Bentley Systems (UK) Limited

iTwin-enabled Services

iTwin-enabled Services help organisations to create, visualise and analyse digital twins of infrastructure projects and assets. They enable digital information managers to align engineering data, reality data, and other associated data from diverse design tools and other sources, and transform it into a living digital twin.

Features

• Combine engineering data in incompatible formats from multiple sources
• Immersive Visualisation: view infrastructure projects and assets in 3D/4D/mixed reality
• Timeline of Change: compare versions, visualise who changed what, when
• Understand impact of change on design, cost and schedule
• Validate BIM models against project rules to meet LOD requirements

Benefits

• Query, interrogate, visualise engineering data regardless of format or source
• Maintain a timeline to capture when engineering data has changed
• Check status of real-world conditions from IoT devices and sensors
• Create multidiscipline BIM models for collaborative working
• Empower distributed project teams to understand implications of decisions
• Compare versions of BIM models by date, status or phase
• Use artificial intelligence and machine learning to enhance decision making
• Facilitate actionable insights across the asset lifecycle
• Better performing projects: improve project quality, reduce rework, meet deadlines
• Better performing assets: make better informed decisions, anticipate issues

£7,300 a unit a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@bentley.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

414021720921242

Contact

Andy Bowles
+44 7919 892183
gcloud@bentley.com

Service scope

• Software add-on or extension: Yes
• What software services is the service an extension to: ProjectWise; ProjectWise Connection Services; AssetWise; MicroStation; OpenBuildings Designer; OpenRoads Designer; OpenRail Designer
• Cloud deployment model: Public cloud
• Service constraints: Patching and maintenance windows are scheduled every week to ensure the security and reliability of the service.
• System requirements: All requirements covered with the offered service

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response times are covered by SLA and are based on priority. P1 - Availability Support 24x7 - Response 1 Hour - Resolution 4 Hours - Update Interval - 1 Hour P2 - Availability Support 24x5 - Response 2 Hours - Resolution 1 Day – Update Interval 4 Hours P3 - Availability Support 24x5 - Response 4 Hours - Resolution 10 Business Days - Update Interval 1 Day P4 - Availability Support 24x5 - Response 8 Hours - Resolution Mutually Agreed - Update Interval Mutually Agreed
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Remote support is included and covered by the Bentley Hosting SLA with different priority classifications. (P1) Urgent - An incident that has/is likely to have a major impact on users’ ability to maintain business operation. The incident results in any outage/loss of any key functionality of a critical application or service. The incident affects multiple locations or all users in one (1) location. (P2) – Critical - Incident which impairs the users’ ability to maintain business operation causing severe degradation of service or resulting in some important functionality being unavailable. There is no long term acceptable workaround for the business, however, the operation can continue in a restricted fashion. The incident results in loss of the "normal" functionality of an application or service for multiple users, but not all, in one (1) or more locations. (P3) - Medium - Incident which causes a loss of some important functionality. There is an acceptable workaround for the business and operation can continue in a restricted fashion. The incident results in loss of functionality of a "normal" application or service. (P4) - Low - Incident which has little or no significant impact on the business. Low impact and low urgency.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: After the cloud service is enabled Bentley will engage with the users (stakeholders, representatives from various departments) to define configuration details. Once the system is finally configured, Bentley will perform on-site or remote training sessions for each group/role. There are options to share videos, training material, prepare custom training material.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • ODF
  • PDF
• End-of-contract data extraction: Upon termination of the iTwin-enabled Services Subscription, Bentley will deactivate any remaining user accounts and provide an export of the Subscriber’s data. Unless otherwise requested, Bentley will delete all copies of the Subscriber’s data from its servers within two (2) weeks of being notified that the Subscriber has successfully read the files, or within four (4) weeks of the data being provided if no confirmation or associated Service Request is received. ; If required, Bentley can provide Professional Services to assist in the migration of the data to a new service provider for an additional fee which will be determined based on the scope of requirements.
• End-of-contract process: Upon termination of the iTwin-enabled Services Subscription, Bentley will deactivate any remaining user accounts and provide an export of the Subscriber’s data as stated above. Unless otherwise requested, Bentley will delete all copies of the Subscriber’s data from its servers within two (2) weeks of being notified that the Subscriber has successfully read the files, or within four (4) weeks of the data being provided if no confirmation or associated Service Request is received. ; If required, Bentley can provide Professional Services to assist in the migration of the data to a new service provider for an additional fee which will be determined based on the scope of requirements.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The main UI is a web front-end that can be used on desktop computers, but also on mobile devices.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Web Project Portal that enables restful access to our individual services and apps.
• Accessibility standards: None or don’t know
• Description of accessibility: Our services are designed to meet the visual standards of WCAG 2.0
• Accessibility testing: No specific interface testing with users of assistive technology has been done.
• API: Yes
• What users can and can't do using the API: Our services are built on a set of open source libraries through GitHub. Bentley develops its apps and features using this API.; The CONNECT Project Portal also has a set of useful APIs for automation of management capabilities.
• API documentation: Yes
• API documentation formats: Open API (also known as Swagger)
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The user can only partially customise. iModel.js can be used to customise through building out further applications via GitHub.

