SmartSpace Workplace Platform - Modular workplace solution
SmartSpace Workplace integrates seamlessly with your existing software and hardware ecosystem including room display panels, MS Office 365, Exchange servers and Active Directory. Choose from room, desk and visitor management modules. Connect your employees with the Mobile App providing, market leading wayfinding, reservations, check in functions and 'find my nearest'
- Simple integration via plug-in or web application
- Detailed reporting, Measured, Analysed & optimised data for your workspce
- Smart & informative wayfinding and location-based services
- Modular, intuitive desk, meeting room, visitor and resource management
- Mobile application for Android and iOS
- Manage assets & resources
- Fully integrated parking systems, payment and CRM
- Bespoke client configuration
- Open API Integration
- User administration console
- Quickly find a desk, room, meeting, colleague or service
- Mobile application for a connected employee experience
- Seamlessly manage visitors, providing an enhanced experience
- Scale-able solution to address daily workplace challenges
- Integrate with existing technology
- Extensive space & desk utilisation and occupancy reporting
- Manage digital content & publish to multiple channels
- Improve user experience without leaving your email
- Fully integrated parking systems, payment and CRM
£12 to £20 per licence per month
- Education pricing available
SMARTSPACE GLOBAL LTD
+44 (0)845 094 5686
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
|Service constraints||We have a structured planned maintenance schedule that operates out of business hours (local time).|
|Email or online ticketing support||Email or online ticketing|
|Support response times||2 Business Hours|
|User can manage status and priority of support tickets||No|
|Phone support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support||Web chat|
|Web chat support availability||9 to 5 (UK time), Monday to Friday|
|Web chat support accessibility standard||WCAG 2.1 AA or EN 301 549|
|Web chat accessibility testing||Chat software used follows the VPAT (Voluntary Product Accessibility Template), which documents an audit of the chat systems in regards to the audited framework, the WCAG 2.0 guidelines, and is has been used to address the requirements of Section 508 Standards. It does not utilise audio only or video-only content.|
|Onsite support||Yes, at extra cost|
We have three levels of technical support, ranging from troubleshooting to in depth root cause analysis and resolution.
Client manager is allocated as day to day relationship manager.
Priority levels for support:
Urgent - Error is mission critical and work cannot continue without resolution of the error
High - Severe loss of Service, with no available workaround
Medium - Minor loss of Service but the impact is inconvenient as opposed to critical
Low - Mildly inconvenient or superficial loss of function
Standard support is included in the SaaS costs. Additional layers of support are priced based on client need.
|Support available to third parties||No|
Onboarding and offboarding
Standard training materials are provided, and dependant on the complexity and size of implementation specific training can be provided.
Onsite training and webinars are provided at additional costs when requested and all user documentation is provided as part of our continual support.
The onsite training provides personal training sessions for up to 10 people in any one sitting.
|End-of-contract data extraction||Booking, user and reporting data can be provided in machine-readable format.|
An exit transition plan will be developed in line with client's requirements, including planning for data transfer.
All costs shall be calculated on a time & material basis.
Using the service
|Web browser interface||Yes|
|Application to install||Yes|
|Compatible operating systems||
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||
Responsive designs can sometimes provide different levels of functionality but typically all features are mapped.
All services are designed to work on mobile devices, Android and iOS
|What users can and can't do using the API||Many of the aforementioned activities are mapped against API end points for client integration.|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||No|
|Description of customisation||Branding on mobile channels and mobile applications can be changed at cost|
|Independence of resources||
We have automatic scale-up and down profiles applied to hosted services in the cloud.
Independence of resources.
Service availability is kept operational through App server and database storage replication or scaling, as required. Post incident metrics assist in planning larger resource.
|Service usage metrics||Yes|
|Metrics types||Describe service metrics|
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||
|Other data at rest protection approach||All data is stored on a dedicated Azure instance with access restricted to individuals with a legitimate need to access. All data is encrypted and held in the UK under our control.|
|Data sanitisation process||Yes|
|Data sanitisation type||Explicit overwriting of storage before reallocation|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||
Typically data can be exported as a CSV.
In some cases the data is anonymised
|Data export formats||CSV|
|Data import formats||CSV|
|Data protection between buyer and supplier networks||
|Data protection within supplier network||Other|
|Other protection within supplier network||Internal virtual networking within Azure has no connectivity to the outside internet at large.|
Availability and resilience
We provide SLA-backed guaranteed uptime of 99.5% for all cloud-based platform services.
Contractual SLAs for ongoing support and maintenance services are also provided to ensure continued operation and client satisfaction.
If there are any periods in which SLAs are not achieved then we would be prepared to agree a service credit arrangement.
|Approach to resilience||Available upon request|
|Outage reporting||Outages are reported to our support team by means of email and an online portal accessible to authorised users.|
Identity and authentication
|User authentication needed||Yes|
|Access restrictions in management interfaces and support channels||
Authentication is required for access into the support help desk, into the Azure hosting portal and all source control repositories.
An access control list is defined to govern what users can do and at what level.
|Access restriction testing frequency||At least once a year|
|Management access authentication||
Audit information for users
|Access to user activity audit information||No audit information available|
|Access to supplier activity audit information||No audit information available|
|How long system logs are stored for||Between 6 months and 12 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We are engaged and working towards ISO 9001, ISO 27001 and PCI DSS certification|
|Information security policies and processes||
Security policy brief: All policies are within the guidelines held within the ISMS manual. This information security policy is a key component of Information security management framework. It sets the requirements & responsibilities for maintaining information security within the business. Information security events are reported to the ISMS Manager by the Head of Department as quickly as possible. The Company outlines in its Framework Agreement that all employees, contractors and third party users of information systems and services shall be required to note and report any observed or suspected security weaknesses in systems or services.
All information is classified as confidential and therefore access rights are granted in line with job role & responsibilities.
Security policy auditing tool and reporting:
This function is held on file in a secured area within our SharePoint, all non-conformance are reported on a monthly basis to the management meeting and are rated based on severity. Ticketing system is used to monitor the improvements and actions. The owner of the non-conformance is detailed within the form completed. These are also reviewed by way of an annual audit. Non-conformance remain on the list until they have been satisfied and signed off by the ISMS Manager.
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||We control releases through automated and manual tests run against DEV and UAT environments and releases are signed off prior to being released to production. Source code is versioned / branched using GIT source control repositories, with all builds being versioned within TeamCity.|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||A monthly vulnerability scan against the a large number of criteria is carried out against all production systems. Criteria contain, but are not limited to: OWASP Top 10 (2017), XSS, Authentication & Session Management, SQL injection, XML XE vulnerabilities, Information Disclosure or DoS vulnerabilities. All vulnerabilities are classified into High, Medium, Low, which High defects being resolved within 30 days.|
|Protective monitoring type||Undisclosed|
|Protective monitoring approach||Continual monitoring of application service health is performed on all hosted services. If an issue is identified then the team is contacted straight away and we then formulate an action plan.|
|Incident management type||Undisclosed|
|Incident management approach||
We operate a support help desk that allows clients to communicate with our support engineers.
Incident response and management are documented in our ISMS, and a summary can be provided upon request.
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£12 to £20 per licence per month|
|Discount for educational organisations||Yes|
|Free trial available||No|