Dragonfly

Service scope

Software add-on or extension: No
Cloud deployment model: Public cloud
Service constraints: Service requires pipe metadata and CCTV inspection video for sewer to be condition assessed to be uploaded by the client into Dragonfly for condition assessment.
System requirements: Access to supported web browser

User support

Email or online ticketing support: Email or online ticketing
Support response times: SLA's can be agreed with clients
User can manage status and priority of support tickets: No
Phone support: Yes
Phone support availability: 9 to 5 (UK time), Monday to Friday
Web chat support: No
Onsite support: No
Support levels: SLAs to be agreed with client on a case-by-case basis.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: Support is provided with uploading sewer CCTV video inspection files and populating pipe metadata template with associated pipe data.
Service documentation: Yes
Documentation formats: PDF

Other
Other documentation formats: MP4
End-of-contract data extraction: Data is downloaded by the client
End-of-contract process: Data is downloaded by the client prior to the end of the contract. There are no additional demobilization tasks required and no additional charges.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Chrome
Application to install: No
Designed for use on mobile devices: No
Service interface: Yes
User support accessibility: None or don’t know
Description of service interface: The user interface is accessible through a supported browser - email is used for first line support
Accessibility standards: None or don’t know
Description of accessibility: Service interface is via email
Accessibility testing: No testing undertaken with users of assistive technology yet
API: No
Customisation available: No

Scaling

Independence of resources: A dedicated level of support is agreed with customers during the proposal phase which is detailed within the scope of work. Servers are continually monitored to ensure that resource levels are adequate.

Analytics

Service usage metrics: No

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Staff screening not performed
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: Other locations
User control over data storage and processing locations: No
Datacentre security standards: Managed by a third party
Penetration testing frequency: At least once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Other
Other data at rest protection approach: Dragonfly provides data integrity and protection with its use of Azure Blob Storage, which provides for a fast, highly reliable, and persistent file storage for our application in the cloud. Blob storge is optimized for storing massive amounts of data and is designed for: serving images and documents directly to a browser, storing files for distributed access, streaming video and audio, storing data for backup and restore, disaster recovery, and archiving.
Data sanitisation process: No
Equipment disposal approach: In-house destruction process

Data importing and exporting

Data export approach: Technical support is available should a mass download of data be required in a particular format.
Data export formats: CSV

Other
Other data export formats: PDF
Data import formats: Other
Other data import formats: Mp4

Mpg

Avi

Wmv

Jacobs-provided metadata inventory template (Excel)

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: SLA's to be agreed with clients.
Approach to resilience: Jacobs Digital has a “Cloud First” policy for all technical solutions we implement. We take a vendor agnostic approach when proposing solutions and will work with whichever provider makes the most sense for our clients. We are currently using MS Azure for hosting. MS Azure and is fully accredited for ISO 9001, 27001 and 20000.
Outage reporting: We use an external automated monitoring service to continually ensure our services are operational. In the event of any downtime or glitch the technical support team are notified by SMS and email.

Identity and authentication

User authentication needed: Yes
User authentication: Username or password
Access restrictions in management interfaces and support channels: Dragonfly has an admin interface accessed by the Jacobs support desk that enables full control of user and user team access to modules and user rights (e.g. ability to edit or delete).
Access restriction testing frequency: At least every 6 months
Management access authentication: Username or password

Audit information for users

Access to user activity audit information: No audit information available
Access to supplier activity audit information: No audit information available
How long system logs are stored for: At least 12 months

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: No

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: No
Security governance approach: Jacobs UK has obtained certification for ISO/IEC 27001:2013 which includes governance controls. Jacobs have undergone an auditing process undertaken by a certified external party.

Our Global Cyber Security program is also governed through an alignment with the implementation of the Center for Internet Security (CIS) Critical Security Controls. The US National Institute of Standards and Technology (NIST) Special Publication 800-53 provides detailed information regarding these governance controls and several others that serve as a reference framework for the Jacobs Cyber Security Program.

Microsoft as the CSP also holds the ISO/IEC 27001:2013 certification, amongst others that also incorporate governance controls.
Information security policies and processes: Jacobs implements several policies and processes, these include (but are not limited to) global cyber security and data protection policies and as well as a set of computer security incident response processes. The cyber security program also aligns to several globally recognised frameworks developed by organisations including the US National Institute of Standards and Technology (NIST) and Center for Internet Security. Jacobs has obtained both ISO/IEC 27001:2013 and Cyber Essentials Plus in the United Kingdom. Therefore, the organisation implements the necessary policies and processes required to achieve these certifications.

Microsoft Azure as the Cloud Services Provider (CSP) implements specific controls aligned to their accreditations and certified standards. These include ISO/IEC 27001:2013 and Cyber Essentials Plus; Microsoft Azure is also registered as a Cloud Security Alliance (CSA) STAR Level 1 and 2 trusted cloud provider. Therefore, Microsoft has been both self-assessed and audited by an accredited third-party.

Preventative and detective controls are implemented within the cloud tenancy using tools provided by the CSP. This ensures continuous policy monitoring and compliance. Jacobs’ organisational hierarchy includes escalation and reporting channels in relation to cyber security. This facilitates the roles and responsibilities required for incident management processes.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: When a change is required/requested it is reviewed by the technical director before being sent to the development team for implementation. Changes are reviewed for their impact to existing configuration, how they might affect users and potential security implications. Change requests are stored in a central change request database for long term reference.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Depending on severity security patches are rolled out to live systems monthly, if a serious vulnerability is found a patch would be implemented as soon as possible.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Penetration testing is routinely carried out by a third party against our systems. Any findings are reviewed by and responded to by Dragonfly management.
Incident management type: Supplier-defined controls
Incident management approach: In the event of an incident the Service Now ticketing system will be the first point of contact. They will go through a pre-defined check list and determine if they can resolve the issue, if not they will contact the technical support team to follow up with the user. For a serious issue, such as a prolonged server outage, standard disaster recovery steps will be taken. After the incident is resolved a downtime post-mortem will be carried out to establish the exact cause and what can be done in future to avoid a repeat situation.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change
Wellbeing

Fighting climate change

Dragonfly facilitates more efficient asset management, providing focused insights on pipe condition and identifying which pipes need repair, rehabilitation, or replacement, when this should be done, and when to schedule pipe reinspection. This impacts resources used since rather than replacing all the sewers within an entire service area, owners can repair, rehabilitate, or replace specific pipes within their collection system, extend the service life of existing pipes, and reducing resources needed. These saved resources can be used to repair, rehabilitate, or replace additional pipes on a focused basis within the collection system, further reducing inflow and infiltration into the sewer pipes, reducing/eliminating overflows, and reduce flows conveyed to the wastewater treatment plant (WWTP). With less wastewater to treat, the WWTP can be optimised, producing a positive impact in reducing greenhouse gases.

Wellbeing

Using focused insights on pipe condition to improve asset management efficiency, identify which pipes need repair, rehabilitation, or replacement within the collection system, and complete the necessary work will help reduce inflow and infiltration into the sewer pipes and increase the capacity of the collection system. This will reduce/eliminate overflows, improve public health, and reduce the environmental impact of wastewater spills.

Pricing

Price: £0.65 to £0.65 a unit
Discount for educational organisations: No
Free trial available: Yes
Description of free trial: Jacobs offers free trials/pilots for potential clients.

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Dragonfly

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents