EST Solutions

Environmental Monitoring software - Liberator Environmental Monitoring

The Liberator Environmental Monitoring software is a market leading module forming part of the Liberator suite of products. Liberator Environmental Monitoring can be used independently of other Liberator products. It is very easy to set up, configure and use and offers clients and their customers great efficiencies.


  • Open, modern and secure digital business platform
  • Easy to set up, flexible about how it is used
  • Comprehensive enterprise level content management
  • Secure sharing of digital content
  • In built system governance for audit and compliance
  • Browser based with no specialist plugins required


  • Accelerates the throughput and the flow of work
  • Increases the accuracy of content
  • Enhance the ability to deal with things first time
  • Fast links for users to relevant data/evidence
  • Enables self service
  • Responsive to changing circumstances
  • Reduces Risk


£1000 to £2500 per user per year

Service documents

G-Cloud 10


EST Solutions

Simon Meyer


Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to Liberator is a suite of public sector software modules for the Environmental Monitoring module commonly used additional modules would include;
Web/IVR Payments
Online Reps and Challenges
Smart Response
Dynamic Mapping
Mobile Worker Manager
Virtual Permits
Environmental Enforcement
Enhanced Reporting
Infographics Pack
Street Scene Management
Removal and Pound Management
Cloud deployment model Private cloud
Service constraints Tested for compatibility with:-
Desktop: Chrome 45+, Firefox 51+, MSIE 9+, MS Edge, Safari 10+
Mobile (IOS 9+ or Android Jelly Bean+): Chrome, Safari, Android

There are no routine service shutdowns, planned maintenance and upgrades are done on a schedule agreed with clients.
System requirements
  • Internet Connectivity
  • Browser (no plugin required)

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Generally we work with clients to establish an individual service level agreement that its the needs for their services. Within this different types of support requirements have different response times. This approach allows for tailored solutions that deliver what the clients want rather than what we dictate.
The SLA generally follow a standard 4 priority classification with each classification having its own set response time.
We will try and deal with most incoming support logs on a near as real time basis as we can, irrespective of the categorisation and set SLA.
User can manage status and priority of support tickets Yes
Online ticketing support accessibility WCAG 2.0 AAA
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support Web chat
Web chat support availability 9 to 5 (UK time), Monday to Friday
Web chat support accessibility standard WCAG 2.0 AAA
Web chat accessibility testing Tested with ZoomText
Onsite support Onsite support
Support levels Support is governed against individual SLAs and these are driven by our clients requirements. Having said this as a rule we offer several levels of support which includes:
web support
telephone support
onsite support
remote monitoring
Generally all support will be coordinated by a dedicated client manager and we encourage monthly support meetings.
Support will normally form part of the licensing or transactional costs but where a request falls outside of the agreement we would charge published daily rates.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Liberator is built to be intuitive and easy to use. The next actions users can make are often defined by the work flows that the clients build or that the legislation demands. However we provide a full range of training functions. We will agree with our clients set training plans and will provide certified training courses directly by our own staff. For London clients we often train in our Euston facilities though are very happy to use clients accommodation. Often our initial training will be to super users in preparation for UAT. Once UAT is completed often the super users will cascade training to their colleagues. We will provide early day floor walking services to help users over the initial trepidation often felt when faced with a new system. This "hand holding" flowing close to initial training and UAT, is often all that clients ever need from us. But we are always available to offer training services if this is required. training is support with manuals/fact sheets and can include online resource like "how to" videos. These are especially helpful for customer facing applications.
Service documentation Yes
Documentation formats
  • PDF
  • Other
Other documentation formats Training Videos
End-of-contract data extraction At the termination of the contract we would work with the users to understand the export requirements they have. Usually this involves another supplier and we would work alongside them to export the data in a suitable format to enable the data to be migrated into the new system quickly and efficiently.
End-of-contract process We can leave the applications running and the clients can continue running them down, with or without support.

We can help to manage the transfer of data to a third party system.

Or in some cases where there is no propriety data involved the service will just be switched off.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 10
  • Internet Explorer 11
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service Web pages have been developed to be responsive and therefore automatically adjust to size of a mobile device display.
Accessibility standards WCAG 2.0 AAA
Accessibility testing Basic Alfresco is WCAG compliant. This means that our extensions either are, or could be. We can utilise utilise "High contrast" themes which is designed for accessibility.

Having said this many of the screens are constructed using user led design. Delivering enhanced user experience has been a major driving factor for the business thus far. This means that is some circumstances we diverge from the standard platform and build features in a bespoke manner to our clients needs.

In these instances we will need to assess the operational requirements and necessities around WCAG compliance and look to revert or rebuild this functionality around WCAG standards. Depending on the scope of the works involved this may attract a fee.
What users can and can't do using the API Users can interact using the REST and SOAP services with our application. This is not exposed on the public internet and customers would require a secure VPN connection before they could access it. We offer API for the loading of tickets, viewing of tickets, paying for tickets and loading of inbound correspondence. Other API points are available but these are low level and we would not encourage use and only then support on time & materials basis.
API documentation Yes
API documentation formats PDF
API sandbox or test environment Yes
Customisation available Yes
Description of customisation Generally we will set up branding and client style guides at the start of the contract so that all landing pages are client branded, all public facing pages are branded and built in accordance with the clients style guides. Typically we will also set up things like the workflows to the clients specific rules. We will also set up templates for out going correspondence for both postal and digital communications. Most clients will want us to set up banner branding on other outputted features like reports packs. We also tend to establish the layout of the users landing pages and arrange the dashlets in accordance to client instructions. These can be changed by end users if they are given permission. End users can create the content for their own reports via inbuilt filters or via making queries, depending on their skill levels and the procurement options selected. End users can also completely edit outgoing correspondence using standard word processing type skills. In doing this they can draw from documents and media stored within the system and include these in the outgoing items.


