Enable My Team - Asset Information Management System
EMT is a web-based asset information management system (AIMS), allowing you to track, capture, verify and handover asset data for a construction project or maintenance scheme. Visualise asset relationships and compare back to baselines to capture changes. A mobile app is also available to capture site and verify assets.
- Asset information management system
- Integration to CDEs
- Integration to GIS
- Integration to BIM models
- Relationships between assets
- Scalable platform
- Real time reporting
- iOS mobile app (includes offline mode)
- Browser based including remote access
- Collaborative working
- Capture asset data in the field or office
- Integration into enterprise systems
- Scalable for any size project
- Exporting and importing of data
|Software add-on or extension||No|
|Cloud deployment model||Private cloud|
The asset information management platform is browser based and will work on all major browsers (Microsoft Edge, Firefox, Google Chrome, Safari). There is also an iOS mobile app.
Other solutions are more bespoke to specific client's needs.
|System requirements||Please see Service Definition Document|
|Email or online ticketing support||Email or online ticketing|
|Support response times||All questions are responded to within 24 hours.|
|User can manage status and priority of support tickets||No|
|Web chat support||No|
|Onsite support||Yes, at extra cost|
|Support levels||All customers will receive access to our support team who will respond within 24 hours. Additional support is normally bespoke depending on the client's needs. We can provide additional offsite resources, consultancy days where a technical account manager will visit the client, or even a permanent resource on larger, more complicated projects.|
|Support available to third parties||Yes|
Onboarding and offboarding
|Getting started||Clients can provision the service by entering a few service parameters (ex: client corporate domains) and a list of client administrators for the service. Provisioning of the service environment happens autonomously. This may take from a few minutes to an hour depending on input service parameters. This process also creates accounts for administrators who are notified by email. Their email address must match one of client domains for security. Once administrators activate and secure their accounts (2-step verification), next step is configuration of the service as per client requirements. This configuration can include integration with clients existing asset configuration, integration with client enterprise systems and their other cloud based softwares. At this point, we will be in touch with the client to arrange an online Webinar or onsite training session. The goal is to understand and align with client goals so the system is configured accordingly. We tend to work closely with client administrators during this phase. Additionally, the platform has documentation to help users get started on the platform. Administrators have more documentation on how to add and manage regular users. There are also guidance videos available online while provide visuals with step-by-step commentary.|
|End-of-contract data extraction||
Users can extract all their data including users, groups, configuration, assets and attachments/documents in four main ways at the end of a contract:
- Using built-in export options : The platform allows exporting of data in multiple formats: JSON, Excel, MySQL, ZIP.
- API : Data within the platform can be accessed through our API. The REST based JSON API can then be used to export and integrate data with any other client system or database.
- Contact our support/service desk : Our support team will export the data for the client and arrange for a handover.
- From Backups : As a minimum automatic data backups are taken every 24 hours and backed for the last 30 days are stored. Client data can be extracted from these backups.
This is a rolling contract.
However when the contact is terminated, the following end of contract process applies: Client is the owner of their data and all their data including users, groups, configuration, service specific data and attachments/documents can be extracted from our service at the end of the contract. Data extraction can be done by the client or by our support team by sending a data extraction request to our service desk. Once contract has been terminated and data extracted, we will terminate the service environment for the client including all user access. Data will be disposed as per our data disposal policy. The timing of this disposal and all other data backups will depend on our SLA and terms with the client.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||There is a dedicated iOS app available for iPhones and iPads. The browser service contains more admin features, but both the app and the browser provide the same data capture features. The app also includes a barcode scanner for use with QR / DM codes for asset management and labeling.|
|What users can and can't do using the API||We have an API for integration purposes. We can integrate with EDMS systems, BIM softwares, GIS softwares, CMMS softwares, Enterprise integrations with Azure, Databases and general file based formats such as Excel.|
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||The asset management platform is customisable for each project. The asset breakdown structure and configuration will be unique for each user. They can customise configurations, location hierarchies and analytic visualisations.|
|Independence of resources||Users will have dedicated environment's for their projects. The platform has been designed for horizontal scaling, so we can add more power to the service if the demand requires. We are experienced in scaling our system and we already experience dealing with millions of assets and attributes across numerous projects.|
|Service usage metrics||Yes|
Number of unique active users
Numbers of total requests
Breakdown by request types
Peak requests & times
Total number of objects (assets, documents & attachments) in the system
Activity by duration
|Supplier type||Not a reseller|
|Staff security clearance||Conforms to BS7858:2012|
|Government security clearance||Up to Security Clearance (SC)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||United Kingdom|
|User control over data storage and processing locations||Yes|
|Datacentre security standards||Complies with a recognised standard (for example CSA CCM version 3.0)|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a CHECK service provider|
|Protecting data at rest||
|Data sanitisation process||Yes|
|Data sanitisation type||
|Equipment disposal approach||Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001|
Data importing and exporting
|Data export approach||Our system can integrate with a number of different software and platforms. This can include facilities management software to transfer all data at the end of a project. Alternatively, data can be exported to excel files or transferred to a sql database.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||TLS (version 1.2 or above)|
Availability and resilience
As per our SLA, we guarantee 99.99% of uptime. Uptime is measured the using our automated systems, over each calendar month. It is calculated to the nearest minute, based on the number of minutes in the given month (for instance, a 31-day month contains 44,640 minutes). A report containing these measurements will be validated and issued to the Client on a monthly basis. Client will also have access to an online portal which will show daily, weekly or monthly report on a number of cloud parameters:
Service Response Time
If uptime for any item drops below the relevant threshold, a penalty will be applied in the form of a credit. This means the following month’s/work package's fee payable by the client will be reduced on a sliding scale. The level of penalty will be calculated depending on the number of hours for which the service was unavailable, minus the downtime permitted by the SLA ie: routine maintenance as agreed in advance with client.
