AssetTracker Pro Lite

Service scope

Software add-on or extension: No
Cloud deployment model: Public cloud

Private cloud

Hybrid cloud
Service constraints: The service will require some customisations depending upon the industry, IT environment and end user context.
System requirements: Web browser - Any currently supported

Internet Connection

User support

Email or online ticketing support: Email or online ticketing
Support response times: Once deployed as SaaS, hayman.dev will provide support:
Mon - Fri: Email and On call support Normal Business hours
Sat - Sun: Limited Email and On call support for critical business support areas
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: Yes, at extra cost
Support levels: Hayman.dev will provide a tiered support for its software once deployed:

Critical Support: Email and On call 7 days a week
Regular Support: Email and On call 5 days a week (9 am - 5 pm UK time)

hayman.dev will allocate time from a support engineer towards deployed service and will provide on-site support (at extra cost).
Support available to third parties: Yes

Onboarding and offboarding

Getting started: All our software is backed up by first class training, we as a business provide full access to online training courses and videos on how to control and use all aspects of our software. Additionally, our product training can be provided as onsite with a train the trainer approach. This is backed up by our first-class service support desk who are on call to answer any questions about our software which may arise.
You can be confident that when you complete training with us not only will you understand the product but it will be backed up by CPD accreditation which you can take always and work towards continuous learning and development.
Service documentation: Yes
Documentation formats: PDF
End-of-contract data extraction: We understand that data collected is your data that why at end of contract we have various means of traversing your data back to yourselves. We would export your data and provide you with an industry standard database en-which you can import into your new system for archival retrieval of data. We support all major export of data methods.
End-of-contract process: At the end of the contact all data collected is exported and a copy of the data provided to you. Additionally, all resources would be decommissioned, and the hosting system closed. We would then provide a decommissioning report outlining end of contact and confirmation that all data collected as been transferred to business owners of the service provided. this service is provided in the cost of the product. Additional costs would occur if the service wanted transfer of data to a new provider as a direct interface.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari
Application to install: Yes
Compatible operating systems: Android

IOS

Linux or Unix

MacOS

Windows
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: None
Service interface: No
User support accessibility: WCAG 2.1 AA or EN 301 549
API: Yes
What users can and can't do using the API: The service uses Rest APIs to integrate with existing IT environments or third party software.
API documentation: Yes
API documentation formats: PDF
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Customise the data capture process to suit the needs of the environment the users are in.

Customisation of the reporting engine to analyse data captured.

Customise the rollout of software to hardware devices and types of hardware such as PCs, mobile phones and tablets.

Scaling

Independence of resources: Hayman.dev is continuously working to automate processes and tools to make services independent of resources. In addition, it provides liquid workforce to ensure multiple projects can be serviced in parallel through dynamic allocation of resources.

Analytics

Service usage metrics: Yes
Metrics types: Service Usage Metrics could be provided based on specific project requirements using either standard metrices or customised for project needs.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom

European Economic Area (EEA)
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest: Encryption of all physical media
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: A third-party destruction service

Data importing and exporting

Data export approach: Users can export their data in one of two ways. The first being through the application itself by downloading reports to be analysed by 3rd party tools or direct interfaces between two or more systems. The second is at a database level where the requestor can contact the provider and request a complete data dump of all data collected within the system.
Data export formats: CSV

Other
Other data export formats: XML

JSON

PowerBI
Data import formats: CSV

Other
Other data import formats: XML

JSON

API

FHIR

HL7

OCP

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

Other
Other protection between networks: Data in transit protection is provided through a host of enabling technology and encryption.
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: SLAs can be customised based on project requirements
Approach to resilience: Available on request
Outage reporting: Available based on context of the project

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)
Access restrictions in management interfaces and support channels: To be made available on request
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: You control when users can access audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: No
Security governance approach: Hayman.dev has strong internal security governance set up. The set up can be enhanced with certifications based on specific project requirements.
Information security policies and processes: Hayman.dev has a strong set of information security and data protection policies. These can be shared on request.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Change of Scope (CoS) requests are managed via a dedicated project management team who will be assigned to your project and will liaise with you during the CoS process.

Development, data and architectural changes are tracked through source control and project management tasks, with DEV QA, Staging QA, Client UAT and production stages tested at each level for accuracy, completion, and security.

All services offer a "staged" and rollback options to test before deployment and revert changes in case of unforeseen issues.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: All new versions and upgrades of our software and services are first analysed at a project level to determine the impact on changes required.

A review is carried out at the code and data level to asses the change impact on the code path and data effected by the changes, including any relational changes to APIs.

We run regular scans and unit tests on our SaaS/IaaS products with external and internal metrics and audits to review access and service reliability.

Patches/updates can be automatically or manually rolled out at the customers pace.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Metrics offered by our Cloud provider offer detailed analysis of access and potential breaches and service reliability with optional "auto cut-off" based on pre-defined thresholds. Various options are available.

Our software includes an internal audit system to record user access and service reliability that can be monitored down to individual devices, APIs and services.

When a potential compromise is raised or detected, a dedicated team is assigned to triage the issue and determine the severity. We then work with you to create an impact assessment to mitigate the issue until full resolution can be put in place.
Incident management type: Supplier-defined controls
Incident management approach: System level reports are available to the customer and hayman.dev to review system stability, access, usage and general service level processes. Alerts can be set to trigger a notification to pre-defined e-mails or reporting pages to notify if a predefined threshold has been reached.

A team reviews the incident and creates a support ticked. A triage process is undertaken initially to create an impact assessment and resolutions agreed by both parties are applied. A full incident report is generally available within 2 or 3 weeks after resolution (dependng on complexity) and best-practices are updated for future rollout/development.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: Yes
Connected networks: Public Services Network (PSN)

NHS Network (N3)

Joint Academic Network (JANET)

Scottish Wide Area Network (SWAN)

Health and Social Care Network (HSCN)

Other
Other public sector networks: Can be connected based on project requirement

Fighting climate change: Fighting climate change

ATP takes two approaches to fight climate change and works with clients to bring their processes to net zero by working on carbon offsetting. Our entire development process is carbon offset, we plant trees and provide hedges to replace every ton of carbon we produce within on business on the development of the ATP application.
How do we help you as a customer work towards carbon offsetting? For every process you record within our system we add a carbon weighting to your journey. This allows us to calculate the number of tons of carbon you produce using our software. Which then we can recommend ways to offset that footprint.
Take the following example: You have an electric car in your fleet, which you are recording its telemetric data through our software. Number of miles completed each year. EG 10,000 miles, now the amount of carbon you produce over a diesel car completing the same distance should be nil. We can prove that by taking the blended approach and capturing the offset data from the electric generated to prove the car is zero rated. This process is completed by linking to other data sets using API’s.

Pricing

Price: £3,000 to £5,000 an instance a year
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: Included is
30 day license,
All features of the software
1 standard template driven process, online support
1 standard report
Link to free trial: Hayman.dev

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

AssetTracker Pro Lite

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents