CW Squared Ltd

Contact Centre as a Service (CCaaS)/Unified Communications as a Service (UCaaS)

Unified Communications and Contact Centre services delivering an omnichannel cloud communications solution including telephony, webchat, video, email, IM, conference calls, collaboration, online meetings; call recording, customer journey reporting, speech analytics & workforce management. Plus Intelligent Virtual Agents, Conversational AI, Voice Biometrics and PCI Payments

Features

• Contact centre: multi-channel, single platform. Skills-based routing. Multilingual.
• Customer journey analytics, customer relationship management
• Call recording, screen capture, speech recognition, data stored in UK
• Quality management: real-time dashboard reporting, agent scoring, screen recording
• Workforce management: scheduling, forecasting, holiday planning, shift pattern, supervision tools
• Unified Communications accessible via desktop application, mobile app, online dashboard
• Unified messaging via e-mail, web/online chat, Instant Messaging (IM)
• Collaboration via online meetings, video chat/video calls/video conferencing
• Platform interoperability including Google, Office 365, Salesforce, Skype for Business
• Auto-attendant and unified voicemail management, voicemail-to-email

Benefits

• Immediate ROI: rapid deployment. Savings of 40% versus traditional solutions
• Distributed workforces can interact as one unified organisation
• Reduce costs, improve contact centre uptime, productivity; no upgrade downtime
• CCaaS: unify a distributed workforce, with cloud-based, agile working/ homeworking
• Low-cost: single-view reporting; flexible: cloud-based, usable on any phone endpoint
• Scalable with limitless capacity. Can use existing contact centre hardware
• Unified Communications: enables digital transformation; agile, flexible working, and homeworking
• Fosters cultural change: seamless user-controlled movement between phones and softphones
• Unified Communications means lower management overheads: reduced support/maintenance costs
• CW Squared has specialist vertical market Unified Communications teams

£6.28 a user a month

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

182697558631284

Contact

Public Sector team
020 7167 4349
public.sector@cw-squared.co.uk

Service scope

• Software add-on or extension: No
• Cloud deployment model:
  • Public cloud
  • Private cloud
  • Hybrid cloud
• Service constraints: There are no maintenance windows and support is 24/7. Hardware needs to meet the minimum requirements below. There are no limitations in scale, everything is scaled virtually from the user point of view.
• System requirements:
  • Internet connected device with a browser (Google Chrome preferred)
  • Windows 10+/macOS 10.14+/Linux 64bit (Debian9/Red Hat 8 based)/Chrome8
  • Intel i5/AMD Ryzen 5 or better
  • Recommended 8GB RAM
  • USB headsets (if using softphone or WebRTC)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Severity1: The problem causes an outage (client or back-end) so that it is completely unavailable.; ; Initial Response Time Goal: 15 minutes; ; Severity2: The problem causes a disruption of service (client or back-end) but does not disrupt critical functions. No acceptable workaround is available.; ; Initial Response Time Goal: 60 minutes; ; Severity3: The problem causes degradation to a service (client or back-end) but does not disrupt critical functions. An acceptable (by the client) workaround is available until the problem is corrected.; ; Initial Response Time Goal: One business day; ; Severity4: any other non-critical or non-serious problem ; ; Initial Response Time Goal: Two business days
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: Yes, at an extra cost
• Web chat support availability: 24 hours, 7 days a week
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: We have assessed our web chat against GDS standards via a dedicated accessibility testing report.
• Onsite support: Yes, at extra cost
• Support levels: We provide 24/7 support via phone and web portal in addition to an online knowledge base with documentation, videos and other support resources.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: All solutions are deployed by our fully trained technical services engineers (TSE) who will manage the deployment project from start to finish. The TSE will provide onsite and / or remote training supported by documentation and knowledge base articles held on the support desk portal.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: The solution has simple data download processes built into the interface. Therefore, a user with sufficient admin permissions will be able to extract the client data when the contract ends. If necessary, the support team can upload the requested data to a secure FTP service chosen by the buyer.
• End-of-contract process: At the end of the contract the buyer's recordings and data can be uploaded to a secure FTP site of the buyers choosing.; Once the buyer has confirmed receipt the buyer's system will be securely purged of all software and associated data.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: Yes
• Compatible operating systems:
  • Android
  • IOS
  • Linux or Unix
  • MacOS
  • Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: A purpose-built mobile agent application is available for use on iOS and Android mobile, tablet or smart watch devices. Compared to a desktop service, the mobile application functionality is more limited in terms of functionality, for example, it only currently supports voice engagement.
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: Browser based console to allow user management, config, etc.
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Our solution has received a WCAG2.1 certificate from a third-party accessibility expert.
• API: Yes
• What users can and can't do using the API: Our solution is an open and integration-rich platform with a wide set of APIs for custom development and offers a RESTful API that allows developers to access key data and documentation in order to interface easily with other vendors and systems. ; APIs:; Are based on RESTful principles.; Are secured by OAuth 2.0.; Provide JSON messages, search, pagination, sorting, and filtering.; Use predictable, resource-oriented URLs, built-in capabilities for passing parameters and authentication.; Respond with standard HTTP response codes to show errors.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: Our web application is a single point of administration that allows administrators to customise all elements of the solution including account management, user management, number management, system-wide preferences, user interfaces, IVR scripting, orchestration and routing, contact flows, teams and ring groups, announcements, contacts, feedback surveys, recording preferences and retention, quality management, workforce management, performance management, AI conversational design, digital engagement branding, AI intents, integrations, knowledge base and response templates.; We provide the ability to assign each user a role that governs access to data and functionality per application using predefined or custom custom roles to manage access according to your business needs.