Scaling

• Independence of resources: Systems are logically separated in a virtual cloud environment. All systems are monitored in real-time for performance and availability. The Bentley Status Dashboard provides users with the current state of our cloud services.

Analytics

• Service usage metrics: Yes
• Metrics types: Usage via Bentley licensing server can be self-reported. In addition, hosted systems will provide a quarterly feature usage report. Feature usage reports include up to 60 features based on usage of those features. A real-time dashboard for usage is provided while feature usage reports are emailed quarterly.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Data at rest is encrypted via AES=256
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: There are many ways to access the data, Bentley has a snapshot facility as well as a SQL interface that lets users extract any required information.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • SQlite DB
  • IModel
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • Multiple CAD formats
  • Excel
  • XML
  • IFC
  • SQLite

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: 99.9%, assured by contractual commitment. Service credits when service availability drops below SLA level in a month.
• Approach to resilience: All services are deployed in a fully redundant configuration within fully redundant data centres meaning that any failure of equipment, service provider or software service will result in zero, or minimal, impact to the overall service.
• Outage reporting: Planned and unplanned outage notification emails are sent to registered users for affected systems.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
  • Other
• Other user authentication: Users authenticate against the Bentley Identity Management System (IMS) which is federated against the buyer's own AD .
• Access restrictions in management interfaces and support channels: Bentley uses role-based access control (RBAC) to control access and limit functionality per iTwin Service.
• Access restriction testing frequency: At least every 6 months
• Management access authentication: 2-factor authentication

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 16/06/2021
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: Please reference the CAIQ at https://cloudsecurityalliance.org/star/registry/bentley-systems/services/itwin/
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Those interested in Bentley's third-party audits and certifications may visit the Trust Center at Bentley.com, where they can request a copy of Bentley's SOC 2 report with a signed non-disclosure agreement or SELECT Agreement.
• Information security policies and processes: Information Security policies are designed utilising ISO 27001, SSAE16, ITIL and CSA frameworks. SaaS offerings are SOC2 certified.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configuration and Change Management follows the ITIL framework and policies and procedures are documented with various security standards. All SaaS offerings go through a cloud approval process and are scanned for vulnerabilities prior to production.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Penetration and vulnerability scans are performed internally by Bentley network and application teams as part of the production go-live procedure. They are performed annually or more frequently as necessary. Third party penetration tests are run on an as needed basis.; You are able to perform your own penetration test in cooperation with Bentley per the guidelines of Bentley's Pentest Program.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Active IDS is active on the network perimeter and on selected systems under the scope for ISO 27001 and SOC2 certifications. Compromises are analysed and put through the incident management process for investigation. The response time depends on the severity of the compromise.
• Incident management type: Supplier-defined controls
• Incident management approach: Bentley can quarantine any system on demand and will do so based on its incident response process. In the event of an incident, Bentley's incident response plan is compliant with GDPR requirements. Information security events will be assessed and a decision will be made if the event should be considered a security incident. Reporting requirements align with the corporate Incident Response Plan. Employees, third party consultants, contractors or service providers who detect or suspect an information security event has occurred shall immediately contact the Network Operations Center (NOC). A role shall be assigned to receive reports of security events.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Bentley’s mission is to leverage our leading software and services to drive impact through the world’s infrastructure – advancing both the global economy and the environment for improved quality of life. As part of our Environmental, Social, & Governance (“ESG”) strategy, we are committed to managing our business in a way that enhances the environmental impacts of our products and mitigates environmental risks from our operations. Our Environmental Policy details our commitments to Environmental Responsibility and the ways in which we expect our colleagues to act to drive progress on our ESG strategy. Bentley expects all colleagues, visitors, vendors, and suppliers to follow the below practices in order to drive progress on Bentley’s ESG strategy. Bentley's Environmental Policy is here: https://prod-bentleycdn.azureedge.net/-/media/files/documents/miscellaneous/environmental_policy.pdf?la=en&modified=20211021075240
• Covid-19 recovery:

