BT PLC

BT Smart Messaging (Sinch)

The Smart Messaging (Sinch) platform, is designed to help organisations fulfil their messaging requirements at scale. It is an enterprise grade communication platform that supports the delivery and execution of outbound and inbound SMS campaigns.

Features

• Mass communication with end recipients via SMS
• Communicate via a single SMS API (REST API)
• ISO27001, Cyber Essentials & NHS DSPT certified
• Both one and two way communication over SMS
• Accessible reporting via a web based dashboard
• Use your brand name as the Sender name for messages
• Send via Shortcode, keyword or Virtual Mobile Number

Benefits

• Direct, mass communication with a large audience
• Integrate the capability with a variety of existing internal systems
• Use cases include appointment reminder, notification messages and surveys
• Direct UK routing for faster and more secure messaging
• Flexible opt in and opt out support

£0.04 a unit

• Free trial available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsframeworks@bt.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

267112869241507

Contact

Frameworks Team
0800 3288077
ccsframeworks@bt.com

Service scope

• Software add-on or extension: Yes, but can also be used as a standalone service
• What software services is the service an extension to: Any service that is capable of messaging can extend and use the platform
• Cloud deployment model: Private cloud
• Service constraints: SC's and regulations
• System requirements: N/A

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Further detail can be found here: https://www.sinch.com/fr-fr/messaging-service-level-agreement-sla/
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: No
• Support levels: Further details can be found here: https://www.sinch.com/fr-fr/messaging-service-level-agreement-sla/
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide the developer docs, the API keys and dashboard access and any technical support required during onboarding and implementation.
• Service documentation: Yes
• Documentation formats: HTML
• End-of-contract data extraction: Request to the appropriate account manager and dedicated DPO officer.
• End-of-contract process: The service will continue to roll on a monthly basis at the end of the minimum term agreement unless re-contracted

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: WCAG 2.1 AA or EN 301 549
• Description of service interface: All clients receive access to a client dashboard for access to their API tokens, billing information and statistics
• Accessibility standards: WCAG 2.1 AA or EN 301 549
• Accessibility testing: Jira Service Management Data Center Accessibility Conformance ReportName of Product/Version: Jira Service Management Data Center (Version 5.11.0, 5.12.0) Report Date: 29th September 2023; Product Description:; Jira Service Management Data Center is a self-hosted enterprise solution for managing IT services at scale. With JSM DC, you can deploy your instance across multiple nodes to increase performance and reliability. This helps ensure that your team has access to the tools they need to manage incidents, problems, changes, and service requests effectively.; ; Contact Information:; ; a11y@atlassian.com; ; Notes:; ; Atlassian Accessibility QA team performed an accessibility audit for the Jira Service Management DC website.; ; Evaluation Methods Used:; A Representative set of pages and modal dialogs were identified to perform the audit.; ; The pages were tested in the below environments:; ; · Windows 10 Pro/Chrome/JAWS 2023; ; · Windows 10 Pro/Firefox/NVDA 2023; ; · MAC OS 13.5.2/Safari/Voiceover; ; Accessibility testers performed the audit using:; ; · Automated Tools; ; o W3C Markup Validation Service; ; o Color Contrast Checker; ; o ANDI; ; · Code Inspection; ; · Screen Readers; ; · Keyboard-only interaction; ; The result reflects the accessibility of a representative set of pages and modal dialogs. Accessibility testers performed the test keeping WCAG 2.1 guidelines in mind.
• API: Yes
• What users can and can't do using the API: This service is to send a receive messages using SMS. Future capabilities may include: RCS, WhatsApp and Facebook Messenger among other social channels. Future capabilities may include a full AI chatbot and contact centre offering.
• API documentation: Yes
• API documentation formats: HTML
• API sandbox or test environment: Yes
• Customisation available: Yes
• Description of customisation: The messages themselves have the ability to be branded and personalised as required, this is done though the payload of each message setting the to and from fields. A full list of message customisation can be found here: https://developers.sinch.com/docs/sms/api-reference/

Scaling

• Independence of resources: The platform is built for scalability so heavy load by one client will not affect others. All accounts also have a max TPS (Transactions per second) to ensure only a certain amount can be sent per account.

