LIGHTBULB ANALYTICS LIMITED

Vehicle fleet and resource management system

Lightbulb Analytics [LBA] IR3 system is a fleet and resource management system which enables users to optimise their fleet and resources.
IR3 achieves this by providing features such as live tracking, vehicle status, trip replay, driver behaviour, vehicle and personnel utilisation and potential collision analysis.

Features

• Near real time tracking including vehicle status
• Electronic Logbook – showing when trips where undertaken
• Vehicle Utilisation Analysis
• Driver Behaviour Analysis
• Geo fence monitoring and analysis
• Vehicle and Personnel Trip replay
• Incident data analysis - reporting on collisions
• Alerts for key events such as speeding
• System integration for real time deployment
• Resource management reporting - both vehicles and personnel

Benefits

• Fleet optimisation
• Improved productivity of vehicles and personnel
• More effective fleet and personnel deployment
• Alignment of resources to jobs and tasks
• Early warning of potential vehicle faults
• Analysis for insurance claims on collisions
• Understanding vehicle under and over utilisation improve whole life costs
• Improved deployment of resources both vehicles and personnel
• Replay how resources were deployed to a job task
• Understand where resources are deployed and how deployment

£11.64 a unit a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adrian.mcmullan@lba.ltd. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

410929117323839

Contact

Adrian McMullen
07946516028
adrian.mcmullan@lba.ltd

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: Overnight planned maintenance
• System requirements:
  • Utilises Mongo database
  • Deployed via MS Azure and located within the UK

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 9 to 5 (UK time), Monday to Friday
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Yes, at an extra cost
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: LBA makes the ZenDesk Voluntary Product Accessibility Template (VPAT) available for review.
• Onsite support: Yes, at extra cost
• Support levels: LBA Maintenance Agreement provides support including access to our ASANA support ticketing system which enables clients to track support issues and their status. Monday to Friday (9am-5pm) - support levels - we tend to only offer third line support (external support requiring the supplier) - i.e. first line support such as password reset etc dealt with the client
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: LBA recognises a solution is only effective if it is used correctly and to this end provides a proven implementation methodology and the experience of many implementations . At the beginning of the project, customers are given a comprehensive Statement of Work ('SOW') clearly defining milestones, goals and responsibilities. Initial training is provided by knowledgeable professionals who understand the specialised world of fleet and resource management.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: The customer owns its data. At the end of contract, LBA will ensure that all data will be extracted and delivered in mutually agreed upon format via secure method. LBA will not retain any customer data.
• End-of-contract process: At the end of any contractual term, LBA will export data into a mutually agreed file and delivery mechanism as stipulated in the agreed contracts. LBA will not retain any data and all servers, devices, logs etc will be purged of any data at contract end once the data has been delivered to the customer. LBA would create an exit plan in agreement with the customer which typically forms part of the contract terms.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Differences between the mobile and desktop service. Desktop is a web application which provides full features and functions. The mobile app is orientated towards drivers so features and functions are limited to elements which would benefit the driver.
• Service interface: No
• User support accessibility: WCAG 2.1 A
• API: Yes
• What users can and can't do using the API: API exposes all features and functionality of the system
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Customisation of IR3 can be tailored to the users needs. This includes hiding features and functionality that may be restricted to some users. IR3 can integrate permission models to restrict access to certain elements of the system for security reasons. Report customisation is possible. LBA do support all organisational structures which can be changed during the contract.

Scaling

• Independence of resources: IR3 can scale both up and out. This means IR3 allows more capacity by adding more computing power or more machines. From a user perspective, it means if an organisation grows or requires more users this can accommodated.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Exporting of data from the IR3 data is easy and can be accomplished in a variety of ways: CSV, JSON and PDF
• Data export formats:
  • CSV
  • ODF
  • Other
• Other data export formats: JSON
• Data import formats:
  • CSV
  • Other
• Other data import formats: JSON

Data-in-transit protection

• Data protection between buyer and supplier networks: IPsec or TLS VPN gateway
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: LBA provides 99.9% uptime service for unscheduled outages. Specific details on criteria, SLAs and remuneration can be found in the Hosting Agreement.
• Approach to resilience: The LBA environment in MS Azure which provides back up and geo replication. Core IR3 components are run over replicated clusters and so long as a quorum is maintained then system will continue to operate. If nodes go out the system will have reduced functionality. No data is lost unless all nodes go down as data is replicated across all database servers.
• Outage reporting: LBA uses MS Azure as the cloud hosting facility with a 99.99% uptime. The service is monitored 24x7, and any outages will be recorded on an event management solution and managed in accordance with our Incident Management process, which will ensure the customer is notified as appropriate. IR3 also have an in house monitoring system called Sentinel which notifies LBA of any disruptions .

