IBL Software Engineering, spol. s r.o.

Observation OGC EDR Environmental Data Retrieval API Cloud Transformation

Cloud processing of weather observations and other meteorological data transformation into Open Weather Elastic Observation Database and providing Open Geospatial Consortium OGC Environmental Data Retrieval EDR API.

Features

• Weather data access
• Scalable Environmental Data Retrieval API EDR
• Meteorological observation transformation

Benefits

• Unified API for different meteorological data types

£10,000 a licence

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@iblsoft.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

202331131901382

Contact

Martin Franek
+421-2-3266211
sales@iblsoft.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: EDR API 1.0
• System requirements: Serverless computing

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard support is next business day.; 24/7 is also available
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 A
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: E very important part of IBL portfolio represents providing of software maintenance and support to guaranty round-the-clock operational availability via phone and internet including installation of newest upgrades and updates to our customers. Various types of maintenance are available 9/5, 9/7, 24/7. Cost of this service depends on the software configuration of the system.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: We offer initial setup, onsite & online training, consultations, user documentation, configuration
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users can export database content
• End-of-contract process: We will help assist with data export

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: RESTful API in accordance to OGC Environmental Data Retrieval EDR API.; Users can access api using Open API interface (Swagger)
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Data conversions, input data formats, attribute mapping, content of collections

Scaling

• Independence of resources: User have separate operational environments

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: No
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data is stored in a database, which can be dumped to a file; Configuration is stored in version control (git)
• Data export formats: Other
• Other data export formats: SQL Dump
• Data import formats: Other
• Other data import formats:
  • METAR, TAF, SPECI
  • SYNOP, SREW, BUFR
  • PILOT, TEMP
  • ATD, LEELA
  • BUFR, RADAR, HDF5, NetCDF
  • HRIT, LRIT, XRIT, GeoTIFF

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 24x7x365 availability, SLA 99% guaranteed availability, service credits applied
• Approach to resilience: Architecture - dependent, available on request
• Outage reporting: Email alerts

Identity and authentication

• User authentication needed: No
• Access restrictions in management interfaces and support channels: In our case it applies only to support channels accessed via users Jira Service Desk, where access is managed on individual user basis.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: TÜV SÜD Slovakia s.r.o.
• ISO/IEC 27001 accreditation date: 04/08/2024
• What the ISO/IEC 27001 doesn’t cover: Fully covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: In alignment with ISO 27001 and Cyber Essentials Plus, our information security policies focus on risk management, access control, data protection, incident management, designed to protect our data, infrastructure, and digital assets from unauthorized access, disclosure, alteration, and destruction.. ; We follow a structured reporting system where the Information Security Manager oversees the implementation of security policies and reports directly to the CEO. Our team, comprising IT security, compliance, and risk management specialists, ensures these policies are enacted across all departments.; ; To guarantee these policies are consistently followed, we conduct regular audits, provide continuous employee security training, and have a detailed incident response plan in place. This framework not only ensures compliance with international standards but also underpins our commitment to safeguarding our digital assets and maintaining trust with our stakeholders.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Our configuration and change management processes ensure rigorous tracking and assessment to maintain service integrity and security. We track service components through their lifecycle using a centralized management system that records all configurations and changes. This enables us to quickly identify and address issues. Changes are thoroughly assessed for potential security impacts through a structured review process, which includes risk analysis and testing before implementation.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We utilise Amazon Inspector to inspect threats. Patches are deployed depending on agreement with a buyer.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our protective monitoring may employ AWS GuardDuty and Amazon Inspector for threat detection and vulnerability assessments. Alerts trigger notification to our support via Jira Service Desk, initiating response protocols. This approach ensures proactive risk management. Deployment specifics, including tool selection and processes, are tailored according to agreements with each buyer, allowing for customization to meet specific security requirements.
• Incident management type: Supplier-defined controls
• Incident management approach: We have defined Maintenance Process and User Support Process which deals with this.Incidents can be reported through IBL Jira Service Management. Incidents reports are provided based on rules agreed with the Buyer.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  IBL Software Engineering is a tech organisation where sustainability is embedded through knowledge, engagement, collaboration and innovation. It is an integral part of our operations and part of our commitment to be Net Zero by 2050.

  Tackling economic inequality

  Through the creation of new employment opportunities and the enhancement of skill sets, our aim is to enhance social mobility by offering employment and fostering heightened awareness of opportunities within the region.

  Equal opportunity

  We are committed to reducing the disability employment gap and tackling inequality in the workplace.

  Wellbeing

  We take an organisational approach to wellbeing to create a positive, healthy environment which allows employees to thrive, achieve and feel valued.

Pricing

• Price: £10,000 a licence
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: IBL Software Engineering offer a three-month trial license for free trial. Basic settings are included within the offer. However, the three-month trial license offer does not include any additional customized settings for the customer. Such requests are assessed individually, and IBL reserves the right to charge for them.

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@iblsoft.com. Tell them what format you need. It will help if you say what assistive technology you use.