- Penalty per hour is 5% of total order/work package fee.
- Uptime penalties in any month are capped at 50% of the total order/work package fee.
|Approach to resilience||Available upon request.|
The service includes a dashboard with ....
Client will also have access to an online portal which will show daily, weekly or monthly report on a number of parameters for servers in EMT cloud:
Service Response Time
Identity and authentication
|User authentication needed||Yes|
|Other user authentication||SAML based Identity federation using client's own enterprise systems/user directory as an identity provider.|
|Access restrictions in management interfaces and support channels||
Security, User roles & groups management is built into the platform to ensure right people get the right level of access including special groups & roles for access to management interfaces and support channels. Features include:
- Highly granular level of control over user access
- Option of requiring 2-step user verification every time a user signs on through an unrecognised device
- Strong authentication & password policy: Enforced password changes and automatic session timeouts
- Option to set acceptable IP ranges from which users may log in
- Periodic & demonstrable Web application security, penetration and access controls test
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||
|Description of management access authentication||Single Sign On - SAML based authentication to client enterprise systems|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||User-defined|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||User-defined|
|How long system logs are stored for||User-defined|
Standards and certifications
|ISO/IEC 27001 certification||Yes|
|Who accredited the ISO/IEC 27001||ISO Quality Services Ltd|
|ISO/IEC 27001 accreditation date||12/09/2018|
|What the ISO/IEC 27001 doesn’t cover||NA|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Other security certifications||Yes|
|Any other security certifications||Cyber Essentials Scheme|
|Named board-level person responsible for service security||Yes|
|Security governance certified||Yes|
|Security governance standards||ISO/IEC 27001|
|Information security policies and processes||
Our Information Security Policy is based upon the International Standard ISEC/ISO 27001 the Code of Practice for Information Security Management and ISEC/ISO 27002. This policy defines to all staff, suppliers and partners how the Company will secure electronic information, which is found within:
• The Company’s IS/IT infrastructure.
• Key Business System data and information.
• Security of information held in electronic form on any Company computer.
This policy subject to annual review is owned by the Company and is maintained, reviewed and amended by the IT Manager in accordance with Company policy, procedures and guidance.
The IT Manager will maintain and monitor, at six monthly intervals, reports of records of electronic security incidents. Reports will be considered by the Company. It will then be decided if further action or investigation is required. The Directors of the Company are ultimately responsible for ensuring that adherence to this policy is observed and for overseeing compliance by users under their direction, control or supervision. Each user is responsible for their own actions and must ensure all actions relating to using the Company network and IT Services adheres to the principles and requirements of this policy.
|Configuration and change management standard||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Configuration and change management approach||
Our Configuration & Change management policy helps in tracking the components of our services through their lifetime ex: Firewall & Gateways, Network, Services (database, middleware & front-end services), Apps and Documentation. This policy includes:
Baseline and release information
Audits & Review
Build, Integrate, Deploy Scripts
Standardisation of process and its implementation is key. Users requesting changes are required to submit a change management plan. This plan includes impact to Security. The plan must then be approved by multiple teams including Information Security (IS). Any change impacting Security must demonstrate results of adequate testing of IS impact.
|Vulnerability management type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Vulnerability management approach||A dedicated Security Officer is responsible for our vulnerability management process assisted by a Vulnerability Engineer who configures vulnerability scans and information updates from latest security bulletins. We use a thoroughly tested and market leading vulnerability scanning vendor. Scans are tuned to limit the amount of false positives and regular scanning ensures new vulnerabilities are detected in a timely manner. An IT Systems Engineer is responsible for implementing remediating actions, testing and deploying patches while working closely with the IT asset owner. Scanning configuration is regularly updated with latest updates from the vendor to include new potential threats.|
|Protective monitoring type||Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402|
|Protective monitoring approach||Our Protective Monitoring combines process and technology, detecting and alerting on operational and security issues related to a wide range of compliance and risk concerns. We use 3rd party SIEM system which provides out-of-the-box packages, including GPG 13, SOX, HIPAA, GCSX. We conduct automatic analysis and pattern recognition of all log data, maintaining constant vigilance for multiple attack vectors that, when combined, may indicate an APT-style attack. Our Security officer and IT asset owners get alerts on individual and broader malicious event sequences simplifying remediation and helping mitigate risk quickly.|
|Incident management type||Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402|
|Incident management approach||We have an incident management process to restore normal service operation as quickly as possible and minimise the adverse impact on business operations. We also have a service desk in place with proper arrangements of interface between incident management. We use an ITIL compliant web based software tool accessible by all users. Users can submit incidents this tool or by email to a dedicated service desk email address. Service desk requests deemed as incidents are directed to Incident management. Once resolved, an incident report is sent to Security, Asset owner and users. We maintain an audit history and incident log.|
|Approach to secure software development best practice||Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)|
Public sector networks
|Connection to public sector networks||No|
|Price||£2000 per unit per month|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||
Free trial includes:
- Full functionality
What not included:
- No data backups. Data storage limited to 20Gb. Recommend not uploading confidential data. Only for feature & stress testing using non-sensitive or cleansed data
- No SLA
- Limited for 30 days for 5 users
- No enterprise integration
|Link to free trial||https://demo.enablemyteam.com|