Bentley Systems (UK) Limited

SYNCHRO 4D

SYNCHRO 4D is the leading solution for civil infrastructure, enabling teams to turn design models into construction models with model-based QTO, scheduling, and simulations.

Features

  • 4D model design
  • 4D model sequencing and visualization
  • Resource management
  • Complete collaboration on 4D design, construction and handover

Benefits

  • Plan, construct and track projects based on models
  • Solve the time-cost conundrum with resource scheduling, visualizations and simulations
  • Save time with a real-time 4D model for close collaboration
  • Increase safety and reduce risks with early warnings through simulations

Pricing

£2,979 a licence

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@bentley.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

9 1 8 8 0 2 9 1 6 8 9 7 2 5 7

Contact

Bentley Systems (UK) Limited Andy Bowles
Telephone: +44 7919 892183
Email: gcloud@bentley.com

Service scope

Software add-on or extension
No
Cloud deployment model
Public cloud
Service constraints
None
System requirements
All requirements covered with the offered service

User support

Email or online ticketing support
Email or online ticketing
Support response times
SLA is within 24 hours on business days. Weekends not included
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
No
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support sent to 1 repository, support escalated through tiers.
Support available to third parties
No

Onboarding and offboarding

Getting started
Access to free online training and help documentation, including in-app contextual help, is included, paid training (either onsite or remote) is available
Service documentation
Yes
Documentation formats
  • HTML
  • Other
Other documentation formats
  • PDF
  • Online videos, in-app guides
End-of-contract data extraction
Documents can be downloaded in the same format, data can be extracted to PDF at no additional cost.
End-of-contract process
Documents can be downloaded in the same format, data can be extracted to PDF at no additional cost.

Using the service

Web browser interface
No
Application to install
Yes
Compatible operating systems
Windows
Designed for use on mobile devices
No
Service interface
No
User support accessibility
None or don’t know
API
Yes
What users can and can't do using the API
Authorised users can access data from the system for reporting, as well as update information and create new data points.
API documentation
Yes
API documentation formats
Open API (also known as Swagger)
API sandbox or test environment
No
Customisation available
No

Scaling

Independence of resources
Systems are logically separated in a virtual cloud environment. All systems are monitored in real-time for performance and availability.

Analytics

Service usage metrics
Yes
Metrics types
Usage via Bentley licensing server can be self-reported. In addition, hosted systems will provide a quarterly feature usage report. Feature usage reports include up to 60 features based on usage of those features. A real-time dashboard for usage is provided while feature usage reports are emailed quarterly.
Reporting types
Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Supplier-defined controls
Penetration testing frequency
At least once a year
Penetration testing approach
In-house
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
Encryption via AES-258
Data sanitisation process
Yes
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
Dedicated functions.
Data export formats
Other
Other data export formats
SP files (SYNCHRO models)
Data import formats
Other
Other data import formats
SP files (SYNCHRO models)

Data-in-transit protection

Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • Other
Other protection between networks
HTTPS
Data protection within supplier network
  • TLS (version 1.2 or above)
  • Other
Other protection within supplier network
Logging of service, user, file integrity monitoring, and network intrusion detection are logged and correlated to detect suspicious network behaviour. Bentley and Azure provide tools to protect against data leaks. IT tools such as CrowdStrike are used to detect suspicious activity and protect against data leaks.

Availability and resilience

Guaranteed availability
No formal SLA, but the service has an availability target of 99.9%
Approach to resilience
All services are deployed in a fully redundant configuration within fully redundant data centres meaning that any failure of equipment, service provider or software service will result in zero, or minimal, impact on the overall service.
Outage reporting
Planned and unplanned outage notification emails are sent to registered users for affected systems.

Identity and authentication

User authentication needed
Yes
User authentication
  • Identity federation with existing provider (for example Google Apps)
  • Other
Other user authentication
Bentley’s IMS authenticates through the users Identity Provider. If MFA is enabled by the user then by default it is utilized in the authentication process. Bentley currently supports federated identity via the OIDC, SAML2 protocol, so MFA is supported via your identity provider.
Access restrictions in management interfaces and support channels
Bentley follows a role-based access (RBAC) process to approve and review all access to infrastructure and data. Bentley has controls in place to restrict access, provide separation of duties, enforce role-based access and has a least privilege access principle. Segregation of duties is split by tasks upon the individual responsible group.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password
  • Other
Description of management access authentication
Bentley follows a role-based access (RBAC) process to approve and review all access to infrastructure and data. Bentley has controls in place to restrict access, provide separation of duties, enforce role-based access and has a least privilege access principle. Segregation of duties is split by tasks upon the individual responsible group. In order for any Bentley administrator to access a system using this account, they must be on a Bentley network. Non-Bentley network access (via RDP) has Two Factor Authentication in place.

