Frequently Asked Questions

Ithil is an infrastructure operations platform for teams running mission-critical facilities. It replaces disconnected spreadsheets, legacy CMMS tools, and manual compliance processes with a single system where actions produce audit ready records automatically. The platform ships with templates for municipal public works, water utilities, and data center construction.

Ithil serves two user bases. Government infrastructure teams use it for public works departments, water utilities, transportation agencies, and municipal facilities. Construction and data center teams use it for hyperscale and colocation builds, covering general contractors, commissioning agents, owner operators, and MEP trades. The platform has separate workflows for IT directors, compliance officers, project managers, field technicians, and maintenance supervisors.

Yes. Data center construction is the platform's deepest vertical. It covers the full lifecycle from build to operate: commissioning across the L0 to L6 levels, turnover packages, operational readiness scoring, RFI management, submittals, punch list, drawings with revision control, schedule, cost management, daily field reports, portfolio, subcontractor portal, workforce qualifications, supply chain for long-lead equipment, and safety/OSHA, alongside shared modules like maintenance, compliance, legal holds, inventory, procurement, and permitting. Once the building is live, the SCADA and telemetry layer reads OPC-UA, Modbus, BACnet, and MQTT and turns alarm thresholds into work orders. It sits alongside existing construction project management systems as the operations and compliance layer.

Ithil was built from the start for infrastructure operations: event sourced data, schema level tenant isolation, and compliance enforced in the data model rather than added as a feature. Every module is included by default, with SOC 2 Type I, NIST 800-53, FIPS 140-3, and Section 508 controls implemented from day one. Industry specific requirements load on top: GASB 34 for municipal financial reporting, LCRI and EPA standards for water utilities, and NFPA 75/76, OSHA 1926, IEEE, and ASHRAE for data center construction. Browser and mobile clients run on a shared data model and a single immutable audit trail.

Every module is included by default. The module set varies by industry template. Municipal and water templates cover asset management, work orders, inspections, maintenance, permitting, documents, compliance, analytics, risk scoring, sustainability tracking, damage assessments, water quality and LCRI compliance, capital improvement planning, inventory, procurement, citizen request portal, SCADA/IoT, fleet management, drone inspections, NWS weather alerts, Open311, ESRI ArcGIS, outbound webhooks, and digital twin data feeds. The construction and data center template covers commissioning, operational readiness, turnover, onboarding, RFI management, submittals, punch list, drawings, schedule, cost management, daily field reports, portfolio, subcontractor portal, workforce qualifications, SCADA and telemetry, supply chain, safety/OSHA, maintenance, compliance, legal holds, inventory, procurement, and permitting. Shared across every template: notifications (6 channels, 36 types), mobile app, support tickets, data import, user and role management, API key management, and multi tenant administration.

SOC 2 Type I readiness controls are implemented, backed by more than 40 compliance policy documents and a NIST 800-53 Rev 5 control mapping. Type II audit is scheduled. Ithil is penetration tested by Cobalt. Contact us for the pentest report.

Ithil uses schema level database separation. Each tenant has its own database schema. No query executes without tenant context, so tenant data is separated at the database layer rather than filtered per row. SOC 2 Type I readiness controls cover tenant isolation; the Type II audit is scheduled.

SOC 2 Type I Ready, NIST 800-53 (session management AC-12, network boundary SC-7), FIPS 140-3 validated AWS KMS (envelope encryption with AES-256-GCM), WCAG 2.1 AA, and Section 508 apply across every account. GASB 34 is included for municipal financial reporting. NFPA 75/76, OSHA 1926, IEEE, and ASHRAE requirements are preloaded for data center construction. Compliance controls are enforced at the system level.

All data is stored on 100% US based AWS infrastructure (us-west-2) with encryption at rest (AES-256-GCM via KMS) and in transit (TLS 1.3). Database endpoints are never publicly accessible. All infrastructure runs within isolated VPCs. The entire team is US based with no offshore outsourcing.

Every operation generates an immutable event in the audit log using SHA-256 hash chains. Approximately 25 append only tables and 45 soft delete tables are protected by database-level triggers. A background worker replays every hash chain daily and pages on any mismatch, so tampering is caught by construction. Event sourcing enables point in time reconstruction of any work order or inspection. FOIA export is built in with automatic PII redaction.