Analytics

• Service usage metrics: Yes
• Metrics types: The reporting dashboard provides stats on messages sent, delivery rates, failure rates and latency
• Reporting types:
  • Real-time dashboards
  • Reports on request

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: Sinch UK Ltd

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: Yes
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: Another external penetration testing organisation
• Protecting data at rest:
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: AES 256 bit encryption
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: This can be provided at the end of a contract
• Data export formats:
  • CSV
  • Other
• Other data export formats: Microsoft excel
• Data import formats:
  • CSV
  • Other
• Other data import formats: Microsoft Excel

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection between networks: UN/Pass, unique URL's, 32 Char auth tokens, White listing IP, TLS and VPN
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Other
• Other protection within supplier network: Data at rest encrypted with 265 bit AES

Availability and resilience

• Guaranteed availability: Target 99.99% availability (not guaranteed)
• Approach to resilience: Multiple Geo-redundant data centres, rate limits on accounts, automatic AIT monitoring,
• Outage reporting: This is done through e-mail alerts, you can sign up for the relevant alerts at status.sinch.com

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Describe how you restrict access in management interfaces and support channels
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: 3core2 (UKAS accredited)
• ISO/IEC 27001 accreditation date: April 2023, ongoing audit for 2024
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • TISAX
  • NHS Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Cyber Essentials; ; TISAX
• Information security policies and processes: Please reference Sinch Security standard document which can be made available by BT on request

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Configurations, including security configurations, of hardware, software, services and networks should be established, documented, implemented, monitored and reviewed.; ; Changes to information processing facilities and information systems should be subject to change management procedures
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Vulnerability Scan every 7 days. ; • Apply security patches to all components of the application stack with ; severity score higher than "low" or “optional” as determined by the ; issuer of the patch within one month (30 days) after release, measure ; percentage of compliance quarterly above 85% and 100% for critical.; • Pen test every 12 months black box manual, fix within 30 days and ; report 30 days after that, all issues linked to Jira tickets
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Protection against malware implemented and supported by appropriate user awareness.; ; Networks, systems and applications should be monitored for anomalous behaviour and appropriate actions taken to evaluate potential information security incidents; ; The organisation should plan and prepare for managing information and security incidents by defining, establishing and communicating information security incident management processes, roles and ; responsibilities
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: The organisation plans and prepares for managing information security incidents by defining, establishing and communicating information security incident management processes, roles and responsibilities; ; The organisation assesses information security events and decides if they are to be categorised as information security incidents.; ; Any information security incidents should be responded to in accordance with the documented procedures.; ; Any knowledge gained from information security incidents should be used to strengthen and improve future information security controls.; ; The organisation should establish and implement procedures for the identification, collection, acquisition and preservation of evidence related to information security events.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  BT Group has been a leader on climate action for over 30 years. We have been tracking our carbon reductions since 1992 and become one of the first companies in the world to set a science-based target in 2008. Our networks and buildings are all powered by renewable electricity, and we are aiming to transition majority of our fleet to electric or zero-emission vehicles by 2030 (now over 2,400 in total). To date, our electric fleet has travelled more than 7.9 million miles, saving over 2,200 tonnes of CO2e, which helps us transition to a net zero economy much faster. ; ; We are investing in full fibre broadband and 5G networks that will pave the way for lower-carbon ways of life and work. We believe to reach Net Zero renewable energy, low-emission vehicles and technology hardware are important, which the Crown Commercial Services also believe. Due to our solutions for Carbon reduction aligning, BT can consider setting a workshop with CCS to share ideas and objectives on how to achieve net zero.; ; We have pledged to become a net zero business by the end of March 2031, and we are targeting net zero for our supply chain and customer emissions by the end of March 2041.We have also set a target to help customers avoid 60 million tonnes of CO2e by the end of March 2030. We aim to contribute to a circular economy by reducing waste and enhancing opportunities to repair, refurbish and recycle. This year, our customers returned more than 1.8 million home hubs and set-top boxes to us and through our refurbishment operation, we reused 83% and recycled the rest. We also collected over 190,000 mobile devices through trade-in schemes, all of which were reused (97%) or recycled.

  Covid-19 recovery

  At BT we understand the important of showing support to others, especially those who are in vulnerable situations. To show our support, BT has launched the award-winning Care Companions initiative during Covid – matching BT volunteers with residents in care homes, providing a befriending service with weekly calls brightening someone’s day. From those humble beginnings there are now around 400 BT volunteers from 29 contact centres across the UK making weekly calls to around 15,000 care home residents. As well as befriending residents, tackling loneliness and isolation, BT volunteers have also continued to support the care homes with fundraising and gardening.; ; We also work closely with Home-Start. A local community network of trained volunteers and expert support, helping families with young children through challenging times. Our partnership helps people improve their digital skills, whilst opening fantastic fundraising and volunteering opportunities for our colleagues. ; ; Our partnership aims to support Home-Start families with: ; · Digital Confidence ; · Data Connectivity ; · Access to devices ; ; Staff will use their volunteering hours to help support families with digital support. We will be teaching families basic digital skills such as using a laptop, tablet, or mobile phones. Also, we would use these hours to help families apply for schools, colleges, and jobs to put them in a position for a better future. ; ; We also offer flexible working. Since Covid people have been through demanding situations, and now going through cost-of-living issues. Giving our employees the chance to work from home twice a week, allows them to save on expenditures traveling from and to the office including spending while within the office. We also understand how covid affected many people through losing loved ones. We hope flexibility allows employees to be more around their loved ones and support each other after going through such tough times.

