Open Sky Data Systems

Gov360 OpenSky : Waste Data Management System (WDMS)

WDMS is a cloud-based system allowing for the collection, transformation and reporting on the movement of waste. Tracking waste from collection to disposal with results of tracking used by contractors, sites, collection and disposal authorities to view, report, plan and assist in decision making for all the parties involved.

Features

• Realtime Data Tracking
• Automatic Data Upload
• Quality Data Validation
• Database Consolidation
• Invoices & Claims
• Stock Management
• Dashboard & Waste Analytics
• Automatic and Self-Service reporting

Benefits

• Central, secure, accessible repository for historic and predictive data
• Save time collecting, validating, processing and reporting waste data
• 80% out-of-the-box functionality uniquely designed to meet all WDA’s requirement
• Customisation in mobile applications, analytics and data-management meets 100% requirements
• Customised to reflect your business processes - nothing is wasted
• Saves significant numbers of days in administration per month
• Integrates with financial and ICT infrastructure, generating validated, quality information
• Standardises and validates all incoming data (contractors, transfer stations, WCA’s)
• Report on actual tickets rather than estimates
• Simplifies WDF through automating the file processing and production

£600 to £1,250 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at wflanagan@openskydata.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

490557792662241

Contact

William Flanagan
+44 203 051 2392
wflanagan@openskydata.com

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Community cloud
  • Hybrid cloud
• Service constraints: Internet connectivity required if hosted remotely or requiring remote access
• System requirements: System requirements are dependent on each individual project.

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: OpenSky provide excellent, flexible support services for Dynamics solutions, from standalone applications to complex systems. ; ; Our standard package provides remote support services by dedicated support experts from 08:00 to 18:00 Monday to Friday, with 24/7 access to the service desk portal.; ; We provide aggressive SLAs with response times from 30 minutes for Severity 1 tickets, to 4 working hours for Severity 4 tickets, and guaranteed resolution times from 4 working hours for Severity 1 tickets to 40 working hours for Severity 4 tickets.; ; Non-standard packages (onsite, out of hours or on-call support services) can be tailored to your needs.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: OpenSky provide excellent, flexible customer and technical support services for Dynamics solutions, from standalone applications to complex systems.; ; Our ITIL aligned Service Desk combines expert technical personnel with expert customer service to bring the highest standard support solutions.; ; Our standard package provides:; - Level 2 and Level 3 Remote Support Services; - Dedicated support service desk and cloud support experts from 08:00 to 18:00 Monday to Friday; - 24/7 access to the service desk portal; - Self-service Knowledge Base and FAQs facility on web portal; - System Monitoring; - Suite of Daily System Checks performed by start of business each day; - Aggressive and guaranteed Response and Resolution times; - Support Lead dedicated to your account ; - Face to face or video-conference meetings; - Monthly Service Reports including performance against SLAs and KPIs; - Facility for change requests, enhancements; - Onsite Quarterly Service Review meetings; ; Non-standard packages can be tailored to your needs, including:; - Level 1 Remote Support Services; - Onsite Level 1, Level 2 and Level 3 personnel; - Out of hours or on-call support services
