Cloud Workforce Management Software Platform

Service scope

Software add-on or extension: No
Cloud deployment model: Private cloud

Hybrid cloud
Service constraints: None, it is a flexible cloud service available across AWS, Azure and Google Cloud instances in both private and hybrid configurations
System requirements: Cloud Server Instances - specification based on end user volume

User support

Email or online ticketing support: Email or online ticketing
Support response times: SLA's are listed below:

Target Response Time
Call Resolution – Severity 1
95% within 4 hours unless otherwise agreed with the customer

Call Resolution – Severity 2
95% within 6 hours unless otherwise agreed with the customer

Call Resolution – Severity 3
95% within 1 Business Day unless otherwise agreed with the customer

Call Resolution – Severity 4
95% within 3 Business Days unless otherwise agreed with the customer

Call Resolution – Severity 5
95% within 2 Business Days unless otherwise agreed with the customer

Call Resolution – Severity 9
75% within 6 months unless otherwise agreed with the customer
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: Web chat
Web chat support availability: 24 hours, 7 days a week
Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
Web chat accessibility testing: We use a third party chat product and also for ticket support that adheres to WCAG 2.1AA. We already work with NSW Government in Australia that has the WCAG requirements and 2 new customers are in Aged Care with this standard is mandatory.
Onsite support: Yes, at extra cost
Support levels: Our support levels are as follows:

We offer level 1 support to our end users by prior arrangement and this is priced based on user volume with a 3 month "true up" clause in place, incase volumes vary widely from estimates.
Our most popular support is level 2, where the triage is carried out by an inhouse level 1 team for consolidation and initial troubleshooting. Our support team then take over the issue and are responsible for a central point of communication back into our customer.

Phone/Chat/Ticket/Email are all available methods of communication and no onsite visit has been required in over 6 years of operation.

In the event of a Severity 1 issue, a Resolution Manager is assigned from our team who liaises with our Client Account Manager and a representative or team from the Customer side.

Pricing is based on the Support Level sought.
Support available to third parties: Yes

Onboarding and offboarding

Getting started: There are 2 entry points:

1. Via a 30 day trial. In this case our customers are migrated to a production instance to continue their experience and preserve any investment they may have made. For example if our customer has chosen to invest in best practice setup or for their data to be loaded, we ensure that is retained.

2. Procuring via RFQ etc. In this case we offer a full training package as part of the onboarding process. Also included is "walkthrough" labels and tips for first time users. We build on this with our own Wiki and YouTube channel for self service.
Service documentation: Yes
Documentation formats: HTML
End-of-contract data extraction: We can provide this service for a fee that is agreed upon at contract signing. We also provide some data export capability for Administrators in specific formats based on sign off by our customer.
End-of-contract process: If this question refers to parting of ways, all end of contract services are included in the investment. Data export requirements are discussed and agreed upon at the start of the contract with a fee for this factored in accordingly.

Ultimately if our customers do not continue to see value in our product, we still want them to have a good experience in ending the contract and take pride in offering a smooth service with this. Including pricing for this process at the start of the contract helps ensure this is not seen as a "gouge" at the end of the contract.

However, if this question refers to re-signing a new contract with us, we start the journey 6 months before the due date and undertake analysis of IOP utilisation and the relationship to see where we can add additional value.

Using the service

Web browser interface: Yes
Supported browsers: Internet Explorer 11

Microsoft Edge

Firefox

Chrome

Safari

Opera
Application to install: No
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Functionality is the same between mobile web browser and desktop web browser, however the rendering and experience is different. Due to the rich functionality offered by our Intelligent Operations Platform, running it from a mobile device is not advised, despite being fully functional.

We recommend a minimum of 10" tablet for the best experience.
Service interface: Yes
User support accessibility: WCAG 2.1 AA or EN 301 549
Description of service interface: We have a published API for our customers to consume data into their own products and a suite of pre-built connectors. These have been built for rapid enablement of processes by our customers. Example connectors include Finance and CRM products plus ERP's.

The connector tool is a WYSIWYG interface.
Accessibility standards: WCAG 2.1 AA or EN 301 549
Accessibility testing: None but we have designed it with WYSIWYG in mind.
API: Yes
What users can and can't do using the API: We have API's for consuming all data from the Dusk IOP. These API's can be securely connected back to a number of leading on premise or cloud based platform for seamless exchange of information.

