Skip to main content

Help us improve the Digital Marketplace - send your feedback

IOCO SOLUTIONS LIMITED

GetSpace Location Booking Platform

GetSpace is the solution for companies that want to take their facilities management to the next level.

Reporting on how your offices are actually being used so that you can make better decisions about how your offices are being run.

Improved access and security to your buildings, including health checks.

Features

  • Daily health screening
  • Covid 19 education and information
  • Office density management
  • Staff risk management
  • Real time reporting
  • Employee dashboarding
  • Onsite visitor management
  • Online bookings for office spaces
  • Integrated security
  • API integration

Benefits

  • Understand employee health and risk
  • Educate employees on better health practices

Pricing

£0.80 to £1.60 a user a month

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.morey@ioco.tech. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 8 6 1 7 1 8 3 7 0 0 2 2 0 5

Contact

IOCO SOLUTIONS LIMITED Mick Morey
Telephone: 0118 206 2938
Email: michael.morey@ioco.tech

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
Smart phone and modern browsers only
System requirements
Smart phones and modern browsers

User support

Email or online ticketing support
Yes, at extra cost
Support response times
Variable depending on severity of the question.
Office hours only unless otherwise contracted.
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Onsite support
No
Support levels
The GetSpace solution is fully supported by iOCO's24/7 Service Desk providing a single point of access for all incidents and requests. The service is available via telephone, email or iOCO SMAX portal. Responses are prioritised and addressed in line with the service levels detailed in the Service Level Agreement document. All engagements have a named Service Manager for engagement and escalations with a Technical Service Manager who attend service review meetings.
Support available to third parties
No

Onboarding and offboarding

Getting started
User documentation is available.
Train the trainer is available upon request (online).
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
A ticket must be logged and we will delete upon request, or extract the client's data.
Data is retained for 12 months, unless otherwise requested.
End-of-contract process
There is no additional cost and no additional services are provided at the end of the contract.

Using the service

Web browser interface
Yes
Supported browsers
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
The solution is responsive and works identically across both.
It is implemented as a progressive web app and can be installed like an application on a smart phone or accessed from the browser.
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
GetSpace can be integrated into existing HR and other relevant systems on a custom basis.
Restful API's can be exposed to share data with employment source systems, as well as access control systems (Allow or block entry).
API documentation
Yes
API documentation formats
  • Open API (also known as Swagger)
  • HTML
  • ODF
  • PDF
API sandbox or test environment
No
Customisation available
Yes
Description of customisation
Basic white labeling is available (colours and logos).
Custom integrations with employee source systems.
Custom integrations with health data providers.
Customizations are available at additional cost by the Sikhona team.

Scaling

Independence of resources
The solution is hosted on Azure and follows Azure service levels.
Services are elastically scaled based on demand.

Analytics

Service usage metrics
No

Resellers

Supplier type
Reseller providing extra support
Organisation whose services are being resold
EOH Mthombo

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Yes
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least every 6 months
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
Other data at rest protection approach
All data at rest is encrypted with AES256

https://docs.microsoft.com/en-us/azure/azure-sql/database/transparent-data-encryption-tde-overview

https://docs.microsoft.com/en-us/azure/cosmos-db/database-encryption-at-rest
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
In-house destruction process

Data importing and exporting

Data export approach
Management users can extract Excel reports directly from the reporting portal.
Data export formats
CSV
Data import formats
CSV

Data-in-transit protection

Data protection between buyer and supplier networks
Other
Other protection between networks
All public endpoints are secured via SSL
Data protection within supplier network
Other
Other protection within supplier network
All internal endpoints are secured via SSL

Availability and resilience

Guaranteed availability
99.95% (due to Azure SLA and running scale out across update and fault domains)

https://azure.microsoft.com/en-us/support/legal/sla/app-service/v1_4/
Approach to resilience
Implemented as per Azure SLA requirements.
https://azure.microsoft.com/en-us/support/legal/sla/app-service/v1_4/
Outage reporting
Email alerts are sent to all active subscribers

Identity and authentication

User authentication needed
Yes
User authentication
Username or password
Access restrictions in management interfaces and support channels
Only global administrators have full access across the stack. Actors may be granted limited permissions within resource groups only for specified and approved purposed.
All administration management and support is done by the support team who log into the back-end using active directory credentials which provide role based access to limited functionality.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 6 months and 12 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 6 months and 12 months
How long system logs are stored for
Between 6 months and 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
INFORMATION SECURITY MANAGEMENT SYSTEM ISO/IEC 27001:2013 for the Datacentre

Security governance

Named board-level person responsible for service security
No
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
All staff sign contracts which include a comprehensive confidentiality agreement, and code of ethics.
Policies are in place to ensure compliance with GDPR (UK) and POPI(South Africa)

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
All changes and configurations go through the Change Approval Board, and will then follow a specified change schedule. CAB Considerations include but are not limited to risk and impact assessment, effect and impact on infrastructure and linked services, and capability of the resources.
Full solution life-cycle management change tracking is in place with all requests for change, and changes down to code level recorded against individuals responsible for implementing changes.
Vulnerability management type
Undisclosed
Vulnerability management approach
Azure Security Center configured across all subscription resources.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Azure Security Center with threat detection is configured and applied across all subscription resources.
Azure Frontdoor with WAF rules set to Prevention mode (access blocked on failed rules) applied to front facing web services.
Incident management type
Undisclosed
Incident management approach
Incidents are logged on the service desk and assigned the correct level of severity. Critical incidents are automatically escalated to the Incident Manager to oversee resolution. Committed time to resolution is variable dependent on the level of severity.
Incident reporting can be provided as required.

Secure development

Approach to secure software development best practice
Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Covid-19 recovery
  • Wellbeing

Covid-19 recovery

The COVID-19 pandemic was a wake-up call for businesses. It made one thing abundantly clear: We did not have the continuity plans in place to deal with a crisis right out of the gates. It also taught us that we are more capable, more resourceful, and more adaptable than we thought possible.

Knowing what we know now, the question becomes: What can you do differently to protect your business and its workers?

GetSpace was born out of this question. It was born from asking how we would do things differently if we got the answers earlier. It was born from a desire to see the economy reopened, and from a vision to be able to manage any crisis going forward.

Wellbeing

At its heart, GetSpace provides insight into how the crisis affects staff, ensures compliance with legislation, and to provide inputs into managing business continuity risk. It is available to businesses to allow them to identify and track their high-risk populations, and to proactively ensure that their offices are opened and managed in as low-risk manner as possible.

GetSpace has a host of features available to the user including daily screening, risk profiling, crisis education, nearest test centres, and booking office and desk space. On the management side GetSpace enables supervised, on-site check in and screening, full reporting, and track and trace capability.

Pricing

Price
£0.80 to £1.60 a user a month
Discount for educational organisations
No
Free trial available
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at michael.morey@ioco.tech. Tell them what format you need. It will help if you say what assistive technology you use.