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: Launching a new system implies a change – so training covers not only ‘How does the new system work?’ but also ‘Why do we need a new system in the first place?’ For an end-user, the second question is key to achieving buy-in. Successful solution rollout and integration means focusing on driving adoption and ensuring everyone understands the benefits of working in a new way. ; Training channels include via:; • Classroom: hands-on training ; • Webinar: useful for ongoing/refresh training; • Self-service: all materials provided via support portal, including training guides, quick start tutorials, etc.; Training groups typically include:; • Core Group Training: often people involved in the project team, the select panel co-create or test systems, becoming super-users and internal trainers, following system deployment; • Systems Administrators: tailored training delivered to a number of specialised staff, who will support colleagues, often through helpdesk services. Training may include system configuration and user management.; • Wider Group Training: rollout can be achieved through dedicated training days onsite with small groups with the ‘how’ and ‘why’ being explained and reinforced. This can also be done through shorter, more numerous, webinars. Training focuses on a role basis.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: All data remains the IP of our clients. If clients do not wish to extend our contract to manage their data, we will work with the incoming, to ensure data is mapped to a new platform.
• End-of-contract process: OpenSky work closely with clients during the wind-down stages of a project to understand and map the next stage of their overall strategy. Whether a project is being handed back to our client, or to an incoming provider, we ensure the appropriate knowledge transfer takes place through several tasks, including:; • staff debrief; • status report indicating outstanding issues, risks and incomplete tasks; • ensuring all task and QA documentation is complete; • providing formal feedback to the client on project performance; • provide measure of project achieved and impact; • lessons learnt report; • map of any outstanding tasks for completion by incoming/client team; • financial close of the task; • statement of completion; These tasks will act as a Hand Over to Service (HOTS) package to the client.; The final part of our standardised approach will be to ensure that each project we support is closed-down and handed over to the client and/or support team (provided our support services cover the end of each project). ; ; Pricing will be agreed with client at the scoping stage of each project. Typically, additional days are mapped out for changes to the project, outside the scope of the initial agreement.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The system is browser based and while working on mobile devices user could experience sizing issues
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: As an interface to OpenSky Support Services, we provide a dedicated Service Desk Web Portal that is available to customer on a 24/7 basis via standard web browser. ; ; Tickets can be logged to the service desk either by direct email to a dedicated support email address or via the web portal interface.; ; Customers can view, track, manage and update tickets via this portal as well as accessing self service Knowledge Base and FAQ facilities.
• Accessibility standards: None or don’t know
• Description of accessibility: OpenSky Service Desk Portal is accessed via standard web browsers.
• Accessibility testing: OpenSky Service Desk Portal is accessed via standard web browsers.
• API: Yes
• What users can and can't do using the API: Data input may be undertaken using the API
• API documentation: No
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our bespoke Waste Data Management System is designed to allow system administrators and users the flexibility of customising and configuring the system to meet their specific needs. Any changes in the organisation can be easily accommodated making this application scalable and extensible.; The main requirements for customisation are: ; The right/privileges to make changes (based on security role and permissions), understanding of the business process, familiarity with the application architecture, a structured methodology for implementation. ; Some of the major types of customisations include: customising forms, views and charts, automations using workflows and dialogs, customising reports and dashboards and managing templates for document and email generation.

