The easiest, most intuitive way to track time in monday.com
It’s On Time by CapabilitySource is a time entry and tracking system integrated into monday.com crafted for leaders who aim to elevate team productivity and streamline project planning. It’s On Time is designed to blend seamlessly into your daily workflow on monday.com, offering an effortless method to monitor time, enhance productivity and unlock actionable insights.
Core Features:
Provides a simple, embedded user experience for capturing job-level work time, directly on monday.com. No need for yet another loosely integrated time capture and reporting tool. It looks and feels like native monday.com functionality.
Seamless Integration within monday.com
One Click Time Entry
Comprehensive Timesheets
Data-Driven Decision Making
Premium Features:
Provides the ability to load timesheet data directly into a reporting and analytics database for advanced analysis and dashboards, including plan-to-actual comparisons.
Advanced Reporting and Analytics
Power BI
Data Lake
It’s On Time enhances your monday.com experience by providing efficient time tracking capabilities, allowing you to better manage project timelines, track team progress, gain insights into project performance and collect effort information for cost management, billing and invoicing.
Use the link below to schedule a personal demonstration of it’s on TIME by CapabilitySource
Does the app restrict redirects and forwards only to approved destinations, or show a warning when redirecting to potentially untrusted content?
No
Our frontend application is a SPA. We do not use forwards or redirects in any part of our application. As such, it is not possible to be redirected or forwarded to any untrusted content.
Does the app protect against mass parameter assignment attacks?
Yes
The parameters for the database sync are assigned within the application itself, no user input affects them. They have hardcoded specific columns that they are updating. Our forms on the frontend have only specific fields to be updated as well.
Does the app perform encoding and sanitization on all user supplied parameters to protect against Cross-Site Scripting?
Yes
In React.js all of the inputs are sanitized by default, the only problem occurs when the app is using dangerouslySetInnerHTML, which we are not using.
Does the developer protect all state-changing actions against Cross-Site Request Forgery (CSRF)?
Yes
The only state changing request that a user can trigger are the ones modifiying their monday.com instance/workspaces/boards. Here we are using the short lived token from the trigger output or the token from the sdk on the frontend. As such they are both verified with their signing and client secrets before initiating any modifications, and behaving as CSRF tokens in that matter.
Does the developer have mechanisms to notify monday.com in case of a security breach?
Yes
We would contact monday.com immediately through an email and describe the situtation and our next steps in resolving the issue.
Does this developer have a process for installing application-level updates and security patches for the service (such as software packages and databases)?
Yes
Our patching time frames are the following: Critical -> 1 day High -> 3 days Medium -> 5 days Low -> 10 days
Compliance
Is the app certified with the information security standard ISO/IEC 27001:2022?
Not answered
Is the app compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
No
However, all services execute in a secure AWS VPC. AWS is HIPAA
Is the app certified with System and Organization Controls (SOC 2 or SOC 3)?
No
However, all services execute in a secure AWS VPC. AWS is SOC 2
Is the app compliant with the General Data Protection Regulation (GDPR)?
Yes
Data
Does the app send any data outside of monday.com? If yes, indicate whether the data is customer-submitted (e.g., board names, item names, doc content) or non-customer-submitted (e.g., account ID, board ID, user ID).
Not answered
Where does the app store logs data?
Not answered
Where does the app store the app data?
Not answered
Does the developer ensure application logs do not contain secrets or personally-identifiable information (PII)?
Yes
We are using only generic error messages, and not specific secrets, request data or response data for error messages.
Is customer data segregated from the data of other customers (for example logically or physically)?
Yes
We do not save data in the Application/Service. Each request contains data from a specific customer and each request has its own session. In Node.js, each request is sent to an endpoint and is handled independently. When a request is received, Node.js creates a new context for that request, meaning that the data in the request payload is specific to that particular request. Also we use authentication middleware to provide each request with a unique access token and we do not use global variables of any kind.
Privacy
Does the developer enforce multi-factor authentication on employees access to systems which may process customer data?
No
By policy. only specific people, and only people that need to have access, are granted access to our services. Internally, we use multi-factor authentication for access to files stores and productivity applications, via Microsoft 365 multi-factor authentication. The application under review in this submission is a monday.com application and leverages the authentication method configured in monday.com
Does the developer protect access to customer data based on the principle of least privilege?
