CSS EUROPE LIMITED

Pro-Cloud

Pro-Cloud is a full cradle to grave solution that handles a complete asset cycle, managing in-field activities for any market sector.

Features

• Asset Management
• Automatic Updates via Mobile Workforce
• Tracking and Tracing Abilities
• Full Vehicle Route Optimisation with GPS Tracking
• Supply Chain Management
• Streamlined Procurement Processes
• Cradles to Grave Audit of Financials
• Centralised Client and Supplier Information
• Preventative Maintenance

Benefits

• Reduced Paper Outlay
• Increased Customer Satisfaction
• Increased Workforce Efficiencies
• Increased Security
• Reduced Risk of Error and Delays
• Real-time Order Tracking and Visibility
• Automated Updates
• Reduced Operation Costs
• Increased Productivity of Assets
• Improved Cost Effectiveness across your Supply Chain

£34,995 a licence a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at emma.strain@csseurope.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

747672386188456

Contact

Emma Strain
08448794531
emma.strain@csseurope.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: None
• System requirements:
  • Any Compatible Browser
  • Any Android or IOS Device

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard Support hours are Monday to Friday 08:00 to 18:00 (excluding Bank Holidays). Support for connectivity and ‘server up’ is 24/7/365 and provided by Rackspace UK Limited.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Livechat can be accessed via www.csseurope.co.uk by our dedicated support staff Monday - Friday 8am - 6pm (excluding Bank Holidays)
• Web chat accessibility testing: None
• Onsite support: Yes, at extra cost
• Support levels: CSS offer a number of traditional training sessions as part of every contract go-live. We recommend a certain amount of training days depending on the size of your organisation. ; ; After Pro-Cloud has been implemented and gone live if further training days or consultancy days are required charges will be applied at:; - Professional Service & Consultancy £1095; - Professional Training Days £1095
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: As part of every contract Go-Live CSS offer a number of traditional face-to-face onsite training sessions. These consist of normally 15 delegates per session. A number of managerial training sessions are also offered to make sure organisations are benefiting from the system fundamentals. ; ; After Go-Live users will have access to our e-learning platform and all help guide materials.; ; Additional training is required at £915 per session after Go-Live if required.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Users have the capability to download all data at contract end via CSS's method via an SQL database or excel extraction. This can be undertaken by our support team or by the client using our secure interface.; ; If non CSS template extractions are required our daily rate will be envoked.
• End-of-contract process: Upon expiry or termination of the Agreement, all client data will be deleted from the system no less than 10 days from the date of expiry or termination, in line with Data Protection and data retention requirements. There is no cost for this service.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• User support accessibility: WCAG 2.1 AA or EN 301 549
• API: Yes
• What users can and can't do using the API: Users can call API's through secure web services for a variety of reasons; - - Live activity tracking information; - Placing orders from third party systems; - Moving Assets; - Completing activities; - Asset tracking and verification
• API documentation: Yes
• API documentation formats:
  • Open API (also known as Swagger)
  • HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: All contracts can be configured to suit the needs of the customer and type of contract they are operating.

Scaling

• Independence of resources: Pro-Cloud is fully load balanced across communications, web and database. Through our provider Rackspace UK Limited, Pro-Cloud has the ability to automatically increase bandwidth requirements and laid balance traffic across web and database servers in real time.

Analytics

• Service usage metrics: Yes
• Metrics types: CSS provide metrics for server availability throughout a given period through real time dashboards.
• Reporting types: Real-time dashboards

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: ‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
• Protecting data at rest: Physical access control, complying with CSA CCM v3.0
• Data sanitisation process: Yes
• Data sanitisation type:
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: Users export the data through our cloud interface.
• Data export formats: CSV
• Data import formats:
  • CSV
  • Other
• Other data import formats: SQL Server

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Cloud Server Hosts Service Level Guarantee. Rackspace guarantees the functioning of all Host Servers hosting the Cloud Servers or Cluster (including the hypervisor, where applicable). If a Host Server hosting a Cloud Server or Cluster fails, Rackspace guarantee that restoration or repair will be complete within one (1) hour of problem identification. If we fail to meet this guarantee you will be eligible for a credit, as follows: Five percent (5%) of the Service Fees for each additional hour of unavailability (or portion thereof), after the first hour, up to one hundred percent (100%) of the Service Fees.
• Approach to resilience: Available on request.
• Outage reporting: Outage reporting is communicated via a public dashboard, API's communicate outages or high usage volumes to customers. All outage failures are emailed to key client addresses as soon as an outage is determined.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Pro-Cloud defines a number of user roles that are key to managing the people who utilise the platform, both for administration and service and data management. Users and people are essentially equivalent terms; it's the broadest definition for all people who use Pro-Cloud. Pro-Cloud defines each user's role when they are added, as users role may be changed as needed. When users sign in, they are only shown the parts of the platform that they are allowed to see and use. User access rights dictate who they can access Pro-Cloud's support channel.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IG SOC Level 3
  • Cyber Essentials Plus

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: - Information Governance Level 3; - Cyber Essentials Plus; - We adhere to the framework and controls of ISO 27001, with our hosting provider being certified.
• Information security policies and processes: Undertaking and adhering to the framework and controls of ISO 27001. IG Soc NHS Level 3 certified

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Pro-Cloud change management steps: ; 1.Collect all the information about the change, RFC. Submit RFC to change management. Review and complete information if needed. Classify - impractical, already considered or incomplete. Implement change. Monitor implementation progress, check that change has met its objectives. Close the record and notify requestor. ; ; 2.Evaluation process, impact, urgency, risk, benefits and costs of doing and not doing the change, Evaluate assessment results, schedule change advisory board meeting, schedule emergency, advisory board meeting, evaluate change for authorisation, project charter, schedules and other information, obtain required authorisation. ; ; 3.Plan implementation, negotiate schedules, authorize and schedule change.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability is managed by our hosting provider Rackspace Uk in real time. Patches are deployed outside working hours as soon as we are notified by vendors.; Rackspace monitor threats through vendors and all reliable internet security channel
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: CSS and Rackspace apply protective monitoring, as deemed in CESG Good Practice Guide No. 13 (GPG 13:[4]), which we consider as our good practice.; CSS and backspace respond to incidents within 8 hours of any incident occuring.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: Users report any incident via our Zendesk Helpdesk system whereby a ticket can be labelled 'Security Incident'. ; Incident reports are also provided through the same secure Helpdesk system.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Wellbeing:

  Wellbeing

  Using Pro-Cloud promotes wellbeing for employees in a variety of ways; Experience -Reduction in manual processes -Releasing time for staff to focus on must-do tasks to a higher standard Reduction in bureaucracy -Empowering staff to take control of processes that are easy to follow and are streamlined across the service -Manual processes are no more, introducing paperless working with automated processes for transfers, picking and stock take leads to a positive working environment, keeping morale high Time saving -Analyzing data from one true source, decreases time spent interrogating multiple reports from multiple sources -Utilising RFID technology saves time spent on ensuring vehicles are prepped, scanning the item also gives a quick view on whether the equipment is due service/maintenance or allows the team to raise a fault report -Auto transfer dashboards and functionality ensures stock wastage is reduced and stock rotation is improved with minimum manual intervention

Pricing

• Price: £34,995 a licence a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at emma.strain@csseurope.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.