  Covid-19 recovery

  When the world locked down to combat the COVID-19 virus, we took immediate action to ensure our colleagues had the equipment and resources they needed to work from home, which also enabled success for our users. Our global task force provided continuous communication, education, and support services to our colleagues. Their well-being fueled our response plan, and we created learning resources to support them throughout the pandemic. These resources included guides and practices for managers to lead virtually with empathy, tips for maintaining team collaboration, and resources and support for colleagues to maintain a healthy work-life balance.; As the pandemic continues, and work flexibility is seen as the key to success for the business and our colleagues’ wellbeing, we’ve introduced the Infrastructure Empowered Workforce Plan (IEWP). The IEWP is built on a solid foundation of trust. Colleagues are empowered to make responsible and effective choices on the right balance between working from the office and remotely. This plan does not require colleagues to come into the office at any specific frequency. Rather, it provides colleagues the flexibility to make these choices with their manager and within their teams to achieve business success and maintain a high level of productivity and engagement.
• Tackling economic inequality:

  Tackling economic inequality

  As a global company with colleagues of different cultures, backgrounds, and perspectives based in more than 40 countries worldwide, our diversity is what makes us successful. We have developed strategies and programs focused on increasing diversity and equity, as well as fostering a culture of inclusion and wellbeing in the workplace. These initiatives include building a pipeline of diverse candidates by recruiting at and partnering with Historically Black Colleges and Universities. ; We also partner with educational and professional organisations to provide internships, scholarships, grants, and projects that support groups underrepresented in technology. ; Bentley has active and engaged colleague resource groups within the Inclusion, Diversity, and Equity Alliance (IDEA) that have allowed colleagues, during this pandemic, to join their peers from all regions and departments with the goals of building community and fostering diversity and inclusion. IDEA currently has four focus groups open to all global colleagues: OpenPride, OpenAbilities, People of Color in the U.S., and Women at Bentley. IDEA has been a platform for education and a place to securely have difficult discussions about racism, discrimination, and bias through book clubs, panel discussion, speakers, and global awareness events. Members of executive management are key sponsors of each focus group and have been instrumental as sounding boards and in providing access to resources and the executive team.; We have implemented robust training with topics focused on respect in the workplace, identifying and overcoming bias, and anti-discrimination. We have held interactive sessions with our executives, emerging leaders, and talent acquisition in fostering diversity, equity, and inclusion and eliminating unconscious bias, and have implemented training for hiring managers to ensure fairness in the interview process.; You can find additional information, including our commitment to anti-slavery on our ESG website: https://www.bentley.com/en/esg/data-center
• Equal opportunity:

  Equal opportunity

  Bentley is an equal opportunity employer and considers all qualified applicants for employment without regard to race, colour, sex, sexual orientation, gender identity, disability, protected veteran status, religion, national origin, age, or any other protected characteristic. This commitment extends to all aspects of employment, including, but not limited to, hiring, placement, promotion, compensation, and training. EEO is the Law and EEO is the Law Supplement documents provide additional information about your rights as an applicant under the law.
• Wellbeing:

  Wellbeing

  As a company, it is our goal to ensure our colleagues know they are supported and valued as the first order of business.; Therefore, our Talent Management strategy puts colleagues at the centre of the workplace at Bentley. We focus on enriching colleague experience and creating memorable, meaningful, and purposeful connections. We invest in developing an impactful experience that reflects the company’s mission and values. We build practices and programs that deliver on engagement, recognition, communication, and development while rewarding colleagues through our robust total rewards package.

Pricing

• Price: £7,300 a unit a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@bentley.com. Tell them what format you need. It will help if you say what assistive technology you use.