Secure Project Information Management Common Data Environment (PIM CDE)
The gliderbim Project Information Management Common Data Environment (PIM CDE) is an intelligent digital platform where all stakeholders can capture documents, data and models during the design and construction phases of a project. Achieve consistency, accessibility and traceability of all data for effective decision-making and successful project delivery.
Features
- ISO19650 process support with status driven workflows and naming conventions
- Best-in-class security and disaster recovery, with configurable access controls
- Collaborative document management system with version controls
- Task management for GSL and other task driven processes
- Unique information management module to verify and validate structured data
- View models, documents and drawings with the integrated viewer
- A 3D model viewer supporting IFC
- Progress reporting for O&M and data completeness tracking
- Integration API for third party applications
- COBie & IFC export tools
Benefits
- A modern user interface facilitates quick and easy adoption
- Maintain an immutable audit trail to support the Golden Thread
- Secure data sovereignty guarantees confidentiality and compliance
- Improved quality for project (PIM) to asset (AIM) digital handover
- A structured approach to fulfilling complex Exchange Information Requirements (EIR)
- Enhance reporting and business intelligence capabilities with metadata driven processes
- Gain complete visibility of Building Safety as the project progresses
- Reduce document downloads with powerful search and viewing functionality
- Version control for confidence that right information is being used
- A single source of information for managing BIM and documents
Pricing
£495 a licence a month
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 2 0 3 1 3 1 6 6 7 5 3 2 9 9
Contact
Glider Technology Ltd
Nick Hutchinson
Telephone: +44 203 8268 001
Email: info@glidertech.com
Service scope
- Software add-on or extension
- No
- Cloud deployment model
-
- Public cloud
- Private cloud
- Community cloud
- Service constraints
- None
- System requirements
- Modern web browsers which support WebGL (Edge, Chrome, Firefox etc)
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Please see section 11 of our Service Definition document for details of support response times.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
The gliderbim® licence fee includes standard telephone and helpdesk support for the number of user licences included in the order.
Each gliderbim® order is assigned a Glider Account Manager.
All users have access to the support team via the telephone and email helpdesk facility.
The support telephone and email helpdesk is accessible Monday to Friday inclusive from 8:30am to 5:30pm GMT excluding UK bank holidays.
The support team will assign one of the priorities below to each support request:
+ Priority 1: a business-critical feature of the software service is unavailable to all users, and consequently users are unable to continue with their normal course of business.
+ Priority 2: an important feature of the software service is unavailable to all users, which is a significant inconvenience, however does not prevent users from continuing with their normal course of business.
+ Priority 3: a feature of the software service is unavailable to one or more users.
+ Priority 4: a feature of the software service is either unavailable or not performing as it should, but is causing minimal business impact.
Support requests shall be escalated should the customer not agree with the prioritisation of the request. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- Training is delivered online and tailored to suit the requirements. Training can also be delivered onsite on request at an additional cost.
- Service documentation
- Yes
- Documentation formats
-
- HTML
- End-of-contract data extraction
-
Gliderbim® provides automated export functionality for the following:
+ BIM Models in IFC format
+ Asset registers in Excel, CSV, IFC formats
+ Documents in their native file format
+ COBie data in compliant Excel format
Glider Technology can also provide digital archives on external hard drives to be shipped directly to the Buyer on request, at an additional cost. - End-of-contract process
-
Upon termination of the Software-as-a-Service subscription, the following option is available for archiving of data (subject to contract):
At an additional cost, all model files, documents and schedules of asset data can be exported from gliderbim® and provided in a standardised format to the Customer via an external hard drive compatible with Windows or OSX operating systems. The hard drive can be encrypted as an additional option if required.
In the absence of any specific archiving instructions, customer data will be retained for a period of 12 calendar months after the subscription termination date before being destroyed.
Using the service
- Web browser interface
- Yes
- Supported browsers
-
- Internet Explorer 11
- Microsoft Edge
- Firefox
- Chrome
- Safari
- Opera
- Application to install
- No
- Designed for use on mobile devices
- Yes
- Differences between the mobile and desktop service
-
There is no differences in functionality.
