mpro5

mpro5

mpro5 mobile platform including biometric Time & Attendance, IoT, Job Scheduling, Asset Management, Health & Safety, NHS mobile Auditing, and Data Capture on iOS, Android, and Windows 10.

Features

  • Mobile Job Scheduling with Digital Signature
  • Mobile Workflow with Digital Signature & Photos
  • Real-time reporting
  • GPS Tracking & Geofencing
  • Internet of Things (IoT sensors)
  • Real-time alerting
  • Document Storage and Mobile Document Viewing
  • Invoicing completed Jobs / Workflows
  • Asset Management
  • Time and Attendance (Biometric or PIN based)

Benefits

  • Complete jobs on the move
  • Guide users through configurable workflows on tablets and smartphones
  • Get notified by email, SMS, and push notifications
  • Connect IoT sensors to get real-time data
  • Automatic scheduling and alerting based on IoT data
  • Invoice based on completed workflows and jobs automatically
  • Give users the documentation they need out in the field
  • Use real-time, interactive dashboards to analyse the data captured
  • We help you configure the system as you need
  • UK-based support available by default

Pricing

£995 to £100000 per instance per month

  • Education pricing available
  • Free trial available

Service documents

Framework

G-Cloud 11

Service ID

9 6 2 4 4 9 7 3 1 9 6 9 3 1 5

Contact

mpro5

Luke Jeffrey

01892 542444

luke.jeffrey@crimsontide.co.uk

Service scope

Software add-on or extension
Yes, but can also be used as a standalone service
What software services is the service an extension to
We offer out of the box APIs to enable you to integrate with our systems.
Systems already used are:

SAP
Great Plains
Sage Line 50 - Sage 200
Bespoke Applications
Cloud deployment model
  • Public cloud
  • Private cloud
Service constraints
Our service runs on Microsoft Azure's cloud in the UK datacentres as needed.

We support Android and iOS mobile devices using current & last versions of their operating systems.

We recommend using Chrome for accessing the mpro5 web client.
System requirements
  • IOS 10+ for Apple Devices
  • Android 6+ for Android Devices (Samsung recommended)
  • Google Chrome recommended for web client

User support

Email or online ticketing support
Email or online ticketing
Support response times
We aim to respond to all requests within an hour.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
We respond to all tickets within 1 hour (not automated)

We aim to close all support issues where practical within 24 hours and configuration changes up to 5 days (dependent upon complexity)
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Mpro5 is a full premium service, we offer training included in our pricing. For onboarding we normally offer a configuration session and a training session on-site once configured.

We offer to undertake data imports for our customers as needed to get them up and running as quickly as possible.

Additional training is available on request.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Users can extract their data using the mpro5 website, or alternatively request a BACPAC file from the technical team.
End-of-contract process
At the end of the intial term, mpro5 automatically becomes a rolling month to month contract. At this point, a customer can request termination or renewal accordingly. A backup of data (BACPAC) can be made available at no extra charge, or a user can export data through the website.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install
Yes
Compatible operating systems
  • Android
  • IOS
  • Windows
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
Mobile devices are used for data capture and completion of the jobs / workflows themselves.

Web browsers are used to configure the workflows, schedule the jobs, and view reports.
Service interface
Yes
Description of service interface
The service interface is a portal to our JIRA Service Desk platform.
From here, users can raise and updated their service issues as needed alongside receiving automated notifications from our service team.
Accessibility standards
None or don’t know
Description of accessibility
Users are able to access the service via web browser, or mobile application.

The web browser allows for configuration of the mpro5 platform and the mobile client allows for completion of tasks governed by the web client where needed.
Accessibility testing
We have tested the interface on the mobile device for integration to Siri and Samsung talk.
API
Yes
What users can and can't do using the API
Using the mpro5 API, it is possible to configure the entities of the mpro5 system ranging through Customers, Sites, Locations, Contracts, SLAs, Jobs and in some cases Users.