Yes
No one has access to customer data since we are not storing nor logging any customer data in our service.
Reviews
No reviews yet.
Installation history
We have data for December 28, 2024 onwards only. Collected sometime after 00:00 UTC daily.
{
"id": 10000489,
"description": "<p>It’s On Time by CapabilitySource is a time entry and tracking system integrated into monday.com crafted for leaders who aim to elevate team productivity and streamline project planning. It’s On Time is designed to blend seamlessly into your daily workflow on monday.com, offering an effortless method to monitor time, enhance productivity and unlock actionable insights. </p><p> </p><p><strong>Core Features</strong>: </p><ul><li>Provides a simple, embedded user experience for capturing job-level work time, directly on monday.com. No need for yet another loosely integrated time capture and reporting tool. It looks and feels like native monday.com functionality.</li><li>Seamless Integration within monday.com</li><li>One Click Time Entry</li><li>Comprehensive Timesheets</li><li>Data-Driven Decision Making </li></ul><p><br></p><p><strong>Premium Features:</strong></p><ul><li>Provides the ability to load timesheet data directly into a reporting and analytics database for advanced analysis and dashboards, including plan-to-actual comparisons.</li><li>Advanced Reporting and Analytics</li><li class=\"ql-indent-1\">Power BI </li><li class=\"ql-indent-1\">Data Lake</li></ul><p><br></p><p>It’s On Time enhances your <a href=\"http://monday.com/\" rel=\"noopener noreferrer\" target=\"_blank\">monday.com</a> experience by providing efficient time tracking capabilities, allowing you to better manage project timelines, track team progress, gain insights into project performance and collect effort information for cost management, billing and invoicing.</p><p><br></p><p>Use the link below to schedule a personal demonstration of it’s on TIME by CapabilitySource</p><p>Get a Demo <a href=\"https://capabilitysource.com/contact/\" rel=\"noopener noreferrer\" target=\"_blank\">https://capabilitysource.com/contact/</a></p>",
"short_description": "The easiest, most intuitive way to track time in monday.com",
"compliance_answers": [
{
"questionId": 1,
"shortAnswer": true,
"detailedAnswer": "We do not save data in the Application/Service. Each request contains data from a specific customer and each request has its own session. In Node.js, each request is sent to an endpoint and is handled independently. When a request is received, Node.js creates a new context for that request, meaning that the data in the request payload is specific to that particular request. Also we use authentication middleware to provide each request with a unique access token and we do not use global variables of any kind. "
},
{
"questionId": 2,
"shortAnswer": true,
"detailedAnswer": "Our patching time frames are the following:\nCritical -> 1 day\nHigh -> 3 days\nMedium -> 5 days\nLow -> 10 days"
},
{
"questionId": 3,
"shortAnswer": true,
"detailedAnswer": "We would contact monday.com immediately through an email and describe the situtation and our next steps in resolving the issue."
},
{
"questionId": 4,
"shortAnswer": true,
"detailedAnswer": " The only state changing request that a user can trigger are the ones modifiying their monday.com instance/workspaces/boards. Here we are using the short lived token from the trigger output or the token from the sdk on the frontend. As such they are both verified with their signing and client secrets before initiating any modifications, and behaving as CSRF tokens in that matter."
},
{
"questionId": 5,
"shortAnswer": true,
"detailedAnswer": "In React.js all of the inputs are sanitized by default, the only problem occurs when the app is using dangerouslySetInnerHTML, which we are not using."
},
{
"questionId": 6,
"shortAnswer": true,
"detailedAnswer": "No one has access to customer data since we are not storing nor logging any customer data in our service."
},
{
"questionId": 7,
"shortAnswer": false,
"detailedAnswer": "By policy. only specific people, and only people that need to have access, are granted access to our services.\n\nInternally, we use multi-factor authentication for access to files stores and productivity applications, via Microsoft 365 multi-factor authentication.\n\nThe application under review in this submission is a monday.com application and leverages the authentication method configured in monday.com"
},
{
"questionId": 8,
"shortAnswer": true,
"detailedAnswer": "We are using only generic error messages, and not specific secrets, request data or response data for error messages."
},
{
"questionId": 9,
"shortAnswer": true,
"detailedAnswer": "The parameters for the database sync are assigned within the application itself, no user input affects them. They have hardcoded specific columns that they are updating. Our forms on the frontend have only specific fields to be updated as well."