Scaling

• Independence of resources: Our solution is built with a microservices API-first architecture with multiple component services that are deployed independently without compromising the integrity of an application. This provides superior scalability.

Analytics

• Service usage metrics: Yes
• Metrics types: Monthly summary call statistics and spending is sent via email to nominated users. CDR extracts can be emailed or uploaded daily to secure FTP if required.
• Reporting types:
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: 8x8, ConnexOne, Dialpad, Five9, Microsoft, Talkdesk, Vonage, Zoom

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations:
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Data exports can be done manually through the service interface by users with sufficient security privileges. The exported data will be provided in comma delimited csv format. Any call recordings will be provided in mp3 format.
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • JSON
  • MP3
• Data import formats:
  • CSV
  • Other
• Other data import formats:
  • JSON
  • WAV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: We provide a 100% uptime SLA for Advanced licensed users
• Approach to resilience: Our solution is built with a microservices API-first architecture with multiple component services that are deployed independently without compromising the integrity of an application. This translates to higher reliability and enables zero-downtime; maintenance. Microservices enable faster innovation, continuous delivery and superior scalability.We offer a 100% uptime SLA and readily publish our platform status.; ; Our global low latency architecture ensures that each call travels the most direct route through regional communication nodes and minimises dropped packets, jitter, and delay and is backed by industry-leading MOS scores (4.37).; ; The solution has ISO 22301 certification for Business Continuity Management. The Infrastructure and Operations team is available 24/7 to oversee our automated backup plan should an unforeseen event occur.
• Outage reporting: Any outages are reported via email alerts, plus a realtime public dashboard

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Each user us assigned a role that governs access to the system's applications. Predefined roles (agent, supervisor or administrator) or custom roles can be configured.; ; The permissions on roles are CRUD-based (Create, Read, Update, Delete), and customers can determine which of these options to enable for each permission on a role.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password

Audit information for users

• Access to user activity audit information: Users contact the support team to get audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users contact the support team to get audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Lloyds Register EMEA
• ISO/IEC 27001 accreditation date: 20/08/2021
• What the ISO/IEC 27001 doesn’t cover: Certification covers all services
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 25/03/2022
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: This certification covers all services
• PCI certification: Yes
• Who accredited the PCI DSS certification: S21sec Gestión, S.A.
• PCI DSS accreditation date: 15/12/2021
• What the PCI DSS doesn’t cover: Only certified for payment processing
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • SOC2 Type II
  • SOC3
  • EU-US and Swiss-US Privacy Shield
  • ISO22301
  • PCI-DSS AoC

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: ISO27701 - (PIMS - Privacy Information Management System); GDPR

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: For Change Management we use a secure SDLC (Software Development Life Cycle). This includes: ; Peer code review ; QA testing ; Security testing (covering mainly OWASP) ; Recurrent training to developers on Secure Coding.
• Vulnerability management type: Supplier-defined controls
• Vulnerability management approach: We maintain a Vulnerability Management program as part of our Information Security Risk and Management Policy. The Engineering Security team continuously monitors our environments for system vulnerabilities and performs scanning on a recurring basis in accordance with our policy, using several different methods (SAST, DAST, pentest activities, responsible disclosure, vulnerability scanning, etc.) and classifies them based on the Common Vulnerability Scoring System (CVSS). For critical vulnerabilities (CVSS score of 9.0 to 10.0), our SLA to resolve is 5 days.
• Protective monitoring type: Supplier-defined controls
• Protective monitoring approach: Our Network Security Policy covers protective monitoring with our engineering security team monitoring the cloud and network infrastructure. We use Access Control Lists (ACLs), security groups, subnet segregation. We also have web application firewalls (WAFs), Host Intrusion Detection Systems (HIDS), DDoS protections, and firewalls in place to protect our production network.; ; Customers access Guardian, an AI-driven cloud compliance solution to help mitigate the risk of a distributed workforce, including insider threats, negligence, and system performance issues.
• Incident management type: Supplier-defined controls
• Incident management approach: We have a rigorous incident management policy and procedures for events and incidents that may affect the confidentiality, integrity or availability of systems or data or that may be a breach of Talkdesk policies and controls.; ; Incidents are classified based on their severity and impact on customers and business operations.; ; This policy covers four stages of the life cycle: detection, triage, containment, and post-incident. Each phase has its well defined goals, some major guidelines and who is responsible for each action.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  Our service allows you to reduce you carbon footprint by optimising your use of compute power and storage space. No longer do you need to keep an army of servers in a data centre, scaled for your peak load and converting power into heat when they aren't needed. Cloud services can be elastically scaled, so you're using less power at times of low load. Running applications in the cloud can reduce your carbon footprint by 88% compared to running your own enterprise data centre. Our recommended cloud providers are signatories of The Climate Pledge who are committed to reaching net zero carbon by 2040, 10 years ahead of the Paris Agreement.
• Covid-19 recovery:

  Covid-19 recovery

  Our cloud communications services aid COVID-19 recovery by allowing people to work flexibly anywhere in the UK (or the world). This means that staff who may be concerned about returning to mass transit can work from a location that is convenient to them, such as from home or a local shared workspace.

Pricing

• Price: £6.28 a user a month
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at public.sector@cw-squared.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.