Independence of resources On our internet connection we enable QoS (Quality of Service) to ensure enough bandwidth is available to the end users. We also use segregated infrastructure which means each client has their own dedicated servers running their system. This means that they are not affected by another authority putting strain on the system. Should we see the underlying infrastructure being strained we can easily scale up by either (a) providing additional resources to the VMs running the system or (b) add additional servers in a load balanced solution.


Service usage metrics Yes
Metrics types Most users will have a landing page that will contain their own performance metrics. these can be measured against a team average very easily, Supervisors have this team view and managers have a higher level view again. The dashboards are mostly dynamic and allow users to drill down into specific details from that first screen. Liberator has several associated reporting tools and this come with pre built standard reports. Reports can be run by authorised users or scheduled to run and be sent to individual email accounts. Bespoke reports can be ordered and there is a reports builder for clients.
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest Physical access control, complying with CSA CCM v3.0
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data importing and exporting
Data export approach There are several export routines within Liberator. These are generally set up to run automatically.

Where data is extracted for manipulation and MI purposes this is usually a one click process offering export to a wide range of formats including .csv .xml .txt.
Data export formats
  • CSV
  • Other
Other data export formats
  • Xml
  • Json
  • Txt
  • Xls
Data import formats
  • CSV
  • ODF
  • Other
Other data import formats
  • Xml
  • Json
  • Txt
  • Xls

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Our standard availability target is 99%, measured on a calendar month basis and not to include any planned downtime for system maintenance and the likes. Service availability will be defined under specific contract terms but will generally mean that a user under licence can access the system and retrieve information.
Where there are local issues that prevent access to the system any failure to be able to meet these conditions will not be deemed to be a breach of the SLA.
To monitor the service we will provide clients with our monitoring tool that shows the live status of all server availability.
Approach to resilience This is dependent on the the clients specific needs but where possible we ensure that we have no single points of failure. The physical servers all run RAID disk arrays and dual teamed network cards. The firewalls are setup in a cluster with one running at each site, this automatically fails over should the primary one experience an issue.

Data is replicated between 2 separate sites over a dedicated fibre point to point link.
Outage reporting We use both internal monitoring tools to monitor CPU, memory and disk space etc as well as external monitoring for our public facing sites. Should any of these monitoring tools detect an issue an email and SMS is sent to a number of people who can resolve the issue. In addition we also have a dashboard available on the internet showing the current status of our systems. These can be easily customised to allow our clients to see only the services that are of interest to them.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Users are added to security groups and all parts of the system are protected from users who are not part of the correct access groups. For example, only users who are a member of a specific security group would be able to reverse a transaction.
All user actions and document updates are audited (date/time/userID).
Access restriction testing frequency At least once a year
Management access authentication Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for User-defined
Access to supplier activity audit information Users have access to real-time audit information
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications No

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards ISO/IEC 27001
Information security policies and processes We run a robust information security policy that is designed to ensure that all of clients (and so their customers) data is protected at all times. The policy deals not just with the data itself but also extends to security around access to data. This is especially important to us as several of our services have both public facing web pages and involve remote lone workers using mobile devices. We build our system to be in line with legislative standards and to ensure that users have a compliant, safe and secure platform from which to work. The policy is a active part of our core behaviours as we understand that it protects both our clients and ourselves from reputational harm as well as protecting the data itself. It should be noted that for the policy to be effective it needs to dovetail with local client policies and procedures.

Operational security

Operational security
Configuration and change management standard Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach We work hard to ensure users are fully aware of changes, that they are trained or have factsheets etc. Generally we will manage and implement most of the initial system configuration, but we will do this this in close partnership with the clients mobilisation team and will rely heavily on them to supply the relevant data sets. Core elements of the service are monitored continually with either monthly KPI reports being used or some clients opting for our live system health checks. Clients IT teams are often involved in the change management process especially so when relating to local security.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We run our own penetration tests regularly using OWASP ZAP to ensure no vulnerabilities exist within our systems.

Upon identifying an issue we asses the risk and give the issue a priority. Priorities are assessed by the vulnerability and the number of our clients that it could possibly affect.

Information is obtained from a number of sources including Qualys Community and Dell Sonicwall.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach We use external penetration tools to help us identify potential compromises. If an issue is identified it is categorised High, Medium or Low.
Anything falling into the High category is immediately actioned and a fix sourced immediately.
Medium category issues are usually dealt with on a weekly basis.
Low category items are resolved on a monthly basis as part of the server maintenance routines.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Users report incidents via a web portal and these are logged directly in our Support Desk software. The software is configured with triggers that recognise common problems, and route them to the most suitable person or team. It contains a Knowledge Base, so that knowledge can be easily shared between team members.

We have strict processes for specific events e.g. Priority 1 issues, and these processes are regularly reviewed.

Clients can view the progress of issues on the web portal.

Incident Reports are run automatically and emailed to a nominated circulation list weekly.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Public Services Network (PSN)


Price £1000 to £2500 per user per year
Discount for educational organisations No
Free trial available No


Pricing document View uploaded document
Skills Framework for the Information Age rate card View uploaded document
Terms and conditions document View uploaded document
Return to top ↑