Platform

Technical Specifications

Security Practices

Data and Information

Encryption

Important data only resides in the production environment encrypted with AES-256.


Backup Policy

Our backup processes ensure data and information consistency with highest standards.


Password Hashing

Passwords are hashed (and salted) securely with a SHA512 encryption.


Standards-Based Identity

We currently support SSO with multiple identity providers via SAML 2.0.


Account Verification for Non-SSO Users

Users are required to validate their accounts via a link provided in an automated e-mail.


Infrastructure

Secure Infrastructure

Our cloud provider is RackSpace. We leverage their tools to setup firewall rules, intrusion and DMZ policies.


Server Patching

We have an automated process that patches our virtual machines on a quarterly basis.


Real-Time Monitoring

We scan our infrastructure and applications periodically to detect any existing vulnerability. We have monitoring.


Logging

We log every action performed in the system.


Penetration Testing

Yearly independent 3rd party penetration tests, to assure all new features added to the system have a security review.


Full Redundancy of Core Services

Spare deployments across multiple data centers. 


Disaster Recovery and Business Continuity

We have tested procedures in place to guarantee our uptime and our system’s availability. 


Incident Management

Security and confidentiality incidents submitted support.mblm.com will be resolved in accordance with established incident policy. 


Move Fast, Break Nothing

We have a formal software development lifecycle methodology and change management procedures. 


Risk Management

Monthly risk assessments are performed to ensure the application is secure.


Vendors

Vendor Selection

All of our vendors offer industry-leading products and go through an exhaustive security audit to ensure their practices fit our highest security and compliance standards.


Subprocessors

We keep our list of subprocessors up to date.


Personnel

Personnel

We run background checks and sign confidentiality agreements with all employees. We also train them in Information Security and Secure Development Practices.


Logical Access

Employee’s level of access is determined by the job position. Logical access reviews are performed periodically and access is immediately removed if no longer necessary.


Multi-Factor Authentication

We enforce it for every employee.


Employee Asset Control

Our employees’ devices are monitored in real time, with antivirus, disk encryption, automatic device blocking, and security patches.


ISO Certifications

Current certifications

ISO/IEC 27001:2013


ISO

ISO/IEC 27001 is a voluntary, international standard for the evaluation and certification of the management of information security processes within companies, issued by ISO, the International Organization for Standardization. In addition to information technology, ISO/IEC 27001 particularly considers the relevant business processes. It not only describes the demands made on the organization and the technical systems, but also the suitable activities for permanently sustaining the security level determined on the basis of the risk assessment.

Certification

Our Certificate Registration Number

01 153 2122561


Scope

The Information Security Management System (ISMS) covering assets, data, resources, procedures, technology, tools, client information, deliverables and services Statement of Applicability : MBLM/SOA-01-Version 1.0 dates 23-10-2020


A QR code enabling easy access to the Tuyland management system's platform.

Minimum Requirements

Desktop

Google Chrome 76+

FireFox 60+

Edge 70+

Safari OSX 10+


Mobile

Google Chrome 87+

Safari iOS 13+


Hosting Details/Performance

Service Provider: RackSpace Cloud Servers or Digital Ocean App Platform Minimum Server Specs: 8 GB RAM, 4 CPUs, 160 GB Highperformance, RAID 10-protected SSD storage Media Storage: 250GB RackSpace Cloud Files or S3 Compatible Containers


Server Internet Connectivity

1.6 Gbit bandwidth (int.)/ 800 Mbit (ext.)


Support

Support Desk

We offer centralized support via a 24/7/365 ticketing system accessed at support.mblm.com


In-platform Support

Administrators and users of our platform can access help on every screen within the experience.


FAQs

General

When would it be best to consider the MBLM platform?

BrandOS should be considered when you are either nearing the completion of a new/updated brand or rationalizing a portfolio of brands. Mergers and acquisitions are also key opportunities when guidelines and brand assets are typically affected.

PresentationOS is at its best when a brand is looking to activate its sales team with a tool that can help explain complex solutions through impactful presentations – remote or in-person.


Is there a demo?

Yes, contact us here or send us an email, and we’ll arrange a live demo with you.


We already have some form of a site or tool for sharing assets and PDF guidelines.

