Land Assembly Services Ltd

Geographic Information System

Our geographic information system provides you with the capability to capture, maintain and process information which has a defined geographic location.
It uses the power of spatial analysis to extract and present the information you need to make decisions, perform processes or create documents.

Features

  • Configurable web based geographic data processing and management platform
  • Supports spatial and alphanumeric data, documents and images
  • Quality methods include testing, inspection, dual entry, statistical sampling
  • Data linked to the evidence from which it was captured
  • Versioning and metadata
  • Single source of the truth
  • Workflow task management
  • Task automation
  • Data visualisation and exploration
  • Designed for interoperation

Benefits

  • Access the data and documents you need anytime, anywhere
  • Share data quickly, easily and securely
  • Be confident in data accuracy, completeness and currency
  • Easily combine different data types into a single report
  • Improve productivity
  • Allocate work according to capability and capacity
  • Track and manage performance
  • Assure compliance with regulations and procedures
  • Work anywhere, anytime
  • Easily satisfy new requirements

Pricing

£48 to £240 a user a month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 12

Service ID

9 2 5 7 8 6 1 6 2 6 0 0 0 6 3

Contact

Land Assembly Services Ltd John Gannon
Telephone: 07970280241
Email: john.gannon@landassembly.net

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
The solution is totally web-based, so all that is needed is a computer, (desktop, laptop or mobile device) that is connected to the internet and running an up to date browser.
The solution is available 24 by 7 by 365 except for brief periods of planned maintenance which normally occur monthly outside the normal UK working hours.
System requirements
  • Modern Web Browser
  • Internet Connection

User support

Email or online ticketing support
Email or online ticketing
Support response times
The support service may be accessed via the online service. Alternatively, a ticket can be raised via email. The Support Service is available during UK office working hours (09:00 to 17:00), excluding UK Public Holidays. The initial acknowledgement response will be within 4 working hours with a detailed response within 8 working hours.
The cost of the support service is included in the software licence fees.
Support is only available at the weekend by prior arrangement at an extra cost.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
The support service may be accessed via the online service. Alternatively, a ticket can be raised via email. The Support Service is available during UK office working hours (09:00 to 17:00), excluding UK Public Holidays. The initial acknowledgement response will be with 4 working hours with a detailed response with 8 working hours.
The cost of the support service is included in the software licence fees.
We do not provide a technical account manager or cloud support engineer.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
We work with the customer to formally specify their data, processes, workflows and reporting requirements in human and machine readable form.
The resulting specification is executed by our software platform. Suggested test scripts and work instructions are provided to assist in user testing and proof of process. The specification may be altered during user testing and proof of process prior to service acceptance.
Initial onsite training, advice and guidance and on-going assistance will be provided throughout the life of the project, along with a full set of user documentation including worked examples and case studies.
Service documentation
Yes
Documentation formats
  • HTML
  • ODF
  • PDF
  • Other
Other documentation formats
  • DOCX
  • XML
End-of-contract data extraction
Users have full access to their data throughout the life of the project and they can use the integral tools to extract the data at any time during the life of the project.
End-of-contract process
As this is an online service, once the client decides to end their use of the service and while they still have access to the service, they can extract and delete their data. There are no additional costs to pay at the end of the project.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Chrome
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Different user interfaces will be presented based on available screen real-estate. Total functionality has been designed to be the same across all device types.
Service interface
Yes
Description of service interface
Our services are primarily accessed via a web portal, which allows users to view, manage and report on their projects, and to access specific services associated with individual projects. Web service interfaces are also available for B2B use cases.
Accessibility standards
None or don’t know
Description of accessibility
The solution has been designed to be as easy to use and as intuitive as possible.

Our user interface components are based on Google’s Material Design Library and, as such, provide rich accessibility support. The design of interface components implements WAI-ARIA and follows WCAG guidelines wherever possible.
Accessibility testing
At this stage of the product cycle, no specific accessibility features have been included.
Tests have been performed to ensure the interface is appropriate at all resolutions and that all interface components are decorated with textual descriptions.
API
Yes
What users can and can't do using the API
Our solutions may be configured to provide any functionality via an API for use in B2B scenarios; what can and can't be done is entirely dependent upon the defined specification.
API documentation
Yes
API documentation formats
  • HTML
  • ODF
  • PDF
  • Other
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Our solutions are based on a specification language which enables fully customisable products. These products may be made up from pre-existing specifications, which may only require customisation of parameters, through to products which are customised using existing building-blocks of customisation, through to fully bespoke products.

