FM:SYSTEMS EUROPE LIMITED

FM:Systems OccupEye - Digital Workplace: Space Management, Utilisation, Analytics, Booking and CAD

FM:Systems digital workplace solutions assist organisations to effectively understand and manage workspace utilisation and assignment, with the goal of combining efficiency and user experience to deliver the ideal workplace for every employee. FMS is able to provide Covid-19 tailored space management solutions.

Features

  • Manage and update Space Layouts, CAD/BIM models
  • OccupEye - capture factual utilisation (Desks, Rooms, Collaboration etc)
  • Display live occupancy/availability information to potential space users
  • FMS:Analytics - Detailed insights into space usage and trends
  • FMS:Employee - Space Booking & User Experience Application
  • FMS:Visitor - Visitor and Employee attendance and access management
  • Third-party integrations with existing technology stack
  • Secure, enterprise-scalable, solutions
  • UK based account management, implementation and support
  • Multi-Language Support Options (English, Welsh, French, German, Portuguese, Mandarin +)

Benefits

  • Lean into the change of hybrid working culture
  • Enable informed decision-making around space delivery and allocation
  • Rationalise and repurpose underutilised space
  • Drive achievement of sustainability goals through smart building technology
  • Deliver enhanced experience and convenience to space consumers
  • Increase efficiency, reduce costs
  • Enjoy greater control over space use through behaviour-guiding workflows
  • Be disruption ready - pandemic-inspired controls and audit features
  • User-empowering technology assists talent attraction and retention
  • Satisfy stakeholders organisation-wide - I.T to front-of-house

Pricing

£2.00 to £35 a unit a week

  • Education pricing available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rdobie@fmsystems.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 12

Service ID

9 4 0 5 8 4 0 7 0 1 5 6 9 9 2

Contact

FM:SYSTEMS EUROPE LIMITED Rob Dobie
Telephone: 07718 319705
Email: rdobie@fmsystems.com

Service scope

Software add-on or extension
No
Cloud deployment model
  • Public cloud
  • Private cloud
  • Hybrid cloud
Service constraints
No; our service does not have any constraints.
System requirements
  • Basic Web Browser Access.
  • Internet Connectivity

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times as in line with our published SLAs; weekends may be included dependent upon client-specific support package.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Web chat
Web chat support availability
9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard
None or don’t know
How the web chat support is accessible
Basic web chat facility, text only
Web chat accessibility testing
To date no assistive tech user testing has taken place, as our web chat facility is designed as a basic layer sales/service interaction tool provided as an out-of-the box bolt-on to our website. We will however be focusing on web chat as an increasingly important and primary support channel later in 2019, and improved accessibility will be included within this development process.
Onsite support
Yes, at extra cost
Support levels
There are various support levels available, and support packages can be tailored to individual user needs. Our core SLA response times are as follows:

1. An unplanned incident causing loss of service to multiple users:
Target response time: 1 hour; target resolution time: 2 hours.

2. Individual user unable to work, with reduced functionality causing severe disruption to the completion of business critical tasks:
Target response time: 2 hours; target resolution time: 4 hours.

3. User experiencing a problem - reduced functionality causing some disruption to the completion of business critical tasks:
Target response time: 4 hours; target resolution time: 8 hours.

4. Non-urgent query or request - reduced functionality resulting in minimal impact to users:
Target response time: 1 day; target resolution time: 5 days.

5. Chargeable service request for installations, moves, additions and changes (e.g. professional services and any customer specific enquiry not relating to a fault):
Target response time: 2 days; target resolution time: as agreed with user.

Support is provided by our team of experienced service and support engineers. Our fees for on-site professional services are included within our listing.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Our comprehensive training equips our clients to oversee effective onboarding and offboarding. They are thus able to provide appropriate new staff with access to OccupEye, while also removing access from outgoing employees.
Service documentation
Yes
Documentation formats
PDF
End-of-contract data extraction
The OccupEye dashboard remains available to users for one month following the expiry of the contract. During this period, data can be extracted via the SaaS platform into a variety of formats; these include .csv, .pdf, .png and .excel.
End-of-contract process
Following the agreed one-month post-contract 'grace access' period, we remove the client's viewing permissions.

Our standard platform allows users access to the OccupEye dashboard, both throughout the duration of the study and also during the aforementioned one-month post-contract period. Ongoing access to the platform may be agreed at additional cost.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 7
  • Internet Explorer 8
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The responsive design of OccupEye's HTML5 reports provides users with an equally comprehensive experience via both mobile and desktop devices.
Service interface
No
API
Yes
What users can and can't do using the API
Users are able to make either live or retrospective data calls against location IDs and any or all other relevant locational metadata.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
All SaaS reports, including live space availability, may be customised with the client's logo and text and user/data accessibility is highly customisable.