We are confident that BrandOS provides a comprehensive platform that will enrich your brand management team and processes. This is a tool that is optimized to deliver custom, high-quality solutions for your brand challenges that asset management systems or static PDF guidelines cannot match.


How complicated is it to use or administer?

From a user’s perspective, the tool is intuitive and designed for easy and clear navigation. We have learned from 15+ years of building brand tools, as well as current best practices for effectively navigating assets, guidelines, and other media types. Extensive on-screen help features and tool tips can aid first-time users. Administrators will use simplified control screens that are as easy to manage as a LinkedIn or Amazon profile.


What would I get, exactly?

As with other cloud-based tools, clients of the MBLM platform are licensing a tool that is populated with their assets and
users. Typically, we require at least a 12-month commitment. However, clients that choose not to renew their license subscription can retrieve and keep all their content.


Is the platform secure?

Our platform and managed servers use current best practices to protect against hacking and malware. The tool has been deployed for clients across industries and countries. The assets within the tool are regularly scanned for viruses. We find our clients typically have varying degrees of security needs and requirements, and we address those needs by customizing to your specific requirements. 


How long does it take to deploy BrandOS?

A installation with out of the box components is rapidly installed within 1-2 business days. Customization of the look and feel can be delivered within 2-3 weeks. Additional time is required for content development or custom features. 


How long does it take to deploy PresentationOS?

Creating a new account and all its related assets can be done in under an hour. After and admin user is created, the admin can login and start uploading content, creating devices and assigning content to the devices. Customization the iPad interface can be delivered within 2-3 weeks. Additional time is required for content development or custom features. 


Overview

BrandOS is the key brand management component of the MBLM platform. It is a cloud-based, content-management system. It integrates social collaboration and digital asset management, support ticketing, training and guidelines with customizable work-flow features. The software enables brands, employees and agencies to stay connected on a single platform dedicated to managing world-class brands. BrandOS is software designed to complement the processes, tools, and behaviors that help companies achieve on-brand results.

Marketing and communication professionals use the platform for brand coherence and knowledge sharing. Agencies and vendors can work smarter with a brand’s internal teams, collaborating closely with shared resources and social tools. Legal and compliance teams can have greater visibility and input into brand and marketing projects.

The currently deployed instance of BrandOS is Version 6.0

Modules

User Management

Groups

Add and remove user groups.


Users

Approved – List of approved users on the system with options to manage them.

Pending – List of registered, but not yet approved users on the system.

Invited – List of pre-approved users who have received a registration invitation email.

Disabled – List of users with revoked system access.

Create – Create a brand new user.

Import – Batch create users from a csv file.

Groups – Assign groups to a user.


Notifications

Define which users will receive notifications about specific system events.


Profiles

Can modify user details, password, profile photo, privacy settings and notification settings.


CMS

Add, update, upload, delete content

Manage all types of content like, Files, Folders, Pages, Html, Card Stacks, etc.


Custom Content Types

Default content types: File, Folder, and Page Custom types can be created. eg. Awards or Events.


Content Management features

Content management features. eg. Copy, Move, and Clone.


Bulk action features

Bulk user actions. eg. Copy, Move, Delete and Download.


Trash bin

Removal and recovery system for deleted items.


Hierarchical structure 

Content is managed in a hierarchy, to allow easy organization and maintenance. It also allows inheritance based features.


Publishing

All content types in the CMS can be saved as Draft before being Published. Other status exist like pending and content review allowing a content publishing workflow.


Public pages

Make pages public to the Internet without a need for authentication.


Page Builder

Page Builder represents the next generation of HTML creation tools. Building mobile ready responsive pages without writing a single line of code. Integrates with 100s of tools and services.


Templates

Build and reuse templates. Template folder storage for organization.


Indexing

Index or reindex pages for search, manage what pages get indexed and which do not.


Meta data

Store and manage metadata on all content.


Categorization

Categorize your content into sections, for navigation (breadcrumbs, pager, menus) or analytics.


Related content

Reference other content by adding a direct relationship between them.


Tagging

Content authors can attach keyword descriptions to identify any content within the site as a category or topic. 


Access Management

Add users groups to content for viewing and editing with implied inheritance.


Thumbnail generation (images, pdf, etc.) 

Automatic creation of thumbnail sized images for digital content for downloading. 


EXIF Data

Files are automatically parsed for EXIF data and added to the content tags. 