},
{
"questionId": 10,
"shortAnswer": false,
"detailedAnswer": "Our frontend application is a SPA. We do not use forwards or redirects in any part of our application. As such, it is not possible to be redirected or forwarded to any untrusted content."
},
{
"questionId": 11,
"shortAnswer": true
},
{
"questionId": 12,
"shortAnswer": false,
"detailedAnswer": "However, all services execute in a secure AWS VPC. AWS is SOC 2"
},
{
"questionId": 13,
"shortAnswer": false,
"detailedAnswer": "However, all services execute in a secure AWS VPC. AWS is HIPAA"
},
{
"questionId": 14,
"shortAnswer": true,
"detailedAnswer": "[email protected]"
},
{
"questionId": 15,
"shortAnswer": true,
"detailedAnswer": "On Occasion - Not Scheduled mostly preventative with AWS Services"
}
],
"badges_data": {
"acquisition_source": "No touch",
"pricing_data": "14 days trial",
"app_values": [
"Easier resource management"
]
},
"data": {
"terms_of_service_url": "https://timesheet-installation-wizard.krtech.dev/terms-of-service"
},
"keywords": "time,timesheet,time tracking,hours,time,entry,work time,reporting,plan",
"thumbnail_url": "https://dapulse-res.cloudinary.com/image/upload/v1717494383/monday-apps-marketplace/it%E2%80%99s%20on%20TIME/Card_Image.jpg",
"logo_url": "https://dapulse-res.cloudinary.com/image/upload/v1717494383/monday-apps-marketplace/it%E2%80%99s%20on%20TIME/iot_mark_logo_192.png",
"feedback_url": "[email protected]",
"privacy_policy_url": "https://capabilitysource.com/privacy-policy/",
"external_pricing_url": null,
"featured": null,
"security": null,
"display_in_template_store": null,
"acquisition_source": "No touch",
"terms_of_service_url": "https://timesheet-installation-wizard.krtech.dev/terms-of-service",
"label": null,
"app_values": [
"Easier resource management"
],
"security_info": null,
"gallery_assets": [
{
"url": "https://cdn.monday.com/marketplace/10000489/10000489_2024_5_28_19_9_28_gb69l67h.mp4",
"type": "video"
},
{
"url": "https://cdn.monday.com/marketplace/10000489/10000489_2024_6_2_19_20_47_22tzvrq.jpeg",
"type": "image"
},
{
"url": "https://cdn.monday.com/marketplace/10000489/10000489_2024_6_2_19_20_56_b84ensjg.jpeg",
"type": "image"
},
{
"url": "https://cdn.monday.com/marketplace/10000489/10000489_2024_6_2_19_21_3_dlauu92.jpeg",
"type": "image"
},
{
"url": "https://cdn.monday.com/marketplace/10000489/10000489_2024_6_2_19_21_9_yr339ddf.jpeg",
"type": "image"
}
],
"pricing_data": "14 days trial",
"marketplace_developer_id": 10000084,
"app_id": 10096276,
"marketplace_category_ids": [
9,
6,
5
],
"name": "it’s on TIME",
"app_scope_str": "me:read,boards:read,boards:write,workspaces:read,users:read,webhooks:write,notifications:write",
"app_client_id": "5c24d0fd2942395bdf0a1a9ee31b6a00",
"app_color": {
"hsl": {
"h": 0,
"s": 0,
"l": 1,
"a": 1
},
"hex": "#ffffff",
"rgb": {
"r": 255,
"g": 255,
"b": 255,
"a": 1
},
"hsv": {
"h": 0,
"s": 0,
"v": 1,
"a": 1
},
"oldHue": 0,
"source": "rgb"
},
"created_at": "2024-06-04T09:49:00.410Z",
"updated_at": "2024-07-15T14:32:15.184Z",
"how_to_use_url": "https://timesheet-installation-wizard.krtech.dev/how-to-use",
"automation_app_id": null,
"plans": [
{
"id": "10096276-1-IOTSTD300",
"appId": 10096276,
"appPlanId": "IOTSTD300",
"versionId": 1,
"versionState": "live",
"name": "300 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 1050,
"yearlyFee": 945,
"maxSeats": 300
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 1050,
"yearly": 945,
"maxSeats": 300
}
},
{
"id": "10096276-1-IOTSTD10",
"appId": 10096276,
"appPlanId": "IOTSTD10",
"versionId": 1,
"versionState": "live",
"name": "10 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 50,
"yearlyFee": 45,
"maxSeats": 10
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 50,
"yearly": 45,
"maxSeats": 10
}
},
{
