deemed as incidents are directed to Incident management. Once resolved, an incident report is sent to Security, Asset owner and users. We maintain an audit history and incident log.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£3,000 a unit a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Free trial includes:
- Full functionality
What not included:
- No data backups. Data storage limited to 20Gb. Recommend not uploading confidential data. Only for feature & stress testing using non-sensitive or cleansed data
- No SLA
- Limited for 30 days for 5 users
- No enterprise integration

Service documents