The User Interface is responsively designed to suit the browser's screen resolution. - Service interface
- Yes
- User support accessibility
- WCAG 2.1 AA or EN 301 549
- Description of service interface
- The service is entirely web browser-based and has many user interfaces to access, store, process, track and download information.
- Accessibility standards
- WCAG 2.1 AA or EN 301 549
- Accessibility testing
- No testing carried out to date. This will be done by November 2024
- API
- Yes
- What users can and can't do using the API
-
The gliderbim® RESTful API is not available by default to users.
The gliderbim® RESTful API can be made available to the Buyer for specific purposes to be agreed with the supplier in writing. These purposes are usually regarding an integration with third party software. - API documentation
- Yes
- API documentation formats
- API sandbox or test environment
- Yes
- Customisation available
- Yes
- Description of customisation
-
Gliderbim® is customised by the Buyer to meet the requirements of each individual project. Specifically, the Buyer can customise the following:
+The Digital Plan of Work module to suit the asset data requirements of the project,
+ The Asset Register data schema verification rules
+ Verifications rules for model/data imports
+ Project and asset data taxonomies for project file naming, metadata and asset data definitions
+ Export formats for models and schedules of data
+ O&M Manual templates
+ Room Data Sheets
+ Commissioning Test Sheets
Scaling
- Independence of resources
-
Each project gets several distinct databases. This ensures that if a write lock escalates to a full-table lock, it does not affect other projects.
We have automatic monitoring systems that look at system load and trigger new servers to be launched, in the event that a processing queue becomes backed up for example.
Analytics
- Service usage metrics
- Yes
- Metrics types
-
A number of usage metrics are available for example:
+ Number of users
+ User details
+ Document storage - Reporting types
- Reports on request
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
-
- United Kingdom
- European Economic Area (EEA)
- User control over data storage and processing locations
- Yes
- Datacentre security standards
- Managed by a third party
- Penetration testing frequency
- At least once a year
- Penetration testing approach
- ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
- Protecting data at rest
-
- Physical access control, complying with SSAE-16 / ISAE 3402
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Data importing and exporting
- Data export approach
-
Users can export data from the platform via the following means:
+ Export the asset register to Excel/CSV
+ Export the asset register to COBie compliant Excel document
+ Export IFC/IFC.zip models with or without asset data pushed into the model
+Export all documents in their native format - Data export formats
-
- CSV
- Other
- Other data export formats
-
- COBie
- IFC (Industry Foundation Class)
- IFCZIP
- Microsoft Excel (.xlsx)
- Data import formats
-
- CSV
- Other
- Other data import formats
-
- COBie (Excel)
- IFC (Industry Foundation Class)
- IFCZIP
- Microsoft Excel (.xlsx)
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- TLS (version 1.2 or above)
- Other
- Other protection between networks
- Private Instance - If required we can set up a peering relationship via AWS Direct Connect or a hardware VPN.
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
- We offer a 99.95% service level agreement, but we do not offer a credit system to customers if SLAs are not met. Note that our 99.95% service availability has always been met.
- Approach to resilience
-
All our servers are managed by Amazon; they will be automatically relaunched if the hardware fails. We monitor system load and automatically launch new servers as required to deal with it.
When files are uploaded to our system, they are automatically replicated off-site across the London (UK) AWS availability region within a second or two. This hot replica is available in the event of a regional outage.
Our database server is also replicated off-site in real-time. It has a transactional backup every 5 minutes and has a full backup every 24 hours. When files are uploaded to the system, they are replicated across multiple geographically dispersed data centres across the AWS London availability region.
In the event of an AWS regional outage, we can fail-over to the off-site datacentre within approximately 30 minutes.
For clients that don't require UK Data Sovereignty or have a global presence, we have additional AWS server locations in the EU. - Outage reporting
- Users can sign up and receive e-mail alerts in the event of the system experiencing an outage or degraded performance.
Identity and authentication
- User authentication needed
- Yes
- User authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
- Access restrictions in management interfaces and support channels
- A user cannot access a project without being a member of it; they must temporarily add themselves. This is an administrative function that is audited so we can know which of our staff had access to which projects at which time. Any changes that user made to the project would also be audited.
- Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Identity federation with existing provider (for example Google Apps)
- Username or password
Audit information for users
- Access to user activity audit information
- Users contact the support team to get audit information
- How long user audit data is stored for
- At least 12 months
- Access to supplier activity audit information
- Users contact the support team to get audit information
- How long supplier audit data is stored for
- At least 12 months
- How long system logs are stored for
- At least 12 months
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- The British Assessment Bureau
- ISO/IEC 27001 accreditation date
- 01/03/2024
- What the ISO/IEC 27001 doesn’t cover
- Not applicable.
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- MOD CyDR
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
-
- ISO/IEC 27001
- Other
- Other security governance standards
- Cyber Essentials, Cyber Essentials Plus
- Information security policies and processes
- At Glider Technology, safeguarding the integrity and confidentiality of our software and services is paramount. We are committed to meeting industry standards for information security, ensuring compliance through comprehensive policies and procedures encompassing information security, acceptable use, privacy and incident reporting. Our dedication to maintaining the highest standards is evidenced by our annual independent audits and maintaining accreditations including ISO 27001, Cyber Essentials and Cyber Essentials Plus. These measures demonstrate our commitment to protecting the data entrusted to us and maintaining the trust of our clients and stakeholders. Copies of these policies are available on request.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- Changes are requested either by a customer or internally. The development committee meets every fortnight to review requests and discuss the next fortnight's work, and what features should be prioritised. A technical specification is prepared by the senior technical staff and signed off by the technical director. After a developer prepares the changes, they are code reviewed reviewed by the technical director and senior staff. During the code review, we identify potential security risks and mitigate them wherever possible. We use the same approach for changes to servers, patches or configurations.
- Vulnerability management type
- Supplier-defined controls
- Vulnerability management approach
-
We are subscribed to the Ubuntu and Windows security alerts mailing list and RSS feed. We review it daily to ensure that no software we use is specified in this list.
In most cases, we deploy patches to our staging environment and test them for 2-3 days to ensure there are no effects. In the event of a high-profile serious issue we will accelerate this process and aim to have it done within a day or less.
We maintain a risk register and review it regularly to ensure that we are aware of our security profile. - Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
-
We have numerous automated methods of identifying potential compromises. We would be happy to discuss this on request but not to announce the details publicly.
When a potential compromise is identified, we first determine whether it is possible it was triggered by mistake by a developer calling an API call that they didn't mean to.
If it appears that a system is compromised then it is isolated from the network for analysis. If necessary we will firewall the entire environment until an assessment can be made.
Alerts raise SMS alerts to senior technical staff and are assessed within minutes. - Incident management type
- Supplier-defined controls
- Incident management approach
-
Users report incidents via our online ticketing mechanism, or by contacting their account manager. However, we have automatic monitoring systems that usually tell us about any problem before any customer notices. In most cases we are informed about a potential problem (such as high CPU usage) before it becomes an outage and fix it without downtime.
Incident reports are provided to all subscribers of our status web service.
Secure development
- Approach to secure software development best practice
- Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)
Public sector networks
- Connection to public sector networks
- No
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Glider adheres to all relevant environmental legislation and regulations, operating in an environmentally sensitive manner. The company's environmental policy and carbon reduction plan (both available on request) outlines our commitment to sustainability and net zero.
We are committed to achieving net-zero emissions by 2050 at the latest. Operating as a fully-remote working business helps us to minimise travel, commuting and associated emissions. We are working on significant carbon reduction initiatives, such as operating fully remotely and implementing a sustainable environmental policy. Looking ahead, the company is planning further initiatives over the next decade. These include evaluating the feasibility of hiring an Environmental Manager, implementing equipment recycling programs, scrutinising supply chain emissions, partnering with organisations for carbon offsetting and providing enhanced environmental training for employees.
Our software platform, gliderbim®, is a collaborative information management platform that enables remote parties to engage around electronic information and workflows to make infirmed decisions about their projects, programmes and assets in their wider estate. This reduces traditional, printed documentation and collaborative working significantly reduces travel and association carbon emission for our users.