Image editing

Crop and edit images before downloading to avoid opening the file in photoshop after downloading.


Appearance

Settings

General – Set global site information such as name, favicon and theme.

Header – Setup header links and menus.

Redirect – Add redirect definitions for moved content or vanity URLs.

Email – Set up the email logo, colors and footer copy. 


Customize Appearance

Login – Customize the look and feel of your login page

Email – Update colors, copy and style of all system emails.

Button – set primary button styles and colors.

Links – set link styles and colors.

Header – Set colors and style of header.

Custom CSS – apply additional Styles to override the defaults. 


Access

Assign users groups to specific features and apps and assign specific permissions (manage, read, write, etc.)


Themes

Frontend is fully customizable with a custom theme, allows you to override and extend templates and modules. Also, build new modules for specific workflows and functionality.


Posting

Posting

Users can comment on posts in a thread for further discussion.


Commenting

A Poster can control notification options. Once users comment on a thread they auto subscribe to the post to stay engaged in the conversation. 


Notifications

Receive notifications when new posts are published or when a user has commented on a thread.


Access

Control which user groups have access to pulse, can post, can moderate and who can manage.


Moderating

Moderators can edit and delete posts, also remove comments if required. 


Managing

Posts per page
Enable or disable email notifications
Enable or disable commenting
Enable or disable comment emails
User groups that can override default notification settings


Ticketing

Ticket Types

Define unlimited ticket types to manage and direct specific user requests/issues.


Flexible forms

Customizable forms per ticket type.


Security

Allow only specific user groups to access and ability to create specific tickets.


Respondents

Add users to be responsible for each ticket, allowing multiple assignment rules. First person, random, round robin.


Analytics

Overview

Page Views, Downloaded Files, Active Users


Content

Most Viewed, Most Downloaded, Views by Day, Month, or Region, Views by Devices, Platforms, Browsers and Regions 


Users

Most Active Users, Most Active Companies, Users by Devices, Platforms, Browsers and Regions 


Help Desk

Users, Types, Average Resolution Time, Average Response Time


Features

Overview

Pulse

Pulse is your dynamic home screen — a Pinterest-like rolling screen of posts chronologically displayed. Editors may “pin” to hold posts at the top of the screen and users can comment or share posts. New posts can trigger email notifications making this feature an ideal place to post news, best practices and new content. Admins can manage post filters (post groups), notification setting, editing peoples posts, pinning posts, selecting editors pick, posts per page, comment monitoring (deleting comments). 


Guidelines

This area contains the comprehensive and detailed brand guidelines. Section areas guide users whether they are advanced marketers or people looking for quick answers or guidance. Users can read content, access assets and add specific pages to their favorites. Admins can Add, Edit, Delete, and Move Pages. Guidelines are powered by the CMS and the Page Builder.


Essentials

A one stop shop for key items like PowerPoint templates, stationery, identity system cheat sheet or other often used items that are used by the wider employee base. Admins can Add, Edit, Delete, and Move items. Essentials is powered the by CMS and the Page Builder. 


Assets/Photos

This area contains the vast array of digital assets from image bank libraries, e-signatures, templates, artwork or icons. Users can sort, search, download or share materials effectively and easily. Admins can Add, Edit, Delete, and Move Assets. Assets/Photos are powered by the CMS. 


Training Cards

A section that can be organized by topics and gain layers of depth in the site map. Topics can be presented as swipe-able cards that succinctly capture key topics. Engaging and interactive. Admins can Add, Edit, Delete, and Move Card Stacks and Cards Essentials is powered the by CMS and the Page Builder. 


Code Documentation

A combination of guidelines and code snippets oriented towards the designers and developers of digital applications such as websites, software and mobile applications. Code snippets limited to front end code. Admins can Add, Edit, Delete, and Move pages. Documentation is powered by the CMS and the Page Builder.


Help Desk

This area is a place where users can open tickets to submit a request, ask for guidance, submit content for legal and brand approval. Users can reply to conversation threads on tickets and close tickets. Help desk staff users can move tickets, transfer tickets, close tickets and reopen tickets. Admins can create new ticket types, add/remove users to specific ticket types (with email schedule), add people to transfer list, and add people to auto cc’d list.


