FIRST 2 HELP YOU LIMITED

First 2 Help You - Lone Worker Protection

First2HelpYou provides 24/7/365 lone worker safety solutions with every emphasis placed on service provision. Our NSI gold certification demonstrates that we are compliant to BS8484:2022, and ISO9001:2015. Our Product portfolio comprises of dedicated devices, smartphone applications, all of which are supported by our online management portal ‘Connect’.

Features

• BS8484 compliant service
• 24/7/365 BS5979 CAT II Alarm Receiving Centre
• Range of products and service
• GPS location
• Amber Alert / Red Alert / Mandown
• Police Priority 1 Response (URN) Unique Reference Number
• Connect management portal
• Face to face / Online training provided
• Account Management
• Geofenced areas

Benefits

• Providing lone worker protection
• Duty of Care
• Easy to use solutions / management portal
• Variety of products
• Customised roll out plans and training
• Tailored service
• Flexible pricing structure
• Visibility of lone workers to know who is at risk

£2.50 to £9.50 a unit

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@first2helpyou.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

902683590331631

Contact

Alicia Mather
0333 7729401
sales@first2helpyou.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: The First2HelpYou Smartphone Applications are supported by Android and iOS only
• System requirements:
  • Android 4.3 or later
  • IOS 10 or later
  • Compatible web browser for portal access (Chrome/Safari/Firefox/Edge/Internet Explorer 11+)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Monday - Friday, 8.30am - 5pm, excl bank holidays and weekends. (Response time of 1 hour or less)
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 A
• Web chat accessibility testing: Webchat provided by Tawk
• Onsite support: Onsite support
• Support levels: All users and devices are monitored 24/7/365.; ; Account Management / technical support is included within the service.; ; Initial group face to face training / online training is included free of charge for users and managers.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide a range of onboarding options including group face to face (client site) training, train the trainer, e learning and phone support. All solutions are provided with supporting documentation.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Data can be provided securely on request.
• End-of-contract process: Once the contract has reached the minimum term and termination notice received and licences cancelled / devices returned no further charges will apply.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: Smartphone application available on both Android and iOS. Connect management portal is accessed via desktop or mobile / tablet, for real-time visibility of lone worker status and system administration.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Our Connect management portal is the client interface and is accessible through desktop, mobile or tablet browser.
• Accessibility standards: None or don’t know
• Description of accessibility: Our Connect management portal is the client interface and is accessible through desktop, mobile or tablet browser. Only allows access to individual account/s which permission has been granted to. Ability to update user information.
• Accessibility testing: Third party verification
• API: Yes
• What users can and can't do using the API: Users of the Connect portal can make changes to user details / devices & applications / escalation contacts. We have an API to allow our system to pass and receive data from other relevant systems.
• API documentation: Yes
• API documentation formats: PDF
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Amber Alert timer,; Man Down impact and non-motion,; GPS reporting and visibility,; Access levels,; Account Hierarchy.

Scaling

• Independence of resources: We use systems which can be scaled up to ensure any peaks in demand on service are met.

Analytics

• Service usage metrics: Yes
• Metrics types: Non usage,; Full activity,; Last activity,; Alarm response times,; Genuine / non-genuine activation,; Geo fencing.; Reports can be provided to suit individual requirements.
• Reporting types:
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data can be securely exported from the Connect portal in CSV format for those users who have the correct access levels.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: 99% uptime SLA. If the service level drops below 95% in any one month the a credit of 25% of the monthly service charge will be applied to the next invoice.
• Approach to resilience: Data is stored on fully load balanced, geo-redundant replicated servers. Further information available upon request.
• Outage reporting: Any outages are reported through emails and text messages. Regular updates will be provided until the issue is resolved and a report detailing the root cause and resolution will be provided.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: User name and password; 2 Factor authentication; Full audit logging
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Data is stored in third party data centre 27001 accredited
• ISO/IEC 27001 accreditation date: 25/02/2016
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • BS8484:2022
  • BS7858:2019
  • ISO 9001:2015
  • ARC hold BS5979:2007

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: Our information systems infrastructure (servers, networking equipment, etc.) are located at third party ISO27001 audited data centres. We manage all of our storage and servers located in those data centres. Technical Director is responsible for internal policies and processes.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Changes are guided by our technology roadmap. Each change / upgrade is deployed in a lab environment and tested fully before deployment.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: Annual penetration tests are undertaken in house which address any potential unknown issues. Patch management is in place for all live systems and is rolled out in line with Cyber Essentials requirements. We monitor vendor vulnerabilities and apply patches where advised, also monitor CVE databases that relate to our systems.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: Monitoring systems are in place to detect non approved access / use of the system which actively notifies support personnel. Access controls are altered in response and full security incident investigation is triggered. Immediate response form the point of identification.
• Incident management type: Undisclosed
• Incident management approach: We have an incident management process published which all employees follow. Incidents are reported to the Technical Director who conducts the investigation. Incident reports are filed.

Secure development

• Approach to secure software development best practice: Supplier-defined process

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Equal opportunity

  Fighting climate change

  We are committed to combating climate change through our operations, and one significant aspect of this commitment is our location within a property managed to ISO 14001 standards. This management system ensures that environmental impacts are rigorously monitored, controlled, and continuously improved upon. By adhering to ISO 14001, we demonstrate our dedication to reducing carbon emissions, minimising waste generation, and conserving resources. Our presence within such a sustainable environment reinforces our pledge to contribute positively to the global effort to mitigate climate change

  Equal opportunity

  We firmly believe in the principle of equal opportunities and strive to create an inclusive environment where diversity is celebrated and all individuals are treated with fairness and respect. Our commitment to equal opportunities is reflected in our policies, practices, and workplace culture. We foster an environment where everyone, regardless of their background, gender, race, ethnicity, religion, sexual orientation, or disability, has the opportunity to thrive and reach their full potential. By embracing diversity and promoting inclusivity, we not only enrich our organization but also contribute to building a more equitable society

Pricing

• Price: £2.50 to £9.50 a unit
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We offer a free trial of up to 10 users, for a period of 1 month. Any other requirements can be discussed further.
• Link to free trial: https://www.first2helpyou.co.uk/free-trial/

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@first2helpyou.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.