  Tackling economic inequality

  At BT we are aware, in the UK there are skill shortages for many people who face multiple barriers into employment for several reasons out of their control. This is why we have supported more than 51,000 people with employability guidance and work life digital skills since 2014. Our aim is to boost social mobility and economic productivity by helping young people succeed in an increasingly digital world of work.; ; We are committed to being responsible, sustainable, and inclusive. It is fundamental to our purpose that we ‘connect for good’. BT is one of the largest employers of apprentices in the UK. In 2022, we ranked third place in the top 100 Apprenticeship employers in the UK and recruited more than 2,600 apprentices and graduates over the past four years. An addition to this, we hired 400 apprentices and graduates in 2023 in different cities across the UK such as London, Birmingham, Manchester, and Bristol and more. ; As well as employment schemes, BT have delivered over 185 workshops reaching over 4900 pupils aged between 11 and 19. Our employees share their work skills and experiences with this next generation of employees and drive aspirations to work in engineering, innovation, and technology industries. ; Our 5-hour workshops: ; ; • Give young people the opportunity to explore their individuality, skills and interests through group activities and challenges, supporting their careers education at school. ; • Align with the Gatsby Benchmarks to support schools to deliver great careers education across the UK and Northern Ireland and work towards their quality education standards e.g. OFSTED Inspections ; • Feature STEM (science, technology, engineering, maths) activities that link curriculum-based learning to the skills employers are looking for in areas such as Software Design and Engineering, Fibre Network Build and Cybersecurity Planning and Solutions.

  Equal opportunity

  Everyone, regardless of background, experience, or their place in society, should be afforded opportunities to help them learn and grow. This is the foundation upon which a modern, progressive, and inclusive society functions. In achieving this, we all benefit. We benefit from talent, no matter from where it comes; being able to grow, mature and prosper. This is BT’s philosophy.; ; We have set out some 2030 ambitions relating to gender, ethnicity, and disability. By 2030, our workforce will be; ; • 50% Gender (we want 50% of BT Group colleagues (excl. Openreach) to be women); • 25% Ethnicity (we want 25% of BT Group colleagues (UK workforce, excl. Openreach) to be Black, Asian or from an ethnic minority background); • 17% Disability (we want 17% of BT Group colleagues (UK workforce ex Openreach); • ; We have partnerships with different agencies which we work with to support equal opportunity. Such is Purple Goat, which is one of the UK’s only communications agencies run by disabled people. We partnered with them to deliver a series of videos highlighting the experiences of colleagues with a range of disabilities – including diabetes, autism, and visual and hearing impairments. ; We have also built relationships with Code First Girls, Women Returners, Black Girls Tech Summit, and Girls Talk London. These initiatives help delegates develop their skills and network with peers, creating more opportunities for women to move into technology careers. ; And as lead sponsor of the Avado FastFutures programme, we are helping upskill over 7,000 18–24-year-old learners from ethnically diverse backgrounds. We want to help them develop digital and data skills to unlock opportunities and launch their careers.

  Wellbeing

  At BT, we always put wellbeing and safety first. For us, there are no shortcuts in keeping everyone safe. We work on creating fulfilled, safe, happy, and healthy employees in a culture where everyone can thrive. BT’s supporting wellbeing in the workplace includes: ; ; SilverCloud, which provides programmes designed to help improve and maintain wellbeing by addressing core underlying issues that can have a negative impact on how employees live their lives. We will ensure that all our staff within the contract are aware of this support option if needed. These include modules on stress, money worries, perinatal wellbeing, anxiety and more. Users would usually be recommended to complete one module of their choice within a week period. ; ; We will measure the mental health in respect of the contract using a ‘YourSay’ survey, published annually, of: ; · No. of individuals are aware of the support services. ; · No. of individuals have participated in mental health awareness events. ; · No. of managers who completed the mandatory training. ; · Additionally, managers that qualified mental health first aiders. ; ; BT also provide their Employee Assistance Programmes (EAP). EAP's provide a range of services, notably employee counselling, but also legal advice, practical financial information, and advice on dealing with debts. BT's EAP includes a comprehensive range of personal and group services to help our people deal with worrying or tricky situations. It is entirely free of charge for users. ; The EAP is delivered by Optum - our Occupational Health & Wellbeing Centre of Expertise makes sure the services are delivered to the highest standards to meet our people's needs. You can contact the EAP, in confidence, 24 hours a day, 7 days a week, 365 days a year so that help is available whenever it is needed. Assistance can be provided face-to-face basis or via telephone.

Pricing

• Price: £0.04 a unit
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: The same as the full service however there are limited credits and message content is overwritten

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccsframeworks@bt.com. Tell them what format you need. It will help if you say what assistive technology you use.