Scaling

Independence of resources
OccupEye provides a service to enterprise users across the globe. Our systems and processes have been designed to operate at a capacity beyond realistic, existing and predicted demand.

Analytics

Service usage metrics
Yes
Metrics types
The OccupEye dashboard allows the administrator to both control and monitor service usage. This may be in the format, for example, of an access log. Service uptime is consistently monitored via our technical and support teams.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
No
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
Physical access control, complying with another standard
Data sanitisation process
No
Equipment disposal approach
A third-party destruction service

Data importing and exporting

Data export approach
Data may be exported via the browser SaaS platform, requiring only the application of relevant filters and confirmation of export platform preferences. This is possible in .pdf, .png and. excelcs.
Data export formats
  • CSV
  • Other
Other data export formats
  • PDF
  • Excel
Data import formats
  • CSV
  • Other
Other data import formats
  • PDF
  • Excel
  • Dwg

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability
We guarantee 99.5% availability.

The appropriate service level agreements, along with details of our service credits structure, are provided during contracting.
Approach to resilience
OccupEye uses a world-class, ISO 27001-accredited UK datacentre, thus guaranteeing redundancy, security (both cyber and physical) and disaster recovery. This resilience is reviewed regularly so as to ensure that we continue to deliver the optimum level performance.

Further specific details regarding our datacentre set-up is available on request.
Outage reporting
OccupEye features an intuitive and detailed user notification system. In addition to outages reported via the main SaaS dashboard, notifications are also sent via e-mail.

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
User access may be restricted by either OccupEye technical staff or by the client's designated administrator. The access rights are allocated per user, between secure HTTPS password and user name authorization.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyds Register/UKAS Management Systems
ISO/IEC 27001 accreditation date
24/01/2021
What the ISO/IEC 27001 doesn’t cover
This certification is held by our external datacentre and certifies compliance in all areas of physical and electronic datacentre security. This is in addition to the criteria specified on the certificate itself, namely the provisioning and support of internet connectivity, IT security and managed network and hosting services.
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Our Technical Director has overall responsibility for information security across the company. Defined roles and responsibilities are then outlined and split amongst the Technical Director's senior technical / data-exposed staff, as outlined within our internal policy documents. Our directors ensure that our policies, processes and general high standards are adhered to at all times.

Both our policies and processes are regularly audited and challenged as part of our on-going ISO 9001:2008 quality management systems programme. We count some of the most data-sensitive organisations in the UK amongst our existing user base; as such, we take our commitment to information security extremely seriously.

All our technical work processes, including the handling of client data, are documented and form part of staff induction and annual refresher training sessions; these are delivered both internally and via external professional partners. Our documented processes form part of our ISO 90001:2008 quality management audit requirement.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
As befits the manufacturers and providers of a world-class solution, we constantly monitor our service - and the components therefore - to ensure that we continue to perform to the very highest standards.

We are dealing in an ever-changing world and so continuously track our service and general offer, allowing us to keep pace with innovation. In over 30 years of business, we are proud of our processes that help us continue to provide the very best service to our customers.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
We use the Sophos integrated suite of security software.
Sophos Anti-Virus detects and cleans up viruses, Trojans, worms, and spyware, as well as adware and other potentially unwanted applications. HIPS (Host Intrusion Prevention System) technology can also protect your computer from suspicious files and rootkits. In addition, Malicious Traffic Detector can detect communications between your computer and command and control servers involved in a botnet or other malware attack.

OS patches are applied as they are provided by the author, Microsoft.

Further details of vulnerability testing can be provided on request.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
As referenced above, OccupEye uses the Sophos integrated suite of security software.

We pride ourselves on our ability to identify possible risks and full details of our responses, including affirmation of our swift reactions, are provided to the client at the outset of the contract. In any case, such information is available on request.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
As part of our staff induction and training, all data and systems-exposed staff are made aware that any breach of data security is to be reported immediately to their direct line manager. Each line manager is then responsible for communication of the relevant incident immediately once informed via the relevant senior company director.

Any breech of client data would be reported to the client at the very earliest opportunity, with any implications explained fully as we would understand them at the time.

In over 30 years of business, our organisation has not suffered a single breech of systems or data.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Pricing

Price
£2.00 to £35 a unit a week
Discount for educational organisations
Yes
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at rdobie@fmsystems.com. Tell them what format you need. It will help if you say what assistive technology you use.