Training Experience

The platform modules and features can be combined to create an immersive brand training experience. One such deployment is based on the concept of summer camp. Users log into a 3D world that includes a cabin and five adventures. The cabin serves as home base and includes a feature to create an avatar that represents you during the experience, a Help Desk, a wall of fame showing other participants and an itinerary that serves as a list of actions to complete. Each of the five adventures includes a training video and several activities to playfully develop the skills or knowledge needed to complete the adventure. Along the way participants are rewarded with badges and digital gifts such as conference call backgrounds, a Spotify playlist and a completion certificate. A campfire is the setting at which you can see other camper avatars and where you are awarded the badges that you won.


Integrations

Media

Video

Playback hosted from Platform 


Audio

Playback hosted from Platform


YouTube

Playback hosted from embed code


Vimeo

Playback hosted from embed code


Presentations

Slideshare

Embed presentation from your slideshare account 


Prezi

Embed presentation from your Prezi account 


Documents

Google Docs

Preview or Edit embed doc


Google Sheets

Preview or Edit embed doc


Maps

Google Maps

Embed maps on pages


Forms

Hubspot

Embed Marketing Forms 


Google Forms

Embed Forms


Type Form

Embed Forms


Help Desk Ticket

Embed Help Desk Ticket Forms


Social

Daily Motion

Playback via embed code


Reddit

Embed message thread


Spotify

Embed music player


Twitter

Embed single tweet or list of tweets


Facebook

Embed single post


SoundCloud

Embed music/sound player


Tumblr

Embed single post


Connected Services

Overview

Mail Delivery

Mailgun


Data Storage

Rackspace/AWS


Monitoring

Rackspace Cloud monitoring


Log analysis and alerts

Papertrail


Captcha

Google reCaptcha


SSO

BrandOS supports SSO with multiple identity providers via SAML 2.0.


Overview

PresentationOS is the sales enablement component of the MBLM platform. PresentationOS consists of two major components: A cloud admin tool to manage content and devices and players that consume and present this content. Those players can work on different operating systems such as iOS, MacOs and Windows devices. It is an ultimate sales toolkit developed and managed by the marketing and sales strategists, designers and developers at MBLM. For over two decades, we have consulted large corporations on today’s most challenging brand and marketing problems.

Current versions

Admin Tool: Admin Tool 1.9.2

Applications: iOS Application 2.0.11, MacOS Application 1.8.6, Windows Application 1.8.9

Admin Tool

PresentationOS Admin Tool is a cloud-based application that allows users to manage all aspects of the PresentationOS players.

It allows the administrators to manage devices and content in a centralized and secure way. Content uploaded to the admin tool can be assigned to some or all the devices, after which those devices can download the content locally and present it even when they are offline.

The Admin Tool takes special care of 3D files with its custom online 3D experience editor. Animation states, hot info points and related assets are few of the the things that can be done using this editor.

It also contains built-in data collection that tracks how content is being used and many other useful insights that helps informing future initiatives to maximize impact.

Curent Version: 1.9.2

Content Management

Upload, Add, Update, Delete content

The admin tool allows uploading and managing different file formats such as Videos, PDFs, Images, Keynote*, HTML files, 3D files, Augmented Reality


Track versions

Files uploaded maintain versions automatically. Content administrators can roll back to previous versions or upload new ones.


Content sets

Sets are groups of content which make content assignment easier when managing many different profiles, segments, geographies.


Training

Create courses, modules and quizes and assign those courses to devices.


3D experience editor

Add animations, info points, text, associated imagery and, videos to 3D models.


Tagging and categorization

Tagging and categorization of content for easier organization and distribution. Allows granular distribution of files to the user.


Content assignment

Assign content to devices or group of devices, individuals, groups of individuals, geographies.


Usage insights

Reporting of content viewed per groups, profiles, geographies, type of content, individual assets, per view, per minute or access count.


Contextuals

Contextuals are used to assign devices such as beacons, NFC or QR code’s as triggers of content.


Document summarizer

Artificial Intelligence function that creates automatic text descriptions for more accurate search results. It search inside of PDF, PowerPoint and Keynote files.


3D model files

The 3D uploader is the module to upload 3D models in compatible formats, and to define interactive elements with the 3D files

Compatible formats are: USDZ, FBX and GLB/GLTF


3D model information

Standard information fields available per model:

-Name of the model / product – Info points (numeric) plus text description

-Features of the 3D model are buttons linked to info points on side bar for easier navigation

-Animation (zoom level, angle of model, separation of components) are defined in the admin tool

-Description of the 3D model (rich text formatting)

-Associated content (PDF, Images, Videos, Links) are uploaded and associated to each model


User/Device Management

Upload, Add, Update, Delete users/devices

Manage devices (Kiosk, video wall or, iPads) and users (individual users).


Bulk Upload

Use CSV file to bulk upload devices. Supports automatic content and interface assignments for the uploaded devices.


Locations, groups and segments

Manage locations, groups and segments. Locations are referred to geographic categorization, groups to a grouping of individuals such as “sales”, segments are profiles such as “executives”. Together, these three ways of categorizing access allows PresentationOS to assign content in a flexible and easier way.


Assignments

Assign content to devices or group of devices, individuals, groups of individuals, geographies.


iPad Interface

Upload and manage the iOS interface. The Interface can be saved as a template that can then be assigned to other devices. This function allows simpler addition of buttons as shortcuts to any type of content.


Devices status dashboard

Monitor device status (available and reporting) or offline to the admin dashboard. PresentationOS does not track location nor utilizes the device location at any moment.


User roles nad ACL

Control access to the admin tool using user roles and ACLs.


Profiles

Can modify user details, password, profile and other settings.


System & Appearance

Email templates

Edit system’s email communication templates such as: welcome email, password reset, share content links. User can edit the message, add branding and simple format text.


Customize Login Appearance

Customize the look and feel of your login page Apply additional Styles to override the defaults.


Digest reports

System automatically send usage reports on a frequency chosen by the admin: daily, weekly, monthly, quarterly or annually. Reports are sent as rich mail to the email addresses uploaded by the admin.


Single Sign On (SSO)

Support SSO integration with multiple identity providers via SAML 2.0.


Alerts

Send email alert for events such as device disconnection (Kiosks, videowalls), as well as for the addition or deletion of content management events.


Activity logs

User actions are logged in the activity logs and can be reviewed by the administrators.


Push notifications

Administrators can send push notifications to devices or group of devices.


Feedback logs

Feedback sent from the devices (iPads, kiosks or videowalls) is logged and can be reviewed by the administrators.


Integration to CRM

The forms for content sharing emails can be directly enabled from Salesforce, Hubspot, Eloqua, Microsoft Dynamics CRM, etc.


Privacy tools

GDPR compliance functions:

a) Right to access. Allows registered users access to all personal data saved in the system in PresentationOS. Generally this data is restricted to company email, username, full name.

b) Right to be forgotten. Allows registered users to delete and remove any personal data saved in the system.


Desktop

The desktop application is a Mac OSX application which function is to download, display, play and control content on a laptop, touch screen kiosk or a video wall. The application is a standalone player, automatically download content from the cloud server (post authentication) and locally store files for offline display when the computer is not connected to the internet. It fetches new content automatically.

Desktop (OSX)

Login

Users are able to authenticate (upon credential verification) and download content assigned to the user or device.


Player

Display and visualization of rich media content such as: images, videos, 3D files, and rich media content.


Connectivity

The desktop application when working as a kiosk or a video wall player can be controlled by the iPad application via a Bluetooth, WiFi, and cable connection.


Heartbeat

Uptime

The heartbeat is a background application whose function is to monitor the PresentationOS process and restart it when unresponsive. This ensures that when PresentationOS is running as a Kiosk or in a video wall, the software is always up and running.


3D model files

The 3D viewer is capable to load, display and create interactivity with 3D files in formats: USDZ, FBX and GLB/GLTF. The viewer integrates with information on a sidebar. Users are NOT able to share or have access to the 3D file.


3D model information

Standard information fields available per model:

Name of the model / product

Info points (numeric) plus text description

Features of the 3D model are buttons linked to info points on side bar for easier navigation

Animation (zoom level, angle of model, separation of components) are defined in the admin tool

Description of the 3D model (rich text formatting)

Associated content (PDF, Images, Videos, Links) are uploaded and associated to each model


iPad

PresentationOS, iOS version is a free downloadable available at the App Store, but only registered users have access to the content previously assigned to them. It is loaded with client branded interface and allows the users to visualize and organize a range of file formats. It stores all the necessary information and files locally for its complete functioning* even when the iPad is not connected to the internet.

