Kaarbon Technology Ltd

Gully SMART

A drainage asset management system allowing mobile users to add or download highway asset data and download geo-referenced mapping for offline use. The mobile application uploads updated inspection or asset data to the kaarbontech cloud system. We include the ability to complete an inspection, maintenance, repair, and create service requests.

Features

  • Field data capture on iOS, Android and Windows devices.
  • Council specific spatial datasets used for greater clarity.
  • Drainage assets marked for attention are clearly identified.
  • Data displayed on OS Mastermap with offline use.
  • Create cleansing programme based on risk.
  • Integration with existing corporate systems possible.
  • Defect recording with service request facility.
  • Comprehensive reporting suite with export functionality.
  • Add cctv survey videos to asset record and view online.
  • Supports all drainage assets and watercourses.

Benefits

  • Provides accurate, complete and reliable data.
  • Ensures compliance with legislation and codes of practice.
  • Easy access to data and simple export and reporting.
  • Intuitive user interface, easy to use and low training needs.
  • Enables fast response to public and Councillor data requests.
  • One touch interactive KPI reporting.
  • Effective solution for reducing surface water flooding.
  • Complies with all recommendations of the HMEP Drainage Guidance.
  • Does not require dedicated client resource to manage system.
  • Flexible modular system to match your requirements

Pricing

£1785 to £3560 per licence per year

Service documents

G-Cloud 10

930509999801676

Kaarbon Technology Ltd

Mark Entwistle

01202031333

mark.entwistle@kaarbontech.co.uk

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints There are no service constraints.
System requirements Web browser, Google Chrome, Mozilla Firefox or Windows Internet Explorer

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Dependent on the priority the response time would be between 1 hour and 24 hours
User can manage status and priority of support tickets Yes
Online ticketing support accessibility None or don’t know
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels Our support services are delivered by online ticket, email or telephone and are operational 0800 until 1800 UK time, Monday to Friday excluding bank and public holidays. We do provide a dedicated account manager for each customer but this is not specifically a technical or cloud support engineer.

We offer onsite support at a day rate of £750 to include travel time.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started We provide detailed training video's, telephone support and offer on site training for an additional fee
Service documentation Yes
Documentation formats Other
Other documentation formats Video tutorials
End-of-contract data extraction All data can be exported at any time during the contract period.
End-of-contract process No additional charges are due at the end of the contract.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Firefox
  • Chrome
Application to install Yes
Compatible operating systems
  • Android
  • IOS
  • Windows Phone
  • Other
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Mobile service can have offline maps for use when a mobile signal is not available.
Accessibility standards WCAG 2.0 AA or EN 301 549
Accessibility testing We have explored the use of text and braille reader software and confirm it is compatible with our reporting functions.
As all field applications and a large element of the office system require the interaction and plotting onto a geo-referenced map it would be problematic to expect vision-impaired users to work with these functions. Translating imagery and mapping detail is not something we could find support for in any disability support software.
API No
Customisation available Yes
Description of customisation Asset collection process has questions based on HMEP advice, answers to these questions can be personalised by buyer once an order has been received.

Scaling

Scaling
Independence of resources We limit the amount of customers hosted on a single server and monitor demand to ensure system is optimised at all times

Analytics

Analytics
Service usage metrics Yes
Metrics types Real-time management and login information provided
Reporting types Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Other security clearance
Government security clearance None

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach Data can be exported in from the operations tab on the main menu or from many of the reporting screens within the system.
Data export formats
  • CSV
  • Other
Other data export formats Esri Shapefile
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Legacy SSL and TLS (under version 1.2)
Data protection within supplier network Legacy SSL and TLS (under version 1.2)

Availability and resilience

Availability and resilience
Guaranteed availability 99% service availablility
Approach to resilience Detailed resilience information available on request
Outage reporting Email alert of service outages.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels We use Puppet as our core user control system. Access can be restricted via an access control dashboard, restricted access and version control access is also applied to reduce the possibility of unauthorised access to the system
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Operate a system based on ISO 27001 and working towards full accreditation to ISO 27001
Information security policies and processes Our policies around information security are held within the companies ‘software overview’ document and are reviewed every six months. All queries or issues with regard to information security should be reporting to line manager and then passed directly to the managing director who has ultimate authoritiy over IT governance, any fail safe’s to ensure policy adherence can be viewed on request. We are currently working towards full ISO 27001 accreditation.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We ensure that any changes to the system are properly tested and authorised with close attention to any that might alter security properties. Our penetration testing process and vulnerability processes would identify security issues in constituent components. We operate failover software which currently poles the live and development server status every 10 minutes. To avoid false alerts due to internet consistency the program increases its checks to 1 minute if there is no initial response and reports the status to two of our developer’s and KaarbonTech managing director via text and email.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach A vulnerability assessment is carried out monthly and any potential threats are assessed using the Common Vulnerability Scoring System (CVSS). Those that are deemed in need of a fix are given a priority (1-4) and dealt with accordingly with high or critical vulnerabilities having a target patch time of 24 hours. Potential threats are communicated to us by our failover software supplier and we monitor the weekly threat report from the National Cyber Security Centre.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Server logs are used to monitor any errors which are emailed to the developers as and when they occur. This includes the line of code and all the detail about the system. Once received, the error is prioritised and the log is examined. This proactive approach allows us to catch abnormalities before the customer notices them. All logs are stored for retrieval and assessment for up to 12 months. The statistics of compromises form part of the weekly developer meeting agenda.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Errors are communicated to the development team as and when they occur, the error is prioritised and the log is examined in detail either:
• Immediately
• The following morning.
Analytics are used to monitor timings and crash reports in a similar way. This information is also prioritised for action within the following timescale:
• Immediately
• Within 24 hours
• Within 7 days
• Before the next natural release
The incident report statistics form part of the weekly developer meeting agenda.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £1785 to £3560 per licence per year
Discount for educational organisations No
Free trial available No

Documents

Documents
Pricing document View uploaded document
Service definition document View uploaded document
Terms and conditions document View uploaded document
Return to top ↑