Scaling

• Independence of resources: OpenSky ensures through robust technical development and testing that users are not impacted by the demands of others at both the application and the database level. Session separation and database locking both form part of this process to ensure a smooth and uninterrupted user experience

Analytics

• Service usage metrics: Yes
• Metrics types: Available through our service desk and through system reporting.; Service desk provides metrics on support issues, in system reporting on user throughputs and system access
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: From within the system all data screens can have the contents exported at the push of a button.; Full data base exports are available through the service desk.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • XLS / XLSX
  • DOC
  • HTML
  • PDF
  • CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XLS / XLSX
  • TXT

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Legacy SSL and TLS (under version 1.2)

Availability and resilience

• Guaranteed availability: Service Level Agreements are created for each customer dependent on their own requirements and priorities.; Generally this covers a 99.97 availability of service and access to the service desk for support and issue resolution.
• Approach to resilience: We host on a Tier 1 data centre, competing and on a par with Azure and AWS (among others). Our hosting partner, fully hosted in the UK, guarantees that data centre HVAC and power will be functioning 100% of the time in a given month, excluding Maintenance. Power includes UPSs, PDUs and cabling. ; Power: Our power systems deliver conditioned power while protecting against sags, surges, swells, spikes and electrical noise. Uninterruptible power supplies (UPS) provide instant failover for continuity during a power outage. And our on-site, always-fuelled diesel generators are prepared to pick up the load quickly during extended outages.; Cooling: Our N+2 redundant chiller configuration uses a combination of centrifugal chillers, cooling towers, chilled water loop pumps and condenser water loop pumps — with redundant water sources.; Network: Our robust network includes nine backbone providers, allowing us to shift traffic as needed. This configuration, co-developed with Cisco, guards against single points of failure at the shared network level.; HVAC: Our precision Heating, Ventilation and Air Conditioning (HVAC) environment includes HEPA-equipped air handling units that remove dust and contaminants. In the event of an HVAC system failure, we have redundant HVAC systems for immediate failover.
• Outage reporting: OpenSky monitors service health through a combination of the Admin Dashboard and Email Alerts. These last can be configured to notify administrators of outages.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password
• Access restrictions in management interfaces and support channels: VPN access. 2-factor authentication. Username and Password
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: You control when users can access audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: You control when users can access audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: CDL Group
• ISO/IEC 27001 accreditation date: 12/12/2021
• What the ISO/IEC 27001 doesn’t cover: There is nothing out of scope for ISO 27001:2013. OpenSky Data Systems have been independently assessed and accredited to ISO 27001:2013 Information Security Management Systems, Standards and guidelines.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We have an internal ISO-27001 compliant, Information Security Policy which is available on request. ; ; Also see https://www.microsoft.com/en-us/TrustCenter/Compliance/ISO-IEC-27001 and The Microsoft Cloud Security Policy is available via the Service Trust Platform aka.ms/stp"

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: OpenSky adheres to Prince2 Methodology Change Management Process. For further information please see http://prince2.wiki/Change
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Our application infrastructure is hosted by Rackspace. Service includes:; • The 24x7x365 Operations Center, staffed by experienced GCIA-/GCIH-certified security analysts.; • Using threat intelligence and advanced analytics to detect and remediate threats on your behalf, 24x7x365, based on pre-approved actions.; • Leveraging leading security technology to deliver security services.; ; Comprehensive traffic monitoring, multilayered anomaly detection technologies and immediate DDoS mitigation.; ; Combines two powerful alerting technologies — network-level packet scanning and server-level anomaly detection — to identify attacks, then mitigates effects by precisely eliminating DDoS traffic.; ; Anomalous behaviours trigger an alert with a 30-minute response guarantee for proactive protection subscribers.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our hosting provider, Rackspace, uses the best practices described in the ISO 27002 security standard. This standard is recognized globally as the most comprehensive framework for establishing and maintaining information security best practices within an organization. As these controls are essential to our security posture, we refrain from describing them in detail on publicly available documents.; ; Application level vulnerabilities are dealt with on a case by case basis, and are prioritised based on the threat level (i.e. high, medium and low) and implementation plans are circulated to the customer to advise as to timelines for same.
• Incident management type: Supplier-defined controls
• Incident management approach: Internally we use ITIL framework for Incident management.; Microsoft provides robust processes incidents.; • Identification – System and security alerts may be harvested, correlated, and analyzed.; • Containment – The escalation team evaluates the scope and impact of an incident.; • Eradication – The escalation team eradicates any damage caused by the security breach, identifies root cause for why the security issue occurred.; • Recovery – During recovery, software or configuration updates are applied to the system and services are returned to a full working capacity.; • Lessons Learned – Each security incident is analyzed to protect against future re-occurrence.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Covid-19 recovery:

  Covid-19 recovery

  OpenSky acknowledges and understands the Social Value Model to deliver social value through the government’s commercial activities. As Digital Transformation experts, OpenSky provides solutions that can be delivered and supported remotely so that our clients and their employees can consider new ways of working. This improves workplace conditions that support the COVID-19 recovery effort including remote working, effective social distancing, and sustainable travel solutions. If they wish, our clients and their employees can continue to work remotely or from home even if they are a close contact or indeed if they have COVID symptoms. ; By working remotely it can also support the physical and mental health of people affected by COVID-19, including reducing the demand on health and care services.

Pricing

• Price: £600 to £1,250 a unit a day
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at wflanagan@openskydata.com. Tell them what format you need. It will help if you say what assistive technology you use.