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
No
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
No
Security governance approach
Bentley's Data Security Architecture is designed using industry standards and best practices such as NIST. Various products and services are operated under ISO 27001, SOC, CSA Star, G Cloud, and others.
Information security policies and processes
Information Security policies are designed utilising ISO 27001, SSAE16, ITIL and CSA frameworks. Several SaaS offerings are ISO 27001 certified and others are SOC2 certified. All Bentley colleagues are required to review and acknowledge Bentley's Information Security Policy upon hire and thereafter annually. The policies themselves are emailed out at least annually and reside permanently on Bentley's intranet site for quick retrieval.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Configuration and Change Management follow the ITIL framework and policies and procedures are documented with various security standards. All SaaS offerings go through a cloud approval process and are scanned for vulnerabilities prior to production.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Vulnerability management is conducted through various technologies internal and external to the Bentley network. Threats are identified using industry standard listings and patches/updates are applied at least monthly, or as needed, based on criticality.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
IDS/IPS is active on the network perimeter and on selected systems under the scope for SOC2 certifications. Bentley has an Incident Management Service Plan that includes cybersecurity events.
Bentley can quarantine any system on demand and will do so based on its incident response process. In the event of an incident, Bentley's incident response plan is compliant with GDPR requirements. Information security events will be assessed and a decision will be made if the event should be considered a security incident. Reporting requirements shall align with the corporate Incident Response Plan.
Incident management type
Supplier-defined controls
Incident management approach
The Incident Management process covers all aspects of a potential incident from start to finish with defined procedures and colleague involvement. Common events are handled depending on severity, users have multiple methods of reporting and reports are provided as part of the incident management procedure.

Secure development

Approach to secure software development best practice
Supplier-defined process

Public sector networks

Connection to public sector networks
No

Social Value

Fighting climate change

Fighting climate change

Bentley’s mission is to leverage our leading software and services to drive impact through the world’s infrastructure – advancing both the global economy and the environment for improved quality of life. As part of our Environmental, Social, & Governance (“ESG”) strategy, we are committed to managing our business in a way that enhances the environmental impacts of our products and mitigates environmental risks from our operations. Our Environmental Policy details our commitments to Environmental Responsibility and the ways in which we expect our colleagues to act to drive progress on our ESG strategy. Bentley expects all colleagues, visitors, vendors, and suppliers to follow the below practices in order to drive progress on Bentley’s ESG strategy. Bentley's Environmental Policy is here: https://prod-bentleycdn.azureedge.net/-/media/files/documents/miscellaneous/environmental_policy.pdf?la=en&modified=20211021075240
Covid-19 recovery

Covid-19 recovery

When the world locked down to combat the COVID-19 virus, we took immediate action to ensure our colleagues had the equipment and resources they needed to work from home, which also enabled success for our users. Our global task force provided continuous communication, education, and support services to our colleagues. Their wellbeing fuelled our response plan, and we created learning resources to support them throughout the pandemic. These resources included guides and practices for managers to lead virtually with empathy, tips for maintaining team collaboration, and resources and support for colleagues to maintain a healthy work-life balance.
Tackling economic inequality

Tackling economic inequality

As a global company with colleagues of different cultures, backgrounds, and perspectives based in more than 40 countries worldwide, our diversity is what makes us successful. We have developed strategies and programs focused on increasing diversity and equity, as well as fostering a culture of inclusion and wellbeing in the workplace. These initiatives include building a pipeline of diverse candidates by recruiting at and partnering with Historically Black Colleges and Universities.
We also partner with educational and professional organizations to provide internships, scholarships, grants, and projects that support groups underrepresented in technology.
Bentley has active and engaged colleague resource groups within the Inclusion, Diversity, and Equity Alliance (IDEA) that have allowed colleagues, during this pandemic, to join their peers from all regions and departments with the goals of building community and fostering diversity and inclusion. IDEA currently has four focus groups open to all global colleagues: OpenPride, OpenAbilities, People of Colour in the U.S., and Women at Bentley. IDEA has been a platform for education and a place to securely have difficult discussions about racism, discrimination, and bias through book clubs, panel discussion, speakers, and global awareness events. Members of executive management are key sponsors of each focus group and have been instrumental as sounding boards and in providing access to resources and the executive team.
We have implemented robust training with topics focused on respect in the workplace, identifying and overcoming bias, and anti-discrimination. We have held interactive sessions with our executives, emerging leaders, and talent acquisition in fostering diversity, equity, and inclusion and eliminating unconscious bias, and have implemented training for hiring managers to ensure fairness in the interview process.
You can find additional information, including our commitment to anti-slavery on our ESG website: https://www.bentley.com/en/esg/data-center
Equal opportunity

Equal opportunity

Bentley is an equal opportunity employer and considers all qualified applicants for employment without regard to race, colour, sex, sexual orientation, gender identity, disability, protected veteran status, religion, national origin, age, or any other protected characteristic. This commitment extends to all aspects of employment, including, but not limited to, hiring, placement, promotion, compensation, and training. EEO is the Law and EEO is the Law Supplement documents provide additional information about your rights as an applicant under the law.
Wellbeing

Wellbeing

As a company, it is our goal to ensure our colleagues know they are supported and valued as the first order of business.
Therefore, our Talent Management strategy puts colleagues at the centre of the workplace at Bentley. We focus on enriching colleague experience and creating memorable, meaningful, and purposeful connections. We invest in developing an impactful experience that reflects the company’s mission and values. We build practices and programs that deliver on engagement, recognition, communication, and development while rewarding colleagues through our robust total rewards package.

Pricing

Price
£2,979 a licence
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Any user can initiate a free trial project without entering any payment details. The project is live for 30 days and includes the system’s full functionality with no limitations. The trial project is accessible for 30 days, at which time it is deactivated without the user needing.
Link to free trial
https://construction.bentley.com/

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@bentley.com. Tell them what format you need. It will help if you say what assistive technology you use.