Through a combination of proactive measures, strategic planning and ongoing evaluation, Glider Technology is dedicated to not only reducing its carbon footprint but also fostering a culture of environmental responsibility across its operations.Covid-19 recovery
Glider Technology is a fully remote company, which meant we are able transition to the challenging conditions of the Covid 19 pandemic seamlessly. We were able to transition our operations to ensure continuity and stability and offer employees flexibility if needed.
While our business operations have remained resilient, we recognise the importance of prioritising the health and wellbeing of our staff. We understand that remote work comes with its own set of challenges, including isolation and increased stress levels. Therefore, we have implemented comprehensive support systems to address the physical, mental and emotional needs of our employees.
We continue to stay committed to supporting the health and wellbeing of our staff while maintaining the integrity and efficiency of our remote operations.Tackling economic inequality
Glider is committed to addressing economic inequality, ensuring fair treatment and opportunities for all staff members throughout their employment. We employ various strategies to achieve this goal:
Fair Wages and Benefits: Glider implements a rigorous development procedure that considers each staff member's wages, ensuring alignment with their role and industry standards. Salaries are reviewed annually based on performance, with a focus on maintaining parity with the national living wage. Additionally, we offer a comprehensive benefits package, including private medical insurance, group life insurance, sick pay and additional leave days. We also promote flexibility and family-friendly policies to support employees' diverse needs.
Diversity and Inclusion: We are commitment to diversity and inclusion and actively work to eliminate discrimination and promote equality. We value our diverse workforce and prohibit discrimination based on various factors, fostering a culture of meritocracy, openness, fairness and transparency. Detailed information on diversity initiatives can be found in our Equality & Diversity Policy, which is available on request.
Community Engagement: Glider demonstrates its commitment to supporting communities through various initiatives, including volunteering, fundraising, and financial contributions. The company partners with local and national charities, such as Stronger Together, to address issues like isolation and mental health. Glider also supports team members in their fundraising activities and sponsors initiatives to promote diversity and inclusion in the construction industry.
Skill Development & Training: Glider prioritises the continuous development of its staff to ensure competence in their roles and adaptability to changing requirements. Training opportunities are provided through mandatory training, personal development plans and learning programs tailored for managers. All employees receive relevant training, both internally and externally, to enhance their skills and support their continual professional growth.
Through these initiatives, we're able to contribute to tackling economic inequality, fostering an inclusive workplace culture and making meaningful contributions to our community.Equal opportunity
At Glider Technology, we provide equal opportunities for all employees. We prioritise fairness and equality in every aspect of employment, from ensuring fair wages and comprehensive benefits to promoting diversity and inclusion throughout our organisation. Our continuous development procedures guarantee that each staff member's salary is aligned with industry standards and their role's requirements, with annual reviews to ensure fairness and address any discrepancies. Additionally, we offer a robust benefits package, including private medical insurance, sick pay and additional leave days, while maintaining flexibility to accommodate the diverse needs of our employees and their families.
We actively work to eliminate discrimination based on age, disability, gender, race, religion, or any other irrelevant factor, fostering a culture that values meritocracy, openness and transparency. Our dedication to diversity and inclusion is reflected in our policies and practices, and more details on these can be provided on request. Furthermore, our engagement with local and national charities demonstrates our commitment to supporting marginalised communities and promoting diversity in our industry.
Through ongoing skill development and training opportunities, we empower our employees to excel in their roles and adapt to evolving challenges. Whether through mandatory training, personal development plans, or specialised programmes for managers, we ensure that all staff members receive the support they need to thrive professionally.
We believe that equal opportunities is not just a goal but a fundamental principle that drives our organisation forward. By fostering an inclusive workplace where every individual is valued and empowered, we contribute to a more equitable society and a brighter future for all.Wellbeing
Our dedication to supporting the health and wellbeing of our staff extends beyond the confines of traditional workplace boundaries. Through initiatives such as access to mental health resources and flexible work arrangements, we are committed to providing a supportive environment where our staff can thrive. Additionally, we encourage open communication and regular check-ins to ensure that everyone feels connected and supported, regardless of their physical location.
Pricing
- Price
- £495 a licence a month
- Discount for educational organisations
- No
- Free trial available
- No