BRIGHTLY SOFTWARE LIMITED

Brightly Community Central

The Brightly Community Central connector enables deep integration with the Jadu platform, a low-code, web-based platform for digital service delivery, incorporating collaborative case management, payments, forms, customer MyAccount and website. Brightly has a global partnership with Jadu, enabling full 2-way communication between residents, stakeholders, businesses and the assets you own.

Features

• Brightly Software Confirm integrations included for seamless interaction with Assets
• Granular access controls, with audit trail and user login reports
• Forms are integration-ready with CRM, payment gateways, databases, etc
• Advanced form features: branching rules, data retention, PDF generation
• Web timeline view of customer cases, Real-time messaging and updates
• Non-technical workflow, rules and notifications configuration
• Create repositories for structured data and allow customer generated additions
• Visitor login and personalised landing pages based on stated preferences
• Customisable components for embedding third party content into homepages

Benefits

• Highly secure hosting and GDPR-compliant platform
• Customer accounts providing transaction history and personalised web experience
• Build end-to-end digital services and drive savings through channel shift
• Quickly locate relevant content through powerful navigation and discovery tools
• No programming required nontechnical forms and service workflow design
• Developer API for easy system modification and extensions
• Platform built on open-source technologies
• Enable business users to configure complex systems integrations and payments
• Secure, extensible and affordable Content, Form and Case Management Platform
• Accessible forms & websites which meet WCAG2.1 AA as minimum

£25,000 an instance a year

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgcloud@brightlysoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

696193383229918

Contact

Brightly Software - UK Sales Team
+44 (0) 808 167 4526
ukgcloud@brightlysoftware.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: In order to minimise disruption to end users, upgrades and system maintenance is performed during the Scheduled Downtime window, currently 06:00 AM to 10:00 AM each Sunday.
• System requirements: Suitable modern browser (Edge, Chrome, Firefox, Safari)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Technical Support is provided from 09:00 to 17:30 Monday to Friday excluding public holidays. Our online case management portal and knowledge base articles are available 24/7.; There are three methods for logging a new technical support case: 1. Online Portal 2. Email. 3. Telephone.; Case severity levels and associated target response times are as follows: 1. Critical: within 30mins. 2. High: within 4hrs. 3. Medium: within 2 business days. 4. Low: within 4 business days.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: Yes, at extra cost
• Support levels: Technical Support is provided from 09:00 to 17:30 Monday to Friday excluding public holidays. Our online case management portal and knowledge base articles are available 24/7.; There are three methods for logging a new technical support case: 1. Online Portal 2. Email. 3. Telephone.; Case severity levels and associated target response times are as follows: 1. Critical: within 30mins. 2. High: within 4hrs. 3. Medium: within 2 business days. 4. Low: within 4 business days.; Remote access help, such as Microsoft Teams, is available at the discretion of the Software Support team.; Clients receive free version upgrades for their purchased products.; A dedicated Account Director is also assigned to each customer.
• Support available to third parties: No

Onboarding and offboarding

• Getting started: A full implementation plan is agreed at the start of the project. This follows the Brightly project methodology phases of Initiate, Adapt, Build, Validate and Adopt. Brightly will provide project team resource to support you with the implementation of the service, handing over to our Technical Support team as the system enters business as usual. Training is typically delivered during the Adopt phase, utilising a variety of training methods. These include onsite training, virtual training and online self-learning training via videos and user manuals.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: We will provide an export of data from the database in a database backup file format. Document files, such as photographs, will also be exported. These will be made available for the client to download.
• End-of-contract process: Data extraction at the end of the contract is an additional cost to the customer and priced at the time of request.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The ConfirmConnect mobile app is designed specifically for field-based users undertaking a range of on-site tasks, including asset surveys, condition inspections, customer enquiries, maintenance jobs and Street Works inspections. The app is designed to work without the requirement for an 'always on' connection. The app also uses the GPS capability of the mobile device to show the user's current location.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: The service interface is a modern web client, accessible using a modern browser (Edge, Chrome, Firefox, Safari).
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Accessibility testing tools are used by our developers, testers and designers to ensure Confirm meets accessibility standards.
• API: Yes
• What users can and can't do using the API: Confirm provides a suite of fully documented API's. Establishing integrations with other corporate systems such as CRM, finance, contractor and IoT are typical uses of the API's.
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
  • PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The service is highly configurable without requiring software development. For example, business process workflows, validation rules, lookups and map layers are all configurable.; ; Configuration of the service would be a client System Administrator role. Brightly provide user manuals, online knowledge articles and online training videos to support System Administrators. In addition, our Professional Services team can provide training and consultancy services. Please refer to the SFIA Rate Card.

Scaling

• Independence of resources: Brightly have in place its own internal procedures to ensure users are not affected by demand of other users. Using industry standard tools, Brightly are able to closely monitor activity across all of its services and load balance where appropriate.

Analytics

• Service usage metrics: Yes
• Metrics types: System Availability.
• Reporting types: Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Users can use the reporting tools built-in to the user interface to export data from the system, either ad hoc or on a scheduled basis. APIs are also available to access and export data from the system.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • TXT
  • Map Layer - Mapinfo TAB
  • HTML
  • PDF
  • SQL
  • XML
  • Tab Delimited Text
  • JSON
  • Dbase3
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • XML
  • JSON
  • Tab Delimited Text

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: SLA is based on System Availability of 99.9%. For full details on the SLA see the Service Definition.
• Approach to resilience: All customer production data is replicated over two AWS availability zones, thus minimizing the possibility of any data loss that might result from a database server failure. In the event of any kind of failure, the standby database is automatically engaged, thus minimizing service downtime.
• Outage reporting: Email alerts will notify customers of an outage.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: AD user groups. Security model built into Confirm software.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: User-defined
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: User-defined
• How long system logs are stored for: User-defined

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 04/12/2023
• What the ISO/IEC 27001 doesn’t cover: Brightly operates an Information Security Management System which complies with the requirements of ISO/IEC 27001:2013 for the creation, support, sales, and supply of Confirm software and associated services to local government, central government, and the commercial sector.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Brightly corporate policies and control framework are aligned with the ISO 27001 Information Security Program Management Standards. This includes pragmatic policies, procedures, standards and guidelines to support the information security requirements, with a focus on the most critical assets. This enables us to maximize efficiency and effectiveness by leveraging a common set of controls and policies to comply with many regulations. The Brightly information security policy framework includes documented policies, procedures, standards and guidelines to support our relevant information security requirements.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration is formed using cloud formation and packer templates and other scripting methodologies and are all subject to version control. A committee reviews the changes to the server and the configuration. The committee decides based on the test results and the risk involved. The changes are not performed without prior approval from the committee and the stakeholders. The normal change requests go through complete phase of stakeholder approvals, testing and UAT.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: Scan is run on servers using Vulnerability Assessment tool The vulnerabilities are identified, remediation for the identified vulnerabilities are completed within 30 days, all stakeholders are informed and the same change management process applies to the remediation process. There are various ways including the VA update and emails where we get inputs on potential threats.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Every end point in the OnDemand environment has CrowdStrike Falcon Sensor for endpoint security management, which is the first and only solution to unify next-generation antivirus, endpoint detection and response (EDR), and a 24/7 threat hunting service. The responses are provided based on the severity level.
• Incident management type: Supplier-defined controls
• Incident management approach: If an incident is identified, either through system monitoring, internal teams or client reports via our support team, response processes are enacted by the technical teams. Depending on the severity of the event, escalation processes are in place to ensure that the correct teams and management levels are aware and support any resolution activities. The response teams are engaged to address the event and resolve any emerging issues until the adverse impact is averted or resolved. The process is documented in accordance with our ISO9001 processes.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Brightly have partnered with Our Classroom Climate (OCC) who provides selected schools 80+ videos on Climate Change, a science kit for growing algae in the classroom and an air quality monitor to measure the composition of gases and particles in the air we breathe. Educating Primary School children on the effects of climate change and air quality in their classrooms promotes wellbeing for residents as well as keeping people safe from harm. OCC is the UK’s first climate education programme with carbon capture and air quality audit using Brightly software to collate and report on the air quality across all participating schools. The classroom climate project offers enrolled primary schools creative and fun ways to learn about climate change, sustainability and essential global issues – while fully supporting the English national curriculum.

  Covid-19 recovery

  Brightly commits to holding local events/meetings where possible utilising local venues and catering providers for the event to increase local spend.

  Tackling economic inequality

  Brightly have partnered with 2B Enterprising to provide the 'Bumbles of Honeywood' Enterprise Education programme for primary school children aged 5 – 11 years. It has been designed by primary school teachers to support the development of pupils’ key skills required in work and life. This programme is funded and supported by local and national businesses, including Brightly, who are keen to invest in the next generation of leaders, employees and entrepreneurs – which eliminates the budgetary pressures on the school, gives businesses the opportunity to engage effectively with the youngest members of their community – our future, as well as helping to tackle economic inequalities.

  Equal opportunity

  With industry support, Brightly have launched ‘FLARE’, a new initiative designed to support and empower women working within Local Authorities' Highways Departments. FLARE, which stands for Female Local Authority Roads Engagement, aims to foster a strong network of women at all career levels, providing a platform for resource sharing and strategic collaboration.

  Wellbeing

  By utilising Brightly’s performance dashboards in Confirm, clients can track the well-being of crews and operatives in the field. This can help to identify trends in performance linked to mental and physical health.

Pricing

• Price: £25,000 an instance a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ukgcloud@brightlysoftware.com. Tell them what format you need. It will help if you say what assistive technology you use.