Identity and authentication

• User authentication needed: Yes
• User authentication: 2-factor authentication
• Access restrictions in management interfaces and support channels: 2-factor authentication; Public key authentication (including by TLS client certificate); Identity federation with existing provider (for example Google Apps); Dedicated link (for example VPN); Username or password; Other
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users receive audit information on a regular basis
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certified by British Assessment Bureau
• ISO/IEC 27001 accreditation date: 07/02/2022
• What the ISO/IEC 27001 doesn’t cover: N/a
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 12/01/2020
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: CSA Code of Conduct for GDPR
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essential Plus
• Information security policies and processes: ISO 27001 certification , ISO 9001 certification; ; LBA is a SSAE18 SOC2 certified/ISO27001 compliant organisation with annual re-certifications by an independent auditor.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: The LBA Change Management process is tested and certified annually by an independent auditor as part of our SSAE18 SOC certification
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: LBA employs a variety of third party tools as part of its vulnerability management including: Cisco AMP Cisco Umbrella Cisco Firepower/NGFW IBM/HCL AppScan Tenable Nessus Trend Micro UltraDNS If a vulnerability is discovered, remediation is deployed according to the level of threat detected. LBA recognises that staying ahead of threats is a constant and does all possible to secure our environments.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: LBA remains vigilant and takes a proactive approach to information security through a process of continual monitoring and review. As part of a documented risk assessment methodology within the ISO 27001 audit, LBA works to identify and manage information security risks updating the risk register monthly. LBA has a network monitoring solution in place as well as a full antivirus and anti-malware solution. We check the hosted services for errors, infections and unexpected network traffic using Cisco IPS/IDS at the perimeter layer. This monitoring service provides defence in depth by detecting infections and suspicious networking activity.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We work within ISO27001 / ITIL frameworks. An incident is anything out-of-the-normal occurring that negatively affects us or one of our customers. Users can report incidents via web portal, email or phone. Major incidents are dealt with by our response Team to ensure that all necessary remedial actions are taken as quickly and effectively as possible; the Management Team allows the Response Team to focus on fixing the incident whilst they take strategic decisions, ensure resourcing for the Response Team and deal with external communications. Incident Management is an iterative process: Preparation > Identification > Response > Lessons Learned.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  LBA is fighting climate change by offsetting their carbon footprint, and have achieved this by participating in carbon offset programs and tree-planting initiatives.

  Covid-19 recovery

  LBA is committed to supporting our clients during the Covid-19 pandemic by implementing various measures to ensure continuity and safety. One significant aspect of our support is the ability to seamlessly implement our solutions remotely, minimising any disruptions to your operations. Through remote deployment, we can efficiently set up and configure our software to meet your organisation's needs while adhering to social distancing guidelines.

  Tackling economic inequality

  To tackle economic inequality LBA actively promotes equal opportunities for all individuals. This has involved ensuring fair wages and worker rights, investing in education and job training programs, and providing access to affordable healthcare and social services.

  Equal opportunity

  LBAs has tackled equal opportunity by prioritising diversity and inclusion in its hiring practices, promoting a supportive and inclusive work culture, and providing equal access to training and advancement opportunities for all employees. Implementing transparent and fair policies for recruitment, promotion, and compensation has also helped ensure that all LBA employees have the same opportunities for growth and success. Additionally, offering flexible work arrangements, accommodating diverse needs, and providing resources for mentorship and career development can further support equal opportunity within LBA. By fostering a workplace that values and supports diversity, we have created a more inclusive and equal playing field for all employees..

  Wellbeing

  LBA promoted well-being by prioritising employee health and wellness initiatives, offering comprehensive benefits such as mental health support, and fostering a positive work culture that values work-life balance. Implementing flexible work arrangements, providing resources for stress management and mental health support, and promoting a healthy lifestyle through wellness programs has ensured that LBA values the overall well-being of its employees. Encouraging open communication, providing opportunities for professional development and growth, and creating a supportive and inclusive work environment has also further promoted well-being among employees. By investing in the well-being of employees, LBA has enhanced productivity, satisfaction, and ultimately, created a more positive and thriving workplace.

Pricing

• Price: £11.64 a unit a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at adrian.mcmullan@lba.ltd. Tell them what format you need. It will help if you say what assistive technology you use.