We have also built a workflow automation tool to enable this transfer to have business rules built into it.

We offer a consulting service to set this up initially and welcome our customers to manage this ongoing or with our support.
API documentation: Yes
API documentation formats: HTML
API sandbox or test environment: Yes
Customisation available: Yes
Description of customisation: Our product is configurable. Users can build their own modules which create their own database tables. These appear as forms in the IOP which can be easily connected to external data sources for visualisation of data.

Virtually of all of the IOP can be customised as it is a dynamic platform with clearly defined permission levels. Adminstrators are the only roles that can perform configuration changes to data structures. Other user levels are able to make changes within their own IOP instance.

Dashboard tiles for our summary screen are pre-built, however they can still be customised with a drag 'n' drop interface.

Scaling

Independence of resources: Our services are set to auto scale based on the use of the Dusk Mobile data centre. This provides a seamless experience for our customers.

If customers wish to use their own data centre, we have clauses in place to protect both parties based on the access the Dusk Mobile team have to the customer data centre.

We have service level performance metrics with target response times on database queries, that are monitored with our inbuilt crash analytics toolset.

Analytics

Service usage metrics: Yes
Metrics types: We have system monitoring through the whole platform to track usage amongst many other areas. This is part of our proactive monitoring and includes areas such as system scaling, early warnings on thresholds amongst many others.

Sample service usage includes:
User Access - Name, Time, Location, Duration
Module Access - User, Change Logs
System Performance
Data Consumption
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Not a reseller

Staff security

Staff security clearance: Other security clearance
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom

Other locations
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least every 6 months
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with CSA CCM v3.0

Encryption of all physical media

Scale, obfuscating techniques, or data storage sharding
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation

Deleted data can’t be directly accessed
Equipment disposal approach: A third-party destruction service

Data importing and exporting

Data export approach: Administrators are the only role that can export data and this is tightly controlled. Multiple export formats are available including XML, JSON, CSV and PDF.

Due to the sensitivity of this, multiple parties are involved on the customer side in agreeing to this functionality. We can also remove this completely from a customer Intelligent Operations Platform instance.
Data export formats: CSV

Other
Other data export formats: XML

JSON
Data import formats: CSV

Other
Other data import formats: XML

CSV

MPP

TXT

Data-in-transit protection

Data protection between buyer and supplier networks: Private network or public sector network

TLS (version 1.2 or above)

Legacy SSL and TLS (under version 1.2)
Data protection within supplier network: TLS (version 1.2 or above)

IPsec or TLS VPN gateway

Legacy SSL and TLS (under version 1.2)

Availability and resilience

Guaranteed availability: There are not enough words to put our SLA's in here and we would be happy to provide our Service Level Agreement document.

At a high level, this is them:
3C.1 - Business Hours system availability
System Availability >=99.75%

3C.2 - Number of system outages within given reporting period
System Availability - 2 or less per month

We also have full Resolution and Closure of Incident SLA's that are aligned with Australian Government regulations that we can easily provide upon request.
Approach to resilience: We have a number of measures in place and would be more than willing to provide it. We have a Cloud Services Questionnaire that is a template of the most commonly asked questions by our customers.

This addresses many areas of interest and available upon request.
Outage reporting: Outages are reported via API, email and SMS alerts.

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Dedicated link (for example VPN)

Username or password
Access restrictions in management interfaces and support channels: We use multi-factor authentication and certificates externally and permission based tiers within the IOP product. Tiered structures are securely defined and we assist in audit recommendations following purchase.
Access restriction testing frequency: At least every 6 months
Management access authentication: 2-factor authentication

Public key authentication (including by TLS client certificate)

Identity federation with existing provider (for example Google Apps)

Limited access network (for example PSN)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: User-defined
Access to supplier activity audit information: Users have access to real-time audit information
How long supplier audit data is stored for: User-defined
How long system logs are stored for: User-defined

Standards and certifications

ISO/IEC 27001 certification: No
ISO 28000:2007 certification: No
CSA STAR certification: No
PCI certification: No
Cyber essentials: No
Cyber essentials plus: No
Other security certifications: Yes
Any other security certifications: VPDSS

NIST Framework

ISO27001 currently in progress

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001

Other
Other security governance standards: With over 10 years experience with customer smart meter data and customer outage data, we are well versed in the regulatory and compliance side of technology.