* except for functions that need access to the internet.

Sections

Login

Users are able to authenticate using PresentationOS credentials or via the organization SAML. The function to recover password redirects the user to a webpage in the Admin Tool where the recovering process happens safelly.


Library

List and sort available files in the device. All files are organized by folders and sortable by file type or alphabetically.


Playlists

User’s own playlist to organize files by creating custom collections of files.


Insights

Widget based modules capable to display any type of data in different chart formats.


Sharing

Single or multiple files (PDF’s, Images or Videos) that can be shared via email. The email is sent by the PresentationOS server or by the default iOS email client (Gmail, Outlook, Apple mail, etc).


Connectivity

The iOS application is able to connect and control PresentationOS desktop application, when it is in video wall mode, via Bluetooth, HTTP protocols and cable.


Help

Help desk form which allows the user to request support regarding technical issues or content related enquiry.


Players

Video

Video player can play MP4 (H264) files. User is able to scrub (forward, pause or rewind) the video.


Image

Image viewer is capable to visualize files in compatible formats: PNG, JPG and GIF. User is able to zoom in/out, pan and share.

Video player can play MP4 (H264) files. User is able to scrub (forward, pause or rewind) the video


PDF

PDF viewer allows the user to navigate through the pages, zoom in/out, search for key words and share.


Rich media

Customized interactive experiences (animated or static).


3D model files

The 3D viewer is capable to load, display and create interactivity with 3D files in formats: USDZ, FBX and GLB/GLTF. The viewer integrates with information on a sidebar. Users are NOT able to share or have access to the 3D file.


3D model information

Standard information fields available per model:

Name of the model / product

Info points (numeric) plus text description

Features of the 3D model are buttons linked to info points on side bar for easier navigation

Animation (zoom level, angle of model, separation of components) are defined in the admin tool

Associated content (PDF, Images, Videos, Links) are uploaded and associated to each model

Description of the 3D model (rich text formatting)

Associated content (PDF, Images, Videos, Links) are uploaded and associated to each model


Web

The web player allows any browser to display and interact with 3D files, which are served from the PresentationOS application server. Files are loaded and linked to text, imagery, video and PDF files, from the Content Admin Tool.

Web Player

Security

Only white listed domains are able to load files from PresentationOS. This information is defined by the organization’s domain and only the registered domains can access 3D file.

The 3D viewer is capable to load, display and create interactivity with 3D files in formats: USDZ, FBX and GLB/GLTF. The viewer integrates with information on a sidebar. Users are NOT able to share or have access to the 3D file.


3D format compatibility

GLTF/GLB


3D model information

Standard information fields available per model:

Name of the model / product

Info points (numeric) plus text description

Features of the 3D model are buttons linked to info points on side bar for easier navigation

Animation (zoom level, angle of model, separation of components) are defined in the admin tool

Description of the 3D model (rich text formatting)


Minimum Requirements

Overview

Desktop

Windows 10:

i5 – 3230 2.6GHz

6GB Ram

Mac OSX:

Macbook Pro / Mac mini

i5- 2.6 GHz 6-Core

8GB Ram


iPad

Standard experiences: iPad 2019 (7G)

Enhanced experiences: iPad Air 2019(3G)

Advanced experiences (Heavyweight 3D & augmented reality): iPad Air 2020(4G)


Web

Desktop:

Google Chrome 88+

Firefox 38+

Safari 10+

Internet Explorer 11 and MS Edge

Mobile:

Google Chrome 87+

Safari iOS 13+


3D Model Files

3D experience (Web Player)

Maximum file size: 15 MB

Number of triangles: 2.5 Million

Number of objects: 1000

Image textures resolution: 2048×2048 pixels

Number of Textures: 100


3D experience (iPad)

Maximum file size: 100 MB

Number of triangles: 2.5 Million

Number of objects: 1000

Image textures resolution: 2048×2048 pixels

Number of Textures: 100


Augmented reality

Maximum file size: 100 MB

Number of triangles: 4 Million

Number of objects: 1000

Image textures resolution: 2048×2048 pixels

Number of Textures: 100


Integrations and Connected Services

Overview

Salesforce

Send leads to Salesforce


HubSpot

Send leads to HubSpot


SSO

Single sign on


Mailgun

Share content links via email


arrow top