Scaling

Independence of resources
Each user will be provided with an agreed level of data storage based upon the expected volume of their data, reasonable growth will be allowed for. The hosting service will be flexible so more resources will be available depending on current demand.

Analytics

Service usage metrics
Yes
Metrics types
Detailed usage metrics are available. This includes the volume and type of data utilised and the service options used.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Using the configurable tools that are used day to day while the solution is being used. The import and export of data is a key requirement of the solution, so this is integral to its use.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • DTS (Data Transfer Standard)
  • XML
  • Other (most common formats)
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • DTS (Data Transfer Standard)
  • XML
  • Other (most common formats)

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Via encrypted database connections.

Availability and resilience

Guaranteed availability
The service is hosted via a fully resilient commercial data centre. Target service availability is 99%.
Where the service is not available for customer use due to an unplanned event for any period greater than 24 hours, during normal UK business hours, we will compensate the customer by providing 1/365 of the paid annual fee for each period of 24 hours during which the service is unavailable.
Approach to resilience
The datacentre in use is fully resilient - details are available on request.
Outage reporting
Via email alerts.

Identity and authentication

User authentication needed
Yes
User authentication
  • Username or password
  • Other
Other user authentication
Dependent upon configuration, but the following options exist:
• Password
• Software token (for users)
• Public key (for web services)
Access restrictions in management interfaces and support channels
This is restricted according to user account roles and is password protected.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
Cyber Essentials

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
Other
Other security governance standards
Cyber Essentials
Information security policies and processes
• Network Security Policy
• Acceptable Use Policy
• Cloud Computing Policy
• Password Policy
• Cryptographic Policy
• Anti-Malware Policy
• Patch Management Policy
• Bring Your Own Device Policy
• Information Security Policy
• Remote Access Policy
• Vendor Access Policy
• Electronic Messaging Policy
• Change Management Procedures
• Incident Response Procedures
• Disaster Recover Procedures
• Business Continuity Plan
• Media destruction, Retention and Backup Procedure.

Policies and procedures are an integral part of our integrated management system, which is accredited for conformance with ISO9001, 14001 and 45001.

Compliance is enforced via the management system and monitored by internal and external audit.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Each asset, be it a deployment package, some infrastructure or any other asset which may change state and influence the solution, is uniquely identified and catalogued. The catalogue contains the current configuration of the asset (the configuration storage mechanism will vary based on the asset type).
Change requests are necessary to change the state of an asset. Change requests are reviewed against procedures to prevent negative security impact.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We use third-party vulnerability scanners to identify potential threats, plus manual checks against the registry of utilised third-party components.

All services are supplied via our BASE system, which orchestrates the execution of tightly defined modules. Each module is aware and catalogues both third-party software and services that it uses. The BASE system itself has a registry of allowed DLLs which may be loaded into its application domain and these map back to modules. This registry is checked regularly to see if there are any security vulnerabilities.

We have complete control over the speed of patching/fixes, depending on the severity.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Audit data about asset usage (be it memory, network, disk, file, etc.) is recorded at all tiers of the solution and is continually statistically analysed. Any deviation from statistical norms is flagged for inspection and results in either a change to the statistical model, or a change request to mitigate any potential risk being raised.

Also, the BASE system’s script execution method performs similar statistical analysis of executed scripts.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Users have access to a self-service security management system, by which common processes may be performed for common events (e.g. deactivating a compromised user account administered by the reporting user). This is backed up by a helpline for non-standard events. Updates on progress are managed in the same way as our ticketing system.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£48 to £240 a user a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We offer an intial proof of concept stage free of charge. This involves agreeing a subset of the customer's requirement and taking this subset through the onboarding stages - specifcation, configuration, user testing, proof of process. There is no time limit but would anticipate about 3 months duration.

Service documents