We also adhere to the NIST Framework to ensure the appropriate compliance and governance is in place. We are also VPDSS compliant.
Information security policies and processes: Our staff are trained in data privacy and compliance as part of the NIST framework accreditation, which forms part of onboarding and ongoing training. This includes but is not limited to controls around access to information, physical security including swipe cards, keys, BCP, ICT security including password protection on equipment, 2FA, personnel security and governance.

Security extends beyond this though for Dusk Mobile and includes Privacy by Design, only accessing and storing the required data, with protocols in place to purge data including governance for data at rest and data in transit.

We have a dedicated Chief Security Officer who holds the following credentials CIPM, SABSA, CRISC, ZSTC.

We also adhere to the VPDSS here in Australia and we can also be found on the Federal Government Digital Transformation organisation panel for COTS software. To achieve this accreditation involves many compliance and control mechanisms to be in place that we are happy to share.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: We have a product roadmap that is available for customers who have made the decision to procure the Intelligent Operations Platform.

All development follows the Agile methodology and is committed to sprints before being deployed to a "Staging" environment. Deployments are automated with no outage to our customers and are regression tested within the Staging environment.

Security testing is one component amongst user testing, integration testing and acceptance testing before. Based on the code change being introduced, penetration testing is also performed.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Our threat information comes from many sources and something we take seriously. Assessments are performed using monitoring tools inbuilt to our platform, cloud services tools and operating system tools. We have network traffic tools and a suite of other monitoring devices.

Patches are applied as soon as they have been tested in our Staging environments. In the mean time we prioritise isolation and notification to our customers

Examples include: Operating System Vendors, CrowdStrike, third party Security through our SAML partners, Anti Virus providers, Firewall providers, our Chief Security Officer and their advisory board amongst others.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Our platform has inbuilt monitoring and alerts including for anomalies. We also utilise a number of services available through our cloud hosting platforms, all of which can be made known to a purchaser.

Responding to any identified issue includes informing a nominated person or team on the customer side immediately including preventative measures taken on our side upon identifying the compromise. We then work through remediation, root cause analysis and preventative measures internally before working through these with our customer.

Our service is 24 hours, with response times defined in our available SLA's.
Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach: We have pre-defined processes for common events to make both the raising and resolving quick.
Users report incidents through the following channels: Tickets, Email, Phone or Chat.
Incident reports are provided within 24 hours of closing the incident out by way of a Root Cause Analysis.

Secure development

Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks: No

Tackling economic inequality: Tackling economic inequality

Our platform looks to address the sub category of, Increase supply chain resilience and capacity, through our response.

Dusk Mobile as a business leads by innovation and collaboration with our customers. With each project delivery of our platform, the Dusk IOP, we challenge new boundaries. Projects start as pilots typically to prove/disprove a hypothesis ahead of moving to a full project at scale.

The Dusk IOP is a collaborative works management platform that brings customers, suppliers, partners and staff under the same virtual roof. This delivers significant efficiencies, savings and automation to large and small customers.

Being a secure cloud based product, the integrations to other products are made much more straight forward including IoT platforms, for instant alerts, CRM's, HR and Finance platforms that are already in place. The Dusk IOP acts as a pseudo middleware between these technologies but with the power or performing basic through to highly complex jobs and projects.

The Dusk IOP has been designed to be business user flexible, so customers can get up and running quickly and easily without needing IT knowledge or involvement from IT. This further reduces cost and time to value for our customers.

Out of the box reporting and dashboards help visualise and take action quickly.

Pricing

Price: £10 to £99 a user a month
Discount for educational organisations: Yes
Free trial available: Yes
Description of free trial: The trial includes dummy data and full access for 14 days.

Training and customer data visualisation is not available without payment during the trial. We do offer a fixed fee setup for 5 use cases during the trial to validate our product if required.
Link to free trial: https://duskmobile.net/register

Cloud Workforce Management Software Platform

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Cloud Workforce Management Software Platform

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents