ICONICS UK Services Ltd

Intelligent Buildings Software Stack - Facilities Management

The IBSS platform is a virtual data-driven replication of the physical built world. The software stack models the relationships between people, places, and devices to drive business-oriented outcomes, including increased: user experience, operational efficiencies and management insight.


  • Historical, Real-time & Predictive Data Analytics
  • Open Data Integration (IT, OT & IoT Sensors)
  • WayFinding, Room Booking, Room Control
  • Management Dashboards and Reporting for Operational Excellence
  • Mobile Apps for Occupants and Service Workers
  • Cloud Scalability
  • Data Workflows an AI engines
  • Mixed Reality Experiences
  • Geospatial Data Models
  • Data integration and normalisation


  • Reduce Energy and Carbon Consumption
  • Improve Occupant Experiences and Wellbeing
  • Increase Data Compliance and Governance
  • Improve FM and Asset Management Efficiencies
  • Single View of the Truth
  • Attract Talent and Minimise Staff Turnover
  • Streamline service task operations
  • Improve space utilisation
  • Improve building performance
  • Improve occupant air quality


£6.00 to £15.00 a unit a year

  • Education pricing available

Service documents


G-Cloud 12

Service ID

9 1 5 1 8 6 9 4 0 2 0 4 9 0 8


ICONICS UK Services Ltd Clive Walton
Telephone: 01384246700
Email: cwalton@iconics-uk.com

Service scope

Software add-on or extension
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
The services ICONICS provides relate to the operations of a building, and more specifically relate to the occupied hours of the space. As a service, the solution is continuously enhanced and planned maintenance activities will be communicated up to 1 month in advance together with the outage window times. The service updates usually take up to 30 minutes but are typically concluded within 5 – 10 minutes, during which time the dashboards will not be accessible. No data is lost in the maintenance period as the service is distributed across a number of components which will be cycled independently
System requirements
  • Currently supported HTML5 compliant browser
  • Cloud based Identity Management such as Azure Active Directory
  • Currently supported Android/iOS devices

User support

Email or online ticketing support
Email or online ticketing
Support response times
Email and phone technical support is available from 8:30 to 17:30 during normal UK working days.

24/7 Support is available at an extra cost.
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Yes, at extra cost
Support levels
Telephone and email helpdesk support provided with the service.
No additional support levels and all costs inclusive. Technical Account Manager assigned to the client for the duration of the service provision
Support available to third parties

Onboarding and offboarding

Getting started
The (typical) onboarding process for these services is defined as below, for which there are no onboarding charges. Customers would engage with ICONICS to determine the services they need which will then be priced up and agreed. general process is
- Customer to provide marked up floor plan drawings of building(s)
- Customer to provide space information (locations, names types etc)
- Customer to provide equipment information (locations, names types etc)
- Customer to provide user information (no. of users)
- ICONICS to connect with customer IT for
o security credential sync
o access to 3rd party cloud systems
- ICONICS to connect to building data
- ICONICS to onboard users into mobile application and deploy to customer deployment framework e.g. MDM or app store in conjunction with customer IT
- ICONICS to enable the services and apps that the customer is looking for (e.g. FM Services, Workplace Analytics)

Customer then provided training to onboard onto the service
Service documentation
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Data extraction is available via the service web-site and will be exported in a CSV file format.
End-of-contract process
At the end of the service contract, the service will be discontinued, and any user (customer) data will be destroyed within 30 days after the contract has ended.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
Application to install
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Differences between the mobile and desktop service
The Android/iOS app is specifically designed to work on phone and tablet devices, and provides the functionalities needed on those devices. The desktop service (browser or natively installed on Windows) is used for the analytics and other activities more suited on a larger real-estate.
Service interface
Description of service interface
A web based portal that provides access to KPI's and actionable insights provided by the service.
Accessibility standards
None or don’t know
Description of accessibility
Content specific to the service provision user role. Assistive technology such as text to speech can be used.
Accessibility testing
Customisation available
Description of customisation
Individual users can select which key components they want to see/use in the mobile app.
Administrative users can configure which components of the service are available to which users, and which rights specific users have. And modify selected artwork used through the mobile app.
As a priced item the supplier can customise the styling of the app including the colour scheme and more of the artwork used through the service.


Independence of resources
The service is designed and deployed on elastically scalable components of Microsoft Azure. This will ensure that in cases of higher loads (more users) more back-end capabilities will be available to service those requests.


Service usage metrics
Metrics types
Number of users
Frequency of access
Services used
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
Protecting data at rest
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
Other data at rest protection approach
Microsoft Azure platform built-in encryption systems
Data sanitisation process
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data extraction is available via the service web-site and will be exported in a CSV file format.
Data export formats
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
The targeted SLA for the solution is aligned to the SLAs of the underlying Azure Infrastructure (99.9%). The SLA is calculated on a monthly basis, and does not include any (down) time needed for updates at an agreed slot.
Approach to resilience
Systems are built on SLA backed services from the Microsoft Azure platform (99.9%). Systems may be configured with extra redundancy to meet the customers requirements.
Outage reporting
Email Notifications

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
User accounts, IP filtering, VPN requirement
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Other security certifications

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
Other security governance standards
Cyber Essentials Plus
Information security policies and processes
Cyber Essentials Plus and ISO27001 provide the basis for our security policies. Central logging and reporting systems provide security alerts, oversight and reporting for all systems. Policies are enforced through technical means and security training.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
ICONICS manage the full deployment life cycle through Azure DevOps, including the development of new features and closing out found issues. As part of this process any changes are reviewed and assessed for their security impact. Any new builds will be staged via various development, test, and pre-production environments before being deployed to the production environment
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Constant monitoring of software and systems is performed. Data is reported to a central dashboard where IT staff resolve or mitigate any detected issues. Spot checks are also performed using an alternative software scanner.

Where an issue is identified,the users will be notified immediately via email and the standard SLA times will be used to resolve the issue.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Security monitoring is carried out by collecting logs from all systems, possible issues are identified such as repeated failed logins and alerts are generated. IT staff will investigate and take any required actions as soon as possible within the standard SLA times.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
When incident is detected or reported, it's primary nature will be assessed, and if it falls in a known category (i.e. Infrastructure Outage, Intermittent Infrastructure Failures, DoS and similar attacks, Security Breach, Software Failure) the appropriate standard steps for that category will be completed.
If based on the primary assessment it cannot be assigned to a known category, a structured approach to identifying the root cause of the issue is undertaken.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks


£6.00 to £15.00 a unit a year
Discount for educational organisations
Free trial available

Service documents