Not yet. FedRAMP Moderate and GovRAMP Moderate control mappings are in progress, and CMMC Level 1 self-attestation is drafted. Federal and DoD-adjacent deployments run as a separate deployment fork of the same product, with the NIST AC-12 thirty-minute idle session ceiling enforced and a FIPS 140-3 build of the edge collector. We will say authorized only once an authorization is in hand.

Yes. Audit evidence exports as cryptographically signed packets that a recipient verifies offline with their own copy of the trust anchor, using an open-source command-line verifier. A public-records officer or opposing counsel can confirm a record's integrity without trusting Ithil and without Ithil holding the key.

Go services on the backend, TypeScript and React for the web application, React Native with Expo for mobile (iOS and Android), PostgreSQL with event sourced data models, and deployed on AWS with infrastructure as code. More than 600 documented REST API endpoints.

Construction and data center: Procore and Autodesk Construction Cloud (bidirectional sync of RFIs, submittals, punch items, daily logs, and documents), CxAlloy (commissioning), and Primavera P6 schedule import (.xer and Excel). Industrial: Ignition over OPC-UA and a generic SCADA path, plus an outbound-only edge collector for OPC-UA, Modbus, BACnet, and MQTT Sparkplug B, all with threshold alarms that open work orders. Government and field: ESRI ArcGIS (bidirectional), Open311/GeoReport v2 (SeeClickFix, CivicPlus, Catalis), Tyler Munis and generic ERP, NWS weather alerts, Geotab fleet telematics, drone platforms (Skydio, DJI FlightHub, DroneDeploy, Pix4D, DJI Fly), and outbound webhooks (HMAC-SHA256 signed).

Yes. The mobile app has offline first architecture. Inspections, work order updates, photo capture, and barcode scanning all work without connectivity, and pending changes queue in encrypted device storage and sync automatically on reconnect. Drawing sets cache to the device so a field crew can open the current plan set with no signal.

Yes. An outbound-only edge collector runs on the customer network and speaks OPC-UA, Modbus, BACnet, and MQTT Sparkplug B, with a FIPS 140-3 build for federal sites. It opens no inbound ports, so it does not widen the attack surface of the control network. Ignition gateways connect directly over OPC-UA. Define an alarm threshold once and a tripped reading, for example UPS on battery or low generator fuel, opens a work order at the priority you set, recorded in the same audit trail as everything else.

Six channels: email (SMTP/SES with HTML templates), in-app (real time with unread counts), push (Expo Push API), SMS (Twilio), Slack (Block Kit formatting), and Microsoft Teams (Adaptive Cards). 36 notification types covering every module. Per user, per type, per channel preference toggles with deduplication.

Yes, in municipal deployments. The citizen request portal is public facing with no login required. Ten categories (pothole, street light, water main, sewer, sidewalk, tree, graffiti, drainage, signal, other), automatic tracking codes for citizen follow up, and auto work order creation from submitted requests.

Yes. Ithil includes dedicated water quality and LCRI compliance modules. Service line inventory management (lead, copper, galvanized, unknown classification), water quality test recording with automatic Maximum Contaminant Level exceedance detection, ten preloaded EPA standards, and an LCRI deadline dashboard counting down to October 2027.

Yes. Bulk lab result import supports high volume water quality testing data. Upload test results in bulk and the system automatically flags any MCL exceedances against EPA standards.

Yes. The sustainability and carbon tracking module covers Scope 1 and Scope 2 emissions using EPA emission factors. California SB-253 compliance ready with CSV export for regulatory reporting.

SEV-1 (system down): 1 hour response. SEV-2 (major feature impaired): 4 hour response. SEV-3 (minor issue): next business day. Enterprise tier includes a dedicated success manager.

Ithil is a cloud hosted platform running on US based AWS infrastructure (us-west-2). Self hosting is not available. Every customer runs the latest version.

Onboarding includes data migration from existing systems (CSV/Excel import with validation and dry run preview), team training, and configuration of asset hierarchies, inspection templates, and compliance frameworks. Most teams are fully operational within weeks.

Offline first architecture with request queue and auto sync. Biometric authentication (fingerprint and face), push notifications, barcode/SKU scanning, photo capture with GPS metadata, dark theme, haptic feedback, and swipe to status gestures.

Yes. The Ithil mobile app is built with React Native and Expo, available for both iOS and Android devices.