"id": "10096276-1-IOTSTD25",
"appId": 10096276,
"appPlanId": "IOTSTD25",
"versionId": 1,
"versionState": "live",
"name": "25 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 125,
"yearlyFee": 112,
"maxSeats": 25
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 125,
"yearly": 112,
"maxSeats": 25
}
},
{
"id": "10096276-1-IOTSTD100",
"appId": 10096276,
"appPlanId": "IOTSTD100",
"versionId": 1,
"versionState": "live",
"name": "100 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 500,
"yearlyFee": 450,
"maxSeats": 100
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 500,
"yearly": 450,
"maxSeats": 100
}
},
{
"id": "10096276-1-IOTSTD250",
"appId": 10096276,
"appPlanId": "IOTSTD250",
"versionId": 1,
"versionState": "live",
"name": "250 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 875,
"yearlyFee": 780,
"maxSeats": 250
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 875,
"yearly": 780,
"maxSeats": 250
}
},
{
"id": "10096276-1-IOTSTDEL",
"appId": 10096276,
"appPlanId": "IOTSTDEL",
"versionId": 1,
"versionState": "live",
"name": "Unlimited",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 1750,
"yearlyFee": 1500,
"maxSeats": 1000000
},
"isTrial": true,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 1750,
"yearly": 1500,
"maxSeats": 1000000
}
},
{
"id": "10096276-1-IOTSTD150",
"appId": 10096276,
"appPlanId": "IOTSTD150",
"versionId": 1,
"versionState": "live",
"name": "150 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 600,
"yearlyFee": 450,
"maxSeats": 150
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 600,
"yearly": 450,
"maxSeats": 150
}
},
{
"id": "10096276-1-IOTSTD50",
"appId": 10096276,
"appPlanId": "IOTSTD50",
"versionId": 1,
"versionState": "live",
"name": "50 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 250,
"yearlyFee": 225,
"maxSeats": 50
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 250,
"yearly": 225,
"maxSeats": 50
}
},
{
"id": "10096276-1-IOTSTD200",
"appId": 10096276,
"appPlanId": "IOTSTD200",
"versionId": 1,
"versionState": "live",
"name": "200 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 800,
"yearlyFee": 720,
"maxSeats": 200
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 800,
"yearly": 720,
"maxSeats": 200
}
},
{
"id": "10096276-1-IOTSTD75",
"appId": 10096276,
"appPlanId": "IOTSTD75",
"versionId": 1,
"versionState": "live",
"name": "75 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 375,
"yearlyFee": 340,
"maxSeats": 75
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 375,
"yearly": 340,
"maxSeats": 75
}
},
{
"id": "10096276-1-IOTSTD500",
"appId": 10096276,
"appPlanId": "IOTSTD500",
"versionId": 1,
"versionState": "live",
"name": "500 Seats",
"description": "With It’s on TIME by CapabilitySource, easily track user and job work time.",
"extraData": {
"bullets": [
"Register one or more monday.com boards for time entry",
"Enter time directly on items in registered boards",
"Enter time directly on subitems in registered boards",
"Submit time with with one click",
"Collect all item and subitem work time in one item time sheet",
"Extract all timesheet information in a reporting data lake",
"Analyze timesheet data with Power BI or other Analytics tools"
],
"monthlyFee": 1500,
"yearlyFee": 1350,
"maxSeats": 500
},
"isTrial": false,
"isRecommended": false,
"isFree": false,
"currency": "USD",
"prices": {
"type": "seat_based",
"monthly": 1500,
"yearly": 1350,
"maxSeats": 500
}
}
],
"featured_for_categories_ids": [],
"pinned_for_categories_ids": [],
"pricing_model": null,
"app_type": "app",
"display": null,
"is_connector": null,
"google_analytics_tag_id": null,
"app_live_version": {
"updated_at": "2024-07-11T13:09:20Z",
"id": 10275115
},
"is_solution": null,
"available_for_tiers": null,
"available_for_products": null
}