The API can also be used for completed data retrieval by third party systems, for example, accessing all the completed jobs for a given day and updating another application with the details of completion recorded by mpro5.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
Mpro5 can be configured for different scenarios - we have users ranging across many industries from Facilities Management to Healthcare.

If any request cannot be configured by the service team, the customer can ask for bespoke development which is assessed and quoted on a case by case basis.

Scaling

Independence of resources
Every mpro5 customer exists within their own 'silo' within the mpro5 cloud running on Microsoft Azure. We use real-time scaling to ensure that additional load does not impact existing customer experience. This also enables us to cope with peak periods.

Analytics

Service usage metrics
Yes
Metrics types
Mpro5 monitors usage of the application from completed requests to active users. This could be:

Jobs Completed
Workflows Completed
Users Active
Users Logged In
Inactive Users
Overdue Jobs
Jobs inside SLA
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
All mpro5 data is stored in the Microsoft Azure cloud and encrypted at rest
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Every grid within the mpro5 web client has an Export button that is controlled by permissions. You can choose to export data as needed on an entity by entity basis.

Specific data exports can also be made as reports, or if necessary, requests can be completed by our service team.
Data export formats
  • CSV
  • ODF
  • Other
Other data export formats
  • Excel
  • Word
  • TIFF
  • XML (via API)
  • JSON (via API)
Data import formats
  • CSV
  • Other
Other data import formats
Excel

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Legacy SSL and TLS (under version 1.2)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
We offer the Microsoft Azure uptime guarantee of 99.99%
Approach to resilience
Mpro5 is incredibly resilient thanks to using Microsoft Azure PaaS.
Each mpro5 database runs in triplicate with real-time failover.
Each mpro5 API service runs across distributed hardware both physically and geographically.
We use the Dublin and UK Azure Datacentres.
Outage reporting
We use social media to communicate with the majority of our clients, our standard mechanisms are:

Twitter
LinkedIn
Direct Email
Through the mpro5 web client 'home' screen

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
At any point within mpro5, a user can change their password or request for it to be reset via the support team. Users of mpro5's passwords are salted and hashed meaning no clear text equivalent exists.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
The British Assessment Bureau
ISO/IEC 27001 accreditation date
7th January 2016
What the ISO/IEC 27001 doesn’t cover
Microsoft Azure Infrastructure (separately and directly certified by Microsoft)
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Other security certifications
Yes
Any other security certifications
SSAE16 Type II

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
We have a full ISMS 27001 Document available on request that details all of mpro5's policies and processes.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration changes to your mpro5 system can be made by requests to our service team. Each change is discussed with the end user prior to implementation to ensure correct delivery.

Changes (new development) are raised through feature requests and are assessed as described in our ISO27001 process which evaluates any security considerations.

We also ensure that new changes are covered in our annual penetration tests for external verification of security.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We implement Microsoft Azure's real-time threat detection services to monitor the mpro5 infrastructure. This covers intrusion at the database level as well as the software layer.

Patches to the mpro5 Azure infrastructure are deployed immediately by Microsoft directly.

Patches to the mpro5 software are release immediately once available. If a patch is deemed low priority or not concerning security, this will fall into a monthly or quarterly systems upgrade.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Again, using real-time intrusion detection we are monitoring the mpro5 environment constantly.

When notified of a potential compromise, the security team at mpro5 is notified who then assess the notification to be true or a 'false-positive' before recommending remedial action to the support team.

We respond within an hour to incidents and aim to close any high priority issues the same day.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Our incident management conforms to our ISO 27001 and SSAE16 documentation.

Users can report incident by email, telephone, or using the online support portal.

When incidents are reported, case numbers are assigned and we respond to those cases directly within the support portal. This portal gives our users full end-to-end visibility of all incident reports and their statuses in real-time.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Pricing

Price
£995 to £100000 per instance per month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
We offer a demonstration version of mpro5 direct from the app stores that is limited to an agreed scope.

Service documents

Return to top ↑